Analysis
-
max time kernel
47s -
max time network
188s -
platform
android_x86 -
resource
android-x86-arm-20240611-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611-enlocale:en-usos:android-9-x86system -
submitted
11-06-2024 18:00
Static task
static1
Behavioral task
behavioral1
Sample
9f11c5649cf938ff1c16a55d465a284b_JaffaCakes118.apk
Resource
android-x86-arm-20240611-en
Behavioral task
behavioral2
Sample
9f11c5649cf938ff1c16a55d465a284b_JaffaCakes118.apk
Resource
android-x64-arm64-20240611-en
General
-
Target
9f11c5649cf938ff1c16a55d465a284b_JaffaCakes118.apk
-
Size
9.8MB
-
MD5
9f11c5649cf938ff1c16a55d465a284b
-
SHA1
6454ca1e654b4cea1c862c55594eb0cd3b2fb7b0
-
SHA256
eb438a21ac42a810adb16902c2b4d7069799f6667fb73e8910c8c625471a0b1c
-
SHA512
41fb59b3f522f50324ac631ec1a977dae65d6d0ad6bfc11997669b003635763c10d986ab67d70dfd932ea652c6f37dba212c004ba4cbe12982b3ba81e4edea64
-
SSDEEP
196608:pdH+2Gx2gd3uLprPG10VWZ38Lex1xlboRFQf01ndfB7YbcxkbnTLsr:n+2Bw+ZO1ouPbkv9B0bcxkbnvsr
Malware Config
Signatures
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground idm.internet.download.manager.plus:DownloadService -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo idm.internet.download.manager.plus -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver idm.internet.download.manager.plus Framework service call android.app.IActivityManager.registerReceiver idm.internet.download.manager.plus:DownloadService
Processes
-
idm.internet.download.manager.plus1⤵
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4265
-
idm.internet.download.manager.plus:DownloadService1⤵
- Makes use of the framework's foreground persistence service
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4388
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
84KB
MD5efb24b05e27efa50a3fa755fae9cf35b
SHA1038822df0b3df96382a577958c0b41cea2bbbed5
SHA256e2296dc7a640a050407c9dc16e7e7cf72bbad3a26283da2ebc29e632c192adc2
SHA512ff15038fc258c75d6745153ed15426ec82857649f87ba8dab0484945b1d78cd294cf89d414dd8a925b89aba0afd64e4d071592d78ef197e4587ac4e1a891b6dd
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
72KB
MD57f385606e062e61cae64c86f28767bd7
SHA18309b17dc25f7f207fc525e4c304d0e30072ca0b
SHA256c295a6b10dc2decc5c1fed1a09695213d369f0410b837daafd97f12408a77c31
SHA51285fa9168008fd2bc4e2b78cef90cb2d80cda36466629c2b0cca56e3102330850a11356e84ef93f74b0e75ab8155c96f4d5f7c11f4d298dedcbaacdde0012a2ac
-
Filesize
512B
MD550f5ca1020fd70a5bf0ba9d3dfe2e5d7
SHA1ff9d7bef08b7c85858972623c5c68f68b23b2b18
SHA256d9f28c32c2cf84ea7cf1fea282a64c618382eed430c7eab1ac09c39fac4cc82b
SHA5126db91d83b294d55828eb1c25c540413ae8b1e0e1ae3860f2d641a0807767c485b280eb9172320d0141c361e06059a16d09f3b5988b258606dd6ac4f1939349bc
-
Filesize
48KB
MD5bab85c5439df046b6ad21ac19447ebf5
SHA175392c2a032d2a1a93ce73bf4f14e8de52a48538
SHA256a0749cf6819c3b2ee68d44b1a53eec4ca56886c03a7492cf183a3876f21b1d0b
SHA512e8f666166ce72b207c72bdfb120053704179574010ab2cb6c0d56fb619fb4bd7e1ad7273487cdf55db4c680447f8270e5a2f28a5abe432143aba3f29334074e4