Analysis
-
max time kernel
131s -
max time network
170s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
-
submitted
12/06/2024, 21:28
General
-
Target
a276170677279c95f8364b1a96035630_JaffaCakes118.apk
-
Size
5.3MB
-
MD5
a276170677279c95f8364b1a96035630
-
SHA1
cd6f96bf406c642efdb4b95931cf02eedc6fcc91
-
SHA256
70b1d90ec3880d0ad357b3fe14172d5d26b33ad23a354299fccaa1f3c7afac0f
-
SHA512
9030dec32ae1a6649d58543f6a6bc64848d8e53daa781abb665617f300a1177bda48468e7e2417954521ecaccc35d715cc28be4e0d11df4259b2854172fe325d
-
SSDEEP
98304:wXI9UGxL2LmZGaSRahhBkIom7BLnwVsjQfS9NDReWNKyLmsn:8I+GxLgmkRwomVn/QfWDRz
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.cccasinoapps1234.pirateslotmachinehd1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
204B
MD5713daf030619381862956aad4cf363b2
SHA133b59e165d8a9ab7fc3d75388a5196c38843833a
SHA2562387b4b239444556ceef95cc61ec522846c79c76c8f2468802157660cb476208
SHA512d37e89dafe7cfe4a8a63547f5407039f6093dddf487ecbb4487fafd1ea79bc93d5173776fb02dbc597bcf4629cf2c5ae63911922ec92124f9360cbdef6a187ab