Analysis
-
max time kernel
177s -
max time network
188s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
12-06-2024 11:02
Static task
static1
Behavioral task
behavioral1
Sample
a06d8dc6d77fb57b9106b182cececb48_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a06d8dc6d77fb57b9106b182cececb48_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
a06d8dc6d77fb57b9106b182cececb48_JaffaCakes118.apk
-
Size
11.3MB
-
MD5
a06d8dc6d77fb57b9106b182cececb48
-
SHA1
c67ee40b33bc75c75e7c7150d00638ac96d77d61
-
SHA256
bda231d0832a836a7413c0f4881b568904a8cff04444a97a3c946c01774f3d1f
-
SHA512
1d60a569485cdfcff0a9201ea430c468c3fcfe0b2b75cbdc02efd56a714c4e0ff571e76ca38bf90038893b2b7636a54f6746217812abbea3b2301f83f7d8acca
-
SSDEEP
196608:UIjvizjafLIuO5rwFfUIMTM8YyTr+cV+baQbQmrmtjQHpQvdesm46I:HvizsFfUrM8YYr+heKiWpsm4D
Malware Config
Signatures
-
Queries information about running processes on the device 1 TTPs 3 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
cn.com.sina.auto.trialcn.com.sina.auto.trial:remotecn.com.sina.auto.trial:TcmsServicedescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses cn.com.sina.auto.trial Framework service call android.app.IActivityManager.getRunningAppProcesses cn.com.sina.auto.trial:remote Framework service call android.app.IActivityManager.getRunningAppProcesses cn.com.sina.auto.trial:TcmsService -
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
Processes:
cn.com.sina.auto.trial:TcmsServicedescription ioc process Framework service call com.android.internal.telephony.ITelephony.getCellLocation cn.com.sina.auto.trial:TcmsService -
Queries information about active data network 1 TTPs 3 IoCs
Processes:
cn.com.sina.auto.trialcn.com.sina.auto.trial:remotecn.com.sina.auto.trial:TcmsServicedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cn.com.sina.auto.trial Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cn.com.sina.auto.trial:remote Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cn.com.sina.auto.trial:TcmsService -
Queries information about the current Wi-Fi connection 1 TTPs 3 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
cn.com.sina.auto.trial:TcmsServicecn.com.sina.auto.trialcn.com.sina.auto.trial:remotedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo cn.com.sina.auto.trial:TcmsService Framework service call android.net.wifi.IWifiManager.getConnectionInfo cn.com.sina.auto.trial Framework service call android.net.wifi.IWifiManager.getConnectionInfo cn.com.sina.auto.trial:remote -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes:
cn.com.sina.auto.trialcn.com.sina.auto.trial:remotedescription ioc process Framework API call javax.crypto.Cipher.doFinal cn.com.sina.auto.trial Framework API call javax.crypto.Cipher.doFinal cn.com.sina.auto.trial:remote -
Checks CPU information 2 TTPs 2 IoCs
Processes:
cn.com.sina.auto.trialcn.com.sina.auto.trial:remotedescription ioc process File opened for read /proc/cpuinfo cn.com.sina.auto.trial File opened for read /proc/cpuinfo cn.com.sina.auto.trial:remote
Processes
-
cn.com.sina.auto.trial1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4419
-
cn.com.sina.auto.trial:remote1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4469
-
cn.com.sina.auto.trial:TcmsService1⤵
- Queries information about running processes on the device
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
PID:4552
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
48KB
MD5f307a5c48c572e7d677e86a722c5662f
SHA14f3fb17327e6ab7be04c06289a6f553c9d7724cd
SHA256b68454cda4a9e2a9f701ae77783a980f49cfbde1bed991660bba72eb04e214c0
SHA5126b1351ae069089b578e0a0c799def3225b55d5c6e4ffd8690e2bf4f43cb048a2c07e958f9aee7901a955f840dc591f42d2104f7f54a32c0557c0ff2ce5974bf9
-
Filesize
512B
MD5b204f72f7763f6f1cdb001c910af1c74
SHA18b8020d7c3ce550bee66b776ffa8a7dfc3c4abd9
SHA256e12892ca1e9238dc0ca0ba3871410e70ee8aabd000f123b073bd1452b787558d
SHA5127a58ccbe5c8bbdce91d1df86507d951e8cfe3bc90e9e500c83fc5b556ffc2741921bbe613922d8fe027e7b2c14479235538e5e819a2d37ef4eb4156d5bbc46d2
-
Filesize
8KB
MD5f7ad77ab0cc058f239ef728811408edb
SHA1f4b346bec6f35547f5f552e75a882da9caceec87
SHA256f03dd628b115d058f7d4e9251133a6f7ad21eae51676869720182e959f06f2ca
SHA512d91ac897b34a8f5130fa82681ac23f1c08e99bd48d7791a9f6f0dd2f506172d010015556954efea98d224825734f0ae5440eeab095ab4fb4e7aa8a7eb774c153
-
Filesize
8KB
MD57137bbd6625e190815466acbb7a8c11c
SHA10bb5ad753fb90da992f6ba0898aecf34ab4f634d
SHA256fc53e7d0cc8a14e3b816aa24e03bc4291c7463caf5f2f85a8f512dac625f48b1
SHA5123df50e818f319a7365ea840811c3f38444474be288dcc96d1985b195ec932579f5b34977add364e4118c0e5400b28e15073eaede14ce8d241265d6fe396d68a0
-
Filesize
32KB
MD522142be0310e6b7b7018be3a18957825
SHA18423461387adba133c081809e30161b0f79c24b0
SHA256b25ab8134803d881fdf78b27cf3b66a11b72b4890b37b70205e868339e3ad928
SHA512df2c672cb4a2b0fc3ad6d5a5209ee64dde1efc315e92c15b6c81694ff431d69bf74843336c2114709738f2a9034ae135a0d94fe9288dfa4311a46556272f1320
-
Filesize
512B
MD5fbb73db9c66da2a645c212e723cb17f8
SHA18102eaca72f98261fae2febd02f38a3ec2c9c28f
SHA25617d781c74b0fe6466bc9a0374f0617ddfb431d2605a739b0dfba93256e9de947
SHA512d40733f06cf673a7f0a7cf40e87570bf185016bcf0c15d0da779352f4f38ad7cb0903be2d8cc68db9a18b1a4a3dddc9adb88c5b02ac4939e3c84c4f2ded17a2f
-
Filesize
8KB
MD5475196d7b88c544662e7821e9b9052d2
SHA1072550beff3189c7c6ad845204412ec3cc158aaa
SHA25697d375b45ae657865cb78f19d00b7d5558068606b92eb3d2189d23643bdbe353
SHA512070226967d39ecce072bab3058e669da12166f8b8346c914b0e942adba90b753903a54ba335e34136bdc3bcb26b0a8e0e5881425a723f6aa45b934facdcaf8e6
-
Filesize
8KB
MD58c77a7398d9bfa29b765f98c890be8ca
SHA13331497fb0a8566ae6f141c6856f55f48cc93370
SHA25634202a108ce31b39d806247ae8a8053e943cbd7dd7bc25b24c77417e97e1d70e
SHA51298454ad20f0ad47926a6acf6e1edc84a4e9fcd3ee3a3c527d851ab71df0f3e553002bf9e76971458b1d77d0f005c502fa0984b770a345bcbd7445dfba5f5382b
-
Filesize
8KB
MD5015a4e84e01b56f68f3bb7c90de0651a
SHA1d2919577b618df02dbcd6b0b94dd639d3e22d289
SHA2562d7fa53e608ed3cef9a8dbf2a8a609eafc60fed7742bab85fde5d9ebd60a6e79
SHA512a8a5d162e914ab675637e06471d2d8833324fa6d2c95d4815f610c0da257008407eb1dfedb705de0baafe3fbc79d78c6e305c26e02125f526e91328fa095db5f
-
Filesize
8KB
MD5ed8d76750beb28174fcc10f61020809f
SHA10775c47f26825b76c3ba50b1fe18e7cb7bfb685d
SHA2563fbb41f4f0109ab6204a5b1b20d497848818958f944503464bc316f4db456246
SHA5125ba4e5841f920dc8fb8916deef4d262767f963b623813d1a349bceb3f4c9f47f536fa713f2d949f93a28e4b507a5aeece75c3c5b2eabf71a26ef050f7faa87b8
-
Filesize
12KB
MD52e8d2b7e3b1a8758ee427d301314b7ef
SHA132bcf7c03fd4934e1224feaf2114df2ae56d0551
SHA25667b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d
SHA5122a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f
-
Filesize
512B
MD5e02a82264c6a6b346d950c042142d6e9
SHA13b5e49d1760006ff168dc03ff2097a2acfa3726b
SHA25615567d05498012ffc8b6156745882fa17d3a5905420e643655dd27429abfd5d8
SHA512a450fff643878b98dcff3379f6005f0a191aa98d3c34187b360a8a23b53a37a2b1c2d81a50dbdb14e7821d8f0bb93367f7e7660e331b090979241465490decbe
-
Filesize
8KB
MD5b2f31ad886f5ff66ccdffdf05fc33dfa
SHA1a69bca4c4c52b72a9d75be44c7de7cf3bfb563fc
SHA2565d5e79cc79037bbe25aff86b8a649635d74df414797423fcafe4324be02edb03
SHA51219436d9a37e299ffcd166c9b0caf0fc902320da17a830ed2af3602f1be05aec0a3bb1b176575049d3ba7f8eae5df7321c7be426e867ed784c0962c05e48df6ab
-
Filesize
4KB
MD5578e33ee396cd17adde1e4e105720e91
SHA1c9c872d8240a3166ecbbe4ce0a292cc029c7bddd
SHA256c716eaf6b0946b1e06dda77dc770bf9bc44d4f054c7440bff6497d00c90f0579
SHA5125077290404aea872b729a455c3c07bdfea74684bfa6d5fe43fd5db102749c07fee582b1b9fc0d20a18e9cf6274835b23ec722d312f1fb4f68ed249d382219a9e
-
Filesize
20KB
MD5abceada5d017f5d343a761bf74c5b2a7
SHA19da4d8c8093ed87f746485506e8157721026c3b5
SHA2564a28175b17040eab825ab72282e89d48be434130e53c62437e4c0d9ed9c2c159
SHA5122751e5aef8ae153b5c32010727e6fd59aae4d636d4c7682c5be8b0e505bc24d42da39683679d719028a28376939a981384e87e9417c160b26b6d538c4ca0889b
-
Filesize
8KB
MD593fdd0ed5f4ba44c83052d8f759de2bf
SHA1dbc2563a9321927714c226caa1beceffbc0fead2
SHA25678ca5363e152656fdea3418c9a39a77a4c760d36bd648897994ac885536d7fb5
SHA512404dbeeb84f9a93ec2ed33c61a38cd85a3727f0a2ac8451cc3d5813b033ef8c959235253e147d2c8618bd000f3b2ccbfc6a9f730c9d113f1431c641daa3bce39
-
Filesize
512B
MD50eed5ef7887a553ff8054b48d0f4d81e
SHA18de387c4d9cc065fd3d35ce5f2a4e4adc92d9514
SHA25646669f4103c0b06363afd3facfb0a603e7f9d5c5aba2e41ea20f3456da025e33
SHA5120d51f0cf63a4a3413ac4d82cb1f47678146d61579a261185e92599b4665adfba98aee65b59c9925970eac0319d7776754d2f007532dbddf8f61b662f67ff90a4
-
Filesize
8KB
MD5707a387e2b45c254067bd35cbb3afbea
SHA1c30db63a027e961f3c1adc0888efe7bca927b006
SHA256c498c09f9bf04d2bf5c6e5cd51874eed83c9c2e60b243dfb765fca00ec1d6d66
SHA512357b350b1c2dbd0354b94c7de27caa40d0ab8be1984f941052ac1b698ac68215520a7d3b039275d07416e2bd259a7342b54674376609f723847acdb9e7e6e568
-
Filesize
8KB
MD572409cebe9a335e476e0bea4274ba645
SHA1c8a9972f53953f4adaebb5858e3e481e4946183b
SHA2568927c0262747cecbac43ce92f2c6c70b4247e6b5d9866e296d5be9a899019e07
SHA512659f40979f9e6506d791a99e16c391e50387c5c7bce4bcca53e6abc656fb2424a1897ad86bf7197b19105083cb4b9fc273119dba696c967b9a6be65fb7e94a22
-
Filesize
8KB
MD55052b4fdce61182ce6e42592ecedf848
SHA1bbda88e45780649a1b3e4e8ab6634480140cf905
SHA256660f4fa4b76345bb9a7a96b0d1a21e43797fd96d65eebbfe7b021ffe565458ac
SHA512e36dc55ffd65990017c584358315db568c1099495173f376f6e1bbb4ded7973c7660a3062bf7c2c5eaac2b919fa8c359a77008f5b7a8668d1eeb18fe7ad61512
-
Filesize
12KB
MD54a9695c2748887495fbb55ebf1496887
SHA1332265d9de3e1d4efd965f667b606369a7ac85a1
SHA2569aeb727052fa49be1a20b76186a374e5a76de6c7c4816ed1b200ea5c5a60eccc
SHA512996c0c611eb11b2101138213a5838ee99ef115cef26292db03414b3de720a059003b355307a24fddfc8dfa501615cfa738899c37b4338b4bfbc78a3559bcf6ab
-
Filesize
512B
MD5f0f1a639aef6bddc0d446e8cb963ea93
SHA166e6134735e7fa3602a2af0357d13a840046a3e6
SHA2569decff993831b88e8c7b423372784f3027318639d5f04dd417e1da2327a8c6e3
SHA512fc2794bd8124a625351683ed52706eeaed9619fc5cca8d795a17b653314297a1147e8f52d71498d4e64e53bbc6b60a4ee7552d2abdc46e15bee27e4e33b104e4
-
Filesize
8KB
MD53c7129d1961787b64666f57576d9d9f3
SHA134d6aa15a4ab99e55bdb483527390885338bbb2c
SHA2568512c4fc33dbdf737a54cd776b1cb147e42ec857c9577cb344ed129f5bc162fe
SHA512477c9637c657c3afa5697a1747dcec5441a0ed6d33e9e741b1b6b67ef1686284c3b3a8d90c5a6f4513c24ba295851f665db6d0130e637e87a8992402d0fea158
-
Filesize
4KB
MD5394b4f53ee9a7d21900bd1adf3d868b2
SHA1e87981e317a4081d9db90e9ca964ea629f638e68
SHA256bc2510002115cbf4913eea5b98b77d0b381d949cb731672e0846fd48461459ef
SHA5124d5e19d26862cc9cb49b8693f87670645c426e399b08546e3077824a6b3779a20791c736c5368edeb111feaefdae97c06793fb226d893cc51e9579eacdca20e9
-
Filesize
305B
MD5bb779841a1251e2f6c99e6cc51638508
SHA129c153501acbd1676ed7fe9f9302bc3824db317a
SHA2563eaf892397c289d98ffd657e1fc1e5d97dd7fd62268b4095a6b844f7163b5edc
SHA512b963d8e7897f08694dea945d5fb260128ab319ce46415727a1f2cb63629f2a3857bfaed85259c203baed3bda8b15b12fa0bc0e6ae1b6982af2a094f7ffa38c82
-
Filesize
301B
MD5a28caa085620d2f9324de6aee07b986d
SHA1d902f33092c953674b794010af6b450c4a48160d
SHA25685de6c1617e1483d35a7dbffecae75cc70ff1aa5d42063612266d7f6985ac89e
SHA512b55182cb4286dcb08edc36138de5392b75bdd290daaf69c4d9da337d67b645fdf77114b97adcddd050007635ad78d6684dfc8b9329120ae9e33e763c3f8d69ea
-
Filesize
111B
MD58210ab33e2507f17b48e0eba4f55f02f
SHA1958901cda86254d5a44660115aeade7f9a3eeb69
SHA256215a5892672b5397250c6ec4d27257340c8a4c0a065e9164eb66a6de1675683e
SHA51283fa04570cc93f6e13e2a2cd9089c20d2a8883d955067336b13d8407d79fb4c5a76541f98fbcb12f9618089e3b291aed73f0f6dbb894f17399dbd185ace9eaca
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
111B
MD528a0ae1b5b5fb4adcfe93dfbb7f46c48
SHA1b4a02f03ef612b48a61782bbb6a4e30ae18b0253
SHA256e737d33d16be84dc6d39ebddccb896a9def199197e6d16ed8241e48b34498592
SHA51240ad3e2e77d7309e3f1dcbd0e6488597b27f42fb5d27335018db3433c9e692839b13340c26ea51891772e59e41dd1f41b95619947aa7e1391ba858c6024598b8
-
Filesize
40B
MD5110c740f5206c1db02d856c05616a1ba
SHA192f3ed5349f83a0a79be83025899c6d4c35105ef
SHA2567deedd161e44573366a3cee361eaccd255d7da360d329de636c3cde1677e79fb
SHA5123a5e6e91d00d8cebd7e99583ea30a2a8ba6d4fdbbfdeb32e9a0c2d50daa67fa6de4405087823756254e1d224d63efb84497fcddcf80fd716aaea9a822dd682b8
-
Filesize
119B
MD588959f6a5a0a8c6a0a3fb54e96dcee62
SHA17fcd055e22d0b5539eb946873dfd9090f47721e9
SHA256e8e2981d3bfeaa398ed839989dae8442fa4ab0a682ba55860e77e255ce0814ba
SHA512b82a7560525238989207ac08d531d5c4ccf77b62c6d6e95926879c6c025dbf1f7c7db2e57b624f3f0d70e85005751f4b626adf2695cf5ca95f01beae0c8e1546
-
Filesize
234B
MD577b35ba93f95c4c59ca9b5a31b32c4b7
SHA1f1ca6ab0d1fdf4c07c57b09cd2568e2e0ced632d
SHA2560a5607a289f0f589c45abdb03edb531772bd2557fa345333d7c05d86a72b4919
SHA5122a91eef0f3a51203645d4f9016c0986c2ca7a0bb7162b099f4033b3dcdbfa38499b9f33906c2df32b0fdbf2707f0f33a9e991916606f09064ec2dc92ffa98368
-
Filesize
50B
MD5f22d926166009a726602077d0bf34e2a
SHA196d6f784c5a52feb4c960208d85214d49f824c40
SHA25665dbe559831e0fe257e03e4fa03d98acdfb89d69a2f38d09fb711ca574f319db
SHA51202d711a3f75111d0c927df65d67752ee3cff335f3bb98656315d0c3cea9a2f6a75392b020925c0d567813f5b3af23642056f651eea0cd8d0f41db6966960e861
-
Filesize
50B
MD571dadf758da89b38fbd4c5bd8e6b4065
SHA19fad87081c522f345cae33d3f2f44f9eedaab2d5
SHA25633ba9b440e15a9eb70a8c8d9303bfa9cf9e488a18a97bbd36c628b5e4aab13a0
SHA5122a0680db8478f5a8133eb3c4e181293e0658d45d1497517c99c6307b78a406ece4587f555dcbc88787a93c0c411d9fc1e863c853d234f86c4dfc47396bfc2810
-
Filesize
167B
MD520718a2cd71875aba9da434e32a91099
SHA11f27877e4d21f9c46b8d581927acd49feb769e18
SHA25659796e3a411d8599895339d14ad69c88780274895b223823909be540fbbc3cfc
SHA512285a29796017250d2b45b53a6e576c70f7b12b4643405287e21f590b0ec45c3e09f66ce69a37c6b40d69702ff3cbabca29aaa9778db9bd3dbfb440a5e67f0291
-
Filesize
211B
MD51c0894f611bf8bc10274f1332554b266
SHA1d4fdf3c3db2eb3d7a026d7da868150ff2fb0922a
SHA2561b88a68e63847c8c375f7c2e33dc0cfb7b8f6e7633d27c61e16a043bdd4e885d
SHA5127d298782689cafa223ee64a45413ffbf92278b161cdd2fcaa5bab703ede074c9c39ea5e88cb5f92c8a950b4dc562e5991e8cdeac702ac7591a011040d0277e1a