Analysis
-
max time kernel
4s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
12-06-2024 10:24
Static task
static1
Behavioral task
behavioral1
Sample
a04f111d7bf1aae4f631a46bfa07b7ac_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a04f111d7bf1aae4f631a46bfa07b7ac_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
a04f111d7bf1aae4f631a46bfa07b7ac_JaffaCakes118.apk
-
Size
16.0MB
-
MD5
a04f111d7bf1aae4f631a46bfa07b7ac
-
SHA1
a141ce6dab697962203a2c723284481cc0cf7496
-
SHA256
d72ae1fd0e29933d696e3fdd0e7e80ed07e181b754534cc7e04a51c54edec8bc
-
SHA512
f1ef01c031543f9151080dba28cb15e43ff949cfd06ca550355c8f81174f1fe922acb907c10e8f2746f6a9b0fc5e47a8504095b6b37cc63737114fa73477293a
-
SSDEEP
393216:I0vEnze5ltUcb10SblS4UNsB3rvy7C/ULzeTkVz79qE:bye5lpbOgS4mwrvnozRVzd
Malware Config
Signatures
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.vod.infantisdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.vod.infantis -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.vod.infantisdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.vod.infantis -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.vod.infantisdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.vod.infantis -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.vod.infantisdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.vod.infantis -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.vod.infantisdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.vod.infantis -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.vod.infantisdescription ioc process File opened for read /proc/cpuinfo com.vod.infantis
Processes
-
com.vod.infantis1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4271 -
ls /sys/class/thermal2⤵PID:4320
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD59f4df133dc91fa65a9928ae1585a5dfb
SHA1d52425b9f131341ed14b50e7ecf432d20ed80ce0
SHA25691b178ffef055512eb98d875a477cb3fb03ffd5bb85c8f61c32762a3e0348b44
SHA5122b1818cbeafd25f9ff0a1930d6a27bb9910214885667a049842e5475f182ccbab757c3accdf46c1b5408cab0ad29728c01744c27060a95f5a6b62e7c7333f664
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
56KB
MD5d8168460e0f4d8778047f13249ad3b4a
SHA1ea1bb43e19edd6fbd1d5509ab3f19edcfcf8e778
SHA2568a921bc125a98ff036b3876cd166900651ba1959956a391ead687d2fcdb69d65
SHA5121c67e2d8c2603f53817764303cfcefff31b85ca642d009ec76fbe0d308379ddde90f593ae51904954af1b4aa6b216db32c20d1ad40b24761026a8062ab0d9f4d
-
Filesize
512B
MD50ed5a68e86d77027de3aa2c27202bd08
SHA1304443c2c6189f9b29f7ef84eaf4cedb77cd7c22
SHA256190cf4126d3c75f3cc8c33f00ebd900ab2df0bbfb4581c036af40d11b4413db4
SHA512f926ad6b16c2578a634090ec66990eaf640b2a3c80f6e57512a70895c55615e45af546fd91110b123dba84609717365fb0551c83d14c438ad0503f5f9db42297
-
Filesize
68KB
MD5700fd771e3028ca0ac52782c8887c4de
SHA1bd29310aac58107f7eedbe786f1f8e5b7870bb8c
SHA256baf5c3089d3180382bd7d8e4b5f2a534236f666bccf56611dc57eb52d9661ec2
SHA5129ab3da1e93a444fac096f30bfa1b085e1b2bd35b75108c3975bb6911beae70eec0709dd290a30b023b882a22797a83a2953d21b3dce24197c99d635480781c9f
-
Filesize
512B
MD5730027228a7f65617568e5962dd699e5
SHA10aa3c47d9c11efcfbf7320edaebe5f81b909f367
SHA256ee3ec61cfe91b99e285d7bd83c58eea9df532d2b18bad46192e722f377c25621
SHA5127cfed4a497d30877ebd64c1840484e3983cc86c9b32612d088707663d05026f726194132fdb4dde264261232fdcc8205cecadc221cd0cff411afc6b469401d75
-
Filesize
111B
MD54f85cf4359c0091037ed0d49951acfd2
SHA1ebeb4ba6085f16711677eab0ed519cedf8d498d2
SHA256ba52f6aef1525525604d2826d01b718b0777f281bd84ef16b761b020fee4f27d
SHA512f46cd9b886bd064fa7f9b1485f0e78eb1a0f9c6658b7ad30268472ca105bfaa4dcdacea4f730e45bbca99c6a8e401815bf2d30ecf4f583e0dfac697d167695b0
-
Filesize
111B
MD59ab0c3b4971c38ee07394e4fbc4ac0c4
SHA14ec3d90fd3510521c090acb51d3b33e73cdb3d9f
SHA2560677f8b565d1de584f8d10b2ff8a76cec3aa8eaece81a0a44b34a9b5bf23784a
SHA512d119b052f0d1a3769244673dd54b68dd38df172618ba259ded4562bd61a95b1d05d5a947b6d89c630dc5b6451c0b758be9d4ae2f15fafaf1155fb48256b97be2
-
Filesize
167B
MD50ff4b6bc9ae8587dc6dc6716a9e519ef
SHA1c2181e1bd0c15602a3ad7c5c0493bc5eeda8154a
SHA2565c91f0458c02a08457a6cbca4cf5df65ee68380fd812e99a51fb8b7025b1c376
SHA5123aaf1ec4b98481f7bb5dcd5b95c5ba601ea58dafdd39bbd3c020a6b6b9a87b2256d590c25c0432bae27a05f52ed55eba71cac2023f3d5b754b2037dcc0cb5ea0
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03