Analysis
-
max time kernel
70s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
12-06-2024 10:37
Static task
static1
Behavioral task
behavioral1
Sample
a05967aaa858836fcc2aedfba19aaa52_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
General
-
Target
a05967aaa858836fcc2aedfba19aaa52_JaffaCakes118.apk
-
Size
12.2MB
-
MD5
a05967aaa858836fcc2aedfba19aaa52
-
SHA1
e3273b2795b5a7fff9113cf7591a2aa48831e0b2
-
SHA256
340e027c3aece5e7b8100c91a81dbc5a19bc92532be38a8c1d17276481edf475
-
SHA512
55617adbd2f073b788eb86261ee22c005a9d3c174900d8aa9c0c322a6e7b7b3d859ad185097190418c0d0f3d9e62306f473a3bb71269e9c5e57b97be9f00640a
-
SSDEEP
196608:G0EN/1UQJA9FtFUjmcRnRJtJ39b38c34OSg8loKOqO0CXXbMoWKBp1cRGyMzlB8P:BEN/1NJALUjRRl353j1iSBHbVRpenMwP
Malware Config
Signatures
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.youku.tvcom.youku.tv:multiscreendescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.youku.tv Framework service call android.app.IActivityManager.getRunningAppProcesses com.youku.tv:multiscreen -
Reads the contacts stored on the device. 1 TTPs 1 IoCs
Processes:
com.youku.tv:multiscreendescription ioc process URI accessed for read content://com.android.contacts/contacts com.youku.tv:multiscreen -
Queries information about active data network 1 TTPs 2 IoCs
Processes:
com.youku.tvcom.youku.tv:multiscreendescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.youku.tv Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.youku.tv:multiscreen -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.youku.tv:multiscreencom.youku.tvdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.youku.tv:multiscreen Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.youku.tv -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
Processes:
com.youku.tvcom.youku.tv:multiscreendescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.youku.tv Framework service call android.app.IActivityManager.registerReceiver com.youku.tv:multiscreen -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.youku.tvdescription ioc process File opened for read /proc/cpuinfo com.youku.tv -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.youku.tvdescription ioc process File opened for read /proc/meminfo com.youku.tv
Processes
-
com.youku.tv1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4279
-
com.youku.tv:multiscreen1⤵
- Queries information about running processes on the device
- Reads the contacts stored on the device.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4359
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
199B
MD5f9ad2e896b9b8a69f214758e3cff843e
SHA180b4d83ed760596eaef4bbb81dfea0d9310d8145
SHA2567c76162895d093bd2e5e52aabb4fc6c76dea4180d7d1a5b7eeb91a2aced70571
SHA512746748635d6684edf64aab3d8d365dbdd1f7ff67951409091961cda712b561a3b488b8dcf1e593ac1aaf060283ce891e715daa0a48c7393f5b575f6aa8d62d20
-
Filesize
12KB
MD54b78cbdb133ec1c126d2ea754cc46df2
SHA1cd98b17e3c86839415ed2641947980afa9e83909
SHA256bdaccc7223d7e365f051dc00cf9f37ddfd3cf2e0b4add14d011d0e7629bb6588
SHA51297bb6641bab16238cfe2bf061457d615970017b0fdb8676e7c2347704206413ac9c83e1775952259d315f53301df27248c825ec69d81200ebd3f5db1b779e164
-
Filesize
56KB
MD564af20cfd3dc832f207eafd2c00413db
SHA11322178e8056b32ddad2d2ddd0a6cdcc3751a4ca
SHA2564e7600ba8328ed782fa73a2a20a29d7638742770d61690ffb235df40aa85c1cc
SHA512a28975780ac97facd183cc2608755d5a21753345468368f3b79978512e297368c93b95ff19756d7a110f8f5372c8dc32755e95ea7692f714b4fc7a9c94e87394
-
Filesize
56KB
MD53aa6c72a569b73cfd4f6a89452d9c4fc
SHA1c227c562f81f22808cc515c268bd2cb0c4106c53
SHA2566fb578ff93cdc930b8875b227685a81c5fcec7f4169ef741ec39d3f908c3e338
SHA5124e7f7cdd2bf26bdd042ad6c8a6ab34502ab5dc47fe0877606ae515a6cc0a3774416c8cba2e3dfada188baaabbeb26f1683ba4ad6652bde1444b8afb1731c386d
-
Filesize
56KB
MD592cc54332e23e05d873e3431c0d95746
SHA1681eb93db8ff0474e17d2c80b6a16a4165c072fe
SHA2567d8b98a710cd663ca854cb5cfff1267c33afae3fcc51395f8199e86b07228ef7
SHA512e285fbbdaeea376d1682ae759dd3d5ee87a10f740cc85a33e9881c2825950154f978fe3e8f62df1bac7def6e965b70ec35e46d28c9c9badf2c649044512653f1
-
Filesize
56KB
MD57a384e119f0dde5e21a92cbe011a3440
SHA175cc4f00d202a2250f5ac6c17b2ca8682c660953
SHA256ba0a0f914155c8baf4a003287525af63989a471954c6f317c4c366c05da16212
SHA512c7dd7fe626cbf62f05694a32e9aae688a94bebe6b3d460308fafa86b251394ce2174cc31cbb56aca421a9123a410d33f03cb5ec3d16f54e764ecf1d60b5d0977
-
Filesize
168KB
MD5d6565373c92c4c01909902d73ca96d45
SHA10a0d425c19470160fcfff70b5a238999b8b6a2ed
SHA25670e2a5c94250deba4b9dadd4cd318ae51a8f9cd64a85e154324e47a267432e8e
SHA512ce60bb9bcef07a35e80a39bf300921fbc4c62d19fd5b179824e049358601fdff360ff70381da70efea473ada4bd6703767d3ffa07618966e8b5d6f550df5bf32
-
Filesize
56KB
MD522a2690af40d1ff457e7932519600bab
SHA109cd9d9bb161fa4845d082e8c9473e5c25976e3b
SHA2567e129d495b5bec2855c4de9acf7a252044876a8aa2a3600902ba957140262cbf
SHA512457b6ee95737889cedebe8c2ea17341049011d0e2553a182cadd82b94dad2cef6a778318ae94b367e492cd892681a47635913dd7bf8549051b1b19ec9c01fb93
-
Filesize
512B
MD533b99aa6d78dd4f801e4124102dfcbd0
SHA1e8e63ccc964b10a46d7f104de866fdcfe399bfbf
SHA256cc463edd93c9bc2fafd835f8e8e0776a40ed075b309dad0195cfe8a927d150aa
SHA512fafc2b23690d3c6f70f41f73f340bf070df0c06772d901af6bd9023bb1d2ad238d848425e18bf0161ec4b7fd9003ab75dc2f9dae2e0c33ef6877ebce718bea0d
-
Filesize
8KB
MD510f26b3b6e31f2b1ff14ff6065a54d6d
SHA1de2ca559ef0811f874395d13182da20a150287f4
SHA256ef48a1bdecb51d5695e4c69c27d0ba7cb92de3a953c87ef67fe001016d9baa02
SHA512770989b965664d758a7f852bd8573509fce80d2e8d538837163b7b89d3f049c2181fa572389d3c9a93826b853bfddbcf6919400531d4bfad1890668d75fac158
-
Filesize
8KB
MD538e8b41b1f0580c65c75c013067f4b78
SHA1e6a73df61d2f294ff5648a9de416b56cc4f6db5e
SHA25641c6d44963effef233910471df4714a72d553b67ebfbc348347d0bafc6d5df0d
SHA512dec9f77869a34b7cd795af4cb9f08a0530241c461e5e726073b7814df4be15d47e4e3ee4d7d3cde39620a6ccb3ee60f3781b1fd55fc72f7bc9cbddbd4458a457
-
Filesize
8KB
MD5d8b57c6c197ecc6d4e410a95d9b7fa20
SHA160f890c5db4da11e61563a101f5ee1f0b9212882
SHA256d3ee2a25859e5adc9d3a9b827d5dce4885e2ab9d729e79d4efc691bab123b024
SHA512834daf755600964c781af4547ca5a1015df46b3576b7f701078ffc00c34d6392e8b3feb3634998f08bc83c1a4aa58f3a6799f848824363949c1401e600f86ab0
-
Filesize
8KB
MD5e9ea1de9738a9a9f41e1591beb54db08
SHA15f18398fb89e6583c5a2669848aadfa5131d7673
SHA256682fb373a682159e183277643b73f5d399da1690a4a3e593e932b7c304ccf344
SHA5128722bb0d39e56a54a404dcdeecb1ec008cb91d5c535a181a2aa339345ac80ecd1ed43f32e09e2176222893149926185e1650fbd84947bf4ce0c303edc7e59dbe
-
Filesize
24KB
MD5c267cb5323347746b90bc05fe3d52c78
SHA1b93e6362f67abe1db997e91269f4fe1a40931528
SHA256b841759b89f0d0ef939059b52643f0718816ee84f428ab951d1377bd86ab1ad3
SHA512ab2ca9dd8b18d3720a27c6d7d52a396d2d082ea4dbfe50b5bf71338ff26de8b2137aa0dc077acdcc69e03f4938090c5fb81806df1092c86dde0352363e77c2ea
-
Filesize
72KB
MD579f62abcb27167c00955b6d11ae25483
SHA1f6a9091e74168165e09b7570410214924c40bffc
SHA256c20d3d46fdf8296cc17b474981e3d5ee8a0551fe80dea65418774465e4ced3ae
SHA51269335a47eedce9ad98fbe0e6d6180ad51910038bc3a9720b3390ae2fa56031e73e8f6a32848df1ff7705ff6b5f58a66886937adcb31d63e7cdc2424a05c030bc
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD570b18f37f2eafb33aa226a27d5bbc189
SHA13213e207face232252574e78d5e4e2e0ca0b66ff
SHA256841a1eb72620388166c8a87c0d3a2e5c091112b01c6789a640b33510ed84aaea
SHA512c042030e4638efc3eeb2b7731aa7b8a5bbae6ad7176180725b53ad2b8dae1f00f9e59d106581f6524e9021e2288fbd8ede909002e7ecb562aa589cf07575ba1a
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
104KB
MD56a8f01cea49c06ea06bd1251a257b6c7
SHA194311986c84a38f9d1c019141c690c849b09f622
SHA2569a9a6539cd9843958cf5271a02fe4aa799b22fa7985b60d09145f5e2990ac28f
SHA5127c5f8a5f6e1e83bf8406d80d31590f9bc5b1732418928ceadd3e3e9f93be3401850ebc3291980bbf8e49c9b54848fc05eeb03ce7f32230880567cd34fc7018dd