Analysis
-
max time kernel
135s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
12/06/2024, 19:54
Static task
static1
Behavioral task
behavioral1
Sample
a215015ef7eb08f840fa8261b5225824_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a215015ef7eb08f840fa8261b5225824_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
a215015ef7eb08f840fa8261b5225824_JaffaCakes118.apk
-
Size
13.1MB
-
MD5
a215015ef7eb08f840fa8261b5225824
-
SHA1
1236de4d71931aa955bfb6caa2fb682b123a89c1
-
SHA256
1b86289fb7f34be24ac95e43197efbf2b9da841d036ec527340c4c916703c7dc
-
SHA512
70923cedae8bf2fd41ea135aa3b9df3d21e7f23050eba0a05fc00b95a093ea28ff45ae55e75971a7043b503c40c9867cab4017465a5a08ac44a1f6e013eef1d4
-
SSDEEP
393216:X7fGjgAli7JEeskYp4vGgbaiT+sdfZK7ezOgtW6e7WE:7GjgAlyEeq4vGg2iT7dfPW6ef
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/data/com.qmaple.snapread/mix.dex 4200 com.qmaple.snapread /data/data/com.qmaple.snapread/mix.dex 4200 com.qmaple.snapread -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.qmaple.snapread -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.qmaple.snapread -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.qmaple.snapread -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.qmaple.snapread -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.qmaple.snapread
Processes
-
com.qmaple.snapread1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4200 -
sh -c getprop ro.yunos.version2⤵PID:4244
-
-
getprop ro.yunos.version2⤵PID:4244
-
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
512B
MD5cd202e926707faf139b538961cbd831f
SHA142b6061ee79ae8280f157feff8962c70c53f482a
SHA256deea8c731f968cfa44f7023269e9508099985787908066efefdad7e69f78563d
SHA5124d3101f939e5b59a24f1ae66c49ce2813e93afd9f6203410ceef5190c88583163126281672ba82f556ec4ed6c58626dac83dc3ff33b0d6b6faa7ad8930709fb9
-
Filesize
56KB
MD5d634abe2be13d724ede736c2877a95a2
SHA135a3056377e0be7d9a0c68fc5c516fabba4f6d75
SHA2566c798ea152ba05ea943d94c6f2eea8916f2e4f96258c84b73db2b9e4025a7259
SHA51243e24a20b44bf823a7bc2ccff0fe29b8d6524cf4825a26a9a4da270401a12d072054b0f581fa665187edd2c37a1ab4c27f0cee9cca0e11aec51e4360d4a9b945
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD541cc8f537bfa03107287d8f0f22a9102
SHA17ecec7061fa27eed0752a8ef557312dd9736e309
SHA256f863bfc0956ee89b64213cff61b5f5815d52ea74217b1fc091e4531db3d264d3
SHA51274a86ba15bf75728afb9460ca2929c3885e506e6dadfd2db96f9fcd4020d3f99b8cf70af545a1c90fc38dd75d3cf1c1d3109dc5d929519709a26eff5f287760f
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
92KB
MD556f3d43403f5b6abb644f731e248f45a
SHA1a1e26daadc22bceb63891b448a211815dba442bf
SHA256e74b645b07f4b9a8021cf46f058bc21519d57ff9454dc03e29cbefce3bc477d9
SHA5125566c88d829f2d6eb586c66c9d0df94d70f1ba6ae192a415cef8a08a984c8ca72a1b57ac93c31e726889ab3c5813baf9becb86f20ffb17e4cfcf354f8d4746f1
-
Filesize
512B
MD502201001fe3f51966100dfe599cdae80
SHA1c19d131545853a67541e7be9d053ea8ba317857b
SHA2568211de1cfa18d2d71f0f74c73f49ca348c82848ce36ff7d8f31184263309aec9
SHA5124cbedcdb12907c6e4770dc697e3978746a5d07a4a1df5637ce90540abbda60e975c0c0e27a90a2694fb6d935100810244e426e961bc66c5de0953e6bf383a10f
-
Filesize
116KB
MD55b2208fb1ce5a030cef6440bd7dde9e0
SHA13e184851ef3438775d7a2cb5c121516703928ad5
SHA256b30fca5f562d2434bab2745f1ea6877d31bd33025e5771c7f3cb04b3df01b737
SHA5127c3a2ddb094e8b0adb19d30a1cac0bde278e74c58c74ceb51b8c0fd644e37177b0354a12a5ab6a8f79263cc8d4b1866187a79ec26794388e2bf0ada5536d221e
-
Filesize
292B
MD5af9ab78c65697460bdc2a24a17cc4911
SHA19c0919f01594857009a259b652ee2ab2133f918a
SHA256752f352f0b987eac0d705b217ab298168be1b6014600e76ea5edc21daede70ae
SHA51205a55bab930d81915289cecb699d9aea01c2312b1684a560dec3dd021af079fcd633e86350e13e70e31448cfc5fd9e87fe2a3db8d8ebaf919bd6c00088445efb
-
Filesize
107B
MD50faaa23b4b977673f5a91382d1943da4
SHA103973df0ac6806cce25f8e5533dde0bd9d5ec0a3
SHA256b489997abc76591455e6982648a366cb20a2f1961440d5dc9db09424bc42380d
SHA512be301ec4c06f9708c2705745ced17864e6d5e539bc6d7156187019e674bb60c077293f65728ad775b5305cf0daf8a9c0be790a763505a9406956798c0bbf0fde
-
Filesize
1B
MD593b885adfe0da089cdf634904fd59f71
SHA15ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA2566e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
SHA512b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee
-
Filesize
1B
MD555a54008ad1ba589aa210d2629c1df41
SHA1bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA2564bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA5127b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339
-
Filesize
100KB
MD5087700c3f0c53c2283fc04aa93a19e38
SHA19eb91a9d681f0b8acc355b9a2a65ceecd0cacda9
SHA2560d286a328d7bfeb8263852ed591958b3824393c07b445e2a9016e557969511fe
SHA512b5b4a7aaa50232a5addfa8f9ccd00b297eda106b50f251f38b0b504e8e4552104f1ae79b3333a072db2efd41b21d1dbc85b0cadc29dc7a4dc1668d4472efd599
-
Filesize
292B
MD563f77f99bd2c2b772a479923bde11974
SHA1c7632e7d301e4463fafce85f84e9c3d7da3fdbbe
SHA2564c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615
SHA5123aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c