Analysis
-
max time kernel
87s -
max time network
150s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
13-06-2024 00:02
Static task
static1
Behavioral task
behavioral1
Sample
a30f0843c579505b6149e69daeda3d58_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a30f0843c579505b6149e69daeda3d58_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
a30f0843c579505b6149e69daeda3d58_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
a30f0843c579505b6149e69daeda3d58_JaffaCakes118.apk
-
Size
906KB
-
MD5
a30f0843c579505b6149e69daeda3d58
-
SHA1
9a8c6cb3f3a7cdab071caa2869ab9bffe7474f63
-
SHA256
4a9d76ef21a86f91fb239054fdbeb47d77bb21179b3702887ca0604248c25867
-
SHA512
0033d87d539ba5d2b244758b73c3ee1058c40d86dccf2f64ebc31548f61ba4a74f39d572430f3d3df1a7c4bfe8aadf35779311b4501033a7fe001e8e923ff4f5
-
SSDEEP
12288:izgX/bmAT/tK3bvE1caV2W43mmaO3brR6tdQ0p9ttS2bWkB2eT5TMzAx3ZXb9A1n:IAbpeTAO32dRLty2/T5TTL8
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Acquires the wake lock 1 IoCs
Processes:
com.sim.gerard.bgubhundescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.sim.gerard.bgubhun -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.sim.gerard.bgubhundescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.sim.gerard.bgubhun -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.sim.gerard.bgubhundescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.sim.gerard.bgubhun -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.sim.gerard.bgubhundescription ioc process Framework API call javax.crypto.Cipher.doFinal com.sim.gerard.bgubhun
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.sim.gerard.bgubhun/databases/lcdownloadsFilesize
16KB
MD5ccafe434dee3daa40fe525297f69cc34
SHA1f2bffaee6cb9c0e5c6ecbd78388a5502702b1d05
SHA256dfdc489a14040bbb8543b3c9249b664db5e9dec15ea5b0e5a040f8493dd85bcc
SHA512fbea0b53395981dbad127c709dad92795947d5ec817927da448ef9c4744bf9b38afb680a43892ec2f309197336c034f7f89ab03e109cf1bd8f70c33952e8353c
-
/data/data/com.sim.gerard.bgubhun/databases/lcdownloads-journalFilesize
512B
MD5b36d152f4860de13bfb441faa041599a
SHA1468507ca7bc6c7968606c84ea619d00b0f61ab9d
SHA256d3423f84343d479e1475fbeb2b952d603d413f50edc8da616ec60995fe4ea1f0
SHA51239a4b0a6e4fbc91ece3a19e37c601d4f777c3e7c7228e3d758e13c8407af914f9251debbc43e989bb1d3d0cc2c4cc134f74744867aad82d21e9cc059282f2ee9
-
/data/data/com.sim.gerard.bgubhun/databases/lcdownloads-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.sim.gerard.bgubhun/databases/lcdownloads-walFilesize
28KB
MD5d3084fb56c27bcddcf8feb0cc5846388
SHA1986a15812c1ca59cb6300680d35973484cbab972
SHA25671439beb81b7c6419699ef8f994a46acbec3d900bc3725e0925b584b38bb7e93
SHA5124a3982acb9d46478e6fc7ea1bee8cc3ad7883923b2aac25947e1b19a3c34fb1bdb612c902a54bac9fb05300c45048f277f8c4596c68600fe133ff8b2a73a75ed
-
/data/data/com.sim.gerard.bgubhun/files/setting.txtFilesize
102B
MD590b604f4273e9af48eb421ee3052b903
SHA1dcf95523092e5d850aa3e8b56a60104ba939aada
SHA25648d58ff3b75b08c0e5886ba822501ed87d34bc4edaa92c5c774b89e224700a24
SHA512a740b5a5a3acee4328da3b986c06e02098d6117e085074fbdc8eeedf477e7ae2527cca100e3d259d57feec7f2a84731924ac6e7bcb70701b7152088151be291b
-
/storage/emulated/0/Android/data/code/KI.DATFilesize
58B
MD52b53b6b030d7bdb5da6ea0d501b6a165
SHA1fa4e9e8d724d91963a3fa3def11790559cac11c1
SHA256d8209526853a232417c586b6c130ed3ec53af8a2928b95d032ddcee37b4698fc
SHA512dceddb69f3c907593c47edd56cea3b5cd68e560f020244e6abf9e63c58263d38b36e8736617758f2c5c7292bffd815af44fee3805217aa9065cd143e0599b128
-
/storage/emulated/0/Android/data/code/MID.DATFilesize
60B
MD5c679783f144b5b77cbcc89952b9590de
SHA1339c29f74856fbb0a27070d1d90c1acde4d49142
SHA25603e9e03b09bb456d2e730f787e5b232d119d59547959fd73617cbf44dcf56de3
SHA5125ac8cdf1e7950029ccd418c6df2991e9763083cc631f549ab2302758b0cd634817c1f712db7310927ba39aa9612e7be746532142434d314fb7231e2f97d4aa2f
-
/storage/emulated/0/Download/9j/1.datFilesize
15B
MD54bdf32d4972c2adae82c299d0d385d75
SHA1c13ecbf155453ee71b9375e49e04bea8eaf64402
SHA256868e0f7349b166c8be4f3912792383f4b075ccf79e8586b3fdeea1bc2550cd19
SHA51219c10ce0d4c671ac087d086351fc82dee6fa61e78f0cc8edf5981d263196fe294988823b591c4d96b8c6b448e998467f12da442c58ea2b5ddbe96b33c7ff5b26
-
/storage/emulated/0/Download/ads/clst.datFilesize
15B
MD544787d13320c41fe0128d47a2804503a
SHA180c3c8711e1d33fdec235a3231771c409bc05747
SHA256129ad76f4928088d897081d5d95d9f449691dc735767f68435b061504ef06954
SHA51252ffde4c501260521097d63233ab062003fe9e6f55fe39f72a3870020ec7dd82647c907615fc2c07f270af9dbddc744ac71e6e2c226e7d99a0781e597aa3f9d0
-
/storage/emulated/0/Download/ads/rt.datFilesize
15B
MD521ddcdc0be65cfdbf076ba31e647268f
SHA1050cb6673ba1f4473b56bcd3be19ecb76a3ae38a
SHA256fc5b516d23ab6867f6b9076828adf44a13b3a289eefc3bec185e9e95ef053700
SHA512fb91bd5bc9bb133e546b9a170c7f0cdc44b7fb77532ae093e378c153df11d0faf86d89bdb0fd229fca154080d6f6669dc172ae0a2f458aa5662b1167306ecc4b
-
/storage/emulated/0/ljk/capin/time.datFilesize
15B
MD54cf2db54d9485d248873a92f12ecd7f0
SHA1bb979fc0936ff5512da7cb65697413061029cbdd
SHA256443029d9d352531a3739fbb17021963b5f29479995962519dda2c37b29974c03
SHA5125205bc5f709a76ee1b528c1c14de14954f68641bccc79197343363160ec7892a86b041cac3dd843b9a80de6a0256c1c6c07cb83f52176b7c5108bd2c1458be10