Analysis
-
max time kernel
7s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
-
submitted
13-06-2024 12:38
General
-
Target
a5939a1124835d1d8430f9be3561b2e4_JaffaCakes118.apk
-
Size
826KB
-
MD5
a5939a1124835d1d8430f9be3561b2e4
-
SHA1
ab275c1ef4be018ff83efd045f18f6c191368d18
-
SHA256
aec77d2ac31c45d755e65a7a0fa935a87a9f04c927a08d1f1f08c85bd7153695
-
SHA512
da382fcf6dfda7c5efea49ef56887bc8a9635c577d5c1d3ca8e71b28ab83ffef1961a24ce786137d9d2491d6fdaec6f89764ae4c23c32c95b90e1e02958bffaa
-
SSDEEP
12288:oon8d3NFhIZAfQsoXyZ6c0JAbJxdDyE3VIFFC1VFvZVo3IcCPk6DAYJynnWDK:BkwyF+20Jm5DPmaRZb/D/ynnWDK
Score
8/10
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.eliferun.sparklemusic1⤵
- Checks if the Android device is rooted.
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Checks CPU information
- Checks memory information