Analysis
-
max time kernel
179s -
max time network
148s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
-
submitted
14-06-2024 00:35
General
-
Target
a756c87a15cf128cfd1d8c6fb316229f_JaffaCakes118.apk
-
Size
21.6MB
-
MD5
a756c87a15cf128cfd1d8c6fb316229f
-
SHA1
6e440cdcb90b6d45e9acdd32674e88fc3bb98ba8
-
SHA256
850454ef37d4a9ac64db5145dcb646db2fb98496444c43ace5aabe193dbdcfc5
-
SHA512
68daa6fb0d7bf58417bede45a19809cb86f5666c22c0e89fe508fdf35e1f5170b28580970cfb5bc02d3ec9b24d2e1fd332bf0e6729f980d26c0926d09f95631f
-
SSDEEP
393216:pBgpY1YzzeeZJBSwhv2HVAlKD/+WALw3S1pUsHjfpsHm:XSY1az/TBZxqVAGwLFxHjSm
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator. 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Processes
-
com.ibirdgame.tank.mi1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.ibirdgame.tank.mi/files/mobclick_agent_cached_com.ibirdgame.tank.miFilesize
120B
MD50f9343317d435ea836514fad8d086cc1
SHA1f485e70e611d941c7dc925a3491103e1d4b3d048
SHA256e8a4dd385545ac0c20f1a0243be2730db3256c1f3e668bab226062afab5c8766
SHA512a602d804b955b15190d88f49d7fa4861c9b288c6134f23b84bf4899d6e3435b9fd2ab3389d5bb1b2f60c6e5c36fe385de5aaf245a7217d5b0e128ef067e309f1