Analysis
-
max time kernel
3s -
max time network
159s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
14-06-2024 06:09
Static task
static1
Behavioral task
behavioral1
Sample
a8444d28197e06d165e39dfdc453e9f5_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a8444d28197e06d165e39dfdc453e9f5_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240611.1-en
General
-
Target
a8444d28197e06d165e39dfdc453e9f5_JaffaCakes118.apk
-
Size
9.2MB
-
MD5
a8444d28197e06d165e39dfdc453e9f5
-
SHA1
10121924f2c9936a9ab538ccb68b805b9014a9ae
-
SHA256
59c6fa98a482bc60fcbe92538d0f66b7258d5c513a62eebd50cdef11208ae13b
-
SHA512
05482a66a4475d964f52ea7d5e80a38abec68ac064561eda1e5d601e7d243705a5e9bde053f5347ed6b084f3a6e4853302aef78e42ab154ed240cbb483cdbff3
-
SSDEEP
196608:pe0EwZKSolcQXXhgxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx1:s0ErBXhgxxxxxxxxxxxxxxxxxxxxxxx1
Malware Config
Signatures
-
Checks Android system properties for emulator presence. 1 TTPs 7 IoCs
Processes:
com.lerays.weittdescription ioc process Accessed system property key: ro.product.device com.lerays.weitt Accessed system property key: ro.product.model com.lerays.weitt Accessed system property key: ro.product.name com.lerays.weitt Accessed system property key: ro.serialno com.lerays.weitt Accessed system property key: ro.bootloader com.lerays.weitt Accessed system property key: ro.bootmode com.lerays.weitt Accessed system property key: ro.hardware com.lerays.weitt -
Checks Qemu related system properties. 1 TTPs 7 IoCs
Checks for Android system properties related to Qemu for Emulator detection.
Processes:
com.lerays.weittdescription ioc process Accessed system property key: ro.kernel.qemu.gles com.lerays.weitt Accessed system property key: ro.kernel.qemu com.lerays.weitt Accessed system property key: init.svc.qemud com.lerays.weitt Accessed system property key: init.svc.qemu-props com.lerays.weitt Accessed system property key: qemu.hw.mainkeys com.lerays.weitt Accessed system property key: qemu.sf.fake_camera com.lerays.weitt Accessed system property key: ro.kernel.android.qemud com.lerays.weitt -
Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
Processes:
com.lerays.weittioc process /dev/socket/qemud com.lerays.weitt /dev/qemu_pipe com.lerays.weitt
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
375KB
MD5b373c875e5f94591bef495c900b9117b
SHA1540f1dad31b336619402a0c56715c749d60fa3a7
SHA2567d91ea267e66a41f11e3266f7c25dad9a02f8b798e36b66f6c7b8757eb2b8b98
SHA5126529d0c6c746bcfc9ab3e249bc8064f8b0246fda03dd7ba1a205985def030f8a873754f90d7b6a3ca0f7c567f66ee3e2a08b623baabf044680233000f6af45d3
-
Filesize
5KB
MD5bc0800b3b012152cb0777c37095bd112
SHA1dbc55b0412436cde0525d31982ed4d1ee1472329
SHA256465d0e121f47af6242f8d62bfcb94d9574de8f59d3bb4a8f58e59f7c996e9505
SHA51277f28c55610ad14fad45cf5cb2bed971337d98703aaac3e4a1e10f88b9b9e754be19b6b6b28367365d662b6d63b8a7f49d4cb992f801dc85ba974af287186006