Analysis
-
max time kernel
8s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
14-06-2024 08:53
Static task
static1
Behavioral task
behavioral1
Sample
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
-
Size
10.3MB
-
MD5
a8d37293242111cec03e08ceac1c5221
-
SHA1
313ffbc245560f3882bf2b5992c3a7526b96baf9
-
SHA256
52b56ad1c8f1beb1f7d697c1377a408a11a992f35d66cd87212e725878273a83
-
SHA512
864eb30bf00747d3cfa2d8f2ce7b56e3d703035051fedaff633ec2e8d203f537557ddec172a4093198493c14ae368849defc11cddb5e6349e80b81f428b7967f
-
SSDEEP
196608:0NYDmqgCSta8jltir2GfxcEMu/hTmtZnz9q6g2hy/nr7rlOdC:SrsQU/cEMu/hTmtZBpzhyvr7rZ
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
cm.tuofu.a20140927081705description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cm.tuofu.a20140927081705 -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
cm.tuofu.a20140927081705description ioc process Framework API call javax.crypto.Cipher.doFinal cm.tuofu.a20140927081705
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/cache_2/-2054404330Filesize
138B
MD56b6459d52f57e09db2e58cc97c57f8d7
SHA1cafdb7ebf691076ad5d4ef4d38eab16c66ad1238
SHA256da5b5353778777054c46f194d8f8a0018e0164112657ce2a417e92521b044ef9
SHA51296cae4b0cfefa6e827aad7f8045736e7f5c3133f0c7d60a520bcc91ad8e31e1cf597b908c99b96540031892918b9a8cb44249b28781fa9d49fa64d2bf71585d6
-
/data/data/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/cache_3/-2054404330Filesize
144B
MD57570dad48a063a539a65b55460ba7be5
SHA1dce6c30df13d6b2b403fb7c2ec47bffecf04f0e1
SHA256d15489635efbfde00f62f93c54795292d189e702ff75896e74a9476459584fd3
SHA5120ff08876c9e5cfae170284e1295a302d7e5c2b7370ef13242bbc85e655445f37cada490748676e223d32d7bfab6efec106508bc1445dbd8bca7567d7ff102dbb
-
/data/data/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/global_cache/1807629056Filesize
146B
MD5499eeaeaa99ce93e8706251ccb0e0dc5
SHA151c34eb499f6b53c550a4b32c88c81ea9c2d34da
SHA256ce2756ce59b9a1d99f5f161f273cfe7e98155981d6dc17acb8e7a0ac6bf106dd
SHA5125e4d74a18df0b28b241b92eaef5f3b98f98b5b262d83c7fdd955b8d96f3874ab7d55d8bd9474e7e8c683b5e946d2053c4ce7556e44c0fd5b52b2eaa93339a917
-
/data/data/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/global_cache/1807629056Filesize
187B
MD56b2882cf09321ac5feca7e513b63f4a0
SHA135bb671bd4a7fe2771c6da92d6163280852f9fae
SHA256351960847f2a4eb469055f74120300e9a429168b28e03ee4f3a81e47e782d47c
SHA51286e7f4dc5e213c9ee0d604c1569ee5ea7976c67e0bda08ac88e8ee6d8d7d234a78e4076a3f7e06c48c6d7305543677174abf852ceb9e8a689175592d3c7a7f5b
-
/data/data/cm.tuofu.a20140927081705/databases/db.dbFilesize
1024B
MD5c62d358199c4a7de197699e112f95093
SHA1c5b690da0c826beeaf85f313a7e9513343529bb7
SHA256c9da7d17f9bb81071d3330c23bf4b194617154e21a0fa0de72b3777e0ec3f9e1
SHA512670c516be76b23329d96580eed1620397798d9642a500399919d59ef675e41f51ef58a69642c537dbe6e344d0031887290b6af250197d42ed52a179654bf0556
-
/data/data/cm.tuofu.a20140927081705/databases/db.dbFilesize
23.7MB
MD55751e0c6188af3680d79c18686c1a7e1
SHA10ddd57511eaece612470f2b3d546c4cfbd3f0f76
SHA256da47ffccbc24e87f2b662ce41cf87e1147af87f570e7078a19d1e40c71b03229
SHA51293878b3a30104582b462ef79a9dbe5d70306dc1451417b295d8b13bce28af7de52713f476d78a10ab9edbafbf96eac25a952bb8bc09087c1ff0c59b596e9a6f2
-
/data/data/cm.tuofu.a20140927081705/databases/db.db-journalFilesize
1KB
MD563b946280b11bacea6e270f17cd7b560
SHA10a98de5f5eb18df582bcb644828a238c87e4d613
SHA256c0ede9202c41e697cf92f5a69229014690be916baf2fac7f48d98cc8319f948d
SHA5123ed0effc367fca640966602745295dcd9e4247e078938eecbfbf3e00c39c91f553ca2116a93d0ae91b75c6dd9a5a9cb0f988e2877244a80ec21ed92f5c603e52
-
/data/data/cm.tuofu.a20140927081705/databases/db.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/cm.tuofu.a20140927081705/databases/db.db-walFilesize
4KB
MD5f611a42f31703f474d1ff559eb6ac68f
SHA15b2ab9c6c1faa074bfeba995103c855568a12efd
SHA25671217dee562c4daa159e6dc2deca41534d8b5ef4ac151db55f3e4b4682139647
SHA512e3fccaf4fb88bc06a0c401be6592589bc8f8a9e1e56efccdb3f851ac60fcd3d53bfa107a671c7dbfaffedfb208b20125776139ad26b7e658db313f4d096a4cb4