Analysis
-
max time kernel
9s -
max time network
186s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
14-06-2024 08:53
Static task
static1
Behavioral task
behavioral1
Sample
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
-
Size
10.3MB
-
MD5
a8d37293242111cec03e08ceac1c5221
-
SHA1
313ffbc245560f3882bf2b5992c3a7526b96baf9
-
SHA256
52b56ad1c8f1beb1f7d697c1377a408a11a992f35d66cd87212e725878273a83
-
SHA512
864eb30bf00747d3cfa2d8f2ce7b56e3d703035051fedaff633ec2e8d203f537557ddec172a4093198493c14ae368849defc11cddb5e6349e80b81f428b7967f
-
SSDEEP
196608:0NYDmqgCSta8jltir2GfxcEMu/hTmtZnz9q6g2hy/nr7rlOdC:SrsQU/cEMu/hTmtZBpzhyvr7rZ
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
cm.tuofu.a20140927081705description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cm.tuofu.a20140927081705 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
cm.tuofu.a20140927081705description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo cm.tuofu.a20140927081705 -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
cm.tuofu.a20140927081705description ioc process Framework API call javax.crypto.Cipher.doFinal cm.tuofu.a20140927081705
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/cache_2/-2054404330Filesize
138B
MD56b6459d52f57e09db2e58cc97c57f8d7
SHA1cafdb7ebf691076ad5d4ef4d38eab16c66ad1238
SHA256da5b5353778777054c46f194d8f8a0018e0164112657ce2a417e92521b044ef9
SHA51296cae4b0cfefa6e827aad7f8045736e7f5c3133f0c7d60a520bcc91ad8e31e1cf597b908c99b96540031892918b9a8cb44249b28781fa9d49fa64d2bf71585d6
-
/data/data/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/cache_3/-2054404330Filesize
144B
MD57570dad48a063a539a65b55460ba7be5
SHA1dce6c30df13d6b2b403fb7c2ec47bffecf04f0e1
SHA256d15489635efbfde00f62f93c54795292d189e702ff75896e74a9476459584fd3
SHA5120ff08876c9e5cfae170284e1295a302d7e5c2b7370ef13242bbc85e655445f37cada490748676e223d32d7bfab6efec106508bc1445dbd8bca7567d7ff102dbb
-
/data/data/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/global_cache/1807629056Filesize
107B
MD5676aa9573d3c381e283dcec0d3f49ce0
SHA155466c9c0525c3d80081ce5dabcf6e7e2f9fd776
SHA256d862dc9d32cfefca15ba0ce33d49944815e8069fdb27820e5e4fb1bfd62f8318
SHA51214032bd8c961d54e4aaf994edd4a081ce713bd82c244a289cd5a0cdf217f1226c42c3f3a53ed23a18b333e6ec9228e80a2b1aa8a7f4ed30a34df2b9149e5af0d
-
/data/data/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/global_cache/1807629056Filesize
136B
MD5a45d9880d71cf4fdc91776414c0df9eb
SHA1954c16911e94deecad7adad4b8bfdd4da947f2c4
SHA25698b34c727b2dde53a283115fb8521eaef4450014feadcb2744f25ecd9cf6d86f
SHA51236a51f0756353d97d1f049f7a526ac9c8d78caa31e739a6bf0ab6a2fd3784c66e5914645433274922994c4d06c1882c0f623d1c43b94f432c017cd4301cc140b
-
/data/data/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/global_cache/1807629056Filesize
148B
MD546f2afc53c81ae4fed739f09fff7899b
SHA1bf5127d5478bca9c7fe94786d6ee7c4b6ce63714
SHA256bccfe0b6a8c48ffe54eed7cb9954e5ce273f70161a502b3bb925c892bbee6776
SHA512830f8e3053cc142e4de3c33ba2be82a81aa360f5eff186d9f3f85375ad61a72c9174cc51aac7e4623b88e28cacb188eddf79e8ec028a9ac2a7b1633a95c54233
-
/data/data/cm.tuofu.a20140927081705/databases/db.dbFilesize
4.2MB
MD55eb48502a0a8d8a3c235388686bface9
SHA14eb8bce49f32dcb8b6b1c842158f846871ef40b1
SHA25657e2ea30c4b49c0b6fbf7d7ea08e06aa882ab84ab31c600fe5e3b510fb09d5bd
SHA51285ac8c4ed4ae81e2f9e0490fadb3868890e062481458b5bdb046996ea96aa8916d68ef729431e58780f85d08199933a86dca1f3fe21e4b67ad89d1e777c763b2
-
/data/data/cm.tuofu.a20140927081705/databases/db.dbFilesize
23.7MB
MD55751e0c6188af3680d79c18686c1a7e1
SHA10ddd57511eaece612470f2b3d546c4cfbd3f0f76
SHA256da47ffccbc24e87f2b662ce41cf87e1147af87f570e7078a19d1e40c71b03229
SHA51293878b3a30104582b462ef79a9dbe5d70306dc1451417b295d8b13bce28af7de52713f476d78a10ab9edbafbf96eac25a952bb8bc09087c1ff0c59b596e9a6f2
-
/data/data/cm.tuofu.a20140927081705/databases/db.db-journalFilesize
2KB
MD5e4704f1470b594374ef29657bc444bfb
SHA1af95102024183a37b9eb602b0e2c170a14c97ba1
SHA256e27e3c83955ddb97eeb9c23bea4df37d37c9b63781ac68a554e86459dff6d7f1
SHA5127d5ee07347cfbb24060428a585528320882c0f30a3362787cdbee00f3396b51076f083cc8a4b9ecbc6f4783886d3907378be9b3d458ace9905188926ff3221b2
-
/data/data/cm.tuofu.a20140927081705/databases/db.db-journalFilesize
2KB
MD563a7716c1e53146ce6cb9f13c4b2bf44
SHA18dfa6912c773e33a7ce91e1a5fdca5881ee58e05
SHA2566e211fdffe51ddf147ee53ac24de4671a5e074a572a86c08fd38b6e13a8e21d6
SHA5122864ee8f4664e77ac62b54c0053ef805aa27ba27a74e926594b9cac1be29f2dc0ec3365e5a68960e69904102f93f9a224987be66f49ead471872139ae2dbee0c