Analysis
-
max time kernel
7s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
14-06-2024 08:53
Static task
static1
Behavioral task
behavioral1
Sample
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
a8d37293242111cec03e08ceac1c5221_JaffaCakes118.apk
-
Size
10.3MB
-
MD5
a8d37293242111cec03e08ceac1c5221
-
SHA1
313ffbc245560f3882bf2b5992c3a7526b96baf9
-
SHA256
52b56ad1c8f1beb1f7d697c1377a408a11a992f35d66cd87212e725878273a83
-
SHA512
864eb30bf00747d3cfa2d8f2ce7b56e3d703035051fedaff633ec2e8d203f537557ddec172a4093198493c14ae368849defc11cddb5e6349e80b81f428b7967f
-
SSDEEP
196608:0NYDmqgCSta8jltir2GfxcEMu/hTmtZnz9q6g2hy/nr7rlOdC:SrsQU/cEMu/hTmtZBpzhyvr7rZ
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
cm.tuofu.a20140927081705description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cm.tuofu.a20140927081705 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
cm.tuofu.a20140927081705description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo cm.tuofu.a20140927081705 -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
cm.tuofu.a20140927081705description ioc process Framework API call javax.crypto.Cipher.doFinal cm.tuofu.a20140927081705
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/cm.tuofu.a20140927081705/databases/db.dbFilesize
23.7MB
MD55751e0c6188af3680d79c18686c1a7e1
SHA10ddd57511eaece612470f2b3d546c4cfbd3f0f76
SHA256da47ffccbc24e87f2b662ce41cf87e1147af87f570e7078a19d1e40c71b03229
SHA51293878b3a30104582b462ef79a9dbe5d70306dc1451417b295d8b13bce28af7de52713f476d78a10ab9edbafbf96eac25a952bb8bc09087c1ff0c59b596e9a6f2
-
/data/user/0/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/cache_2/-2054404330Filesize
138B
MD56b6459d52f57e09db2e58cc97c57f8d7
SHA1cafdb7ebf691076ad5d4ef4d38eab16c66ad1238
SHA256da5b5353778777054c46f194d8f8a0018e0164112657ce2a417e92521b044ef9
SHA51296cae4b0cfefa6e827aad7f8045736e7f5c3133f0c7d60a520bcc91ad8e31e1cf597b908c99b96540031892918b9a8cb44249b28781fa9d49fa64d2bf71585d6
-
/data/user/0/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/cache_3/-2054404330Filesize
144B
MD57570dad48a063a539a65b55460ba7be5
SHA1dce6c30df13d6b2b403fb7c2ec47bffecf04f0e1
SHA256d15489635efbfde00f62f93c54795292d189e702ff75896e74a9476459584fd3
SHA5120ff08876c9e5cfae170284e1295a302d7e5c2b7370ef13242bbc85e655445f37cada490748676e223d32d7bfab6efec106508bc1445dbd8bca7567d7ff102dbb
-
/data/user/0/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/global_cache/1807629056Filesize
107B
MD5676aa9573d3c381e283dcec0d3f49ce0
SHA155466c9c0525c3d80081ce5dabcf6e7e2f9fd776
SHA256d862dc9d32cfefca15ba0ce33d49944815e8069fdb27820e5e4fb1bfd62f8318
SHA51214032bd8c961d54e4aaf994edd4a081ce713bd82c244a289cd5a0cdf217f1226c42c3f3a53ed23a18b333e6ec9228e80a2b1aa8a7f4ed30a34df2b9149e5af0d
-
/data/user/0/cm.tuofu.a20140927081705/cache/feiwo_dir/storage/emulated/0/feiwomob/global_cache/1807629056Filesize
148B
MD5b25308a7f2e253083b30a2bdbd8e1549
SHA16098ffb31af72eac909371ecab2703e6abee2d39
SHA256575d091e1119d49f30fd750ddcf98ac3f9402ab8b8fd466a4e6f26a9bab5f1af
SHA5128cb99b151d09901adef0212d08942d0811d4159aa5ec6cf5ba97d03df89bee6393eb3132cfebcb0d1ee72c9c1abaabacdaeabf231a62de5f8c4053a25f178a50
-
/data/user/0/cm.tuofu.a20140927081705/databases/db.dbFilesize
4.2MB
MD5b477871e0b1237f3319b0c8280245bcc
SHA1004380fd066f52d5902673e5c2fcaaf8d977596b
SHA25675ecff67d0711df96dcd9e39a170e6777e7fb1c1bfc79cfb12f505e0efbd5c05
SHA512000b29c5ce09d0296fdf2d9d4fea434a12d6279ddda1d19b01ac69b87edb0bd82fbdb7c282572a7a4071c2ca4b1dc6d6896cd1f5ad97d2384e428c842038e643
-
/data/user/0/cm.tuofu.a20140927081705/databases/db.db-journalFilesize
2KB
MD575dfca6e947fdeb6dbf53cbfb8da1733
SHA1ad360965941c9d94940af194a79e5968f9f23943
SHA256e00d6048268929d93016d7cff5a63c8f4fcb0d0a695a2177aeaf38ff206a1a81
SHA512496622a5b70fca7bdbfd73e3a9825bd4e1c3fee559b62f692b613172786c539430a467d1f120a6ffab2a7a0d2c2218cce3e096980c5502045f5ad22b989b3a77
-
/data/user/0/cm.tuofu.a20140927081705/databases/db.db-journalFilesize
2KB
MD5e1eb5ba4340e4d69e6fd03fd7582aeaa
SHA1dbb04bc50fc96a7ee6feb4c4eba899b561ac7e3c
SHA2566b7b2b86e3544d76120c53b062401f61b752dda22add77bce9aaa96e468ed10c
SHA512a6edae9d48de9135ff00a3ac937ab484e211b4131f978701f660bc990c3c1a3244c6a5b80694963dd42cfd165b008e3c3203e088f76f82eab36e76b79f4ab339