Analysis

  • max time kernel
    179s
  • max time network
    183s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    14-06-2024 10:02

General

  • Target

    a919a52d914d17db6f1e951718e24232_JaffaCakes118.apk

  • Size

    4.5MB

  • MD5

    a919a52d914d17db6f1e951718e24232

  • SHA1

    038be5c21f7c28bbe0f6d57347923d1ac99481a9

  • SHA256

    a5a4890af6c8de34aaa7177907e0ea11595ffdfe8e873b44b04c849639c45afb

  • SHA512

    efdd9eb77a9a5f519925b72faa250554d0ead0265728ccccc438fe2da3b187be7110028f497bf9c364238e7216c75887531eaa142e92b43472e7c198e30bbc3e

  • SSDEEP

    98304:h6ulWfbap8Zupss4YPHCZFda5crNGXBqiO0bToXfBMj:h6Bup8ZUpVPHWrsANGXBq7AMPBMj

Malware Config

Signatures

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • com.sohomob.android.aeroplane_chess_battle_ludo_2
    1⤵
    • Requests cell location
    • Acquires the wake lock
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.sohomob.android.aeroplane_chess_battle_ludo_2/databases/downloads
    Filesize

    16KB

    MD5

    e07b3465c58af2f92d31f2a1ba443bde

    SHA1

    9b3407e110af63e34bd755451fc471bb230fa8d8

    SHA256

    cd586187569b203caafc29642918a0505a04cfb8af7f54eeea386311a160b46f

    SHA512

    06c48ed793e56d923ce20d4683fef4d6b62f24fff7739001ff55fdd4bb7e5d8485be175a8a31ee62a766a7b8d01b8cd9b6e99732a4c6451dba534b4012bbabc3

  • /data/data/com.sohomob.android.aeroplane_chess_battle_ludo_2/databases/downloads-journal
    Filesize

    512B

    MD5

    5647d623a27d317d47b8f74c2bb50b70

    SHA1

    53d606fe15ba49de2ed92cf87e24fcc51fa1ea88

    SHA256

    b9fe8d5f7f0719cfe0afad782f5de8d797f07be48f23640a0a2bf024b4a494da

    SHA512

    c1a57c183c7e353b6c958809765a7cbd9aed371286ddfa746d035ddf78688c3b50c702986b9392ca7bc4d49d374cf6f039f2a41c288116a1c660855fa9c7c178

  • /data/data/com.sohomob.android.aeroplane_chess_battle_ludo_2/databases/downloads-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.sohomob.android.aeroplane_chess_battle_ludo_2/databases/downloads-wal
    Filesize

    28KB

    MD5

    b19ef6334750271fa3aaa64876867d39

    SHA1

    3a3485cbe417519795c3662020798adb52162ba4

    SHA256

    2e24feef5fdaf247801bcff07fcfed534524ecfd3657e3253a7410b8d29d04ab

    SHA512

    e09d9394db614a516223ff40bfadea6cb27d00b468391f2007f3bbd06c4388222898a1415dcac43ab8ae08311a66c739a19891e2f1284184bdea8d7ca15211c0

  • /storage/emulated/0/.android_/b
    Filesize

    90B

    MD5

    0f89cd47751d3b6c53f0caf011cc5633

    SHA1

    214563c60938e39d0fcb9d48002b1ff3131126bd

    SHA256

    f36215e8925dccd33ffd15ccb864a5c335b32524924364d5cfd22d62659d66ea

    SHA512

    773f8afa025ac15fab4297845855b23b4c98ca5b039ef48243e58984bff14c7b85bbab084955058370bf8d64e51cc6a871996cf530e696f43f03252340fc111d