Overview
overview
7Static
static
6a8fdbb3e26...18.apk
android-9-x86
7a8fdbb3e26...18.apk
android-10-x64
75e15e9f845...38.apk
android-9-x86
5e15e9f845...38.apk
android-10-x64
5e15e9f845...38.apk
android-11-x64
92970fb4ec...e7.apk
android-9-x86
92970fb4ec...e7.apk
android-10-x64
92970fb4ec...e7.apk
android-11-x64
c8fa929798...3d.apk
android-9-x86
c8fa929798...3d.apk
android-10-x64
c8fa929798...3d.apk
android-11-x64
e2080628a2...8e.apk
android-9-x86
e2080628a2...8e.apk
android-10-x64
e2080628a2...8e.apk
android-11-x64
Analysis
-
max time kernel
179s -
max time network
171s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
14-06-2024 09:34
Static task
static1
Behavioral task
behavioral1
Sample
a8fdbb3e2617ab4c8b8e7c8229618b08_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a8fdbb3e2617ab4c8b8e7c8229618b08_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
5e15e9f8455f040ea97bb873613f9d38.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral4
Sample
5e15e9f8455f040ea97bb873613f9d38.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral5
Sample
5e15e9f8455f040ea97bb873613f9d38.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral6
Sample
92970fb4ecbd2e24e52fd614fa38bbe7.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral7
Sample
92970fb4ecbd2e24e52fd614fa38bbe7.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral8
Sample
92970fb4ecbd2e24e52fd614fa38bbe7.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral9
Sample
c8fa92979814a0b92fbc9ec6f278223d.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral10
Sample
c8fa92979814a0b92fbc9ec6f278223d.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral11
Sample
c8fa92979814a0b92fbc9ec6f278223d.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral12
Sample
e2080628a2fe31cc9448c40e1291a08e.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral13
Sample
e2080628a2fe31cc9448c40e1291a08e.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral14
Sample
e2080628a2fe31cc9448c40e1291a08e.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
a8fdbb3e2617ab4c8b8e7c8229618b08_JaffaCakes118.apk
-
Size
9.5MB
-
MD5
a8fdbb3e2617ab4c8b8e7c8229618b08
-
SHA1
19a8ea9b6da157c70f303a68d329a748b9bfb6eb
-
SHA256
a5ed1248d020c54975bcf50f4ae282fa6241de3312c008b2b41bf69bc552d69d
-
SHA512
f57097d9523a4d3be4bbcbfdfff444be47d77d69a46dc5c653d2b2d43b044b7819989b486eee8cd63608049a0c45491c003569dc4be6f48b9cba840c0bcc98a9
-
SSDEEP
196608:1dgwNvq9CFPVG9waEt49w+pW9ar7eVZU322O2UzbY:cw4YtGOaEGjW9K7eVZW25ZbY
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 12 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.damsy.soupeajfcom.damsy.soupeajf:remoteioc pid process /data/user/0/com.damsy.soupeajf/files/1718357717304.jar 4178 com.damsy.soupeajf /data/user/0/com.damsy.soupeajf/files/1718357717367.jar 4178 com.damsy.soupeajf /data/user/0/com.damsy.soupeajf/files/1718357717362.jar 4178 com.damsy.soupeajf /data/user/0/com.damsy.soupeajf/files/1718357717416.jar 4178 com.damsy.soupeajf /storage/emulated/0/.push/.app/source.apk 4178 com.damsy.soupeajf /storage/emulated/0/.secur/.app/framework.apk 4217 com.damsy.soupeajf:remote /storage/emulated/0/.secur/.app/framework.apk 4178 com.damsy.soupeajf /storage/emulated/0/.push/.app/source.apk 4217 com.damsy.soupeajf:remote /storage/emulated/0/.cache/.app/.lib.apk 4178 com.damsy.soupeajf /storage/emulated/0/.secur/.app/framework.apk 4217 com.damsy.soupeajf:remote /storage/emulated/0/.banner/.app/.ban.apk 4178 com.damsy.soupeajf /storage/emulated/0/.banner/.app/.ban.apk 4217 com.damsy.soupeajf:remote -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.damsy.soupeajf:remotedescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.damsy.soupeajf:remote -
Acquires the wake lock 1 IoCs
Processes:
com.damsy.soupeajfdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.damsy.soupeajf -
Queries information about active data network 1 TTPs 2 IoCs
Processes:
com.damsy.soupeajfcom.damsy.soupeajf:remotedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.damsy.soupeajf Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.damsy.soupeajf:remote -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.damsy.soupeajf:remotedescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.damsy.soupeajf:remote -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes:
com.damsy.soupeajf:remotecom.damsy.soupeajfdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.damsy.soupeajf:remote Framework API call javax.crypto.Cipher.doFinal com.damsy.soupeajf
Processes
-
com.damsy.soupeajf1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
-
com.damsy.soupeajf:remote1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.damsy.soupeajf/Heriswap.dbFilesize
3KB
MD5d4fda447be58de8656f7267c5ce2adff
SHA1edde01802b846cf9d1ec35d19191bd737bb470d5
SHA256e857a6d3f93f50d83c58c43b991046abdbb4a6b8cbc2cf713f3db064fbd148f9
SHA512173d511bae11821d427da058222519192996d2bf80d24a33a434c6697b923ec790829e023900afa8fba988d4a11facf4224946f8f4e198d4c56907e39c60da21
-
/data/data/com.damsy.soupeajf/Heriswap.dbFilesize
3KB
MD514f2ecac1abb5cb56820a895a8ec8532
SHA1f6d0fe1f11cdcb6e4b635f0976b6c809f3a86ef3
SHA25670b55511157f8517d566e601a8338abf0c9fdecbdf5f93b9befb46ecd7a01238
SHA51249fb6f41461c6c4a140b263749dbcdd68b29401422e8412f639e83462da378b28518c22df5d8c7c98e4d6df0714fa0cf0fee98689e8905cd44726fddf4ff43ff
-
/data/data/com.damsy.soupeajf/Heriswap.dbFilesize
3KB
MD590614bf4c63823baedeb1f0ec9b7bb3d
SHA1bc6ada1697900ce85c4bdfaf3a1f15c24265307a
SHA25627ca4b6c2e4dd16349c5aa20679df4045fc20cad70f8a19c1ebeeebbecd3d525
SHA5124cec63bbab91aaf40e2eb7dc92317bc7026a501c3ae9d57795bdb0dad275db286d5b33c0b6ccfd9128a48b913a102c3fc4e32fe858068aa1c3a20041471915ef
-
/data/data/com.damsy.soupeajf/Heriswap.dbFilesize
4KB
MD5ca075753ab2e9c6815c15f209a8dbd75
SHA10958a1030f15835b41b71fee2d02e933e65015ae
SHA25643887e39fb8be348790e9f79b9ca0247a7bab248f44408822799741f4f0173fe
SHA512d435a6141865872d36d00ad6ede41efa91a126fb0981c9624d825c604a205a91ec1e5a46948397c371f9dfda4ec6929747612f92c60486041618ae1bf90ced90
-
/data/data/com.damsy.soupeajf/Heriswap.db-journalFilesize
512B
MD52ed26a79602f4d552aa337d0e46267b8
SHA1087304539c91ed995e18b04d42abe123c081fd3e
SHA25677fd942fcd5787b61e4db67c78979536d1a861bb0b28149542f7f223019a7a4a
SHA5125d38473adfea8227d203f0c6b588583e7ea0f90cfb4da3e8725dc811f2c5ee22ab2f3cb2002c28042a5e4a990286c19ea117c4cdc2f84edbf215f03490e167b9
-
/data/data/com.damsy.soupeajf/Heriswap.db-journalFilesize
3KB
MD50c65bdf6d59020c95d82a9ef9344a816
SHA1696194502cf8a2f69746e4e0fd87d04e76ee9b94
SHA256020e177636fad4dcb3d970a669a249bc0a7ee8eeed381d29493a4ab8214dae71
SHA512eeb7a3087107b2f65a4ff908622f80c02ac562d79c99280f7382cb5efbbf7fa4394e7797d11ef5db1e82f56f3b0d886f0a6ff31a9016cb15a3c3eecd1c539651
-
/data/data/com.damsy.soupeajf/Heriswap.db-journalFilesize
3KB
MD5c5756a0df9add85290d9efbc830f816a
SHA1a8539da2d3ef5fe46bab1bf8d64f14083387d4e4
SHA256190f8fe7d38a234c013f37818f8ef28bdf88cc6cc155db93b7d4baf7b272d65a
SHA512abcbf43f7afbe633ac366d70dc99b319e8d96431014aa9349b7bc4ed737ada9346421842abbcd01c900bfd9cbc7f4cde93538258eece104cb4a31503d710ea99
-
/data/data/com.damsy.soupeajf/Heriswap.db-journalFilesize
1KB
MD52bc5170a0d72340a7a5ca03bcdcf9547
SHA1922cbfd941322dcb55261f446089f8422a413e1f
SHA2566a1b2ef639dba65d447d1c4f6bb5373df6fe2babc4527d59d8299041f5b55f85
SHA5120d9aafad2789f6b61418f8de090c0661b16b5c35107d59d43cce6127c200477e07d3bed6237b9d7ca99888a66b17e74b9499f70ae17887928bc6fd8048f3a668
-
/data/data/com.damsy.soupeajf/files/1718357717304.jarFilesize
88KB
MD52b8e5133ab70faf0d60773c2479784a8
SHA14bf07ca019939c97c370290b2b130782ec1ee9e4
SHA2560089673365d16f03f0f62c9bb2bcab85cb6e0a9becb887536f74df45f4a96acd
SHA51257454b5966d458004a4823f83105fed25e8a44cbaa3a74dfee5d1aa178c9c17cd442487dde2c78c9462922ca3b3d1a353925121243c350f99e0c7b8a42c7d2c4
-
/data/data/com.damsy.soupeajf/files/1718357717362.jarFilesize
28KB
MD583cf98a8a0c81c31f961dfa319043fe1
SHA17c3c5c75ccb1e34cbf95927223b6f2818ee85a3d
SHA256a527159aa1a9503c78af96a094ebf7be320cb7abf9b72467d5fafa1d3d2ab0c3
SHA512362a91749c1e609358de4df99913d1a5ec30a1c5360fb55d7abf92bdde561d553542b3f36c1c9a27aa355082c6847dd2a0f71f390dd29e670c6009302707e1a0
-
/data/data/com.damsy.soupeajf/files/1718357717367.jarFilesize
36KB
MD50bd10d8e09797b3d5e0bed08962fec4a
SHA112fe4bba8ad69051712f46be849a7557adb6e7b4
SHA2561d6515dcb37b1cbe99cd4da86ca89b96ecd6a782306b836007aea3887c79bb40
SHA512f09595794d6479dc6eaca81f8d0c3dba0473516e5a7547cb68f0830cf9428beae2253b997be5b4dd0880f9ed941a3fdc64d220c302b2fe267b084ce304fee700
-
/data/data/com.damsy.soupeajf/files/1718357717416.jarFilesize
34KB
MD573509df1eef0c8db0131e1cd7199854f
SHA16b67ffc1cd28df948925e28d19d21d129c7a687d
SHA256546736bc57ea8fd9b8d221c8c54e36dc2b91bff5243bd19620c9612c7a83db13
SHA5125af99144d95775abf6fdb1e8616ac2c8fcfc94f5c4e28b0970f50cd57b7100c9f568fb0698cced4cfea55662e6ae8663596d4285cdb561cceb8094d3108a993f
-
/data/data/com.damsy.soupeajf/files/oat/1718357717304.jar.cur.profFilesize
163B
MD51075a920e64f18774db5432975cae04a
SHA17ac64c2c60ac8bf0a70790c92dd4e66d327524ae
SHA256e883648e9adf23719e919387dcd10cb8b994548c1f858630294f7bf77157be55
SHA5127e7ccaf0f1d83e5f7d46d1fdda30bcd5e89e7ad8afed86fc0403c7ebf3ba8b351209519e9f4ce641809344596793edcab7f7c1af1c2d511a8722ecee40ce6147
-
/data/data/com.damsy.soupeajf/files/oat/1718357717367.jar.cur.profFilesize
113B
MD53f7d36843e7062f27c6ac32ab1e8e3dd
SHA115d8067928f3e55ea337ec649d0951a314d92940
SHA256950596eb2300a4f10d89ae149fc79995d1dd96a2d84e18f2829be137452154e4
SHA512289ac3bf9e2c13949a9b4e64fa2cfe6bc0aefa451fe83506bc6a04a38bdc744e5f3ac8c360e2d2c607c093b6f0c79840cdb6c6d15847d9faeff4429c388da292
-
/data/user/0/com.damsy.soupeajf/files/1718357717304.jarFilesize
187KB
MD5740d10777a7b40da9c4aa080a9208eaf
SHA1a410ef0845b6d5182bbb867184bd1d701a8d46a7
SHA2561ea495d49d4f2a359def9c53c69ee549cb61eb23fca40d0caf147a7dd6317031
SHA512ed59e78a7f26491656d37079367bdf5d4e31cf299c6029c91552c0974763640995b316a31ec7eba2fad4a982c989cffcedf5c3ea8c0e3ef422de3e4546087b36
-
/data/user/0/com.damsy.soupeajf/files/1718357717362.jarFilesize
62KB
MD5075dd329368aae37b58c88421c5ee793
SHA1e207f5d3bb937b375dff1a9e823231aa3725e950
SHA256edae0a3af40d3ef7229ccf565d27452977ef1247188eb2f31939e778e8553a76
SHA51274e702fb4e64c6758f1d10ea9fe049ccfe4d0ec4bf0c68db8ee7f751f18081d9475abd7cbb4b8d4924bf8c76cdbe418aed1a0b292434d0822bf8a153efceddba
-
/data/user/0/com.damsy.soupeajf/files/1718357717367.jarFilesize
79KB
MD58412b9027c7850db441740db3c8d088c
SHA18ea035462a4c4fba08e3acf889646e5bc0aac549
SHA256fe5de45be505d29feae4674b32c0018f83c0cebc768086bfc46d12f33456b14b
SHA5125416cbbb16719c07ee51e5de9a532c62f37a3cead789a9ba2fb85a9a2a8d869eca78cedd85bd7b7dbcb226b08e1b85e2745f1f4bf9bab423940bd172e8239311
-
/data/user/0/com.damsy.soupeajf/files/1718357717416.jarFilesize
75KB
MD5f64fc60eb98c91dea65430da07fc7f66
SHA10033519a40ff367dd3a7deeb9dda00ef46074421
SHA256baafe6a8e530fbb4c9c59868864ba589c60485a64d94bfdae5655b5d7fb5f604
SHA5127b06043da10bc6ebc0335400cd0d73c68b087dac6cbd1e665e75d1074b75e3c93018f1f88bbbce9bc0f5b1c29e66954f776546a217a5ef726c9b96e3efbc98cf
-
/storage/emulated/0/.banner/.app/.ban.apkFilesize
115KB
MD5b985e8318311d26b484f6d70b1c6fd1b
SHA124908076ce774fcb028c3406f8e4a123ba84528e
SHA2566b5d780bdbb348f255b25115785222acab0766c612c3fc9151cafdca4a0a1a50
SHA51234bcbdb0c7e685333dd7b839525d7f2681cc647720c051d3a35b21741256369aeeb43aa5d3763d2e06b934a696eb6683e4376c3b462a631bfd6f590f0c87166e
-
/storage/emulated/0/.banner/.app/.ban.apkFilesize
79KB
MD598cf7bfae8414760da77d3b6297bdc19
SHA1f34745b5ddd8680fd4a5625d8fffcf3cf725bcf5
SHA2568228e605d3fed288e19e613b31d255db6baed1e5bc0ce9998b14e7e2daacaa38
SHA512c9e646d9ace5b5fcca23c65a529dadd020195f86a5a79ab8b541bda6daebebc47b803d66c470bf61ac8a17262895ff51a3967a3014ce5360f6a997830167d83f
-
/storage/emulated/0/.cache/.app/.lib.apkFilesize
568KB
MD51c91afe006f75ad641a08d0c6988f802
SHA16a3866937c39598b515744f466cd36f0a4106a55
SHA25608683748eca16e19b26700dd4e76344baa733da49eab0e05e50ac6273c46a536
SHA512f33b085832955e82111f8e98e2beaa54f33e97316141875cd757b9783664e945edcbae9a3148ef8070e2ccb673403153e29f92946092ff44ff6e5c0101fd4f1b
-
/storage/emulated/0/.cache/.app/.lib.apkFilesize
101KB
MD54b1ff2a5775526636356d97bbfb68928
SHA1be2d63b50032b00fc3bf0e05206cdeef0d742344
SHA256e26e7b651e8a7d5a6ec10f0272db5ad3e3dbccf991373f2f7aed054449aee0da
SHA512041b88c4f9efe4bb9169840cbe34f1210a54f242e3b36b157821df6336e6e952a4626b5d8ece94779a68bd2cfb4906e6534069f5a09a5913b762ab6253ee1b2c
-
/storage/emulated/0/.push/.app/source.apkFilesize
205KB
MD596ea7a09349f6f9982dc8ef5c411c6f0
SHA1284bab45851c666d0d6abc697e2d0891be9fdd56
SHA256aaba756d68af1a524e81fc70a83f90cae57ea1d903f7e86972bfde60a5e49762
SHA51240eb94f2ba66ce2489bb1dd9204813c4ffc91e604ff95c7c1c1948ae614c1f0b9925a49064e23c034274acc349b346dc957a0aba2113a0ab677ae65a99d9f2c2
-
/storage/emulated/0/.push/.app/source.apkFilesize
96KB
MD5ab161986f1c9da41148e46c5a561d15d
SHA1ce075783fde23b69e0fb4359e2866a344acbac9f
SHA256512d59cdd5e2cde06eb1d01f486257a89807b2f73de4dfbf2e9183d0436e747b
SHA5120842c8e0362b07d2f39bbab69f33e71a6bc9482a92637bcfd7d5ebbe125b1310bb96b907c821cd051271ae588cd8b53226c9b261f5074c02fd1df12a021b2cdc
-
/storage/emulated/0/.secur/.app/framework.apkFilesize
86KB
MD5a01d86472bd2867dfe1b839dff48225c
SHA1de104b23dab692e929e6a9100e396333abf444e4
SHA2562964ac22fb76130a93037c23d358731d303e0d1e26f1290128a7e7326ea755a6
SHA51224b94cbcdbdbc3612d5086aba9de9dba0794c30d2406ce02c0ebd9efdc44fa111160a6a5b209bcc6792e276829bd4143c17b99c45315208846b74cef8402ee53
-
/storage/emulated/0/.secur/.app/framework.apkFilesize
96KB
MD5d1b712822b3c0290933c48a123e0d0eb
SHA1d4df9cc1abcbd023c75e0d7456a37f60ff1d2ba7
SHA256bd86004b1a8033aad8e28f3634c211569d23c8e158ceff7ae06dbe87ceec0674
SHA512c0b8cb6f8ddb4c3a44cdb441119351d58a1f2977511e045c3daabf2097f484424ca3c062062ee0aa40e7b69f627cae1d0a5011a598f975bdb594430b018eaf83