Analysis

  • max time kernel
    137s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    14-06-2024 10:20

General

  • Target

    a92b93f69e0fecd84aca61229abb32b4_JaffaCakes118.apk

  • Size

    765KB

  • MD5

    a92b93f69e0fecd84aca61229abb32b4

  • SHA1

    05e982d1b9cc1a852534bf65db4ec45067316e25

  • SHA256

    bebea5c3a250c005becf432455cabed3ed54e4c119bd08c958072a2ea4d0ba31

  • SHA512

    980bb07699968e7e3bbb08a3078c42533bea64379ac2c4c51fddd280d7716e4bec249b300bc080718958748e4c2d18af2b9927d538805f68a70081a45dade432

  • SSDEEP

    12288:3BwivDxMJdYb3xFA+eObx/5onRVqZhDW/8ab5mXXc1:3BtDxMJ4xFA+ecx/5A7eg8emXXc1

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 2 IoCs
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Acquires the wake lock 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.eset.ems2.gp
    1⤵
    • Removes its main activity from the application launcher
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Checks memory information
    PID:4663

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.eset.ems2.gp/files/IM.txt
    Filesize

    9B

    MD5

    275b8a284b3229318f8e3e389c781a25

    SHA1

    8eb0e4352bbfb3dcdf0dec333a30eafc802525f3

    SHA256

    2ba6c7ee7f2ca0ca3d8096cba3a57c45382191f37c3e043da37efe87e4a05572

    SHA512

    f4a758539b88fcbaa9002f24881b14c66f17b3ad19d137b67a8583f88b779305df4989d8390722342fd1cc9eae95f3cbda5500477672c8885d8df7b42a835837