Analysis
-
max time kernel
145s -
max time network
193s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
-
submitted
15/06/2024, 22:23
General
-
Target
b06936b50bcda474fbcb2cd7da5e3b88_JaffaCakes118.apk
-
Size
19.6MB
-
MD5
b06936b50bcda474fbcb2cd7da5e3b88
-
SHA1
803b0d810fcb4e96d808628b4e8daeaa0a6b73cb
-
SHA256
15eb8a70f249e7e16ed859ef15536d19dc4454d14edc7e037d18f60c1eb011cb
-
SHA512
4a09c05816b2b7e61fc44cf17a9f4d10cd2bad4acd729746f52c51df6eb29b7ce570863e41143ef71a97024f6cf5445ad263b096f86ddd6fe2278d6cb307e00a
-
SSDEEP
393216:KbgLvxuUzxhjRyg7hwVhSB4WIyD8sk1FP72P7oCaQX/+iN5TBnUpACZEG8gtlrtM:KbgLZB1b7ASB5ds1FP72DoCa6/PTBUAl
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell information.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.tencent.mtt1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Requests cell location
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
-
getprop ro.product.cpu.abi2⤵
-
-
/system/bin/sh -c type su2⤵
- Checks if the Android device is rooted.
-
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
3System Checks
3Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
104KB
MD5fffee01fa41f95a2963feb95001120b9
SHA1f69a6d6a36fb0c538db796a877003a37a36249cd
SHA256f15e5ca0b6c58014cde75ea44a90e8038bdd1224126e8fcaf60147f5aae37b00
SHA5120b0b6cdf502c1fd2328022c9fc0e835a21e66c468feeed919ed188ba71bcb911665d5d41a28fbab982c38aaf46fdbe17c13de7f34050b8be175e5d6bc1cc9476
-
Filesize
64KB
MD5da8cfbf943c3c6e4807442e33275edbd
SHA1c9993eda5c45447510f546b0d2d1164aea30c624
SHA2565819f0741c7dd89cf803503299f56c66e2a238b98835b74696e08ae0669ea1ee
SHA5128f20dec04cfbd049d015431916e63c4e2fe80ed37ba10b61d83f314e76b2d03a343833960300e0319eca1fd4fe86417d2135d2828c7d870595cf01d45208dee9
-
Filesize
512B
MD525ccace6fb709adf47ea70db9850540c
SHA10c4db63ecbc0095a7c0e1a2109c72e7ec6425947
SHA256087bd28df490567917513b218ceebb192ead4ebd2eff168c412731f6ab4ec312
SHA512550bd3d5ee4444474a14929decf55f1092d906e7e05d7163af1041e38b7b0679a13e229fcf1188938f8fcb2faab695594874199fe840df58e9f3b162f85b3dec
-
Filesize
100KB
MD5da796a0248342a7822f81d3a581b6b9d
SHA16e7a83bcc565a6d9064a42f39e168386a886b676
SHA25634a71c1e61c98c287a8ee0f3f572b4816ee73a0c2655a32281382158e904a058
SHA5127cc2a4c7d2ce7b50887773947a390d3014f4df19728d96887202b3ab5f823b48d4c991362f592dd78d108834a0fbb4266a704cfbeaaca3f8d43a5e904dd742ed
-
Filesize
512B
MD579f649482c95579b4256989d877f62cf
SHA1429f7f17637b7b7f772d8c4c925ed493bf5d930b
SHA25639032d5b66a8eb955f73cca067fdf2a2d7719e5a4db94ac964282a13fb45beee
SHA512b771004d0c2363a3f2142003f922a66d1d23478aad087fa4b93ce530530b26bdc90bb35d06f42675d81782f7630c6eaa830673d4889dd8ba60f7327d2e40f68d
-
Filesize
120KB
MD5fd8230f2c0a1a1378f591e05010c3113
SHA1be9ef3b28c10466788e85ff04547d3d7ea120b38
SHA256d1e9a61f9284137756c6be7610137915c59ae1c62ba59350864bed81ebbc0309
SHA5126ae58ea9287c7b8da91a4bc271daf4bd7ba81cf62fed33746354d4cd9dc4b338ea59c1ad58dc408798e20dca755a22efe4ef3b4dabf95d3eaf134563fd1ff963
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5018dad4cff2a09b50303ca7ee1da5fb1
SHA10e8382abceecf2309a17bd22025613ccee3ca483
SHA256476c8bd654e867e7f9ccf60f9c53808921ab9359eb5ed6af39fc012bf6d02dea
SHA512698ba1ed984e35d219ea3438795b57a70f63f56326fcfc3c1cb88384ec58bf81c50d9a8815e55dbc41289a577de19d22066ddefce5a2a47246f80b530a932f10
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
173KB
MD5a79f03559d2a9b8c0d8ce0a5921d8c24
SHA1bcb5d41ae756f00f8d404ef02f71243e1e5b1e17
SHA256a9552c1504a8f0d4be36b2f814678a07a175ffe8fb691ee4df5f15a698ea6922
SHA5126a0eae0b21c1f4db5d28bbdce997fced22791d3869ad945eb34c76251e7341c58b3f9436f139e63053cd8f8625e444cfb7935894fe255f8b764fb6bf86deae51
-
Filesize
24B
MD54e94a3e2ae8940c1190c757f9a7157f0
SHA12225fc8940344e25f0ae241741b9dc6c27ad2bed
SHA2567633ef77a2813ffc7ad355d5cf84096d60ceca5e64a13f056c87318a9fa6102f
SHA5120265fee0c3218ce9beb2bafae842ad95c24d269b5461857a569bd3de168a9cfdc339e3963af653d76d168af4afe8350bbeaedc4beb1adb3b0d10f522efebb790
-
Filesize
48B
MD53c3434afb8cab1c16ada413233555d99
SHA142414cab304afcde6a5c079200d190cf5f527384
SHA25669798ace18c43a0fc09f1901d5725a702e16893b70bf934d293fd787909c5c7b
SHA512922885e1d4527b71173e83423753562cd4dab895916e0e17da163a815d6ea53dabfe6ad99f0ffe870d1c630f80831695e326ffedb3c833417aadd22b307d8319
-
Filesize
231KB
MD5d44479b118cf5bd982f5a837f888e7de
SHA153dd08c012ed66b94e9621d36aa2dda817e0b5f8
SHA2567627d72adbfc7a69b33bd9bb1a33b5eddfd714127066e49c442cd8da968442a3
SHA512ba84e12a06857a96446441448c6b0ef4facc5f0a51e2d0a0e4116a0df3a4636f67f6783a8e17b6a1a6e539b156c1562d614f962db778a085afd0b6cf56f873c0
-
Filesize
12B
MD54aa32dfc7c74d9f952e4c3cde2ddd953
SHA1fcdb326f6fd2f8b65612a7b642d5547d952db13f
SHA2566ce7843304bde8edf0420decc7a1206a6dc8e0962d201f223020834d4cdb87b4
SHA51209618bb83dc937eba05173da0a5559a32dbf0d3ae9f1ec41a30de3e57d5f2a34f9dc7d5542039e4b4e7e52e2fc55efbccb15ee971db4a9d95ce95a6393e3a4cf
-
Filesize
5B
MD5c644332952f476c37daa950b502c850e
SHA180bffe4938395b9b0a048b3675ae79214018e998
SHA25680a82add101b5ea719999c8d8240706e1b8ce743daeff6a0659d2e841e72a31e
SHA512f4792ce72b39b5748682b9291c7b70e562fcd0e134b701c7712b8a6625c153fbff5f61294b91d15b1c441bc3efc29d9ce9450e7f3509b3edd33a26450a495a5f
-
Filesize
2KB
MD5b53ae444588ca28fb41ab61637012c8e
SHA1a30fe15d7c3bae520c5c0eda7e93f09d9d9c2b45
SHA256c42f9b89051059330c26f8b7ae4d70229aad5f8ab50c38dfc72a00d295a1a9eb
SHA512a8385e5477f5264650d06e53fb9395216a5016b5b048fb45359e9c63e02d0f8df13b548d9af1fbed622740975f22b37482c88f8a7790f7eed90b31dc6da866b6