Analysis
-
max time kernel
179s -
max time network
174s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
15-06-2024 02:50
Static task
static1
Behavioral task
behavioral1
Sample
aca48d63a70d9665f5bf87a2eeae9a40_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
aca48d63a70d9665f5bf87a2eeae9a40_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
aca48d63a70d9665f5bf87a2eeae9a40_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
aca48d63a70d9665f5bf87a2eeae9a40_JaffaCakes118.apk
-
Size
821KB
-
MD5
aca48d63a70d9665f5bf87a2eeae9a40
-
SHA1
e429099d9aadb96f3743d0a8e0f49485945709ec
-
SHA256
786b31df3335677fc5eee17e8c9c661ddb4555dc1f8da2e902daed6a60d98541
-
SHA512
c10246e32f56f6d6a0fa56d35f3eba4bc1ff36fc431c6d43bfa3dc1fb1a498fa374888b8653fb069c0e066bbc3fbef36e3683da6a3619e00afc1dd7ac8bbefbd
-
SSDEEP
24576:13QgMzZjmUhp1LEVURUDTO+RYRwihakEnjIR+sf:CgMFCUKTGzhakEnkRJf
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Reads the content of the browser bookmarks. 1 TTPs 1 IoCs
Processes:
com.terrynow.easyfontsdescription ioc process URI accessed for read content://browser/bookmarks com.terrynow.easyfonts -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.terrynow.easyfontsdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.terrynow.easyfonts -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.terrynow.easyfontsdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.terrynow.easyfonts -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.terrynow.easyfontsdescription ioc process File opened for read /proc/cpuinfo com.terrynow.easyfonts
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
28KB
MD528f51107c94d1366387fdb5b0757f72d
SHA19bb1dff152556ef534e249ae432ca427fe9b6835
SHA256cc0eb6d570355f79447919f5a03f36c8f4f4cdc522c5d842fb441440aaac125e
SHA512f5db4d0cd004267ea478d7113d41318c06232e98246d74251cb27cbb6597593acd45b570be1daeb0f30116c3fd9aa8fa58993e477231ecb4752038c863940287
-
Filesize
512B
MD51e1c1a886ccb7e6eca421107a676f734
SHA192b516d27a7e06e5bbcb331d1816ddab171cbf2d
SHA256d3be1670d4d7b88834e66ddf028b414ad7b9a182b2e0ff116b31e5e6829c8105
SHA51279dfa5d90893886d95d7d2af814215918eb2ef9e321af220ac3d3880efd2707faa9707e77f62a9e1e5667070e373736c69f1e20cdf5345c06997fb510f552df1
-
Filesize
8KB
MD5cea70f91f25631a2c03ab146d4321293
SHA18a4f8e890d3ba51deac2431aa4717a76c06d3b25
SHA25657f4bcfe62f3b339b77dc0fd9e10f22b47b4b489b3c88a9548b13d1aca988aa0
SHA512cc5731e27f4aa771b00dd5af21379d2104f4d838b4f2e47f08802f5801d03b0e2a54c1cb64a9eadb649573da1d5c3359f79c5cd0976da127f6df4c8c27e6ef53
-
Filesize
8KB
MD5337655fdf874f2a623b10a4b18e5372c
SHA11957b52e0fbb810566020a2ea2b1b446d51ed608
SHA25667900f13ac5c90defca689dc5b7c63f3aa5feada5c4e50d9b06c61ac0bd9ce11
SHA512ac4e8504c07ded3bd803cf293f2a3d49099961beb086fa59cd0bbee97c740de8db83dca7bd190552aa1ce54a978eb2178951c53c8296a9358c2778ad5ee942fc
-
Filesize
100B
MD5bbe5db3b40f3b674db424aa72eb7aed3
SHA1e8c937a77d14726d70f394383705e459b7ba8758
SHA256ee4ba52ed097c84b4715855a4f74142a37a9cb392ade839d13c54c34485096d2
SHA512d49b50f0bd2dc8ce8f31a66cd9db338c78d5d9985330a8a6caa597f9b59420ea57102e7dcc961a78d5dc6a1dfdc901b78e171901407f8d67552b89ed05ad9ee2
-
Filesize
298KB
MD586da78cb59576328483a11c6ef74bc2b
SHA100d62fbdc8d5dec4c659005e116d0ba2ee63b547
SHA256797e35f7f5d6020a5c6ea13b42ecd668bcfb3bbc4baa0e74773527e5b6cb3174
SHA512451f76349240540616007e02deffe5eb6c112846b1896f70ea6dfdbda24057da8af55febc98ae189db86b4c9dc6b14d8357a29a82a5de46a2154887d6dedc381