Analysis
-
max time kernel
160s -
max time network
182s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
15-06-2024 04:09
Static task
static1
Behavioral task
behavioral1
Sample
acd5e3a943d00709b9d6678d5b000bbf_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
acd5e3a943d00709b9d6678d5b000bbf_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
General
-
Target
acd5e3a943d00709b9d6678d5b000bbf_JaffaCakes118.apk
-
Size
27.7MB
-
MD5
acd5e3a943d00709b9d6678d5b000bbf
-
SHA1
07d33b9918c057c746f9c606ca7343744d466902
-
SHA256
444a2634df68d083b1e1d7004ec1d4d52d25d2ff7f62d9275bfa71937a7bb554
-
SHA512
1949736edb93908971302be396bd518b568cadd84d65d9701453b516bc24780ce2706ae530ccd98d2c247a66a34edc498dc48a626f5b35225079ea9bda8b6d54
-
SSDEEP
393216:qCm2Fl/9LWP/HCCQToVmlBjFBNUlVauSFFxck/H5fNyB:H7PoPqEYNfUlVvInZf8B
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.lng168.yxtappdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.lng168.yxtapp -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.lng168.yxtappdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.lng168.yxtapp -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Checks the presence of a debugger
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.lng168.yxtappdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.lng168.yxtapp -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.lng168.yxtapp1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.lng168.yxtapp/databases/_ionicstorageFilesize
3KB
MD561143da4a088455681eb3f4dff524952
SHA10750021af8aa346caff662acfe66600310a645e7
SHA2560af141959bf6e4b7dfe7471ae7993c2416375bfb29a78fa724762a918f0c27b5
SHA5121f3e48c582338afc10b0eafb13da5a8508949359d28f10083f981fc8d516d2fc3a81bdbb6eeaafb262f78d6bebe8ad1025a99a0db0a2f0f39a071b77b4191b1a
-
/data/data/com.lng168.yxtapp/databases/_ionicstorage-journalFilesize
512B
MD56e7c42b18aa6bbb92d9c3c02d01bfdb4
SHA18c2e94ed8c8dc2de5c88103cb313399b02160137
SHA25678f41021c350f4adcae1a08d45d248d4c5955f3def062e2dd9f12d2819c2f2be
SHA512aacdb50137e3b31bb8960b450212b97c1d8d1d2897941c0a4e10994ec64ed3cf4891a183a4c1e6541eb99228cfc1db15e8cabfc13e4f0cbd40bcae2e5432d7b0