Analysis
-
max time kernel
179s -
max time network
187s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
15-06-2024 04:14
Static task
static1
Behavioral task
behavioral1
Sample
acd8c7b82e39a3eb699c913016d9db55_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
acd8c7b82e39a3eb699c913016d9db55_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
acd8c7b82e39a3eb699c913016d9db55_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
acd8c7b82e39a3eb699c913016d9db55_JaffaCakes118.apk
-
Size
3.7MB
-
MD5
acd8c7b82e39a3eb699c913016d9db55
-
SHA1
cfd4ed7e5005161d25dbc209390ce5a71304100f
-
SHA256
396d5ab7a7d6dcd8ec927573f64e9a06203bad68000c2f0560cd596faf7633ce
-
SHA512
e857ac10801f1c182d3973283d41fd17cf72a009f035d498d410493a41923b570fc5a2c476d0b94e17a7212b41d5e3c4f54441d8a4e0a4842afb4317fe6a0d94
-
SSDEEP
98304:IjyHjcvget82AOVGb1hiZgDepBtnzckMe9tf4HaVB+Qg:zWget82yb1hiZrpbYwtMaVB+
Malware Config
Signatures
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
Processes:
com.eliujia.appdescription ioc process Framework service call android.net.wifi.IWifiManager.getScanResults com.eliujia.app -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
Processes:
com.eliujia.appdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.eliujia.app -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.eliujia.appdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.eliujia.app -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.eliujia.appdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.eliujia.app -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.eliujia.appdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.eliujia.app -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.eliujia.appdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.eliujia.app
Processes
-
com.eliujia.app1⤵
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4302
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12KB
MD53fe30614d7e0d11db870b4624f6c50e0
SHA1053ff0fc621ab40f2afeddb3e7b4a73ee41ec533
SHA25667c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d
SHA512c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae
-
Filesize
512B
MD52922c3200d01d9d166bf55b4b9abde5a
SHA1a0fa58dd1794896a62578966e1298bc18a13c37e
SHA25645fc17091abfdae09545b0a235cf4735ee4f015a6df395207bf49064dc00f1e0
SHA512b6caadcbc405cea4016a068edaa07f23dfd5baca607b43f7658d10c7f26eb01a941db086726c0fd3a1c6bbceb700e2553d48129b247785b18c5f82bc2f782713
-
Filesize
16KB
MD50f7986be06cfc76384a0a7287d3fc965
SHA18a75230e201781b5f33c4542d823b634bb5b437d
SHA256ef595933f62498b6bcc2e4c17a53012588242e445ef1c43c83449e4fc5531ce9
SHA512bb6da0c00d0c167ea9e111d76f931f6f12942857db19b7f3b9c71d9dbc68682ceff6d258594eca377a63469c31f0574387a37a0f60cc9dccb5b467f90eb99cea
-
Filesize
20KB
MD5d5950b4302984c62ae015c70f8359000
SHA144de2b51c2942afc6706cfd591bd17e0b22732a2
SHA256b25855280d949ff775756116e72d78ac73561352dfa33866835ccd355d037f9d
SHA51239c732e681ba5913a12d78056a128a2f7a2cf3b78f5735727e629b15bd5f498ea22ca1bee6bd0c7580c2443cc08e4416c454679bf52ca34fb91366f6374b334c
-
Filesize
512B
MD5c4f0f0809bec2a3eeafd50a88157a1c9
SHA158ba04d3592ea8bd930dffbd711ef45bc6fea76a
SHA256ae3042c310e4635d6916b9ab42f29a725c8e51de3e382c3965047aa9151c1f3d
SHA5129a17fe7ea45d89ec471edd0a6b92db93c0b9c84d4209ba6eccaba9c0d2d0a3e9b5aae6960e0706f48f06a5b1b7608cb9d19b48b55a67e67cf4016384cffbce5a
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
32KB
MD54f53bb84a7a0bb48cf68d3edfd3ec681
SHA1ff3b2c39de9e14322dbb0dec29c54233695d09a5
SHA25618f889d77662ca612db65340c4ba67eba4bd7743a21b5746b3a6c2bee0cebb1c
SHA51244c2f0003da9f9f16ce93844ada315b127769ffebb86938e789a5baa7110ec9e027359277d246a8a362fd8e38664caff71cc5dd126db2a7f0690a75eb475db57