Analysis
-
max time kernel
178s -
max time network
173s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
15-06-2024 04:14
Static task
static1
Behavioral task
behavioral1
Sample
acd8c7b82e39a3eb699c913016d9db55_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
acd8c7b82e39a3eb699c913016d9db55_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
acd8c7b82e39a3eb699c913016d9db55_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
acd8c7b82e39a3eb699c913016d9db55_JaffaCakes118.apk
-
Size
3.7MB
-
MD5
acd8c7b82e39a3eb699c913016d9db55
-
SHA1
cfd4ed7e5005161d25dbc209390ce5a71304100f
-
SHA256
396d5ab7a7d6dcd8ec927573f64e9a06203bad68000c2f0560cd596faf7633ce
-
SHA512
e857ac10801f1c182d3973283d41fd17cf72a009f035d498d410493a41923b570fc5a2c476d0b94e17a7212b41d5e3c4f54441d8a4e0a4842afb4317fe6a0d94
-
SSDEEP
98304:IjyHjcvget82AOVGb1hiZgDepBtnzckMe9tf4HaVB+Qg:zWget82yb1hiZrpbYwtMaVB+
Malware Config
Signatures
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
Processes:
com.eliujia.appdescription ioc process Framework service call android.net.wifi.IWifiManager.getScanResults com.eliujia.app -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
Processes:
com.eliujia.appdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.eliujia.app -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.eliujia.appdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.eliujia.app -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.eliujia.appdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.eliujia.app -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.eliujia.appdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.eliujia.app -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.eliujia.appdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.eliujia.app
Processes
-
com.eliujia.app1⤵
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:5131
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12KB
MD5ea628e04765adaf4238a5dcdff4bbd51
SHA1a801947619ea8c368efe9c006a324dc6339ac60b
SHA256885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4
SHA512c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe
-
Filesize
512B
MD5e6ff3731af1e14d6c9cb6fd1346237e9
SHA19873ee27ccf6bad5abb8c328e35aea01baf58d72
SHA256192cd3d05622b607499ead229e365bf5b1209d23f4d22fd8d3352d5f866c7127
SHA5129074c13be2ea152f56524669c2245ace66aa70f1214280a5206938f638e434051534dc7d2f1fefa2e70cb7955cd01843d59a57093679e52e7b8501fe13cc79d4
-
Filesize
8KB
MD57882c61495c36e6a916a778d68bbcf6a
SHA113eed40ee6be64bfd9cc14d6915ef16f05871c69
SHA25686b379ce95c95ac5e1c663e1b13d035be928112df02752c0dddc4462d2d5fe2f
SHA5125483e7f53c28898dce6ea906e7947150452aea8a3c467ae6ed213521eaf3ad0fcb516030a0182ba1e7fd378bf500df4cd3a042c56be8321469b130a87b435d07
-
Filesize
20KB
MD5d505db4bb9a0c36589db4d1853867791
SHA1aad475b5974f46d8cb5eae497a1fa541ffee99c6
SHA2566d82ef6a44919e1e77d94e4d6fcfb33b0f04d48a7846fafa58d343b20968af32
SHA5122edfc04b01683a4df0ae3b5ceb7b34448f06551743689842f18ce88ff979577171ccbc179ca6f06f1e238dfdbe035e411239797ae23780ddb35a778fe6d03a87
-
Filesize
512B
MD54589a28e30505ca30d7580be64fe3a6c
SHA1d69c10c473723081bfa6a4aa04871dfdaed16729
SHA2566e67786450b16b6790dbb7b45060b1906cfc64e2ea7f112b0a12050fd90c1cef
SHA51242e1c04c324d8b6d0d4ad58fd620dbe4feda8b0df9fa8734d31dd014198e6368b7654069412853d98336ea94e05ee5d06367792c71cdd0e074cdd238b97da461
-
Filesize
8KB
MD5a79d261c8c497fba17ba7617275e45df
SHA1ce899bc9710017a1e6f6d8cea45b2ec0fdb67c6a
SHA256e96769cc6d2bab001a9534a1a8d5f7d96b2cf54aa80ec8d22f01104dfdcc8268
SHA512f572c4258bf0b4ee426f0e7baa837230cdb4246224235a41eec32ffc375016b7240f85608a5afcb309b6eef4306ff378dfeb55976fb3f2092166651d7957bde1
-
Filesize
8KB
MD5a0d21b61e78869baea01c9a1a43922f4
SHA12b8d5f07d9ee6ea0fb9b497038aa3c7d6a9b8f21
SHA25679abeb735893e835c54ff2f1e158b454a69fd42db32db1efb6435f592b8b694e
SHA51230371bc9a2091736b76c27b9d9c1487b42c811ff05f14668819e484ec78db78db50fd53cb63bd31508fdf29b810bfda1d13b8807e2a3427ca4fef9bbb652df44