Analysis
-
max time kernel
7s -
max time network
150s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
15-06-2024 05:04
Static task
static1
Behavioral task
behavioral1
Sample
acf7b82c588732c171fe8920ad812887_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
acf7b82c588732c171fe8920ad812887_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
__pasys_remote_feeds.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral4
Sample
__pasys_remote_feeds.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral5
Sample
__pasys_remote_feeds.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral6
Sample
gdtadv2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral7
Sample
gdtadv2.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral8
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
acf7b82c588732c171fe8920ad812887_JaffaCakes118.apk
-
Size
13.7MB
-
MD5
acf7b82c588732c171fe8920ad812887
-
SHA1
0d6a2b0fa9974debd8e71957e11b5ea0b9d0f138
-
SHA256
52d488c072923b9d02483ab1d3108e28a0ce7f6f27be680dd3ac0cb7cf542f82
-
SHA512
3eeace09a93a975f393c31ffd55f5723c03ce11e73630a06cddd089da77a9e04f1507e226219e5b0f09f62ee2dd06d276cfe42bf3b4d0acfea9874186a47727b
-
SSDEEP
393216:2f/jQdeDMFXcqKBRMHOV5RYlM13wXm1jLLNQ5K:iSeDsXcLrMHOV5UMOW1/LSA
Malware Config
Signatures
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.moji.mjweatherdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.moji.mjweather -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.moji.mjweatherdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.moji.mjweather -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.moji.mjweatherdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.moji.mjweather -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.moji.mjweatherdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.moji.mjweather -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.moji.mjweatherdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.moji.mjweather -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.moji.mjweatherdescription ioc process File opened for read /proc/meminfo com.moji.mjweather
Processes
-
com.moji.mjweather1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:5048
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD5e22aa98bb16cf4777d1dd739348859d4
SHA1b4905c33323344030a29a232bec50ab181a04584
SHA256b8e3a59551a99d0d9f3529c0c5386cfa0fa6c837068b8d7894fdfba7a68cba96
SHA5120e348e97576d348b41a71f1b3359db4c4c60a7a9a7a4eccde92dc48009163be4b664774953a85a96a7713e35638fbc132dda2c2b0822b520eadb1eaa2314d60f
-
Filesize
8KB
MD5bbf662f196ad023922a215016ecdcc00
SHA1c2622a0dfb27e810750fae091d4375afa492eb83
SHA256928c37e2a6c6b287e81014f8da7d586836e3b71b7108ee1547762a175d07b6d3
SHA512ed3bed82561a10149ec01936bf72e1943eb57db774f06aa4f996a71c46fbe8beb59413ab6e137765c4d09c5b9f6789d63fa0351855ae8697861e6227d9196878
-
Filesize
512B
MD568b098ed9706ee3a4e5dd5a9f1376f0f
SHA1d652ee189faf04f115dec3e6ed6d5ae05f3d17f1
SHA25652d92b5e127735ebe90969ac4ce06821d6f1d88f1c273e7dd4bfcb4a677781cd
SHA512650f7dcf48be108a151a14a280115e628423d191e8de2d81de949934b6224c810ffce2ba760ab6529277e104a4ff87a4f5998fb876be55560da6586ebca53558
-
Filesize
8KB
MD53f83c7120e72cdb9af2c177c3f8e56b9
SHA1b94adc5d36b83fce4a7717d5153a9900fab29e82
SHA25634f674f54eb36097ca762829bd7b36cc49a80c7af043cf6cbbe22c6688c47af0
SHA51242ff1e61180fa2275311a3b24ca136f9a8b9eb046df973e2242c607956a1f6bac8142b27ab241dccb03d03db441b771a0c5b785c2de1988b57393d5b3ed184c7
-
Filesize
8KB
MD5a2512fddc7327e273ca94723053d3506
SHA1ecf418172797e383c28239e92b3a1f3079f5bb1a
SHA256f5f49995177eaed37fd07945c15335355af0c00ce7d03c1b4f2cebb5377bf3d4
SHA5128265f9614091134645c837e56c89985ea9db6d20c04255959efbaa2be5fd1cb84472ffa9d9e4445713f2c2d795067eebf53c4118f1323887819fd48734ddb370
-
Filesize
40KB
MD53a68d8b3774e93fce9ca60c893568c32
SHA1c2e65bd2bf9098731c31ce4e4530b84b44e82a58
SHA25628e7b065c2de2d54e4f41ce0da47eed67b97d46b97b119f3cf1d4d50597daf0c
SHA5123e586c8e92212f6e110dbfe1f7fd46da71a7e0b0a437568f06d737fc93972f29f58c67ca44c8079cebb12756472d2c00341ed6b639c1e9917ed6fba8d2572bdf
-
Filesize
8KB
MD5f1b2dd38ee159e7757270ded30aa9af0
SHA166c61b29eb4985aa7bfcc3165e1b80100e0fdac7
SHA2565864d137eca9619272fcb1e4613a53a9a074a698cdd2e4febdad97130e948724
SHA512ce79b0bc6d06c5476cb78cb9c2831eb92ced019da2fe9debb8cae6cc22ea0ad0db9881a2bf19cb313d147e77aa784fc09b7014b1d4b7b499f8eda58f2cf29456
-
Filesize
8KB
MD556dde5871acb0b8b61083ee536cfc972
SHA10495dfdd5b89c1976add7e12e426cfd6df8c2816
SHA256a599296eca7a83822ca5536b9df102dbdf2516eefc7c8989bdef89ea233e1f23
SHA512c9a191e4d58a0b70bb245ac0c1d3de7560708b870f3e0896d53ed0c2d29cd6174f85aae34a0d7e3a3e8c0e292d82ce046c2892abf0254426203c3d5d0e1697b5
-
Filesize
512B
MD510768e5513be4ceb1b34ba2706b888b0
SHA19d4d5959054e3e9a6d6c1b54b0395e0e5338bfb2
SHA256c294a2ae3750b80bd63368989637368138240899d878cba0a301134847b5daa2
SHA512f56c9c897cc96aa710abdf292556a1b29a7c7421962a56ee5000d5be717c40cf6d83f2569c4928eb503045e2bdb9050ab351f880c6245b7fb0db349213945d03
-
Filesize
8KB
MD5d5c5fa10e54a320d7f701658b59324cb
SHA139e61d1a3069aa621bd5351487686447072ed0ec
SHA25656d0cd87c6f37497901ade4f7390a90f23f5a4634686a76bcd1f9d068d2d94af
SHA512710d36f1e8fb78665d478496515d94bafe5b249e59451522be3ab2d8076947b63d48224ee9875cd5fbf4b6f0450b1b7a93dab4e73992499afd29248958c5df9b
-
Filesize
8KB
MD543782785c2048af4c77c2076fd46a34d
SHA127cba70d72f86b21ac24f96f7ab29f0b4f9108b1
SHA2567263b3316e2d74a4d5fe46dc38cdf00ec32fda1324d1c57de8e8a26700886aa7
SHA51276c534e802c8ddc0af447cc86452b29fc97c62c3fee0bad1410a06f2a625330c17362643e7fd4d3783a6935942aea2205a363ed82bc2659ffb74d6c9e53190c2