Analysis

  • max time kernel
    156s
  • max time network
    141s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    15-06-2024 06:55

General

  • Target

    ad3aab10f0a6f07a1fdb2bc8f881d719_JaffaCakes118.apk

  • Size

    790KB

  • MD5

    ad3aab10f0a6f07a1fdb2bc8f881d719

  • SHA1

    f4d26a03d980306c57bec1e9857b0a071e92c252

  • SHA256

    31ad8487c4a089a6891becc76fb688c9cf4152e97db466c3fa8fa192c78ef91d

  • SHA512

    a8eeaf01869e1af136a28ffbec858775d2fc8b277a9ba49c6fb53a476867626d6dcc9001a7882de9aee078ebda12d621cfe284b80367b5a3e154ed78d50cb70b

  • SSDEEP

    12288:1G5K5WzffEjN9DVNHIqOP2EBPnpZeH+5XOLmKv/aZWQFIzBDwtvPYPVTlHM63Q1n:1G5K5OsBb5HOfPbc8FI1DwtvwXvEn

Malware Config

Signatures

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.borqs.uclient
    1⤵
    • Requests cell location
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.borqs.uclient/databases/uclient.db-journal
    Filesize

    512B

    MD5

    453fb7fc4dca02cd77d49d974727a913

    SHA1

    59aaa05942fffaaad378cebf9c98077cab142aa9

    SHA256

    2241b42ceabf0cdc584b2cccdfb1c51ee9abe28350d7cd20ace9361c272d605a

    SHA512

    facdde033b97c20bd60441bc13f4851f9d2102e9c50d8d4cc97198a3617eef8b6b68d13019c10dda3adcf1eb706248542371aef757affaa2762f4f86385454fa

  • /data/data/com.borqs.uclient/databases/uclient.db-wal
    Filesize

    28KB

    MD5

    09bac9abc4c73691895ad5f1f6ccfaec

    SHA1

    414c4752183d417d3216c4db5a4aee8978cfcdaf

    SHA256

    f5f00956ccfb3587d32f7649b9cc0573b7105fd204e913878a03faba2794f248

    SHA512

    6cd5d0ac6b233cc775206bfdd6b0f27ae91e7ee14b32bd76935966a4da1316f9e4744fbf27c6365313dc725cc3f98b66002ca095a7bd6b8d03dff06fdc826ab9

  • /data/data/com.borqs.uclient/databases/uclientconf.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.borqs.uclient/databases/uclientconf.db-journal
    Filesize

    512B

    MD5

    394eb048a07ffd0504871f2ec68b7b8d

    SHA1

    dc8dc3b0810bb4c0c2e17fc5458fc31cae37b5db

    SHA256

    2dceb4fff36fbc80a6c31250fa0951a23fbe18e128ece05f1dd03251a8503497

    SHA512

    2b2405848f66bb41b61fb7372f51e38d50dac2c51dfc75815d2ded1598aaf117f9d3606d55168df9501efb18c44ca1db478431008226bf16f57b2fe3c81dbc08

  • /data/data/com.borqs.uclient/databases/uclientconf.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.borqs.uclient/databases/uclientconf.db-wal
    Filesize

    378KB

    MD5

    f3bcd0cfa8d3713b5a4782f3414766fa

    SHA1

    fbfbc0a372dd955d714d5acb395e68e0de2cc91e

    SHA256

    e9d9228cfac2820ec4bb262acf22bba6bc1e0d7ff32c2f7e60f98c67ba8ac1b6

    SHA512

    d516f98b9b428b772aad06f7f9bb481ebcc599ad5ffa1b025262403563b7357262a8876e1969170792fec0ae502098738b15d9cbd6ab8180f592b937531585d0