Analysis
-
max time kernel
156s -
max time network
141s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
15-06-2024 06:55
Static task
static1
Behavioral task
behavioral1
Sample
ad3aab10f0a6f07a1fdb2bc8f881d719_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
ad3aab10f0a6f07a1fdb2bc8f881d719_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
ad3aab10f0a6f07a1fdb2bc8f881d719_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
ad3aab10f0a6f07a1fdb2bc8f881d719_JaffaCakes118.apk
-
Size
790KB
-
MD5
ad3aab10f0a6f07a1fdb2bc8f881d719
-
SHA1
f4d26a03d980306c57bec1e9857b0a071e92c252
-
SHA256
31ad8487c4a089a6891becc76fb688c9cf4152e97db466c3fa8fa192c78ef91d
-
SHA512
a8eeaf01869e1af136a28ffbec858775d2fc8b277a9ba49c6fb53a476867626d6dcc9001a7882de9aee078ebda12d621cfe284b80367b5a3e154ed78d50cb70b
-
SSDEEP
12288:1G5K5WzffEjN9DVNHIqOP2EBPnpZeH+5XOLmKv/aZWQFIzBDwtvPYPVTlHM63Q1n:1G5K5OsBb5HOfPbc8FI1DwtvwXvEn
Malware Config
Signatures
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.borqs.uclientdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.borqs.uclient -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.borqs.uclientdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.borqs.uclient -
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.borqs.uclient/databases/uclient.db-journalFilesize
512B
MD5453fb7fc4dca02cd77d49d974727a913
SHA159aaa05942fffaaad378cebf9c98077cab142aa9
SHA2562241b42ceabf0cdc584b2cccdfb1c51ee9abe28350d7cd20ace9361c272d605a
SHA512facdde033b97c20bd60441bc13f4851f9d2102e9c50d8d4cc97198a3617eef8b6b68d13019c10dda3adcf1eb706248542371aef757affaa2762f4f86385454fa
-
/data/data/com.borqs.uclient/databases/uclient.db-walFilesize
28KB
MD509bac9abc4c73691895ad5f1f6ccfaec
SHA1414c4752183d417d3216c4db5a4aee8978cfcdaf
SHA256f5f00956ccfb3587d32f7649b9cc0573b7105fd204e913878a03faba2794f248
SHA5126cd5d0ac6b233cc775206bfdd6b0f27ae91e7ee14b32bd76935966a4da1316f9e4744fbf27c6365313dc725cc3f98b66002ca095a7bd6b8d03dff06fdc826ab9
-
/data/data/com.borqs.uclient/databases/uclientconf.dbFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.borqs.uclient/databases/uclientconf.db-journalFilesize
512B
MD5394eb048a07ffd0504871f2ec68b7b8d
SHA1dc8dc3b0810bb4c0c2e17fc5458fc31cae37b5db
SHA2562dceb4fff36fbc80a6c31250fa0951a23fbe18e128ece05f1dd03251a8503497
SHA5122b2405848f66bb41b61fb7372f51e38d50dac2c51dfc75815d2ded1598aaf117f9d3606d55168df9501efb18c44ca1db478431008226bf16f57b2fe3c81dbc08
-
/data/data/com.borqs.uclient/databases/uclientconf.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.borqs.uclient/databases/uclientconf.db-walFilesize
378KB
MD5f3bcd0cfa8d3713b5a4782f3414766fa
SHA1fbfbc0a372dd955d714d5acb395e68e0de2cc91e
SHA256e9d9228cfac2820ec4bb262acf22bba6bc1e0d7ff32c2f7e60f98c67ba8ac1b6
SHA512d516f98b9b428b772aad06f7f9bb481ebcc599ad5ffa1b025262403563b7357262a8876e1969170792fec0ae502098738b15d9cbd6ab8180f592b937531585d0