Analysis
-
max time kernel
155s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
15-06-2024 06:55
Static task
static1
Behavioral task
behavioral1
Sample
ad3aab10f0a6f07a1fdb2bc8f881d719_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
ad3aab10f0a6f07a1fdb2bc8f881d719_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
ad3aab10f0a6f07a1fdb2bc8f881d719_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
ad3aab10f0a6f07a1fdb2bc8f881d719_JaffaCakes118.apk
-
Size
790KB
-
MD5
ad3aab10f0a6f07a1fdb2bc8f881d719
-
SHA1
f4d26a03d980306c57bec1e9857b0a071e92c252
-
SHA256
31ad8487c4a089a6891becc76fb688c9cf4152e97db466c3fa8fa192c78ef91d
-
SHA512
a8eeaf01869e1af136a28ffbec858775d2fc8b277a9ba49c6fb53a476867626d6dcc9001a7882de9aee078ebda12d621cfe284b80367b5a3e154ed78d50cb70b
-
SSDEEP
12288:1G5K5WzffEjN9DVNHIqOP2EBPnpZeH+5XOLmKv/aZWQFIzBDwtvPYPVTlHM63Q1n:1G5K5OsBb5HOfPbc8FI1DwtvwXvEn
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.borqs.uclient/databases/uclient.dbFilesize
16KB
MD556aa75c56c46ff62799671b224d905b9
SHA16ff0cdf22bb6b4d250a6c082b743fb066be5d0d5
SHA256b10d1b66af3c3eca754ed962d30c21291936ff6c9d88005d736ffce2f0fcd6f3
SHA512e2bb5271022535b3d85e87549e39a6f44c7b4a6b76be9fbd9d061920ae562ea3c50eed412242acc19df27a38572fea6588d2c347e3ec3e76a7aaad34d088d30f
-
/data/user/0/com.borqs.uclient/databases/uclient.db-journalFilesize
512B
MD53d1c511a68ddb0c87a07c6d3e1346a60
SHA1f40d233551d61cb5a3b65e97503298a4ce06c58d
SHA2564a8511f8628f2d4b783490795b0db44563d5d991ae1e3c82a179672d96fac200
SHA51227bd50d72d13773c5fbf056a60eafc6cc9d515d00271109eadbe1ec24ae463a48eeafa72f9364e2e8d21581fe9f30b54c47e7c765a3edc437cf72cb6af9e88b8
-
/data/user/0/com.borqs.uclient/databases/uclient.db-journalFilesize
8KB
MD5891ff5d2ab69c4e5fa3fbedfa21b29fb
SHA15c9fc24bcdef2bac3cc55e3b543932683bf01324
SHA256d75ff0c29a83b114e0857335b2db8826cafe46d11c05d770a43924cba68fa865
SHA5123618a4043a4729f9bee93126dff5cd2531e686c5313130757cf9208900fadbec0256de02b7c6ffa21443c7b4a9da1c6d0980cc4cea2c145fa4f7cc71ccc01c73
-
/data/user/0/com.borqs.uclient/databases/uclient.db-journalFilesize
8KB
MD5c1146d7e59aad5291dfb18075c62faa2
SHA10d12e990d8a7a4545f323fed894d123690a3b28d
SHA256d9d1ab6daa0a5540185cd98e11a48f8181eb10575a361a6e5c31932a44550577
SHA512ca85e588d0e59668ee652a323a0f606aaa3538bfc6c353c7efbe3970f9d1d827db77b8259a7b9ecda9de89faa14761cafb079c817909568e4c80bbea0eff347a
-
/data/user/0/com.borqs.uclient/databases/uclientconf.dbFilesize
16KB
MD5990417c562578f8811ebf7f933c9240f
SHA12ce1e22f4208bfafaa3c67a7b515b5165b510e79
SHA256ef95d1cba0fbfb6319b4a28a4a9a0f884a4c63ad203d6e1a0856ea83806783fd
SHA5122020c444dfc8478123835a44b41a5b98ba9d8de0ecbf52962a57bc52151bc37bed81d2a795259d06ce5f1c732e8bb832a89037f5addba8f7d7e3b250192d8159
-
/data/user/0/com.borqs.uclient/databases/uclientconf.db-journalFilesize
8KB
MD5cc8251848bfb767164bca57057a68369
SHA1186913db03379f85e45cf4c0d7ffa14fc630f7ed
SHA2560f70496cb384e7af20d8f984b721d2c46fdd27e218fd38ce339fc71dd03d30b8
SHA512bca702eb7e046a8375dcededadb94769b2e82c77e89ad44b6b2c119ebe70f8a48dc93e7f35654a68fbe888df6cf993b32c7ce5a1ffa860cbb9bfd57dd7d081f7
-
/data/user/0/com.borqs.uclient/databases/uclientconf.db-journalFilesize
8KB
MD5a152c86252369db88b944d02c7bef709
SHA1b5348c2a77a3bf3d7c9b382259d2cbccccd41f3c
SHA25650f023081c84ad3ff797756351b003f235bb67090296ed09424c618f0ae4c31d
SHA512791743c154de63324f5e89af33cf361c61d1d9d584cc8f5893ec722d50ac8b349a0a6368af91e69c3d51610a7a3c1461414f5af287258f39dd1daf16e6bc0bb1
-
/data/user/0/com.borqs.uclient/databases/uclientconf.db-journalFilesize
512B
MD5d2e7d14aeaf3a59fb54c6fdbc26a6577
SHA163a641acc76c01421af2d51b8accb8ae8621d407
SHA256e104cfe0d9120e8485ee49387bc10b4e24518ecaf291e4ecb03aff0b86476bc4
SHA5124f77e036b4870c9adab7b91ab097c8a89677134d34530c761db36095ebfaef113a84a3d687a809218d497906990af2d21e11fcbb7ec5500438faca7f5dece8e4
-
/data/user/0/com.borqs.uclient/databases/uclientconf.db-journalFilesize
8KB
MD5a9bae1acd14d22088ce9ae9cbcce8809
SHA1771a847dbcc0c887f64f8f620a4df599105d501e
SHA2562b83f1bcedcf982029d5a44ef9209f4194a676b22350ae084f19f4a0e3ab67fb
SHA512368a58eb8bada74c55c3a7fb69ff1fc13d7ef120c45a16681cf11d772c75faefce5696fb410c459b693fa8dedb9ad39b82f53ceb4ad34e72c5f960fed4ceb9e3
-
/data/user/0/com.borqs.uclient/databases/uclientconf.db-journalFilesize
8KB
MD5638c7e0b26b7ea48158e5492ae3c21ee
SHA1afaf3fec0bedb01299506fb816c18f9df7fd755c
SHA256c027710b08cf1f60afa273a83128f39acdb75127b6013b3003cf54a805f23d0a
SHA51212ca220a43a63c2c48ba097aa560fde5c4e9ea18c7d57765592a85c391dab841beb9c192fc7c30f25ca6bcaf038d29dcd929c5922a2ba794d265b92696f9f20f
-
/data/user/0/com.borqs.uclient/databases/uclientconf.db-journalFilesize
8KB
MD5b71c78e229c03f01cc890242246e5b9c
SHA1e3fc53deccd1f8301f5b7bf2968c36c66554935f
SHA256a1e30206f3bdb578b81e898855abaf39ee72deacdfd113ff0ff1a0dc02cb45b2
SHA5120a6766250087ab0c9ef80c4378cf906b76c0e1378075cca6b4f3bf5a534ab45bf691ccb7620e6c7a3cfc2fb64a65e55949cb5d45fe70d4df0595f203fe5d26b3