Analysis
-
max time kernel
22s -
max time network
147s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
15-06-2024 08:48
Static task
static1
Behavioral task
behavioral1
Sample
ad9d2905c085c0d889f2925932c410bb_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
ad9d2905c085c0d889f2925932c410bb_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
ad9d2905c085c0d889f2925932c410bb_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
ad9d2905c085c0d889f2925932c410bb_JaffaCakes118.apk
-
Size
4.3MB
-
MD5
ad9d2905c085c0d889f2925932c410bb
-
SHA1
7dd59c392d5c1d056a797c73a8e429d1bf40f00c
-
SHA256
67692a68412f93fec2b7a666874f3cc157476af12a9f0adae2eb2b3e9e10e636
-
SHA512
64a158043a3f8e1897356be235feae887ed5505d483d5a3b588081fdf345122229bbc082b7b9fff21aac29f7c2044c45453e3f426531e08e15bc2036d6d13f6c
-
SSDEEP
98304:zddZ3uNWD5Tdm7lqEp0HMvBseue6dUIibGYI0/LHOTB8i6T/sN:zdjFdTdmeHUseuarLNi6T/Q
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.secondphoneapps.SecondPhoneTextPinkdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.secondphoneapps.SecondPhoneTextPink -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.secondphoneapps.SecondPhoneTextPinkdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.secondphoneapps.SecondPhoneTextPink -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.secondphoneapps.SecondPhoneTextPinkdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.secondphoneapps.SecondPhoneTextPink -
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.secondphoneapps.SecondPhoneTextPink1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.secondphoneapps.SecondPhoneTextPink/databases/SpaTextDB.dbFilesize
32KB
MD5248e188a4a6dfcd55c4795707e1e7bcf
SHA11f27b5b3b903a0a732ab2fafc43a91bdbc732d5c
SHA2564bcaf91c095f89cdf826b58f9317d0d8a2c76ca1a3b19d847d0f265b41ee064b
SHA512302b31c24e7365e530fe99811995a5a382f2ea7ccdf76371b4dc61c3a9bb52ed5cdabdb3033117c770c32ea920de4bcc03763e8f2330bd3a37860d31078c6e9d
-
/data/data/com.secondphoneapps.SecondPhoneTextPink/databases/SpaTextDB.db-journalFilesize
512B
MD5a70b187344f9d345ab80e6fbd23579dc
SHA153f4eec0053cd5d6fef45ae1550af697725b4b3b
SHA256a9b6bde2db64f275c81f19574e4ac01fae35d2e53648d4d760f783897138c79f
SHA51242e0cb979543dc97f9af0091add48fb3b45e010192c57100b657c22231145ae9c52411eeb1e7dd1468cb68fca22c3779c91db573f1631df0e12a2cf6808dce79
-
/data/data/com.secondphoneapps.SecondPhoneTextPink/databases/SpaTextDB.db-journalFilesize
8KB
MD52f86eaa9e8d90ad858c2ad7e8025bfac
SHA118f367169fed5bfbc5d29ff83cea772210631160
SHA2562e1c0bcc519410e581c7359ff788b49574557d5e7d453ef8638ad49e986444b6
SHA512ccf34554654077eeaa9bdb64322de462b2c48c4ce4c3c61836caa7260e6ff9e544aa023840c252bb684fed34f68b896766d8f23c5f8b430f145c257670acfe91
-
/data/data/com.secondphoneapps.SecondPhoneTextPink/databases/SpaTextDB.db-journalFilesize
8KB
MD5375dc19839e2ea2d2fb605c89e3e9b38
SHA1ca23c8de48086dffcf612a3dcb3f13cfa5468118
SHA256cd2e1b685e900ab9b9362ad9db97942e1238a51abf2bc8727f15a3b4da0013ad
SHA512d9e4fe9223085824f949726fd140006e31bc074e6dff89f026b3324e277a9e21cd8ee549eed0c424a46411970a8665bd24df8360675fd799c826f53cdd893db4
-
/data/data/com.secondphoneapps.SecondPhoneTextPink/databases/millennialmedia.dbFilesize
20KB
MD56daa13443ffe592bc74457715615c605
SHA15e0581adbf1ce81c1c9a6fa59725947f6637cef7
SHA25605816ef73acf2d273865460cc4bed0f99e03794464ee34d4974d77f978091e42
SHA51203ce5aa54e9b809973e7da3454555122e08ebc3744880e15e6a60d1f5f1179adbf89ceea20bf61810a4a610aaa1a006410d2d5ac58052a15cf367aa09f527250
-
/data/data/com.secondphoneapps.SecondPhoneTextPink/databases/millennialmedia.db-journalFilesize
512B
MD5abeb0361ce78c78fef807fe768754315
SHA1dd7d9cb05e2c27e80ad8159c1d1dd8d33a5a13f3
SHA2561482e5abcf07b78be4be31c80a447f8d016c7117a9e681feefe5d40515624298
SHA5123c2ee414ea8bc5d47dd6f61dbff450c1eb7882a8074e2e28b6a16cf9986bf1ac51ab9ca53d0991156eb52217d048dc41c1a0e400520832ce07e5a790c79d32b2
-
/data/data/com.secondphoneapps.SecondPhoneTextPink/databases/millennialmedia.db-journalFilesize
8KB
MD51226257b9791c22ac8c2b7a3fe4d8b3a
SHA10b4cb6125afe400f1bc41980f8c578f0e0458fbb
SHA256c842ba6f3a8ae3b7fa4c1827647e6cf658fbeeab89c9d3ea70f9db6386f367f8
SHA51267f702cbea41bd5110affdc7c4c3babe1353527636ffd458354066352f63753577c05f22d0ae70d86641de1fcea021214451f94e98b7054cda980ff9703a236e
-
/data/data/com.secondphoneapps.SecondPhoneTextPink/databases/millennialmedia.db-journalFilesize
8KB
MD582391339eed85583de35bf0de72e9771
SHA1420c2ef0d6123892cc787619d29c34bb2b4dd317
SHA256701f38582525635626fee875a979c109296f0022f4e5987d85b255ddb1ae916f
SHA51266c65becc81d5560b0c5af99b9785c4ce38c5ff29eb8939851b3da6fcfacd6bfa0f132f1c36816a75ae852ec0966ad4c541944ad118eafd68c824a68ec4708ba