Analysis
-
max time kernel
179s -
max time network
167s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
16-06-2024 01:41
Static task
static1
Behavioral task
behavioral1
Sample
b1271030869cf7389c70be547ff48432_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
b1271030869cf7389c70be547ff48432_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
b1271030869cf7389c70be547ff48432_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
b1271030869cf7389c70be547ff48432_JaffaCakes118.apk
-
Size
1.4MB
-
MD5
b1271030869cf7389c70be547ff48432
-
SHA1
1c0d05b31ceddeab58eab8e8d3dbbafb7e871336
-
SHA256
8a51b2cd48efbca5c7e8f65f11d6f84bfa34f4e8eea36c22c3f4d74241dc4f35
-
SHA512
c5c8bc8afdfb3d29bd83eb29e1a6dd8bc0edd2bf6f98a5ca37be5c0c32847c742119b9262fe2db41ff1acf10ad11d565de2fe5e6800e537aa7a1b1e1f8a1d4e9
-
SSDEEP
24576:zEaFmFN9v46flH2UIbxMeh+CYIgHBxsoMHuvDm8P0JORSAireJc:zEaFmL9AcMJYJH/pMOvDicS0Jc
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.bjin.gamemaster_mainioc pid process /data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar 5111 com.bjin.gamemaster_main -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.bjin.gamemaster_maindescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.bjin.gamemaster_main -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.bjin.gamemaster_maindescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.bjin.gamemaster_main -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.bjin.gamemaster_maindescription ioc process Framework API call javax.crypto.Cipher.doFinal com.bjin.gamemaster_main -
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.bjin.gamemaster_main1⤵
- Removes its main activity from the application launcher
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.bjin.gamemaster_main/app_ttmp/oat/t.jar.cur.profFilesize
417B
MD58b1177e932ca9cb40fc64d8ec08c05e0
SHA1f5bd11a973abe4806c39c8d6a75a6b65eea8d0c7
SHA256a5ccab736c3b801dda62f8c4617e83d577e39d98207538144b401cb5ba968ce4
SHA512f2c5bb7189cafa8ad52263bf2c3393a91eb5e6e953a4c9e79cfb122cdd4eb2800a5b5079dde6f4fda8fe660e7ba9b687ed92dfefe3daebf2a3da081a41caddc6
-
/data/data/com.bjin.gamemaster_main/app_ttmp/t.jarFilesize
276KB
MD59aaea567e0c93e51718ba7eade0e83df
SHA10005116aad1779361b70093db00fed5ac090ae23
SHA256b30a95dff6f65f444472971c8aaf895ffc8e66e0117ce242ec4cb8a8a519a5ec
SHA5122aef1034335d8752f4e25ce6c5823ce03019536cc6e51ee61b5291c77a0f356a2517e0cbe7f2c4cc2d897115dc856449a342cfdc247c9d34d313187d15b2f890
-
/data/data/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainbFilesize
72KB
MD5812f2d4481bf3181b4b873a992d641ac
SHA178d2afed0a1661cd502b9de2658f5ec5797fb6c5
SHA2564f43e5dbb9bdc4e0ae202dcee6c5b3501b23d68fa0e48188f8e5f1686baf60c6
SHA5128365d8210cb000e7db40980359bdc71c222253c78bcde6f7beecad893c35c58bc36ba21b8e6d55f70766372e6131dfeefcea12934f8fab9113f3ce8ebc26de4c
-
/data/data/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journalFilesize
512B
MD53a3027998ba0af654b6ce37dcaea8213
SHA1785860197d0c653ace68d2518a154f57c293375b
SHA25627ad6c6620d3ac5502b3893d2f07c647f64e7f7c63f4f1af73f98e3d607aea75
SHA512c4852c76f7715054c6fdbdc7e9ff621cd902b9da8848f0b85d05da7399bfaafd5882384f0eaa58560f35e8aa8d3ea5214f277453e4d93e2244407fbb1ddbda84
-
/data/data/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journalFilesize
8KB
MD5177e2e6c4dd235a5d430534c320b1036
SHA10d55997ce79d72791f58f61e68c61fb353ad705b
SHA256fa9cc10140add5240ed94541d702625114e543c36f8e39de250ec32ee12ed3d5
SHA512bed7c9a0b83935c3785c9c374a9922f161c2c584c57afe081149bc6b3c5e7027e08dadadc1f2e16fbb28b1228bba5a6590e794f5a14e2b91bdc01f65c615a647
-
/data/data/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journalFilesize
8KB
MD50a0cbea775c827668236fbb8b3146727
SHA10ee26bb5c59a91ff11ca1b267d3fed7af96d5a1a
SHA25603f8e0f2bdefcfbfb663cfccd0da962d497a25ae6d7e341a054c3bc28130766b
SHA512b4af787c55d36004984e797fcada494b200d7cc57646c8fa4c7c8f9ba6b17dc3a61a36bf926348a281158524e5180572841d4072d3bb1854662aa478cc814e09
-
/data/data/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journalFilesize
12KB
MD5d7222a2c15f7422f155ae3e2e634f946
SHA1cde085b009f1da7ca275a3559b7c5de8cf266e6a
SHA2563e9b0775fbf6fb77a48d224bccdfa6cfc05c77f487b5e2538a9f5a34db562088
SHA512ec81d4476ea3d9c4d0e439694f136fed2c107a23448eb5a1f970bc1ce074fdd7e18da7c3c793550f9fe2508a8904538a052a8c33c99bdf8fdb0833e30fccca45
-
/data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jarFilesize
587KB
MD5f72c3d07507c3e26d317e9117ba757d1
SHA1cdede4739e9dd9fd95243aab5e44c24f93f825c3
SHA2561c65834d9ca018c6496a8b9957589d0e94657911b6635dc21a448d78f9238887
SHA5123420714252e7503abc13c99274d767b0bc08671d769460dc61823ab9470e145fb75c5dfaadc617d3a05cf251ed5ecf38ea7e8c1d7b343bca4d7e8296f1b805d4