Analysis
-
max time kernel
8s -
max time network
187s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
16-06-2024 19:50
Static task
static1
Behavioral task
behavioral1
Sample
b4e7ead3d03edf554919e104007bfcf0_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
b4e7ead3d03edf554919e104007bfcf0_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
General
-
Target
b4e7ead3d03edf554919e104007bfcf0_JaffaCakes118.apk
-
Size
26.2MB
-
MD5
b4e7ead3d03edf554919e104007bfcf0
-
SHA1
8ccc8d459755e7e8074b834bf8e2b668209eefa7
-
SHA256
4393aed58a3f682dc56206c1aac4a7f4d3a928935f96680bf6ac1e1294d7908a
-
SHA512
e20f12a9d7f0f115c43c237077ee70a2060798a460ed8d09eb95d6a5488d413676b737967a628d830fc3ec89dd9b1fe688a4837a8b11c37bc495b1d5977401bf
-
SSDEEP
393216:8JljMsbXz0NifOpyKrI+idRht3NifOpyKrI+g/my84WS9bcBMADCHF3cuTdS/0w1:8JljMI4eKji1BeKjg/bW+ADChKjD
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
ioc Process /system/app/Superuser.apk com.bolema.phonelive -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.bolema.phonelive -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.bolema.phonelive -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.bolema.phonelive -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.bolema.phonelive -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.bolema.phonelive
Processes
-
com.bolema.phonelive1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:5198
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
80KB
MD58c12c8009b529993da017345b4d44b2c
SHA19b0bc8ada3773c5a51fc4d52c1cd9559bef31dd9
SHA2567027d1cb206d11a49f92264eb108a5866b207e17725d685cac57bfa982b12ad0
SHA512d3430f4a0edf23eb6b465580851b4edd0397372e767fee903d8722edfd457206bed83e516a0c1161d68ddd84a75e1bcd64aa31392487988b78473da0593d3618
-
Filesize
512B
MD5b47b8ddf447a9fa73d91ed334d0c713e
SHA1b819be5081f2453317456fbe2866f89f8992c52e
SHA256675af93bab92e2769bf5d3e82e6c7a4c6d56c59c7856966a7f97165cc70ba8a1
SHA51283ad880f43b59124e9d9efb5a91c2189731aaa74b442721f3f2a74f61d453c7805850e6386f74edbaa3e2204e7de9038de3313f05ad303af8699c53e07f242ee
-
Filesize
8KB
MD5bd731530793a7a44bdd437c7699e37ce
SHA1f606741f3dcd608b64eb0b47c830c2615f073628
SHA2564c3da2a63285ed8c41aefb6800b5597fb62d0f7f789679be04b80119ab639f83
SHA512150451c680719736d5a6d227cb3bd5c2c098abdc4188a057ab406cec594c97c513351dd793916c3ec4068e8de538f93d17f37987dfc18e56c0fbe45e33232ed8
-
Filesize
8KB
MD5455e500af4e34af3b3010d7ab7cf388a
SHA1f47c0d93b979352a52b88344c75ce11fe8a657e0
SHA2560491555670d2d4e6ae4baff725e94a6ba7bc70526d92daacfb91694c491fabdf
SHA5125384f6254ed73f8359c48153223fc93ff043cc39e5d5502210504c8e517d98c1e9ad000c9cf6c63619b589ebc259e0a888a4ce5c42840654a8efd22d4307f1c6
-
Filesize
8KB
MD5c9bf298d6e85dacd0aac96210b250fcc
SHA194b4e7407801e09073f4702a1462a536414f68ee
SHA256ebac8e2c3ffdd7b603c97df6165dfbd1d49dd9fb24e9ebc3d1ba237614ffdd5e
SHA5128532775f6a5e4b4efc385b20d72ff60d3c2d112d26a138ce0664e761918bd86d2029ab9b24565942f79d013fba5787b46b1584f68f52fb91ced34f0cd58e819c
-
Filesize
12KB
MD5aca266bce88a604dd14274f3be9afb7d
SHA13ef39f1b6be2746e8aaa69481989ee2b133bcd5c
SHA25601ac168e80be2cd7d9b3c0a21428cc4b1fa59809d41392cbdeb1a02de251dce4
SHA512f883e26bc89b6d0c93ccb322a6962e4c4484844859c9d6de30ee2b4dcb45341dc0314736df15032f356f856e9e1120d58d1f6b970e27f972050f762494d82c47
-
Filesize
12KB
MD5c92242e469f42f10859b6f27d894e907
SHA1bb2f14ae75ddb15521670abbdc3b79f222f07211
SHA256db66983fc72841ec1734c14fcc3accc3d19c2cbcdddef2c23e33f2ac126437ea
SHA512eba7a782e381b23a698c0bd822eda99e2415bcdac79767339e041e2e62ed790f86fcb39bd992b9d75aee69c1b3e8975a9df53fc40eb9b9ce1be9e0c68bfc2a2b