Analysis
-
max time kernel
126s -
max time network
175s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
18-06-2024 06:17
Static task
static1
Behavioral task
behavioral1
Sample
bb13b6f1226606dbc798fa05cd9cd0e6_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bb13b6f1226606dbc798fa05cd9cd0e6_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
bb13b6f1226606dbc798fa05cd9cd0e6_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
bb13b6f1226606dbc798fa05cd9cd0e6_JaffaCakes118.apk
-
Size
301KB
-
MD5
bb13b6f1226606dbc798fa05cd9cd0e6
-
SHA1
30fe7375494c1fbd29bf2acb78ddac537790317b
-
SHA256
74ccc69b992bea3ce6f2b08538f508738424d5616e2637cf5a8fc4c1a962a757
-
SHA512
b57b1b67c6f96dc3c39cc2fdd2b1d5b6de528a9a0a190aed87f65817ba13a9e588b501569db6520181add8c17e76fef84e14f931065d8f9ba87da4db07917be3
-
SSDEEP
6144:Mj1c4F6rag3wBiTE5pn5bcFK6S66IYExfzqr10mO2HxlNMi:m1zFgahBiT6B5b/6AE1er+P2RlOi
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.bubbleWrap.webgmdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.bubbleWrap.webgm -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.bubbleWrap.webgmdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.bubbleWrap.webgm -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.bubbleWrap.webgmdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.bubbleWrap.webgm -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.bubbleWrap.webgmdescription ioc process File opened for read /proc/cpuinfo com.bubbleWrap.webgm -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.bubbleWrap.webgmdescription ioc process File opened for read /proc/meminfo com.bubbleWrap.webgm
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
105B
MD5d69ad96076838ba7964704638024a3a4
SHA1c36dc1ed8f5045be09fc6f0b3de2b1742d6b6f3b
SHA256fe6604d5c155f3ed215733dbea57bc3824933436a8e9bab425b9e5f3cfc1d50c
SHA512ea960174b642a33746185395b2ec25007209987a4dbd7cda0b2ef9027404235eb4e169e13078fa4905817ef281e0b27e3f1368171f07e06c5e3210eea17f2c10