Analysis
-
max time kernel
48s -
max time network
154s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
18-06-2024 07:56
Static task
static1
Behavioral task
behavioral1
Sample
ba975ae2cf3a2556de548ce5d772c8e4_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
ba975ae2cf3a2556de548ce5d772c8e4_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
ba975ae2cf3a2556de548ce5d772c8e4_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
ba975ae2cf3a2556de548ce5d772c8e4_JaffaCakes118.apk
-
Size
1.3MB
-
MD5
ba975ae2cf3a2556de548ce5d772c8e4
-
SHA1
1b8eb3421af948bf6876068aa9108a45cc6c7dbf
-
SHA256
6b770dcc2ff55af1e6a2b92142c26eb18b04c05bdb0fea634a896e43b28d0d0e
-
SHA512
8bb57d5974466126323fb6e1ba4373fc5d5cf30e163d1427969ea1754791579c5baccf544211bdf007ac06b54cdddc33345bd8e088c3856a0a1027d605795262
-
SSDEEP
24576:VH3a9jgEyqeJk43BaplbFj5M3LB3eeKQdP0HZIJRIC39TiT7c:ZggEyFeABapj96d37KKMZUIc9mT7c
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
appinventor.ai_ahmadalmir2.Ya7obTonedescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener appinventor.ai_ahmadalmir2.Ya7obTone -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
appinventor.ai_ahmadalmir2.Ya7obTonedescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone appinventor.ai_ahmadalmir2.Ya7obTone -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
appinventor.ai_ahmadalmir2.Ya7obTonedescription ioc process Framework service call android.app.IActivityManager.registerReceiver appinventor.ai_ahmadalmir2.Ya7obTone -
Checks CPU information 2 TTPs 1 IoCs
Processes:
appinventor.ai_ahmadalmir2.Ya7obTonedescription ioc process File opened for read /proc/cpuinfo appinventor.ai_ahmadalmir2.Ya7obTone -
Checks memory information 2 TTPs 1 IoCs
Processes:
appinventor.ai_ahmadalmir2.Ya7obTonedescription ioc process File opened for read /proc/meminfo appinventor.ai_ahmadalmir2.Ya7obTone