Analysis
-
max time kernel
7s -
max time network
188s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
18-06-2024 10:46
Static task
static1
Behavioral task
behavioral1
Sample
bb8600094e4351f47e99b13655390911_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bb8600094e4351f47e99b13655390911_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
bb8600094e4351f47e99b13655390911_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
bb8600094e4351f47e99b13655390911_JaffaCakes118.apk
-
Size
6.2MB
-
MD5
bb8600094e4351f47e99b13655390911
-
SHA1
071ec100f9724c16c03c7f760ac6103ace43bf27
-
SHA256
465a7e3320df58a9a604f39f286b1eed4c7086bb8a47ed60ea8a139736265772
-
SHA512
ed1e708a1d2207b7e1338ae3f86cd2e95c7359ae415684c01082068df41fa70aaf462fff08457a1f63899835d91cb2e92b4e5adfbd4ee9614e96169975599f88
-
SSDEEP
98304:JT2KhcDjVJbavFVyzbuPzC/zY2Fk1Lb0HS6zVkR9OEXLshGUHVyCnBrnnnn1:J5+fiON/zYfLb8kCzrnBrnnnn1
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.bskyb.fbscoreioc process /system/app/Superuser.apk com.bskyb.fbscore /system/xbin/su com.bskyb.fbscore -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.bskyb.fbscoredescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.bskyb.fbscore -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.bskyb.fbscoredescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.bskyb.fbscore -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.bskyb.fbscore -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.bskyb.fbscore -
Checks the presence of a debugger
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.bskyb.fbscore -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process Framework API call javax.crypto.Cipher.doFinal com.bskyb.fbscore -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process File opened for read /proc/cpuinfo com.bskyb.fbscore -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process File opened for read /proc/meminfo com.bskyb.fbscore
Processes
-
com.bskyb.fbscore1⤵
- Checks if the Android device is rooted.
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:5193
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD58676cbe8b2219545b7463e8017fd6a9e
SHA12b5e067e98e62fd9890fca45548277b0b5b7c45e
SHA25638ac27905e804f4db7a03ff4b9eb1ccea066df0289e7f2fe455e66a1ae08f0d8
SHA5125bdd13c903483f4341404d4806b0bc7d89bbf5ea1cc38d04a31b9a4331038d380cf98295592e03d6a12ebf5c12d8d5e127a689dc7fc17a908dbba3dc41c695eb
-
Filesize
28KB
MD5a9ed6da4b2bbeccfad6afd39d7c5596c
SHA1ae5f00d94aa8bc1743e7bd7bab3bd46fd5184a1c
SHA256a00329b3ff8961dcb5e96928069324613007fae65ca7e8bad2383f1d0490e9d6
SHA512afd2ef79182d8b450b49fe4016c30134f52a58e53527249ab4daaf90fc8ae27f767ea27a9d4b19b6d6c076daaab24039841807b894ac5b6aec1ad0b8b8636958
-
Filesize
512B
MD5b60ccb5f52196d596a1fb05aaa545a07
SHA1e2eb51cc247d4cb4cea5fbdbd15bd25f20522d82
SHA256a350a0b55778d0815ee3aa1d6ace6f2f1a725735f5865aec2b084d2ae194bc9b
SHA512754dcc848850edab9829b250d283ca242595abfc4926553fad40124c79d4a617a86a7c2d14ccb7fb32ad9467aa20464472ca152cf471483c6335eb4b0e6aef00
-
Filesize
8KB
MD5b52d6005dd54201fb2805592bb46e4b2
SHA164a900cd8251055ef17640a0de696c86d5db363e
SHA256428f3be00d4687578b51b6f31af171f8c0c91a3da5ff11f72495322da6e9cd0f
SHA512c42f3cc04f5f9c7dc2b0aa415d14511ca87167869c4429bddc6945b13eb9b2a7b4d45ecce91eb1409ea2244a4c97c15b3325482f0046ea07d477910e2672d37b
-
Filesize
4KB
MD555a40ead698fd4ed301ada162bf557a5
SHA1b571539a13a44a1ee04ec29b1a4aa7db2f66fb9a
SHA25671c4a0f023574a2b8e9834f4c78e4edca04a75fd70c549c001027c4b45309f6a
SHA512fe492e0826275f8db9e39c27368c9f5792007bc185834260a38da461789ef841f28af05917e028936eeb2d394d5791dddaf1db090e0767e7db986d385c51209d
-
Filesize
8KB
MD5fa3ca18caf513deed2b72a1cd56ef9aa
SHA123075739242dbc80717b8e630451c26875ffb77b
SHA25645f7016afcb8284bf33aff883bbd5896db389898a7e39a6d454c1f793c040a8a
SHA5121db51a8692c625e5492dd4efe7989474c1e06c39e6c3e050d34e9bd330d5a4353fe750c6e609f45926e06b6b579763323cfd8dd81b2f16083384eb5a5b5551fe
-
Filesize
8KB
MD54666418725aa040a410e4cdfd1c2ae48
SHA1320672fbaffa69c3be7d6076cec63bc40f71c44b
SHA25633985b61815f1395c3bd2941961bb83648dd8fa6c8a9900ab16a5c25ecc34efe
SHA512f65e7fda85003132d3803ca78cc8039767d17e8a9317c832b808c3d8ab8c27c7d963942bcfb934c810d3d432350e21da284d7c4cc07100f50ec5a49462a37ba4
-
Filesize
8KB
MD59c93e5cb23074c27d4b9392a28c1cd14
SHA1cac5178e4c1c9292e01e623e3a48632958949c4d
SHA25673034bde8b669ccfff7b45316c1a75754a147ce56f3475df41b15f490bab676d
SHA5128ed40a59def7c99fb5609d45a6ca05cf3c54ad068241f0ece455e9aae93c796fb8cc2a23d907a63b928e17bee1d989422eb23e7069b6df31d5a35e99bd457515
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66716593023D-0001-1449-0BADEBAE29B6BeginSession.cls_temp
Filesize77B
MD5098bce807716460b8d8c601b8aa6938b
SHA1eb05b25c14fbc945970c2346a83799a988031e02
SHA2562546eadf87dbdecc65653d115bbd1a815efe7e8eefee469d79bfc42a4821b06e
SHA512c6c78e4c80ee265950c5498f02e6c0d6fba26938804289c99eaa8534d095d63cf9c9cb91fb477e2e7112f7123c9c4d0cea3212bad5e91390834e97265c80b107
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66716593023D-0001-1449-0BADEBAE29B6SessionApp.cls_temp
Filesize113B
MD5a0ad38b8f441182dd7e996c620dbc933
SHA1cc7171d2a3acc27e6c63636f23cc454cd1fcc4e8
SHA256d92089bdcabad37e5065a10e392d8be242a07ebc26cf15339d2747be0a172152
SHA5122d7435aa6e5cd03864e81c3a93a535638449a1ab1f04b9104dfdea487a9329d5f10536555a4e31cd5c3d70146dfa441ebb43e989904d0ae184f7afa7b9b467eb
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66716593023D-0001-1449-0BADEBAE29B6SessionCrash.cls_temp
Filesize25KB
MD5a6b0e60dffa0b0886daee8a22fa5fc0e
SHA17c24e5081c05c7bf399cf6f83f3d367d2aad84a4
SHA25697663cf6bc9058f9b5f7696fe49e2a16696eb6dedb5b25c5edafe1e2f1861f66
SHA512b5e9a973c82fcc68a54276a174c6a14df9ec92562e429138282e61648e1e4c8effb7e7486fd933978fab9c8dcd8e1aaf81530c11266f0a46465786922748adad
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66716593023D-0001-1449-0BADEBAE29B6SessionDevice.cls_temp
Filesize131B
MD5bf500d7770545e014de946ea4ea2823f
SHA135800c6bf2dd896522362f3914e8f2907b04e4d6
SHA256a9ec4ffd42febcebf486c66036f5cdd96ddc70e1a14094f861ac59d00d71bf9d
SHA512fc9ffe9474f740287a871b2c22becbfa473d6ea02755fd441af2767db6a50d048df193e0723c184a4d4fa9af79d7b03f847eabd438f6298d7de31637c47a39f1
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66716593023D-0001-1449-0BADEBAE29B6SessionOS.cls_temp
Filesize15B
MD52566d27ce8c28d8961f082c375d7535e
SHA192fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf
SHA2565acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a
SHA5121c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66716598006F-0002-1449-0BADEBAE29B6BeginSession.cls_temp
Filesize77B
MD58085854290f0106c2ae0670e8f072b21
SHA13dcd645816303dd46bb4deaef1c6bb2e5448e6e4
SHA25618a40aea085c5417ca99f9c6e68816c39e6eb50485f369a750c9d8818d4abe99
SHA5125c7870c6895a24936f5e7bffb9fdaf527acca376fa2b1242b225b956139f52c5c857d8d53a5c6216a643b11b18394840458b3c15abf711395b42dd2a97891970
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize475B
MD538f64dfe7921ec557371c6c42781086d
SHA106adf669248c06dfe83144a18b65aa1521797748
SHA256e1c3ab30d1a98e159f47509ab64b4adcc1ff699994dd02f1244a08a75d5c943e
SHA5122f011c88839238dc829a1e0be907c21b88cb069db2512dcc69cb3c5d961063380a635c977df7c2ed5f816063bb09ce8a97878607d35e3492f69b1358396a916d
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize1KB
MD5c2ae33d3dc8ce54e986a4bd1dd58d693
SHA18aaf38638f0e237e58db6ce4c06f4849d3895d69
SHA256efc2bbfb4b8c8f15a7a5ad64f4e5faf5105764e790709d614deed8ea6a2a4c10
SHA51227414bd6c011cd1715ef14f89d0dd2be32d36266b9a2a46a881154ec607e5cf22925e9701252615a3d9ab2a98ba600cc95d0cb02b6b48522c399175cbcb380dd
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_5c893900-da88-4713-bfae-5b357aa40fea_1718707605852.tap
Filesize374B
MD52c767c8952f6d8e0125678e90c1c67fc
SHA1386f0afaaf57a4ac1c5d1335c5f3612c5b24b87b
SHA256a841456ef24691d5983ab59c84f404764cab880fae3ad2275f0e7462fe9ff8c5
SHA512299c2eb3a30a82755e180fc40d83a1446f77f03320cf67b0eb9e4fa81e48beae873e0f88ca956e65a3cba9af13041a8aa1c529dd30bb2564ec58963aaa84cb54
-
Filesize
20KB
MD5a2499afad2e2e6c3d3ce1a81cf53b1b4
SHA1232c600f75cb45213addb759e8db0f0edaf13bb8
SHA25643031296313da7805ac71ffee633a1d0eb9c961865375a5d11e5dbf331feccfe
SHA5121f31c655b9262a740dd788d97e9b9477e460cb3da03008efda1ecb3db6357094cddcfdbb36b0e452e614da5b2f6b74e848493ab870c6ed35f6e9e7c900262917
-
Filesize
512B
MD50a1ed091e769ca4fdaa17bb016c15fe1
SHA1c109dbcc684ecd495342a0044d477ae3bfc3f9a4
SHA256ca51409b82d73ea9cb7b769413c635faf1da9abe802253ae0a00922d1675dd5b
SHA512e10bf2fc8ce5c6a5807b6796a2814ead57046bba5db1543e71e209eb28e889e96bd81b439f4aee3315e23327a7abac0a8d400e1e8458eadddab97aa8a13b296d
-
Filesize
8KB
MD5fe2beba7a1d5ff5beac4900a8f077803
SHA11bf5f469a6d5a7a4c16ddc9d8db31bb5affaad95
SHA2564fc000959e576b2006b438d498759c5033683272a071f923674bbef271d18d13
SHA5126c0cb92674ae8623a9f81dc5ad4c5c0a7462130c4e27da6f51839a77780be49e6af6c801ed19f8fe77da1ee3f2d9f910315ae511986936bf28a557415ff67082
-
Filesize
8KB
MD51f4c214e5aca2abcc6ec81dcea4c9255
SHA1e7df621ab53423ae4e04984c3d030256ecafa29a
SHA256d390bdedeb21e8fbbbb1463f99c0a53dd749f3c3ef8986fe4482681f46aa5601
SHA512c4e48994dadf63af9fb6dcf4900225db51a12c7553e5520d014dbbb0d1f2bdfecd2d2815a37aaf925d1a85729c6c8a51120c52d967020ab3e792a2c038604e1e
-
Filesize
12KB
MD5a56350f525b32ec4a3bac9eab4106766
SHA1e73251bde2845b8c78ce1bd35876d0f07ec250da
SHA2560cc653539c0d67328ea9d9f1632ddd4b2d929b7f7915e9941c30a12285b745ae
SHA512d0ffe11c67d62e859c3ea3c21134adb494621fdeac89145f92fa6042b6b28508890304366bbcf6c25702a25d710ba30b2a3eb463a815b286e7ae785c0971d941
-
Filesize
20KB
MD5992e42a9bb1158a55db3c99b158962b9
SHA15f5a7220373aac7ec53e6ea1d7d6b2cf8302cd75
SHA25643f53a2f421e58750646dcdb91f584ab6d7f26b65614761a1de527789d2a4229
SHA51276315d890e3a0ad95630927ca8e38cf407e7786c729632a00b88d863d15fbd6c682df39a1e68d98d3f7d25b59358109375aff3043b7194a51e6147b064958095
-
Filesize
12KB
MD507ae9952ba772a106830605585b5a27f
SHA14abbb333a8e8e27bbccc1bda3c2cb2d515bc6d07
SHA256b8d3470c5d8d51422c3d26c4b502563fb4abd696381167e9ca2e0fb1b56c1c63
SHA512ec76ba51d5b5c2ee0801edb1c1d6a6b9aa28c7e9d513f0b5aaf1169c69e07e060e5e42c1fcae771b674a245e9a7ac707d77d57033eb96d60561f00d0f90d9718
-
Filesize
12KB
MD5ca4fd4b5ab95505cd43d89f56d677d90
SHA1e7735cff86fe35940e794f3074753ca76111dc68
SHA2569bd89e51e54649e439173032b230d6e5b257d954295ef4177bd69d228637fbf8
SHA512edb164c7979b9e777fc20bc80fff2e788d8d683b1a154f188e31451684bcf2f145093c4b874d2ad9db715dd36ed8a153aeef42b9eda1b7017d142bb4bbf4bef9
-
Filesize
512B
MD5e61c1a9e8c861999cc4ea1273623abe5
SHA180ce12bfbe5eda9f373c607db06c23cc5357ce92
SHA256980b5d7e2aa27436249c34c2636c4ae03a7ccf8a00676a8775f2d9a98d13b108
SHA512c8509b91cbb085cc419cb4b5b536b80118f60f61a78490d545b003f64b41c282f36918a93dcd7d6eb5c4c9ef3f9c8cc6eddebc8c6712a0dcf1eb79589ab92972
-
Filesize
8KB
MD5d5bbfa811c03cda0b522718dd625570a
SHA1791a3648ec45a177fc3e48879f0a789631a03e80
SHA256ecbf35b8a1babbbd5df06f7f54cea07ef08f0ce338707d8827347beff1b77d3a
SHA51280bbe0a86229411a1afbea613b3b2408e697592861226851cedcba481e01d7e5dd0a528df7b69d75eee3237dbc81dd40c688338e6c56b6b8b003b9400c6edbb7
-
Filesize
8KB
MD59dcc39dbcfbd086e04da8c177ef5fff2
SHA1aef1ce0bafc4afe951a045a79f40a39fb5371c2e
SHA256538fa6b95de0f625aaf5a54b07c63ccad6974e1f6b325fe5b122d76f50ff11f4
SHA5127c8a7f9c2d33627476d208815e748d73da58477933dc7e1ab4c71286272f5ecf9aad1e4e5e9abd693ce008578f4eee9c64eb5bd0b5a28b39288c8756111b5166
-
Filesize
12KB
MD595623e460356822d7045bc10e1fd3dcd
SHA1f66269b531e0d59bd95c1a7f1514fcf7dc86e995
SHA256260855c8f69c919f15831d148370060427b5970ac4931937d1eaf7ab965501d7
SHA5125ff47357a4f544f2a9a058e2349a9db98e3524ac1d23762f2e972bd41835d5b8dabe3ca0ccf69d580236fb94bb2a423c9bd4133dc0e7f77123453499622a3f1c
-
Filesize
24KB
MD5190c606a1b988f1ec764e9b20819b8ab
SHA18d52efb58d3666f9386d936d5a072d2d55f046eb
SHA2560ff3f05f72c1976dff4b65e4ced9315f4d2427ee4ae89f02c0239da550cc706e
SHA5128395e2805944a89ff2144be0e3acc88f4d443d92fae9489d2bafe9dd5e0cd5392de6dbe2c589f317470912316857513fc9087b566a1491d71563ef4ca8a77d0e
-
Filesize
512B
MD58d28d3f0fd1ac06854afaaf1d53e2f43
SHA17e1e1670ef26a82732b256789da1b97b7024af66
SHA2569b92eb5a0b98431ace8b4a1b9b9fa399eaece5b8072487994ecd5bc366c64595
SHA512aec5c5d05a888d908263d81b6cd58e80b58c050db16eb3785ed7f3c5abfc1a8ca2b0f31eb16b358abc163f1d2bb40980da09b122d85ebe43ce8e5ceafb227560
-
Filesize
8KB
MD577ce36dbb35c98975ef102d4850183c5
SHA1551b71f664d18a85649863368b92ffa2829e5b5b
SHA256d8014f3d10e2c6c0b27a1afc73fe8b3d09bd958c0ad644ef85b7491da790ba57
SHA512dcd7831cab52fbb9c7f4fa37e67e7f4cd33f6971a1b33e7608c5fd3c97b35cd82700aadea0fb23d2b1c9fde9fb22c3b0befa48e617ae13776fa44347a20268db
-
Filesize
8KB
MD57914bb045a56db9f26de3143f921fde3
SHA1074b98f01d0e4439008e6b5da457b9c2bee9dbbd
SHA256941fb0f3798dcbc03772fa6454887051c5b3ae32e0890dcc20e5c9546fd07fb5
SHA5121927b353347a2f0919cb595601e733c76c909c9fa3340c576c63a89f049236332bdb829d153593c5d6742f950c548b70071731896a892ab06e6fba55b908e735