Analysis
-
max time kernel
7s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
18-06-2024 10:46
Static task
static1
Behavioral task
behavioral1
Sample
bb8600094e4351f47e99b13655390911_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bb8600094e4351f47e99b13655390911_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
bb8600094e4351f47e99b13655390911_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
bb8600094e4351f47e99b13655390911_JaffaCakes118.apk
-
Size
6.2MB
-
MD5
bb8600094e4351f47e99b13655390911
-
SHA1
071ec100f9724c16c03c7f760ac6103ace43bf27
-
SHA256
465a7e3320df58a9a604f39f286b1eed4c7086bb8a47ed60ea8a139736265772
-
SHA512
ed1e708a1d2207b7e1338ae3f86cd2e95c7359ae415684c01082068df41fa70aaf462fff08457a1f63899835d91cb2e92b4e5adfbd4ee9614e96169975599f88
-
SSDEEP
98304:JT2KhcDjVJbavFVyzbuPzC/zY2Fk1Lb0HS6zVkR9OEXLshGUHVyCnBrnnnn1:J5+fiON/zYfLb8kCzrnBrnnnn1
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.bskyb.fbscoreioc process /system/app/Superuser.apk com.bskyb.fbscore /system/xbin/su com.bskyb.fbscore -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.bskyb.fbscoredescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.bskyb.fbscore -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.bskyb.fbscoredescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.bskyb.fbscore -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.bskyb.fbscore -
Checks the presence of a debugger
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process Framework API call javax.crypto.Cipher.doFinal com.bskyb.fbscore -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process File opened for read /proc/cpuinfo com.bskyb.fbscore -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.bskyb.fbscoredescription ioc process File opened for read /proc/meminfo com.bskyb.fbscore
Processes
-
com.bskyb.fbscore1⤵
- Checks if the Android device is rooted.
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4460
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD5283220cbe5e9b6e475e93ebba11ef75f
SHA1ea77df71f4e4c2ba960947e192e0ddeda5a48b84
SHA256c01f6ccb167217afe0b8fb282bb78c8c8980a75f758bcd55edc5d2cf7658ac5b
SHA512e8277914047d050d7813368d72a3a7b800920b5b1ce2d28071a1ea37691ea55c259ffcad9419efbae26989956ce1df0840895640a44d357563f5210d3cc134a1
-
Filesize
28KB
MD5876f86564ca48477d3bd0ca28de63986
SHA11e841c92cd948c397cb29ee0746d694eac3cc7a3
SHA256f55a71938a6d87d8318bf94207cbb04fdd3ac9fc9d9de70851cfbff946eacc76
SHA5123eee47221a49c609e2a9566625faf309e3ba5ca434d554808498f146e166ac0fa3972464492037a684ec6d51c90aadbd0820f93119cc1a7c1793ba9a2a95ebaf
-
Filesize
512B
MD595145f3e855771aa3c1ecff5aa34eb49
SHA1433f1899ab566a6579b15a3d56c7ccf06c73117b
SHA256c8807aa5eb7e46e2753da6ff8f64019676cee7dbcec17473c88fc5764f8f6f62
SHA512a88c005c850469ed931f13dd729e1e07f975a124428a5cf385b303da14925da629475238a7a8ca5fa54fc4bdcc9167826eeea095dd5947a0ad736931ff382a90
-
Filesize
8KB
MD54a20572096a0e1b25df5f207b6feea6c
SHA1b2a4cf129b0e8958ca81844bc905082a23909d9c
SHA256d416964d3940a1c85dee206af5ebdbbb11efca38dd32878faa7415b6eef0dba4
SHA512e1c8ecb148fb479b4aeca2001bc6077e3f4bde3f2bd3bc229c7228ff5b54bc645abd130f4c8040fa31f0a495c283a54a10c2c750c17cf0a13d32412f3fd61dd2
-
Filesize
4KB
MD574ffdb4f3b4da474aec19bfb9d91c018
SHA1707a1b9f2d6e40ebcbd21e127217c6e383811517
SHA2560b65776df3f45e9a8d5fbedca258383683d01548caf54e3cab7ffa1970396cf6
SHA5121ab8d49a5fcdf64cf068edb9fb1a9c23472a8134aaf234f133af66f15ce5771cdd21babe99fe71f63564342b3cd49a7c15990a4bd9f02a7d55673e7fed805fdc
-
Filesize
8KB
MD5289c6fba63d1845a3807346575803340
SHA1024e08150cdaddda813aba679d3aefebe1bf4ce1
SHA25600a0918f53b0d1070912f1130eae0eb926256e61983ad9f1330ea5380a73c030
SHA512f78ca49917472ace82e2eab7990322f6a228a03caba37839083ae3750cff30898c106531d8028fb23272dd1149374db6fc17a54692e334a4d8ef18940bd07bfd
-
Filesize
8KB
MD5c9cfd4612e7bedbbb16715e87976fd49
SHA1ffc3d4e320f6dab5a9705469453a54772813f53c
SHA256fa3e8f4cdaac579cd50ed0711512d263525564730ba2aa37199ee06db997fa18
SHA512847c1d2ae6dbe0e9c493cb8b16e7d05115d1b447e4e0b8135373d1ae6034448037a0b5b22b3cc9b32b410fb93ac64c2db8f1ee008997645583623824edbe7078
-
Filesize
8KB
MD573ed03e25358b95b79cb8bf0f8675db5
SHA1bde248976d214a03208bbad51e0a16cfc5c90efa
SHA256ebd2988b12c99c0e37ca660dcb089ccbcc34e17353d350bcdc6ff7deed544e04
SHA51295244feeb208cc0177bf58aa1a61688f18f2db1ab77083e96ab533e199043e222305642c39ce1f13382afad88755d2570e87e655292ab7e510cc71d538e57424
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/667165960266-0001-116C-13977737A29FBeginSession.cls_temp
Filesize77B
MD5f210a69714de9ba9bc4775614122a653
SHA1520153bfd8567675d14168c7741aa1d900b0d963
SHA256e3acb2e2c656e0f44cc0682394e0767af392027ea9ba6145ffba9bea45a23c8a
SHA5123803d3657f5f8612440c9011dcbd908ed961601d785720b7958844222172bb0a09f89abf9bd2eaffd9455de39660ae8b0697899c8289a7c927577cf6fd8f775e
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/667165960266-0001-116C-13977737A29FSessionApp.cls_temp
Filesize113B
MD599078ed2cdd6dcee6852b4ec192da72b
SHA1612e846afff75fd005e6ea246a58038b13fda71c
SHA256fe9f754ed737bc4f5314b851129f05a6a65df505925fb009cbf97718ceff875e
SHA512fc009d6070363ddf22c2e79a1e157278821dcba2ce8ebf3e713bfeb14eae592d669bd9a229616cf7a949a728b194be15cc9689f74be73c11e35aaa193d773ba7
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/667165960266-0001-116C-13977737A29FSessionCrash.cls_temp
Filesize24KB
MD57530b0adee84922e022b8cfbc41c2ffc
SHA107837825df65bf108ab5d3b76df9b8c9aa5653b7
SHA2566241f3dee872d235ae82987cec30f92a91ec5e999f878612a1d8333e64e2f472
SHA51246438f19d51b9eb14896fd1da29c572e3af675bd8c096b5822fa60b6184d41c929a4dd1a1d39250d1fe4fc38d59d540f19060763fa68ae212aeb6fc8561bf6c4
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/667165960266-0001-116C-13977737A29FSessionDevice.cls_temp
Filesize131B
MD549da58d11dee111985ffb9b16679cd42
SHA1c0da96aa50bdfd96777a1ba9ee24693ea7e2c81c
SHA25678563b6db7ca6b69a71403c19033c5fd13a2096bf935ad5a90749dd204fb5363
SHA51251ac1b28897d52aef1b6cbee909330a6fab10ccda03b5a6dede46527d9208a964b37642b3b449a436989e80b1ae005606e584f79a9e718afb2df47c183c713ce
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/667165960266-0001-116C-13977737A29FSessionOS.cls_temp
Filesize15B
MD5b3d9541cc92a9153d14e5160f8d8c008
SHA12e1ac80eb381dd82a03795b682f92020348c0113
SHA2561ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d
SHA51278074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6671659B0324-0002-116C-13977737A29FBeginSession.cls_temp
Filesize77B
MD56a2689e828f5c2db386c34bd34820b4c
SHA1afd01cc41cde69d854778d5d0e892bd4a0500d16
SHA25645793bce225057defe5a63b236d0471d0ab906a975fc05cea7044d5cc0a65bf2
SHA512f6ce318a4046dc33e0034a74097b2a48c5c25049d1aebe5a9f0ea306da4c420f89a9f3536d42396b14e14c873af6f210da9458feb9135012cc0c3437118587bd
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize475B
MD592622697e832d1b7a50a926a15c5a501
SHA1a51bfb4fe9269ba478c6bd59029d7fde9926ae32
SHA256f97791c4aa1d2dd339cabe8ca5fb5231823045cf9b4cd2c5f708a76f065113df
SHA512ef6ff667bcafb9c97add43f95b4121175341d84f579da0020b8e92905709214a22732a031f61ee29a3a8d3ec438ab1e61dfd28b98738e28e0076b154fa6af0af
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize1KB
MD5bbffd526fcec6fdcea0bb19183b9a43f
SHA10445b48db7eacae7586b6dcd3c9ff8864e4c567f
SHA256baf41b02cb949d20a32f4e1d40074f760d2ed50a15a5cbd8ec0a24423372a839
SHA512abb0f900dacbaf74ae2a5097a1f8fda339b8f573aeae8cb95887e12df20ee237ee0dcef907c05231883a42b1daa8f321e2f5730fe6a59ce507f1174d7632a9df
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/user/0/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_b468870f-2d78-4fdc-92ca-1eb2abd23ac5_1718707609279.tap
Filesize375B
MD58f2bd401198ec9ba729571ffe4b2ddda
SHA1fd07d640193ec70ec38cc0bb4609e255de9afe31
SHA256b2c55753c74e6d39fe56ced687aa96840efc18eebb08630f93106fa11af88a3f
SHA5128f8303880c4bfc22809f885287b4207f743db76976541a5e7b51776b0e300a46a158c87c693a21f00a2ea128d17190140a213ef127234a43ba8d8c591cc037ea
-
Filesize
20KB
MD5d9d4acd80172e2482d55518cc011c063
SHA15cd2f4b3703fd6789151e8f0816089c3a99ee7b5
SHA256fc4d8bed112698902489fd53e17f6aacbb08882fe827e8386ec79b80bf7e6916
SHA5129ed281ecd85c931053a526db5b02ee22745040eedb6bdc0e180e54006825a3b26afbf8b9a57daf617811d0482a44d324fb70fcb4c6487e2ea9be333e0c9b5caa
-
Filesize
512B
MD57adfd74a1051456b50852ddff93678bf
SHA1f370d3a510e19e3da00dff8d4e38c2d36a47eafd
SHA256d3f94acf1dd3be100b5012300b5824ceded03fba7cbf04c32c6db544fdd2a7ca
SHA512b75182b9593a32b7dfe2bb7c2f9fb1d3922aff50dad0b766aa69fbc0f57a5677cce2e74bb4ecfa7c3a923105977b790049c11ee123745234e5f8738b82cedabd
-
Filesize
8KB
MD5260d37b0733e0969567be6f47427ef71
SHA1a2514d783e59553e12a2cd030089aca763807276
SHA25622f9decddb816a7b4616374dc9729db8723ed246f20faf7533d67bc1611a2772
SHA512ccc7838c3f298cdb0a51ba4b2a1dc2761395a5dc062b8a6a8687bc99ff19b769a0607850d5d371998c0bd8de9a84f178e5c35b3652c598d640df36bf49c0de46
-
Filesize
8KB
MD5a79958cf39a5906c140e52317f6fffc7
SHA1e647080dbb30945e65acd538646d6e03d40f263d
SHA256acbf11ec4aa9e58b0694ec06ef65f151aa315224cd72b11ab38f15faadea98d8
SHA512c3d13dcbe4c75db8439d04d922bcbe0aa04e909660ada426fec7e3aa48873fe988690aafbb5695c8084c57d44192555e2071d1ed61409657ffd40a146af05ba7
-
Filesize
12KB
MD51b7d58103fe41870c2004b4c1aa53f43
SHA1d2c2e321bed6f3c3e5f96c2cec9648d8fbfaad34
SHA2563267160d6398f6c0434f6add50225d76d926ffa16111ab4a097ca31ac94ac332
SHA512a47d6cb005c948aabd2a548f84491bee05cbda18d889fb6e6266a00f52d9b9741cc8ee86fa921c0c9ae37375f977b108268f3209f2fb4e27167ba9c448c4e960
-
Filesize
20KB
MD5d5accd29cd78dd45976b6cc79cc0cf4b
SHA1a260ae57155d879812ae7bb9637285bd120638d3
SHA2560613c1057238c79251c87da8248793374ea92d94ba1b9149f472ec32fbe47497
SHA5124d32eae98fd2b001e73498a0b461fe799f1b37bb6b7c6d58c01925b7945e22dfece0c4ecbadae39dfb9782237bb6ed1c6bd4ff170ca5f3ca234b56e61e614c95
-
Filesize
12KB
MD5854f2ccaf7641f8d9a33b2d6d5657bb9
SHA10f5bd54ddf1fd040429cdb666dd97068bd4453e7
SHA256f2d3e3b17da3ce826c09b4557f8b06d3380a3f6ee7c7677af6d57b916cea7468
SHA512a8ccfa4f7338f907df5270f966e7904792dcd9af77aff66be176038e11f9ade720630621ddf5fa30ea0d62fa29a80e59feed024d21289d2cb141b4edd8df18e2
-
Filesize
12KB
MD5185e639e516f7ac6d18ae4327ed9ce2a
SHA152f8658d5e7694b5bf9b89a1a147f84c7418f4eb
SHA256d95663251dfd7ee81cd8c5505973cc0d639b978b2dcb49cec8978e0e7c002d41
SHA5126cb02b1571d655dae0fb80d5beff153ef6c7e684f273a7ecac62fc26c81d634ca140b50897218c0238e4818be799d3872e39d5a9cb0fb9712abbd83e1007d38a
-
Filesize
512B
MD50b3913ef168ffb9e61f43517398ee28a
SHA13eda8d59ec46925236154c5042585f9e16116406
SHA256dff43e8f173964020959416113c3f27ac70eef30ac6ecdc85f907d2eeed06f51
SHA512fc95f1a5a022b189a894dd8a2d68dc9b81faaecccc48f0b76ee630a97b6a4274e63a0bc2aee522dff06a764cc0d28e4dac61c28a677f6952f4f8897d8c75b6dd
-
Filesize
8KB
MD526b30a5064ef215a69dbe3fb7b64c6aa
SHA1bf8a63860346a9a9ec3090b83c63ac5c3e5b8db5
SHA256d341c2f89ee782232059e9243bda7697f130791c6c1bd86574bf70c06fae933c
SHA512e9e8b5bd3c984dad2a3233d1c3eb6553dd2124bad532101dcac6f85f4166731a8619d36560f21d169dfc863b792b397d7d51f06a9aa787a4280f3e97dddeef3e
-
Filesize
8KB
MD5443f9e0d2b909c472a3786eec1f97333
SHA1547e70f759c6e919e03aafe0b944522db32bf818
SHA2563fec8d5ca9ef5ccc06097eae6da83e916ddcc1a626121ee75e82f9cbb8e13011
SHA512b6b4e172c19770f644c4691add47af65ed6cdc405d3d45cdee8e30fd1db9010c16ae066387d8e40911ab34c5bf591e1d3bc6e6ddc7275d131c3b2b07efd74d7a
-
Filesize
12KB
MD5cbbe7be6383a9da4d13577407c5e3e88
SHA19b0bb41612141ec1131fff8f8746975d4352d612
SHA25673e4f59ef856b731631cf5f7ae3e8ec9117a0dd8800de1524b0e498a251122b4
SHA512504284ca1559d86161781a3cc1b3b570fdfce86bacd010e0a5389eece9c1fd7ae5b0a9c819bfd19ece2c94134d2050dbad5d9fd8133b6151ce3ad286911008d4
-
Filesize
24KB
MD5e6e84636c930e90f94cb9877976b4293
SHA14ff0ed151051794bb6fdee277c2b1d9c9ab969df
SHA2561e4d6c791a2582c72af50d75f60ede656580322f5c83e99436687d088f70fcd7
SHA51223c197e000d456ad23fe235e8f4319091512167107b4d0f8df4eaa2d18a9180925212c2419dabb856884b49fec870a7b7ac29afd34d93898d0e95043498b3042
-
Filesize
8KB
MD54259da9c839553082ba22db29ec93780
SHA14916727f6ddc570bce6df7e49cb4ba6e5cbaf965
SHA256634ad9a2c2a03de6eff9699c3e57a9834cf56a9479356a2669cb345ccacb93bf
SHA512b72d6d06fa224f35ef76ebc6aeae57acd9490b7aa3eba01d1a8e0a8d7ec8500fc291da8bc4ee0a6efe37108ce9f3f5f169852b635d3228e1920852207a6a4129
-
Filesize
512B
MD59eea612b5bca2b7c7d72afb0c18b68f2
SHA1cfea0669e3a3a024b63fda4e37f4a1eeb39208f6
SHA256ca1628c5546a654566075365bd3b6fd355809a43ee6fe9f2c21214d576c02807
SHA5128fd9845eec65e0139abe338f233edf30ef1c8a2acc3a03a4780b991fd06ba6310c4e1e529971769e307004744e4b74ef8fd5eee99fd8e18b7b523a7f4f4ecd9e
-
Filesize
8KB
MD5575ecccffaff9b534265478a5ea7d1dc
SHA188692dadb7f3bd69ee9b79cb98e764636fa1ee64
SHA25670eb6163050ced18d0b9e1e803d978c5f64fe37352582ddb07ae7f8f864dbf70
SHA5128f7ddd67c44ef10fe7c649d691c1dfac18665ec4e4e040e797dbd5dc4380564a4839c8388d6bbf788883c84d2cfe6f2811acc83903fc81696f4c93b011ab18ce