Analysis
-
max time kernel
13s -
max time network
140s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
18-06-2024 13:38
Static task
static1
Behavioral task
behavioral1
Sample
bc38728dcc6afc342019a6fce082f60d_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bc38728dcc6afc342019a6fce082f60d_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
bc38728dcc6afc342019a6fce082f60d_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
bc38728dcc6afc342019a6fce082f60d_JaffaCakes118.apk
-
Size
39KB
-
MD5
bc38728dcc6afc342019a6fce082f60d
-
SHA1
539dc619ec0368634524a00e6c9ea16ccb7cf2a1
-
SHA256
7cbb9fb85d64542cdfcd9c4df0ea7e0ea1e94ec28fea0db035f5c5933c8f6c36
-
SHA512
2b20ba45a5dd60385e50b3bf31be470f6313458d7edd3f9f886fbfd3442e1e4307361cec9616dd288c0f914e8884e63db74d3dc6adcebedb86f6ca7758c6938c
-
SSDEEP
768:iNqu8BpQfomNawN4N5N3NCRHXXmCo2Q21+5Xpu3lZIOp:2OzdY3XprQ2uM0Q
Malware Config
Signatures
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Reads the content of the SMS messages. 1 TTPs 1 IoCs
Processes:
android.phone.comdescription ioc process URI accessed for read content://sms/ android.phone.com -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
android.phone.comdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground android.phone.com -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
android.phone.comdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo android.phone.com -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
android.phone.comdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo android.phone.com -
Tries to add a device administrator. 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/android.phone.com/files/phone.xmlFilesize
178B
MD51c8625124cd521964daad4005294ab36
SHA1537d1bac0616ff7707ccef80b210943abadb47a4
SHA256f1c13bf49bba0acc5ac866597bd582a679cdecbe362868a8e5cab94710b19e95
SHA512aa5990babd77b00c065aeb304100efb59a72b1e14ee68cfd4652aed0a7503c9f07f74683abeb6e05a95f833bec76471e2b69beb371b3fa241224e36591335047