Analysis
-
max time kernel
171s -
max time network
186s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
18-06-2024 14:19
Static task
static1
Behavioral task
behavioral1
Sample
bc62ea4802dfd1299885d90a0ceb099d_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bc62ea4802dfd1299885d90a0ceb099d_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
bc62ea4802dfd1299885d90a0ceb099d_JaffaCakes118.apk
-
Size
6.3MB
-
MD5
bc62ea4802dfd1299885d90a0ceb099d
-
SHA1
ae0b10e7eb42cf5725125ae8565da9fdef57abef
-
SHA256
1e71518c6673556ac151386636013b10ad6253f15ab94a5770f03a11d508d728
-
SHA512
736c629279f8e4add6a5fdd6fee2d6f51740cb34fc584ad2fcbd868adc42e522d373f5a9861af83afa20a131e92d6b8145b58be1541078cda2b7a27b60d12a89
-
SSDEEP
98304:YzMtSuuuD1FHToT35Yq8/GkF5bpqZFWLfP9mghVG47WizM4jw5ka3WTPJLw+V8XZ:OMtvzLtbgwhhxpjoka2Jsy66dCbWjKCi
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.superepairman.Superepairmandescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.superepairman.Superepairman -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.superepairman.Superepairman:pushservicedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.superepairman.Superepairman:pushservice -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.superepairman.Superepairman:pushservicedescription ioc process Framework API call javax.crypto.Cipher.doFinal com.superepairman.Superepairman:pushservice -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.superepairman.Superepairmandescription ioc process File opened for read /proc/cpuinfo com.superepairman.Superepairman -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.superepairman.Superepairmandescription ioc process File opened for read /proc/meminfo com.superepairman.Superepairman
Processes
-
com.superepairman.Superepairman1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4415
-
com.superepairman.Superepairman:pushservice1⤵
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
PID:4469
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
48KB
MD51f197c511cb101e356e982bf573eb2a4
SHA1b235bd23766964b17c6b85fc10ca81fe465cd858
SHA2569b52948461f223d8f35ababa7be716b28190db021478771ba0f8ec56d7abb987
SHA5121ebc34eba8539e0731ed630ad88f8ca9feb6e6fdcd874555daaba1aadcd5ce61d5341264e01c72bf9953547e1c96ad24e67d2f2b84b6df4e37fc7c361165b909
-
Filesize
512B
MD51f9f055ff3a61d3dd88977cf6675b16d
SHA179ddd10ef61d2576498696fe7889e9db1148dfa1
SHA25680adffa42eb513b7aa94c951459d6792508b7bbf3afa7fd9168dad618e1db20b
SHA5121e5cab5b512901ba258f7ec5049c45788c505ac24fb19f13d131a05ce362fca4a78a3188ad2a780f48ec191a10a763ebe363b4e82b13c1d24a496612f11579d8
-
Filesize
8KB
MD558d86b9a6470896898befa445288f79f
SHA1eaed9c3978df93c8d9fba75d38212fd319e5bc67
SHA2564a849b54affefc70d60d644a8a2b0d186df68fc894ef8be1227a984c736ed4ba
SHA512affe12fe493ebc9706e5b8987b1d5357ed731d48f95a2834adce8247da101312876348bfe54e8e45e4615233b2fd23f07c264b69aa52a792e38850b43be4abf1
-
Filesize
8KB
MD5a59de5a001f1842717f41a622ba25c90
SHA1055c65977ffe277b55b3769c379bf7ea3e64fbef
SHA256593de22d5cf27148cb379acb41d946646cbb33e25fb38d1c0bd9b69233a22603
SHA512f4de1346b0a69440c2e7a686b07f6756597aa3eb2e6a46e7f7284abde89718c2fcebaab203e2921aa93aac4ac4f29fede9de2a785998ece1fbce87229abf5092
-
Filesize
4KB
MD5ca1f721535a4932e7248ea0f6143eebb
SHA1760f2b3851f361a69de95261f161e1e94ba657b9
SHA2569622b6d24c7a9e0bc0d2d026cdc74fdc7dd4481b4d30c8f4a65c54613599c7c1
SHA5127088f6543e65b89e5eccec8ff7f02c54e6ea070b030deddfb9d4b0bf6518e4b64b56476a3b096bfc8474216a7c88c0b15276f92a39297d68557eced76f35cb28
-
Filesize
8KB
MD51d10990761d537314057a70a168cbb86
SHA14e37b9b9f2557bdb9d158a8c497891167c1d0692
SHA256484dcc788f5c3db6a8bc03a562bf731a5278ce9df7d2af05783de42a0177e013
SHA51267e97de0cf728e34e37c256334fb6f3983d9242eb86becbfd8aa85157f94196da38f00541a3e1e7efb60fa8cefd4d910f148d845ece68e880025700cd06295a8
-
Filesize
8KB
MD50226e9edfcdc32d3f83791d2438d4053
SHA18c1dd122987d29c823937f309169d970d01a90d9
SHA2565b84e7c0ff683aef3e95a2893a108681bf37bb289401b0b710b3b9bb9dc27922
SHA512e2705cc834d5c1191745c32c972d8a826b43c88256d1aee567bdf0de69503f23d2f4d7b11bcc5084d810c015db30f221f71f209f53126e7328a9890d852381ce
-
Filesize
14B
MD52072a26a495706b85f4748368a68af2b
SHA1d70179c8d2e1dbfb282c4dfacb7ff4f1072739da
SHA256ebca0f8f2078d50a0f57eafe552ebe20367ee601b7b3cdba7f2df882273da94a
SHA512d6be967c9e04e8aedd5726aa3836df1c53bf151b9f8232910a40a090efb692de4b506119965d0eb2eee56bcf2f7d1739e069f791149fad0a2703d3b2a7f992ec