Analysis
-
max time kernel
178s -
max time network
188s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
18-06-2024 16:52
Static task
static1
Behavioral task
behavioral1
Sample
bcfa2209d11054733635892d7e649a0f_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bcfa2209d11054733635892d7e649a0f_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
bcfa2209d11054733635892d7e649a0f_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
bcfa2209d11054733635892d7e649a0f_JaffaCakes118.apk
-
Size
3.2MB
-
MD5
bcfa2209d11054733635892d7e649a0f
-
SHA1
ad2e50173185f77c725e474a706d31f07a7121ce
-
SHA256
9f4c15a254c387f031f28ce6e1e78216d032a8eb4a4fef334056d44401577b55
-
SHA512
857d3e90c343b455fa18a3328e4b1eda0b3a46961145c028ccc2fa24850c9b5bb64d29932ddb267e7cfc2aa8e05a90693e5d3fb5d1a0615dc5d832439f0988bc
-
SSDEEP
98304:3xVo4XX7Sknb1Melze7jFvqHOgSbpRGbC1So7XAdM0fRdIR:3vo4XrSknb+yKhqHOvbpRrMo0dB5u
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.wyp.awpjdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.wyp.awpj -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Acquires the wake lock 1 IoCs
Processes:
com.wyp.awpj:pushservicedescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.wyp.awpj:pushservice -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.wyp.awpj:pushservicedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.wyp.awpj:pushservice -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.wyp.awpjdescription ioc process File opened for read /proc/cpuinfo com.wyp.awpj -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.wyp.awpjdescription ioc process File opened for read /proc/meminfo com.wyp.awpj
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
80B
MD5da7511752d63d51398e04c9697bcb4dc
SHA10935547e85a4d4015fd859da39d616c30f572350
SHA256200fb0989d27bde4c7241d563bf58a3ebc87e419adfc56e4f36c0054e588cf84
SHA5128a2e364740e6d18bd5a912f003294c6c95f3e651156638d55877513f578a8199d9c376a492f764b480fadf2a121e3d466b8e9413ba3109861dd32f67149f8592
-
Filesize
44KB
MD5b27f07bacc8e0ccb53470fb25728fe09
SHA1c3931d545b44019716702199807bddbe70a61da4
SHA2568f213be67235e7ce416a4c72f40cf09f75a5d54caceec4a4e9fbe403c9206f1f
SHA512d17732e2d1d5b30380d947c03fa3e9039d35e811257c0337ce46b6e4d10aa7405e3fe643cdae5a970e6775beacc7c73bfbeea5d948b5768c1b8c70aab1b40f27
-
Filesize
512B
MD5685ab9f4ce9206f4da5d687a9d5f7c73
SHA1804b1e88c82f9451ccc821e044d4d29f5806c26e
SHA2564a1d87b5a2f666cb02b45cb86add1f44c36001a386ca81e3729a4f59bcc15b81
SHA512ba77d07941d0fa60b04f47ff2a165fe8b55bb73511ff1edc19e06a76e243185f1c0a7227690d9a5779c4df876b12bbf65c9a26f9fadc92732def4fc4ed31d233
-
Filesize
8KB
MD5bfff2a1fa803dd69020576f8e295c019
SHA1d5b74cd62f70d5645a4d16fdde1942ba8c6a4b82
SHA256f8b51c323032e060846488264abcc49ff7e017ac8d0f1d5a73e9de27fa6d262f
SHA512087b57c69e820964293797649f7d8acea23cb6c418a6eb5f12e10eb58bc1cf9da2d56c5d85277ee48a153858eaa637af528a9915347738869fc8e95c4c9bd09c
-
Filesize
8KB
MD58ad6aa213a31f39c2d578e76b82e6966
SHA15e03608cc6f50a3168b2a3c50e8fbc624d69dee2
SHA2567c8a383816afca67c69f960263a59bb50f885e54a5d08fafa8b84cb69939cefc
SHA512c76e72f4be24c05ef0a4f2849fb966c1909d239ef9e369a74e63dddebf81948fd69dafe52e9c093c05a975c3ddca396634ea41b231150a7e04ec72ce0cef5831
-
Filesize
4KB
MD556eb0da575ebba233f47cc2b97a50ef7
SHA1dc80992b2d790fa2e0e2b3ecc6302785e56c1661
SHA25693b9f33bba027d5949a4024bd4693be8d01fdb369c8d1a93020351d27ee63675
SHA512645079767d972db34470800ab740050633908742364a9558c4dfcfb0051d309cd7c781e4f2a7cb4fe658d9ef346dcccef1c7d6895f12e745411f15fd1b90a93c
-
Filesize
8KB
MD54be30d2dbb69a5a14c98228ebf32e8d4
SHA1a692e1efa21ecfcae8e3a5efeb044af522bde8d2
SHA256993d9eb3f72a96570e6f3101bff43f506a482ffa96871cd0a0f47ec932d70d70
SHA512e4e9def767814a3ce4be28f2a510a9c43485f9b7513642ba0343970d4f9206ffde525b079264e5ec85a25f8ae656f19181ee5efe61a7899db5ca8d9969c9bcc4
-
Filesize
8KB
MD54cf1f234f83fe33d82ac01586e2679a2
SHA17d39a86806964321fd67f0e598bf831d3c35a6ba
SHA256b9e06f10d55d1056a4db5273a4e6d5922e96ff2769ccabd10ec621d6fe8df45a
SHA512ac92eb74a107bb0cf176204ee9d21d1f13b0bdac6b271f9bfe1c1d1d6288dfa357e584dc94a2aa100555d3a846030f936bb4e13135a98048d39fa425677dc68e