Analysis

  • max time kernel
    49s
  • max time network
    168s
  • platform
    android_x64
  • resource
    android-x64-20240611.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
  • submitted
    18-06-2024 16:54

General

  • Target

    bcfca088c78b95d2889a6225ab82bae9_JaffaCakes118.apk

  • Size

    211KB

  • MD5

    bcfca088c78b95d2889a6225ab82bae9

  • SHA1

    fad894dbffa0def6e50737c79cf6dca6d70e1065

  • SHA256

    4e25fb0bb2058b606d57985712028a6ce4adc5fc7b5588c8ebec0e7cfe0e6869

  • SHA512

    6a12d4c2c49c5336817708a5586edc7891119a4f6ea6d118bbe97742a44cfcf542db0adaddd08d61d8153037b8ce49bfa6876bf34febd92885e10f89d16b0f64

  • SSDEEP

    6144:vuOwWuL5NBGHk3ksdympIGRptugr9LHaaZk:2OwrLIGp93pkgr9Tav

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.socialnmobile.super.flashlight
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:5122

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.socialnmobile.super.flashlight/files/prefer.dat

    Filesize

    112B

    MD5

    c0fc436d2cb665f5732c5f22926f0c6a

    SHA1

    314912c6fdfe2bf0bb549de5704b84d59e202605

    SHA256

    bf472acfa61536f2833f98acc5a14bc873d328927f2814e80fd45c323708d00c

    SHA512

    f8804646ebebb27367e0a8da56e333af610d178f32560c12562b707003e94e75c206eb457b0d32b8c28e6b3836bcb15cf3f832589cc4e48f1356be19b9bd9d8f