Analysis
-
max time kernel
48s -
max time network
116s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
28-07-2024 06:52
General
-
Target
0d6de13394efc4cb03959454c48b49dc_JaffaCakes118.apk
-
Size
8.0MB
-
MD5
0d6de13394efc4cb03959454c48b49dc
-
SHA1
7ac0488cb2479b0051b0ef1c2d5c2a0e6911497a
-
SHA256
48d6e3eab1db452c8ce06895827044c3c7be19091ce74016146131dffc3acc85
-
SHA512
1ce8b56a14d26a9b100f6d66432c631e590986c6ca197780b91cd495e5a32c584ce50c42942bb0a182b05915ab9404244b6c77fd2ace0f61d527984549861288
-
SSDEEP
196608:OuM2r2ziokc8DhYz7bk3eFmc/HMTEhT49FnwhAVBJ:OWDoYDhu7bk3eFmc/HqIT6OArJ
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Requests cell location 2 TTPs 2 IoCs
Uses Android APIs to to get current cell location.
-
Acquires the wake lock 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
ir.ronak.soupha1⤵
- Loads dropped Dex/Jar
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD516b5cc9269314f153067520d22bbafce
SHA1e9fa3371f0888d64bdf83e28036e978e4fc31519
SHA256d5e05251c5b99bcad38fbf04b55c1da3d81377f25607b5feff4b8a291c379fc4
SHA512f5355c43e34cde92f0daa614f0f395570c2f29e88ba2b73fc1d751d84bed1fb7cade1ad7919d49ca9e1f6247b151a4447ea3d75f84df83ecc2323e23fd30fcaa
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
152KB
MD575e64e1c7ba7a10c8a7b96d56cf80202
SHA1c74703fee6135691d8b5b5313661023d3665272d
SHA25613ce92cf198cda19b75802e781653ed483426c7c5fa66fd1808fc2c225498bdc
SHA5122b405a37d4f191426f612feabcda4949d4d3f2105175711e4528813f2b3e86c981a215e7540141487e8756841f675f9a177c77caf4bdc9f84224c13913709210
-
Filesize
512B
MD514c9fa11f55ca7ce9a137519468014ae
SHA1786c82cc45bd20542459f494ac39d28b69ad07b9
SHA2569cab9c937ff51e4c0c68d32c1a9558e850195ce1938c38322bc4f9116d013314
SHA51206ffbe7d4e17ca0f282b08a063ea35f133d09cf6c9362ebb200f464a1ab8d7f6b7bcd23664dc87f713b118fae39f0bb13296085e56f584bede810ea2ef3b2487
-
Filesize
217KB
MD504ed18dff801c0b8071fe09985e23e36
SHA133e7f5d7da5263f41de33782f416d083636daa5d
SHA256287fa56e2e32d59835e84b0c3cc620b1753a296f031f5f541ba04011dd1e5685
SHA51280c84f34984bf1e31d4fab2d1f86d0712ce56b4d4b39777779193afb5763f788df40f3233de2da977e1906cbf5e685891905d04a4fc63eda4e25eb2a94ef08e9
-
Filesize
16KB
MD5f9be3d5d90b5609230c8e0745a2ff405
SHA168e5b307f88a2539d052814500e7eb83d50f6edf
SHA256cd15309f73d3c286af7cd98302cec282d0fc8a6173dfaa94ef05f732134a0f69
SHA512f406521b1a61a1f1eab931e345e3f17aa515ce7f5d1c058bce2ad871faf96a24a596a716c3ead08eb3a7e9ca1ad6401efb0f45f4b2dc6fb76296d464c00165bb
-
Filesize
16KB
MD5acd502a0ae37a3f00db863e99560a330
SHA190d2a72df99dde84405b2b249be8cd1d6787d515
SHA256fd4b2f7ca696b4f3c96c4013b938377791a8562fe868486c44fd933a6ad3abd6
SHA51203de2c4160b8b6000fdb609ca160b49a8cba249b8a119becedf164450cf41cb84b5408ff2bd1f002404bec08695a77d1debfa420ba72d6cdb0165b319cdf9b93
-
Filesize
16KB
MD56288cb42c83b7753d399e03f5b89d2a9
SHA1b0d9392bfa49b7cd8721b42a7de491d7bc7ce6fc
SHA2566a013a982bd9496722c484171024676d72289204702ebad45b857ab4f2036f7d
SHA512cd9fa944b19d8ba3e37fbc7bec093008ef46132c71740dc61d91796406be41c3ac9642b79503f46de3f75b1bcb8e0ac0963f2d768b1711a11513f330c42d564c
-
Filesize
16KB
MD5a0400ba231402010f2c3be3058cccd17
SHA1c8d6883f6c024d5b88183a5b3b6ebc5db0dbedd2
SHA256740a57bbbd093ab76357104432ecc12c8c8ad3372b1ec73266bd5f8d36c2ac7c
SHA512467140564430af06cd1a10c19184029c517bee3e47e544ac27fba35890156709bcdfcf530bd2952905c1c2f23bcf395ac3491c065e4a201d6d9f4b313afea1de
-
Filesize
16KB
MD5ae40eed41112b3a4aeebcd6aade5f5f2
SHA17eb0be0aeacc160ed4e8ab173d9b42b204be6de7
SHA256ef05bab1a95992ea26046167012f1d67767d18e08f60e416f659027fa0b41855
SHA5129cc6d59cb015beef6527c185ae271a12e487fa055761c525d8ee946d555fe56a631662efb73270f44d65dd02ed95012849a8572297f5c5f7ca040dd362427d2d
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
512B
MD5924f041b1738fde8d82247540452bbd5
SHA1d881ead3e00245f4989d98e08d6e589bdacd66f7
SHA25613a2a95028497080c62c3a27be0cbd50c6feccc5e9760aa9f9fe5b40dd56f480
SHA51243301c797689ed67ba1ce6ec4a6d2ab854224b8d0dc86e9595ad65d1b260c8419a9a69a1455a81bdba19b7cd74b18d93313ff545963feed321d16dad6d1386d0
-
Filesize
36KB
MD5e291cc972e5f799796713a562cb372c6
SHA1ce9c32b5fe627a2b4d35878cac3aa70f20999e71
SHA2568a225db5d673ae9b36aa8adc5c6c7c7244db9d25177ec1363f5bc896b2d0d994
SHA512d4741ac139a55e90759f17d51317778f8541331b1a8580bd69fae6ea70ba020cd5502540131fb92cab98d4140b1434b6f1755b4da5b4a98307b57f28d0b0790e
-
Filesize
4KB
MD5e87fff8f8896094d1135cb5cc4a26418
SHA1022defe781879875b74a9ba2b6c708931c795e69
SHA256dd0b92433b5090bef4639b3ae6530fddb50d23fa3adeb1662a66a4698a39be76
SHA512f3ddfe0dcab890f4397847c63ba2023d02167fa3dc469ba7c789324b988f45d55d13ef6b9836c724f0be4b672aa84dc5c8c9981706da05f8be2e64a21b0f36bc
-
Filesize
4KB
MD5c0f7f3167d9fa631d5b2fcbe516e0b75
SHA1f0ec6933585acc4f2217a81d92ad06093946a7ea
SHA2563c14e0b1fb5d2a998f7d1458bf8e7eb5f3e89d550e685ed07f0cee6bf734a30f
SHA51253ae843e5a93463c956546b29ee0507c474444a4cd009e7b0af3e2f7b6080223ce0813a0f20d18ff52505acd169d973bd1a7d8610b3473c9ed2ef3ff5510e077
-
Filesize
4KB
MD533ca0dc7acb10e3d6c1a981a4e955f64
SHA1d59a8830a29d7a9f4975680ce8c466a8433ca7b6
SHA256c8d6e9cde8fd84855700d0c2a6e19763aad6cf0ae0526fa2ef96c9247db50f6f
SHA512f6a19c35973b3f63be3ebb1d986a8b7e9b69e0788f637a547c5252585f336ca3773e9b3dee47837828f758e819bf4b86e9ff97e40b6af72e8537035189d2eaa8
-
Filesize
4KB
MD57694d45db4124f15ae42333484fadd00
SHA132e9bfbbf82715dbacfc09bcf3bcea430c697a65
SHA2563f685f0622e43ba4a2c77041837189d5bc2713aedd7111289004d5207a49d83c
SHA5125c255c091fe6f264824ae32c5ecabab1b675abe786f9a69bb59ce260edecc7549b330ebd66b4c60fc7e9b126e2147fccd84d3d891ace8e5316fcd2ea68abca74
-
Filesize
4KB
MD58701e3333d6dc4fc6b0a22303c57b142
SHA138b149e8e6319171413db3664c0dc909b59608b2
SHA256e8765d7e573bb07bba2a166cb3ba8a9173d6aed0bb79e9f621fa5c36a2582a38
SHA5121a66a6b67b7807892aacf01a76dfcdff7ad88103cd35561a637712c5fd916ee59f37f431ac0d34011cbd7177caa30e8fb7239cbfdab1fbd6074a76cc5cf980a9
-
Filesize
1024B
MD58174af603e0fa344b4e0e936ba07f7f1
SHA19cea23d8433c831044e17594c47ac24079311780
SHA256945c11ade16d516463c55369d60e026b0d7ddfca8f603c11ab3ab54fb58fa4df
SHA51201d2f932b3c625ed2f714b3452252386214a05ce32b3c7779bc0a2d00d44d13aaa54a8b11f1de213855d6819bdc836a1b7eed3615a5ab9a64ffc720214be0a06
-
Filesize
11.0MB
MD5a2a16102ccac4b96a5decf6bfd2c441c
SHA16dffa35ff59a6ce6c8283c88ac94c29a6af22e0b
SHA256a68c5a7ec46b9854dca0faa15a64bb5b998d7828199859968a353e7a5076911f
SHA5124d540a031f3546c45a259abd95be76d09e819ad3e68f3a480b81a80c319eee40eab605217e7c795a3f980d0e21fcb60353273caa343cdd7f198bc4aac9792424
-
Filesize
1KB
MD5087b78895de12ba7e0ef393210709296
SHA11be3af0430c9919b67db95db84ea89ce85baa326
SHA256664aa35b33382387fa88ed924b483b74efafbcc9ec829b9cca4d95de40037b6c
SHA512cf8e6997c7112254920ca2b6541bee6776b845172b27cefd5ec80296d1bffc40982bd18541469250c585d486fbb3fc77b83c4c7403d197ac569b278a7c79c643
-
Filesize
2KB
MD5d0476cdc2a6ecb6cc87660b18e1fd010
SHA1ed397f59f3e3ff23fa529cfe93a546916b2d0c43
SHA256e3e1916d31740ec89da6c55eb96d8ac49dcaffca5d9b7754725eb3e64de34887
SHA512472e72c2927f40ed2483bd950de25096e274359bde8882104e30fa51788a3f225a99030d8017e82b912c8e17003b16ff16f96aaea198c3810f8ec1654c1dc2be
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56