Analysis
-
max time kernel
33s -
max time network
138s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
17/08/2024, 07:33
General
-
Target
a1af5931b489abfb6a960f4f4da784ff_JaffaCakes118.apk
-
Size
2.8MB
-
MD5
a1af5931b489abfb6a960f4f4da784ff
-
SHA1
274c6076f6921f407b76f13b1406c1d2c8781a24
-
SHA256
2e409a8d4d83ccc90c5cf11baf52b4b38fb16401212dddf4a0aaf0aff58f4e1e
-
SHA512
029df750607e809328cf5859893f14a9bde6ed4ededa73f3d240838ce41eeef13c406b3de3403500f8046aa9d3c6ca9f043992352a25416ec07e1942fe6ca2bc
-
SSDEEP
49152:4tutghtuKQuw7hPd147MQOxKZZGQlFTTJwwz5tX8K5h+:uwHPdu7sB66wR5E
Score
8/10
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
couuuuuuuu08.hcf1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information