Analysis
-
max time kernel
175s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
23-08-2024 21:32
Behavioral task
behavioral1
Sample
bd3bc11db46364f4c652119750137982_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
bd3bc11db46364f4c652119750137982_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
bd3bc11db46364f4c652119750137982_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
bd3bc11db46364f4c652119750137982_JaffaCakes118.apk
-
Size
4.2MB
-
MD5
bd3bc11db46364f4c652119750137982
-
SHA1
460db596ca3e5a164d9b1a117d96773e06d00d9c
-
SHA256
39aea88a014e0aaf2b1ab24a4eec733f635b33d35db363daf0813750480407bd
-
SHA512
0cfbcb894e2a259490711f39e89b3ef9f96ed1201113526149f00c892402eee83ad76d7543a78ebf77bb294ae84d0f8ce4ba32880118e4b86aa289d8057068e7
-
SSDEEP
98304:zU2nTfAEwzbJ4NAkmNf/By/b9GQyd74FVqoxJ2BO:zU2nzA34NU9/EpJC4FV3J2BO
Malware Config
Signatures
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.rosan_iran2016.torshi -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.rosan_iran2016.torshi -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone ir.rosan_iran2016.torshi -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver ir.rosan_iran2016.torshi -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule ir.rosan_iran2016.torshi -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo ir.rosan_iran2016.torshi -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo ir.rosan_iran2016.torshi
Processes
-
ir.rosan_iran2016.torshi1⤵
- Requests cell location
- Acquires the wake lock
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4260
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD58405d59131f60d1d628e0be91ba875d9
SHA146f9435bc41c1cc8f56eaef3817a7184eafdbe80
SHA25605d821a31d4d63e264d6b51b64ce375964f73d0c7be68e34489cf759592bb6e2
SHA51269c4beb73c80f67d92f10807204cb5b9e8783f6ae8b76b50e687b94973c4b08539e04763bb809026fbda032d871a9f3bdbabec720e61fdc5a28e203c7ce87dd9
-
Filesize
52KB
MD57c6e7e747c516ab517dc26929857b7c3
SHA1b0a982c72448896bfb2da9b70ae95ecaaadf85d0
SHA256c784905707887bf4a173841a61c180847bb8f10e25c8d6f50bef3ebc64de79ce
SHA51211f90031bf9a623faef1188fb709434e88f8e14c17a6855ab25fb131a4ddfd72e7be280096b3949b7cf729934663d0eedb7e18ba3e2b366ff5a712d001477924
-
Filesize
16KB
MD5978fdf85b8448e3a7c9015e51477eb49
SHA1793bb88398dc9457935a4416638d5ed3974baf19
SHA2568f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92
SHA512852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38
-
Filesize
16KB
MD5dd7472d5433f49437704649b8f97ec18
SHA113eb217a4431c50fdec37d7c5bc1e67f3baa9f09
SHA256aac5e4f9a43485869ebc9ee498d4daee8d4a072c918a328cc019ddf18a3acbd6
SHA512127b6a6d6119c0a90c854d8b5e1667ad11f54713b8f9dcccbdbb2adbc611a6d00d8374205074410ff86128734189ea667b5706255c45514bf4f21ca0b1e50887
-
Filesize
16KB
MD56597e4f39f6c4e36c7a6f7965fe0a1df
SHA1eb648e87a812bc37880e30dfd85e2e882a13c80a
SHA2560c4f77dadf352d86f6d10b269b107b526a81be73cfcbc22e707449bc91b871bf
SHA512ec4501d452caff3715e9ded4fb6f12ba7fc4822a85f1aa4e60f1999add2fd0493afa439f46cd0cccef92d2039ac7d08cc49963e89fe246dd929d1eaf7bc65ea4
-
Filesize
16KB
MD5357c3704a77e406319d44c49ace623a9
SHA1a0a43f47bc87687d01f7f4920115453d08053b6f
SHA2565f8ac822855029fd41ed034f1f31de05515ad52988ca13efa6a645d2ab6a8709
SHA5128a686ea59669fa533f85bf6b37b17c46e10c2e30c97e7f3ff9f10fa0c2e53697e5740a0344db0ad5e967a8f8ac003bd61293a5dd63ea11c6e406a12000890a7b
-
Filesize
16KB
MD566d184dbbebb1a2dccb773fe5734e8f7
SHA1310cebce7c1768bdeb3886fb1707c0a11bd6dca3
SHA25643260e38d09e38b8958fae2ed19885bc7e120f356e72567533eb3778b928fbd7
SHA51275dc71b861fdceaf78471f9812454a163521994f3d62ea865316251c67293dc2cb0c629d46255699ad5b29a1fd12424531cd7a7c1f1bdbce32d590fc4a441e9e
-
Filesize
16KB
MD5f6c152679d990f3afbaa7f97ba97c4a9
SHA1d5bf5ff326d6bcf8e016c4a0de1c0e4b6ea59495
SHA25642a22338cf821d2b7a5a1ac15e1c3f89ee4c0246551c3d79fa4f79a6fa27a484
SHA512ae08833dcfdd7d3c86b6bb68270bca2b46e64ef52685e3310cba88ba0f2929e1d495398f51172e862e6ff7fc0700e6d3a4488775e98b30db570f40e61a9d52c7
-
Filesize
512B
MD5e7567accc8bb1f8e1d54921d1677083d
SHA14cf623e623dbf8cdd1c6c47df6d29a633b641468
SHA25665d77bc38ba4e08dd31604bc5cfc8cf66c6bccf8c331619c302e92291efd5209
SHA51283429a8d14b69eb51a4ac8b1d64653d8e6f603d1911e5d5617135750279d3a756512972542245aba0933ea749a33f78ae4d9767ef7c1685a15c9813027e35a37
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
4KB
MD5984c83c696b5549769de58e0ae959bb9
SHA1491a1bb1b1884c3fb1dc7e9e758c6f3902075cb3
SHA256509ffa334ebc58364089c7e38aa9e747b27ce7a8a1c6d3c30a39973129a29c46
SHA5129a31370b0974eba4653b3e3d7a774c95991a75c6be7aa03266e1e492f464b1bbe1119a780e9f5f59ac2f58af919293900309ac463b8b2a72be756641af10c7c5
-
Filesize
28KB
MD5c7ee69713e3adcdabd82aa4082be6169
SHA14b084b2612d5f63f1a4b155de34c79a1eaca3a36
SHA2564fd22b636a2bd39ebe1c1ce4b3c2811802992e240ced91b92be901e7edf0bf72
SHA512944226753386251acc249f62b13130477e06bdc3105d38be2a1369961702c2681fb3cbf7d2fd0ae8f298b6db308fb324f1c52200893d23ebc30af88b0a28ad84
-
Filesize
4KB
MD5e705a8de5c4be469119911449c57176c
SHA16243575c0506ec2de09c20b79e59642e2d67ef72
SHA256b91d6b03374d63ab38329f7837438579560d314b627594563fdf1515b158dc8f
SHA5122e0759557428700dd022663681245af5572b000ea7ebe089ac6aa98d6e3c931967e3f101387ec6f9807767939e67930d4d725718c3f459b857bb2ece8e679e07
-
Filesize
4KB
MD59ba86399f2db5049f536a8879f62381a
SHA1683f11a6078ab73e1b94c5ca11fc851e8c5fa1e3
SHA2564740a4a9c564689343bd8e780ac52e5ac1ac319870c86b87aa2b1be82a618040
SHA51254bc3be04a04fd063028c9119da1fc8ad7bace9c02842c66242b34e6fbe1f6f4b923b63998e09f11dfcdd0c9b3c236790a3337d53637dce05ac2c12634aff900
-
Filesize
4KB
MD553bdfd2be34f19c2490cf90e221b1599
SHA1d16eddb38be147c01e76f14a98ca30558db93fb0
SHA2565a5d2e2de5e70e70787a990c64bf1db1d4c42e268f49b9c72842328c9f10a97c
SHA51217fb0075ce24bb48cd635fb37ce0eeadf9fe5ea37f83fb68aaa5c53769bc88ccce6e05ec4cc23d4ca3165ad2957b1d4689c6d51ee09ce55f678aa56630809ccc
-
Filesize
4KB
MD598dcebe4eae85d319eacfcb5ee299b75
SHA1b25a1bc8d9c52725809ca270b183e23861524a97
SHA256c0ff3835cd801b5bf3ce64eb1042eea769c06c61e73e8af072804bb4bdc75959
SHA512e9a649e96e68b79b1e4ed33bd08ca61f4567b8c05b42229b65d5553206186c921c30df57e3179c99114d4ce61f51ff9841d7bd14496b5eeee647819427435a88
-
Filesize
299KB
MD5a19c2ee959de591882abee257ee26220
SHA18fad45232d955a6f33ee61dfafa3479439e9aa95
SHA25659923c6db0056021b64d30de21dcb397e00eea13b152e23b18d8dee365f9d5d0
SHA512ff1a2704d225452873abc5b4a1945a860fb56bbec4d1b17fd1178058a78a9be3647e3aae92cd412985b2703ecf3a2db7240601a7890e217e063c00200bd45d44
-
Filesize
1024B
MD518a180bc6e9ad79c5998b84f699c2338
SHA1dbbc483aaa42ff5300a4bc969f9c7c6bd16adb77
SHA256d02a4deee22bdf28892dc68896be9ad28bcd29da74aee0d1131c707058b2aaea
SHA512890abcda9ee5c63eb5f71f8f57adc4d1721b68b9d335ecac287332ab1880d4ed4a2c708753c4236b1f6b595aee477abd207b1e4b421946bff383c89217bcd577
-
Filesize
1KB
MD54c1a406277a7c6771b36d90e64495c92
SHA183b4fc5bb21f63e68433d83edb28c5b1afa13579
SHA25647a3e9307442fea1be93996d2495371a92f5aa0ff18266162f4abe97bf2f4b25
SHA5122f64f792870c1a43df37ba1b4eb4a7c1a371b4cc76705815b49f2a1725aa93039e5a7bbecd919d130f8975022d01638382b0d4787cb6fab276ada470022f7361
-
Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
Filesize
81KB
MD58a591d1d652673aa1e9551a2f9b38b5e
SHA19795f3658da39244fe86b15e54d252f21b1fb44f
SHA256665b6af4c7f437310192b67c861e6873f9ba38d9ca1296a062a3c6b7ff2f0c7e
SHA5123d27f2185ceda7e99e4044f784e0cb9fb2780fe60ff0d4381e30e2d7698e1db6542176c550ea56950b86bc92e7839e1ff011e20eea4d3b43d0f34d9bae73c2bb
-
Filesize
57KB
MD533e3f224a3b555eca2018318104af0cc
SHA1db2c6a290cf6b48eda0c2971c3f73c7dfdbeb0a4
SHA2568b76ac4252194bb308650bf3cbf1b87dec25f89fea8ea6682778662742fe7987
SHA512b80ad1415f077d5aee81174671c7ee449dfce5749574c8aed9771a54ad37aba1927c2968cb8e555905ab23826fb7c4b529c117eec06e115ac21614603c241084
-
Filesize
17KB
MD56faf6324b46dd9fd30bf5643b466bb52
SHA10f7c6896defe7b827b0f39f6cb466714153a55bd
SHA256b60317d3d489845d7b3459f200424c0743cd346d0330881df31efb1cbca6b7fb
SHA5125356202425ed2611d5954e9d3a443adea711a26247c4a41c9120a035e919ff056d39575b4b885ae023499f5abc3d4229ff5f16d1163b6d760593c60c0039bb0f
-
Filesize
86KB
MD5ef0881e2d2a6444249f489d75df01b7f
SHA1b9844a0cd4f5f2a074fc3f9c4960f3a04e863c10
SHA25626612d75530e83e0f3935b58aea0c0eb9c8c733118eebb7af12564946be200f5
SHA512e772f10dbd9cd7a449cdfa84ea9607f4973263886e60a7edb86becef3d838bf63ade30760409236c954073b7adf53a3d7684f47f7b38670add798bc89a53a965
-
Filesize
41KB
MD52b174b476cef5686db3c0c27c953374a
SHA151ee9ce515793dfd8326ae8f658b9ae402b94994
SHA2560396823bc0c6c2f2b96fbddb8b0c305df671e2d76873d004f5226ca410fbd7ac
SHA5126a076bbe7a4e908ac47a2ac704537dec8176dca0eccd9b6351a5d5ae08fafab1cd75f6cf8a17b85d83017d452cc917ac6496053eb485e966433d22705a9f11d0
-
Filesize
51KB
MD5751ddbb053a031d15eb3463d0256c2bf
SHA1da241acd53250396d6af5ede400f8e56bde82788
SHA256ca2867c61525ab2487693a8718ffdefa32dfb63b1f508e49647db2c556d84adf
SHA512017716d337676dfc6255e7d7023ce47ce3ed533cebd121c511fd5ac71d6537f124ebcd4c169ea297f9611b5b93e449f8fae52fb8aa4598b640065ffd37d87cd6
-
Filesize
58KB
MD5621438bd8b57d903ebca7dfddeb71bcc
SHA10e17fe13a66d7bf5f0452ac9bd12e66cf9419eb1
SHA2563d41cb42eb81da79432a093e5b18d239810ab7e0a78b657a1302139ea99a2bfa
SHA51258350f17f34da15bf04f942007d91ae7efab97cfd5802ce6ee7558c915c99c84c5d025e79dfaa2a35b60406a5d12d585a4e268adaaea16c3a03c2760f6f28f64
-
Filesize
56KB
MD546f772dfa86553d90eb2fe66eea07573
SHA1257433856c6e4c89a58cefca159363e953a80c00
SHA256ed0becdc74d2cd02ac10b76d6f91cc4f5f173efa40e93503eee821ea9e626e23
SHA51278f4fcc3aff819db02c4fbc38be1f09d2c8bb3d18daa45bdf5c9ddab8f2a80385fa30fa146e001fce97ef3cc50f39b0c3fd55d71da069823a20dcb004ea5869b
-
Filesize
60KB
MD5a4ce1d9f76869fe7e210d361cb86ab91
SHA16b53a4f9ed0eb7bb1497d7e14bcdf26308e8184b
SHA256fb7867fe2ceeef8d49d643aae4fcc52cf4b20a3f1819482c16aa4ab075b3babe
SHA512928fed3cc2172aee088bac02e4358583e48d82a4052121e9914fcbf24a8f85979928635e34eb0a99a7b411389eab9fa68f55d00bd5e7b51d83c5e1fabd6ecce2
-
Filesize
61KB
MD5653539559dd6d69900d5b9fd4b656ef7
SHA1710f53ae799cdde1d6d23abd97e34adae84686bf
SHA2568e3bb4807d2f5662f5be4f9b0950c8372ebf745c52386dd991178b0daf516749
SHA51268c8acdace94af0c9451144d7d78f32b9940320a5deec1df1b8090c6c437d2f07814ff672bd1c2d0c10e7746bb2b8c69870c62eb1e8c4e00d3692dba31fe9143
-
Filesize
50KB
MD59c05da31c8d7179f1b2e25d18439b22e
SHA14df2b743c623318c91d33a6ea99dfd9efb176927
SHA256d06767c3b9f663d457ac4f12c91e3f0ca1f9065ebfea0f7de479033e0f5016cd
SHA5122c396e859460e9728b6dd2cc4f6271dbba01d12132442a240eb047748b4531d564c636ba5ae951c0c331062ed465273ec1720e254623ba18c7aef1e2b0eba112
-
Filesize
39KB
MD56f9605393f308393f80c6a4ae655994c
SHA1ccd32dbed41aa506bd010a98436180fb3a3a580f
SHA256c070d00213311032276f33224558080b43145e2eeaf236037e981afd89409ba9
SHA5125559ea44c11517710440dba08562cdf5b0740f6be7ff072e6c96657a677cab3c1a5c81e986159f014bf8c8f1054f3ab65f1da02db61e53570db062621802374c
-
Filesize
36KB
MD5de86a0c25747a960e5d0dbaa39dd1a06
SHA12549192bea7eb0d04f7941050e4e89a7f901eba0
SHA2569fa34a8f2b58b83f16d79166087a76666f9bf9b3582df0192d2a58ae78ba2190
SHA512a4ba51ce7f5789f3ec484c28d5b0bb5e6d6fd5a056b042bbd95d5001503b7115eb46060beb3931209a7177f36375335f1493d823855aa65fa0e5cd1bd173cbc0
-
Filesize
35KB
MD58eae0c4333cc0dfee661eaa2b3bf4964
SHA1b2b5fc4cfb11548d5b36f2e33211da64c31c1c8f
SHA256984060cb7d5b0164b7f5ad557383420753c69665d461a5ec3cf9405bcb43b674
SHA51245ebe119adc27eaa1947860e8c8e58cd9f476d1b50f5f16e45250d66a3d0cf3d65c0fdd891c35cf3112ca8cc833a1a0848108de1bc608bc9deb2919ebf25272e
-
Filesize
9KB
MD50600307eda72c9b66963a7e36a2b1ed7
SHA148007d9343dad91f62da0761b679ffa6f775431d
SHA256d4b79433ee76c4fee4610064f86f6d9b1a6155177c91658f13628afeac4335ee
SHA51297e0c2f2fb7e8535eb5447418f122fc57926a8eaf99702ffb08c55a1f11b36c978b51fb41d393da9b3aef14d36e443345fcfc528a20defd585da4d974c08bbcb
-
Filesize
33KB
MD5340193296068da8dc7f7f911969bec0a
SHA12344e82f0aec3a9d824d0514524bc26426de06b0
SHA2565c1b26b61b9a05ee3538883782c0c71f0242e8752cfaf6cc630b12c488b90b81
SHA5123a8cc4a0c17d17b8c239fafc93bc8a27473d22c848bc88dc6cea305f42eec6669a4a4be04ca885e63ac45d5181866cbfb70d44cbada888466a8d28e5b55afb38
-
Filesize
30KB
MD5543344d007873bf40e78370ed7971035
SHA1623db729be3ee81f1aa85468999579976faefb77
SHA25600f2a5834bfbcb56e8e582ae1daf881424cae9e30a5ffe59b1325879ced7876f
SHA51257a0132b47c07379719002cd03f007424ea51507973eed62ad507b6b2824a439ad9ede2b99830ef5f86943ea88bfdd0f348a98f29afd43b9f6ab4d3b1ca86e8d
-
Filesize
55KB
MD5fa56ea4497f8a0273f4224b975eac2c8
SHA18cfe496b44424566df59d368ac8aafceb449927b
SHA256add570765cd8a7a600bbb8a18d56a44bfba158e649fcc4fd7cdb2cf9742a42a1
SHA512298b1679abd0f46a972025f9670450b82b1c8abaf9551da3196e7b51afc176fb3e17596b7c47df85323e6e095d69c533283f47042c1ff8deaf5930445e9151bb
-
Filesize
39KB
MD580ea011c7a8a8dd9365bb37c35f43152
SHA1f05e6718cbfbac12299ede3b0226e3fd86055a76
SHA2563ffb4ae4bab230d3b52b45b55c4ce5f8118db9c436f79b4fc0995ec6a88f1098
SHA51228a787c977362aae63db2cf6312037efa5876e475ab95e9dace956518cf46f09729bd2f7b28a752a2eaf9750cabe01924187c3c27876cc48b73b2879b5dca1d8
-
Filesize
49KB
MD5cd19be2e2be6b3606019c3e3e03b1d3d
SHA1367fd9ed0fa5059f53f9607499f2449f9b7d3e70
SHA256ab69dd5f9a6971deac63708035a4380b74e8113c696d4967f2aa81e0b8be240a
SHA5125198a2256934ee937f512c7a016d0f67ee1bebe914f206596245feb37ac31f4000561b69af6e9a8639e6348c4babb4cba2018ebe99d4fc626189938a58eb33cf
-
Filesize
126KB
MD5f8bdb1601eda2e6ba23d6028fe096ff0
SHA181e852ce080733070355b43752f9b54648e1efb4
SHA25672f199f552feac75398d6efb1b6d684006b060c790af636aa2709cf083b19960
SHA51270f6df390f62906f6a0f8574373644929338cdfa3f7df7f24e95049dacac09802a38247ca6f7954087bb62bc691bd609e911b5faffb762d80cc376d7896cf84c
-
Filesize
33KB
MD510f7a9fae6a1fd97469df5ec50b7fd14
SHA182d09f983006a39ff63bc447e9f27f9ecf9d21d5
SHA25655f8948bbcf3320e846f0f1b302d23b866a2ab7b5225486662b54ec40d7424e2
SHA5129e0ea9fe8baac48bbfcb1ed788045a1106c7c718af4a656e8f5c46e7924ab78defbc000b89705f970d1fd0a5ad231501abba0156e912305030269979040aae0c