Analysis
-
max time kernel
176s -
max time network
131s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
23-08-2024 21:32
Behavioral task
behavioral1
Sample
bd3bc11db46364f4c652119750137982_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
bd3bc11db46364f4c652119750137982_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
bd3bc11db46364f4c652119750137982_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
bd3bc11db46364f4c652119750137982_JaffaCakes118.apk
-
Size
4.2MB
-
MD5
bd3bc11db46364f4c652119750137982
-
SHA1
460db596ca3e5a164d9b1a117d96773e06d00d9c
-
SHA256
39aea88a014e0aaf2b1ab24a4eec733f635b33d35db363daf0813750480407bd
-
SHA512
0cfbcb894e2a259490711f39e89b3ef9f96ed1201113526149f00c892402eee83ad76d7543a78ebf77bb294ae84d0f8ce4ba32880118e4b86aa289d8057068e7
-
SSDEEP
98304:zU2nTfAEwzbJ4NAkmNf/By/b9GQyd74FVqoxJ2BO:zU2nzA34NU9/EpJC4FV3J2BO
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener ir.rosan_iran2016.torshi -
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.rosan_iran2016.torshi -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.rosan_iran2016.torshi -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone ir.rosan_iran2016.torshi -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver ir.rosan_iran2016.torshi -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule ir.rosan_iran2016.torshi -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo ir.rosan_iran2016.torshi -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo ir.rosan_iran2016.torshi
Processes
-
ir.rosan_iran2016.torshi1⤵
- Obtains sensitive information copied to the device clipboard
- Requests cell location
- Acquires the wake lock
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:5058
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD5031dea9af6a69e14619e022683c08d68
SHA1db1b2c74f2e4c1e8b54067d26820e95e21d168fe
SHA2560e1f6bad060ef0db0fdb530ea4ed4ab4fc8ce084e279118c141a543bfd6bd0d3
SHA512b8168e90d7483dd949967893fd97303dcd106ca5f9b0f7a5ba8dddd13c87b29ec66efc3670e46d512026425ee8f1e62cda9a754be8fa16f3c3c674210bbc0712
-
Filesize
8KB
MD521fc13ff38b139d75a3a060547c3a031
SHA1d47a05d66b8a94fbd41a30a20ad361d8c35e45cd
SHA256fe720f5374fd31f4f4fb37e57e826c243f072ac08288cbefa31c8ebebaa128e2
SHA51210e9e84bda7f48e64e1047ab0499e1d2a60a610db6838b726f37facceee6f7a2e873989ae6ace220a00db57dd28a69284dbad2cb172f3f5f56b4db89cd40a921
-
Filesize
8KB
MD55494fe28f6f63e50db350b61d12988ae
SHA1187d9c83dd3c32fd5baad58c35b50c3e8108a19b
SHA256a4337f1625c6eec4f6bdb1cd08677b2143c2ad4b5fd9e9d0ca72eb056546b357
SHA512f5e4ef8bd3eee4bdc75c877bd59795c322cea11c6606e933bce3eec4620e05cee974da4be7e592294366de790089ccc291c49950d3e4c18e41613237a20c5891
-
Filesize
8KB
MD53ae0295cd2f30991052fa6d89ac7beaf
SHA1dc509739eaf32b7b9c8478393270a230dc226f54
SHA25695b6624dd9c3dbf844c978c078f242e58f90987db15d947cb60f0cc28c3736d0
SHA512736f83a0463973aecb22f6d3daabaabee1666027aeac6920403f92d504074889075f6eebe7a3e850000e61dc4a51c4797ffa82f072fc29087285eaa1fd87e336
-
Filesize
8KB
MD5c61b255debeebbc3ad51016913c02167
SHA1d91c60cfe262d6f3a018c26d6938f7eac63d85ea
SHA2569bad28aaa952ce81dda415162a075aa886802141c46a74da89ee4bb8df2dd3a3
SHA51233278985bd529f27debdc3db581355e4e04cc9fbb40a694fd4e8e285fdd80488f8aed5a156682609a0741474d8a47cc6165c04763fc0ef8dd335c6313512ba73
-
Filesize
8KB
MD564450879b86a42eeb751068688add848
SHA109411c0d0fa3e615d34f87fd9116fe95e51967dd
SHA2564632f07ab0aaf9032da875a3f78b466034f1314dae540beb3ae5928a1b388ef0
SHA5122b9a093cec32ebf7062779d6aa30959016ed2e06cea8f51065167cc79a94851889faa8e6b3a2d15db5f5ef9fa996c1606238a44997510ac980c56b5fc2b92673
-
Filesize
512B
MD5d018c33a5b52945a66293327a18d4d78
SHA1f68062629ac7592756d565b8b4c1c3563d265c12
SHA256aef3fca7b489eb23409b07c208571c1412bb57617053139b4b3be8583c181d1a
SHA5125552df55790651cab85d7e38ca35c99da9dccf053ac90a45416fa098d2b3892fe0171446a7ac50437561136703955a885d70a07146670a27a937ca262f4d5568
-
Filesize
16KB
MD500e829076f54c72b50b63fd6de296a03
SHA1fbeb1b8be863931f98a7c29224a03b89f9616ab2
SHA256c479f839c0bc15e9a9749cb5a5a3eef4e09c0163160073477f72fa78b2e300df
SHA5121c6b0bfe980050072927f8d407ca86353098d03502f7194f141d43c045a3f35103261811281f023262f4823a4fd70659d6802b76e126e991120dc14cdf74bbcc
-
Filesize
16KB
MD50885824dcfd44fb0793c61a5fdb599b6
SHA1b9e707b760d585aac6abe837164ca1bd71153e5b
SHA25654796a92914dc6f3e226a55737ef19c52dcc0c73c6c5b8ebdb1eae667a9f6345
SHA51220a74da7ec49afe7381591fc328be20293623b4a21af01043b22f9c2429450c39b3045ee8292cd90d32b67e5ffcdd84e323aaecce82f7cfca1b8268d3f083999
-
Filesize
16KB
MD52bab04cec6cb0dfb7c3d2399cf720921
SHA1abc4ff1034ced77a0bda2b9fd3d54379416789cb
SHA2565b7646983cb582de736b5761e77201b665a9d442133fa32b3ffc357187075bdf
SHA512808f45427c0cceb5195da592f639f9037bf991164a61587326a25d3d6d223300ea4def8ae9bdd93845a84f87e8b6b23d6640e6ca924ce49d2f30630e3c8c0564
-
Filesize
16KB
MD57686f8c6daca8131a53c4c0c57256372
SHA1b2858f81906300b7990160172bd8ba7ea4131b84
SHA256d9b0186baad8ba2599b0a74f8b842389edb03403917c6b49d028d0652c247775
SHA5126d1869c99052710dbd678f583ff6110b829a71e01c0d12734bca58fa4d04a80e3095cc5fff04c53da1dd034d5facaf69b6b424b7f18f7d8c6cb854eb4e59b8dd
-
Filesize
16KB
MD55c7f42b2446d18ac4b6b31a49b44fe36
SHA18795664b0f69e427f59f2278fbbf754f6bd627eb
SHA25610cd22f7418e83510a850711276fd84c0621a6fe7758dc11b32cd7c02941c0e7
SHA51248f72f30ffff758c380acfbf384e760574bb44c8a79cce15fe2198db4c4ad4dcc10f5d3d2c0dee50af672776c4778b7bacd4f8ff0cbaee198f432c27f63c3b37
-
Filesize
16KB
MD5489a0d0d9313d592d6ab09627f1d64de
SHA140ad98072809428948f8b597fb15644f6deddf28
SHA256edc4e250578d718928723cdd4c9cb4f3930fe0f255f8741ddbd5fae674e95712
SHA5128e82592f240aab8697b12368d2128951eddf384fc3f461c568f93191457ee5de2e50ba682523f352a1dbde86da9db331970a418fbd0bc0922ea156dd35a7750d
-
Filesize
512B
MD59aaee3d8d137ee966011ce6712f6fa03
SHA17e073696dd4c51a78135aca733f0c39e3df57c6c
SHA2560364f0a807d8e9384e7e2ecbdf3504e5772e0abbaacd9ca1d4daed0572122f39
SHA512d398c53d5024f669164202ea568f5c44327780975a12a65fb90ccd7b6ee3b51b8e62dd3bf921ac29321033cef2d6af0ca5ec351878f3e233d914c841584f73b2
-
Filesize
8KB
MD5b027ae899775e84a511d41ab59301b62
SHA1d5907e3ae020ca89b9d73ef23b6a5bc54f37a588
SHA2561c1b87ceb0d79b045e3c9868b0670c19050172e2d9047076f0f548699b505379
SHA512ea42b75e6b936b7abb053c5070ce1e361b8e74fcd14644def13a01fa053a3a1e254f5dfa4306f55a7bdf61e391bea47b7ee569bbec814551d143978f67446b34
-
Filesize
8KB
MD5a5f1b574e9597631889fee0e5d01120e
SHA140d9b6303ffa6cd7e22f311cf5c9047cae497bbb
SHA25674d722b6785dc074440bbab3baf4e695573cac0fc3f4bd4acfa45f5eecc19dea
SHA512238e5810e5df4fbad668ef889051036d4b5aeef43fb14215d1dbb23c45cf9c0453bb37c36489a5f69e1cd2d39988d16ea0d2a654f102d8654acca6502ef7a1bf
-
Filesize
8KB
MD543f7d820ab6ae57395c06f53fbd37c7a
SHA1fba5b32e9f391a8d9579c61d67b1f44822dcf954
SHA256c5e4b46cde362489393d9acb39e8fb1b7e8fdd43a1763427d87f80f87f2ab3a8
SHA5120a49fbbfa7c943d8805910972a3024cfb2fdd5f4a83ee51a438db7fed1c6f2d01fd530dea2d788d2247cfdb2286f3b7b0e1ffb3fb6bed0ced4bf2645f4fd9f09
-
Filesize
8KB
MD5a390e237f9ca02f08a2f7e0770368c72
SHA165f6a27a564556ed7a9eab420b04f9ece7ba8b3c
SHA25666ae2c97a9a426ba287394c74e670136a887c23ae45069f223a9f27ed38f4adc
SHA512517c2dfd5dec27bba85936cdc097fa73970c7b33bc7aed4dd72732cf2c69688697e68de72721e586cf20cba8f4cd1b60e2ac6082c1ba3f17577d89585d27caeb
-
Filesize
8KB
MD5b1cd6e7e88a6f2c23b184ed221008ed4
SHA1e4ca381511fecccb9f48df820bc616d6f82ab3e5
SHA256e6ac60e294f07f9711cf3b187e0370335ad11776541da0485e86f7a6d76bfb38
SHA51260a773502dd881b11e7a2dea61dab06f9d91b7c69f06d6a0ed1f5bae0ef5b812407ea8f93c42dab5fcc286a615fd213bfb1e161bf8ddea0415d640ea6ef73106
-
Filesize
299KB
MD5a19c2ee959de591882abee257ee26220
SHA18fad45232d955a6f33ee61dfafa3479439e9aa95
SHA25659923c6db0056021b64d30de21dcb397e00eea13b152e23b18d8dee365f9d5d0
SHA512ff1a2704d225452873abc5b4a1945a860fb56bbec4d1b17fd1178058a78a9be3647e3aae92cd412985b2703ecf3a2db7240601a7890e217e063c00200bd45d44
-
Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
Filesize
81KB
MD58a591d1d652673aa1e9551a2f9b38b5e
SHA19795f3658da39244fe86b15e54d252f21b1fb44f
SHA256665b6af4c7f437310192b67c861e6873f9ba38d9ca1296a062a3c6b7ff2f0c7e
SHA5123d27f2185ceda7e99e4044f784e0cb9fb2780fe60ff0d4381e30e2d7698e1db6542176c550ea56950b86bc92e7839e1ff011e20eea4d3b43d0f34d9bae73c2bb
-
Filesize
57KB
MD533e3f224a3b555eca2018318104af0cc
SHA1db2c6a290cf6b48eda0c2971c3f73c7dfdbeb0a4
SHA2568b76ac4252194bb308650bf3cbf1b87dec25f89fea8ea6682778662742fe7987
SHA512b80ad1415f077d5aee81174671c7ee449dfce5749574c8aed9771a54ad37aba1927c2968cb8e555905ab23826fb7c4b529c117eec06e115ac21614603c241084
-
Filesize
17KB
MD56faf6324b46dd9fd30bf5643b466bb52
SHA10f7c6896defe7b827b0f39f6cb466714153a55bd
SHA256b60317d3d489845d7b3459f200424c0743cd346d0330881df31efb1cbca6b7fb
SHA5125356202425ed2611d5954e9d3a443adea711a26247c4a41c9120a035e919ff056d39575b4b885ae023499f5abc3d4229ff5f16d1163b6d760593c60c0039bb0f
-
Filesize
86KB
MD5ef0881e2d2a6444249f489d75df01b7f
SHA1b9844a0cd4f5f2a074fc3f9c4960f3a04e863c10
SHA25626612d75530e83e0f3935b58aea0c0eb9c8c733118eebb7af12564946be200f5
SHA512e772f10dbd9cd7a449cdfa84ea9607f4973263886e60a7edb86becef3d838bf63ade30760409236c954073b7adf53a3d7684f47f7b38670add798bc89a53a965
-
Filesize
41KB
MD52b174b476cef5686db3c0c27c953374a
SHA151ee9ce515793dfd8326ae8f658b9ae402b94994
SHA2560396823bc0c6c2f2b96fbddb8b0c305df671e2d76873d004f5226ca410fbd7ac
SHA5126a076bbe7a4e908ac47a2ac704537dec8176dca0eccd9b6351a5d5ae08fafab1cd75f6cf8a17b85d83017d452cc917ac6496053eb485e966433d22705a9f11d0
-
Filesize
51KB
MD5751ddbb053a031d15eb3463d0256c2bf
SHA1da241acd53250396d6af5ede400f8e56bde82788
SHA256ca2867c61525ab2487693a8718ffdefa32dfb63b1f508e49647db2c556d84adf
SHA512017716d337676dfc6255e7d7023ce47ce3ed533cebd121c511fd5ac71d6537f124ebcd4c169ea297f9611b5b93e449f8fae52fb8aa4598b640065ffd37d87cd6
-
Filesize
58KB
MD5621438bd8b57d903ebca7dfddeb71bcc
SHA10e17fe13a66d7bf5f0452ac9bd12e66cf9419eb1
SHA2563d41cb42eb81da79432a093e5b18d239810ab7e0a78b657a1302139ea99a2bfa
SHA51258350f17f34da15bf04f942007d91ae7efab97cfd5802ce6ee7558c915c99c84c5d025e79dfaa2a35b60406a5d12d585a4e268adaaea16c3a03c2760f6f28f64
-
Filesize
56KB
MD546f772dfa86553d90eb2fe66eea07573
SHA1257433856c6e4c89a58cefca159363e953a80c00
SHA256ed0becdc74d2cd02ac10b76d6f91cc4f5f173efa40e93503eee821ea9e626e23
SHA51278f4fcc3aff819db02c4fbc38be1f09d2c8bb3d18daa45bdf5c9ddab8f2a80385fa30fa146e001fce97ef3cc50f39b0c3fd55d71da069823a20dcb004ea5869b
-
Filesize
60KB
MD5a4ce1d9f76869fe7e210d361cb86ab91
SHA16b53a4f9ed0eb7bb1497d7e14bcdf26308e8184b
SHA256fb7867fe2ceeef8d49d643aae4fcc52cf4b20a3f1819482c16aa4ab075b3babe
SHA512928fed3cc2172aee088bac02e4358583e48d82a4052121e9914fcbf24a8f85979928635e34eb0a99a7b411389eab9fa68f55d00bd5e7b51d83c5e1fabd6ecce2
-
Filesize
61KB
MD5653539559dd6d69900d5b9fd4b656ef7
SHA1710f53ae799cdde1d6d23abd97e34adae84686bf
SHA2568e3bb4807d2f5662f5be4f9b0950c8372ebf745c52386dd991178b0daf516749
SHA51268c8acdace94af0c9451144d7d78f32b9940320a5deec1df1b8090c6c437d2f07814ff672bd1c2d0c10e7746bb2b8c69870c62eb1e8c4e00d3692dba31fe9143
-
Filesize
50KB
MD59c05da31c8d7179f1b2e25d18439b22e
SHA14df2b743c623318c91d33a6ea99dfd9efb176927
SHA256d06767c3b9f663d457ac4f12c91e3f0ca1f9065ebfea0f7de479033e0f5016cd
SHA5122c396e859460e9728b6dd2cc4f6271dbba01d12132442a240eb047748b4531d564c636ba5ae951c0c331062ed465273ec1720e254623ba18c7aef1e2b0eba112
-
Filesize
39KB
MD56f9605393f308393f80c6a4ae655994c
SHA1ccd32dbed41aa506bd010a98436180fb3a3a580f
SHA256c070d00213311032276f33224558080b43145e2eeaf236037e981afd89409ba9
SHA5125559ea44c11517710440dba08562cdf5b0740f6be7ff072e6c96657a677cab3c1a5c81e986159f014bf8c8f1054f3ab65f1da02db61e53570db062621802374c
-
Filesize
36KB
MD5de86a0c25747a960e5d0dbaa39dd1a06
SHA12549192bea7eb0d04f7941050e4e89a7f901eba0
SHA2569fa34a8f2b58b83f16d79166087a76666f9bf9b3582df0192d2a58ae78ba2190
SHA512a4ba51ce7f5789f3ec484c28d5b0bb5e6d6fd5a056b042bbd95d5001503b7115eb46060beb3931209a7177f36375335f1493d823855aa65fa0e5cd1bd173cbc0
-
Filesize
35KB
MD58eae0c4333cc0dfee661eaa2b3bf4964
SHA1b2b5fc4cfb11548d5b36f2e33211da64c31c1c8f
SHA256984060cb7d5b0164b7f5ad557383420753c69665d461a5ec3cf9405bcb43b674
SHA51245ebe119adc27eaa1947860e8c8e58cd9f476d1b50f5f16e45250d66a3d0cf3d65c0fdd891c35cf3112ca8cc833a1a0848108de1bc608bc9deb2919ebf25272e
-
Filesize
9KB
MD50600307eda72c9b66963a7e36a2b1ed7
SHA148007d9343dad91f62da0761b679ffa6f775431d
SHA256d4b79433ee76c4fee4610064f86f6d9b1a6155177c91658f13628afeac4335ee
SHA51297e0c2f2fb7e8535eb5447418f122fc57926a8eaf99702ffb08c55a1f11b36c978b51fb41d393da9b3aef14d36e443345fcfc528a20defd585da4d974c08bbcb
-
Filesize
33KB
MD5340193296068da8dc7f7f911969bec0a
SHA12344e82f0aec3a9d824d0514524bc26426de06b0
SHA2565c1b26b61b9a05ee3538883782c0c71f0242e8752cfaf6cc630b12c488b90b81
SHA5123a8cc4a0c17d17b8c239fafc93bc8a27473d22c848bc88dc6cea305f42eec6669a4a4be04ca885e63ac45d5181866cbfb70d44cbada888466a8d28e5b55afb38
-
Filesize
30KB
MD5543344d007873bf40e78370ed7971035
SHA1623db729be3ee81f1aa85468999579976faefb77
SHA25600f2a5834bfbcb56e8e582ae1daf881424cae9e30a5ffe59b1325879ced7876f
SHA51257a0132b47c07379719002cd03f007424ea51507973eed62ad507b6b2824a439ad9ede2b99830ef5f86943ea88bfdd0f348a98f29afd43b9f6ab4d3b1ca86e8d
-
Filesize
55KB
MD5fa56ea4497f8a0273f4224b975eac2c8
SHA18cfe496b44424566df59d368ac8aafceb449927b
SHA256add570765cd8a7a600bbb8a18d56a44bfba158e649fcc4fd7cdb2cf9742a42a1
SHA512298b1679abd0f46a972025f9670450b82b1c8abaf9551da3196e7b51afc176fb3e17596b7c47df85323e6e095d69c533283f47042c1ff8deaf5930445e9151bb
-
Filesize
39KB
MD580ea011c7a8a8dd9365bb37c35f43152
SHA1f05e6718cbfbac12299ede3b0226e3fd86055a76
SHA2563ffb4ae4bab230d3b52b45b55c4ce5f8118db9c436f79b4fc0995ec6a88f1098
SHA51228a787c977362aae63db2cf6312037efa5876e475ab95e9dace956518cf46f09729bd2f7b28a752a2eaf9750cabe01924187c3c27876cc48b73b2879b5dca1d8
-
Filesize
49KB
MD5cd19be2e2be6b3606019c3e3e03b1d3d
SHA1367fd9ed0fa5059f53f9607499f2449f9b7d3e70
SHA256ab69dd5f9a6971deac63708035a4380b74e8113c696d4967f2aa81e0b8be240a
SHA5125198a2256934ee937f512c7a016d0f67ee1bebe914f206596245feb37ac31f4000561b69af6e9a8639e6348c4babb4cba2018ebe99d4fc626189938a58eb33cf
-
Filesize
126KB
MD5f8bdb1601eda2e6ba23d6028fe096ff0
SHA181e852ce080733070355b43752f9b54648e1efb4
SHA25672f199f552feac75398d6efb1b6d684006b060c790af636aa2709cf083b19960
SHA51270f6df390f62906f6a0f8574373644929338cdfa3f7df7f24e95049dacac09802a38247ca6f7954087bb62bc691bd609e911b5faffb762d80cc376d7896cf84c
-
Filesize
33KB
MD510f7a9fae6a1fd97469df5ec50b7fd14
SHA182d09f983006a39ff63bc447e9f27f9ecf9d21d5
SHA25655f8948bbcf3320e846f0f1b302d23b866a2ab7b5225486662b54ec40d7424e2
SHA5129e0ea9fe8baac48bbfcb1ed788045a1106c7c718af4a656e8f5c46e7924ab78defbc000b89705f970d1fd0a5ad231501abba0156e912305030269979040aae0c