Analysis
-
max time kernel
165s -
max time network
185s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
23/08/2024, 00:07
General
-
Target
b998dbb3eaf6fe6191559f2abe16f0b4_JaffaCakes118.apk
-
Size
5.9MB
-
MD5
b998dbb3eaf6fe6191559f2abe16f0b4
-
SHA1
35ae82c264d1530a36e4f350ac43ef68de676b98
-
SHA256
5442e4501afdcb0dbfa3063432aea35f99b0a443749f4bd7463fd8f6a3925208
-
SHA512
57fb9f1651ad2c96fca46a98c54d07ef9fb251033b54b9f7fede62c96cacfd0559fc240b0fbe57c3601f85a53bbf74f015f8ba1064d96460a2a434f0be127017
-
SSDEEP
98304:eT+sTfr018dpU+OkZ4RwSTJehFay1BLNWG2S7kvJshPwaHavLftnz0Mnn9T:3sTfr0AUnk4OMIaShNiS7+JSPzuLf9zv
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Acquires the wake lock 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
cn.jiyihezi.happi123_web1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
233B
MD5aca1f9de124499197efc9c8f9d6e6a72
SHA13a473a26b6af716e1c11129be8350f0288184796
SHA2564e027e5942665ec884022361e064ae510577a8296776a4c5463718ca11ff178f
SHA51219341b85df28301d15355d8c4418c140a555b7e81e21c7771df3a73c7577c2e5d34dab54bfca85cd9283beec13213d60f83764d5b88f0aedb2fdf8b29be6e72b
-
Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
Filesize
187KB
MD5d19278587104ffa1f20e75d047dbdf65
SHA1d6ce06a784ae506d4c8260b5c051f7c090d3da51
SHA256826c6d0f671a8ff3a1aee949023a3fb6f55de63d2ca5e32258db794e20953a42
SHA512dbcbf646c4ed2af28692feffda109fe580befc38db1e15c7ffe0b68ed4e8bd29d91d93596f0b1e3f4db03e037bf59b4a33dc12dec948e0f4e9c402fc85bc9f75
-
Filesize
177B
MD5bfcbc3730eb02b57aa89190cc4730890
SHA19ae2dbf73f782c4439debbba5c4c154004fe16d7
SHA2561720ced0dcdb845e8b44b249f33fe44930a07fcd0091c2a7f320145b9a2f689f
SHA5129ede62944ffafa2cc2bdaa0547a4878c775efbc23c8b883a3a1e89827b0393a5a5745109a3c8fa4492cddfe49acc8e71996469f8ad33b77edd9dc7bf734b63a6
-
Filesize
149KB
MD55bbd4987057c6aa8f1992d72206c68a9
SHA13a2b6dae68dce8239f680c2684c648238bc1bf36
SHA2562a7fea6e019debe6a0b0c8a5bff40a0451133d3f122d3bcb8f28aed615c50539
SHA512ec138779d809f32ffe54998314263546f630fef799bb3cbf61fd494706724a3f756e0b3a5e721765b121a053b56cbe3e39f8edd09c17cae8289d677f9c4b8f73
-
Filesize
180B
MD59fabb1cf2cf24c194c070a774a2cb082
SHA17901296e19069bd56517c71f2711e356298bc546
SHA25687c7647f6b678369b0b35e173a63661024f4942cd0c2369d81d77a82965a7a0a
SHA5122d93db3416cfc0c0477d0b93f75346ac77e0a9c4a07fd0e0a474913f5a207d6bff6700876eabadb5517a5f047575ca09f0730aef0ed76abaf004b8cf71d1b825
-
Filesize
539B
MD5c8f2a64d6711e48c05a4989673a1ec9e
SHA1c48a6bea5ebd7260dde8b47653d8f226d867307c
SHA256b2488afe2adab0ce07964d6281037e0a616a52be625029ec4c6ed66a42d97d52
SHA5126cb8c1bd08d55f198466924c98909c98d8598f13adb9aefde5e2924f618fc4f7247bdb5700fb91607344346cad151d0a1420e4a06a60b76432b6b2bb518274e3
-
Filesize
4B
MD5dce7c4174ce9323904a934a486c41288
SHA1e117797422d35ce52f036963c7e9603e9955b5c7
SHA2560c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f
SHA512d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143
-
Filesize
1B
MD50bcef9c45bd8a48eda1b26eb0c61c869
SHA14345cb1fa27885a8fbfe7c0c830a592cc76a552b
SHA256bbf3f11cb5b43e700273a78d12de55e4a7eab741ed2abf13787a4d2dc832b8ec
SHA51291972aa34055bca20ddb643b9f817a547e5d4ad49b7ff16a7f828a8d72c4cb4a5679cff4da00f9fb6b2833de7eb3480b3b4a7c7c7b85a39028de55acaf2d8812
-
Filesize
24KB
MD5c350d05c3d4943baaf1accd6a39a18d3
SHA19bea162acc14706bb032be98e7a42dbd22d3d325
SHA2562515f5e39ad8ab880de32bd4667da927364e7f0a492876ba4f91819bded63b9f
SHA512cf8b698adaeba68c20015b951f1cf3e8a85361c9ef7e27dcdee1cea6310023eece05519a26c95e6b9ee369f2570584c3be69ddff3fb1e4ce65b40f89a45bdfac
-
Filesize
512B
MD51e038019ddd2b0c4f36a935b2fa9cc88
SHA11ac0eaecc5f8eeee234498379f6fee22f36e0385
SHA256638020bb5f254d24a819547ab872fef0f722647a985d2548febfe3ceefbaf37f
SHA51219170c7e76602203e15a17f14c59d9173a342fb7b0056649e00102c1bc9f96319c3296b181fa4fd4ec5440c3e3230068175fa6aa97008a7eb9149620c93e27ab
-
Filesize
8KB
MD581a3366a144e523771dffc7ec4bc1ea6
SHA19b11e57ab5b50c69853d3440113cce2b65262915
SHA25619d28a3316635d3860a513bfca13b2bc46f47f85728ca6a38e12d9394e5c617e
SHA512b9435189a4b7a6ae2b0e9bd93a76ecd6ca5e51aa7982121116168db3c1f4efd88ebba7dd4b67d76d3d0467f3bba69fe2252d4da8ad89de2e0ebaa96291b0da6e
-
Filesize
8KB
MD5cf3679b17b9c6445db869ce0c24f0fc6
SHA1e1ae7b9d4b58b0ae5a914cd0b28a33f48fc4c654
SHA25601171071d3291ddbb8a4b2bcb2d0b07a298238afe59bee217ca22ba5b72eab73
SHA5125fe25545d8acff04a8b29b30ddb62530bcaaf2aa5b6bcd92d0371cb0fd0990aa56b10c6fabb39ad42323ea5542a862f1d90ddf3565a0bdd55941d71552ab784d
-
Filesize
52KB
MD5b411c5e74df41ec1b35ef64843f77805
SHA1123aa06bfa931c26445e87722b78aac808e22a44
SHA2566022bb42d5d583a168df8d825d0513852a9f3ba75dfba6ce088f0fe40f83fb2c
SHA5120df9e3229999d9db5698cf26ec96cb0240ce8699f4c753893839b58ca34322bd3472c0e3ff9ec34fb418c1540db2ba5896ee27994005e5da88a308b96d769cea
-
Filesize
8KB
MD59bf22a611640c6c049b6bd3d9476e201
SHA129f20dfd47212a0512141cf740c2a1adfa5217c5
SHA256605b6b77b8ba10b8c8f375e8ef781cb3a495879aff251bb6a7a20e1ae6083ef6
SHA512073280be1f985a695e5655340e1b57d6f2e33da3e8ad0c847a72a85d2b7e648067bef85af55a72dfd1a5f542e61d625e34d66ca72200358ee6e572897f668b4e
-
Filesize
8KB
MD5d351f9f6f671ab221615d164efff5014
SHA193d4b3a5929f2d5903872d0fdc72540594d3f720
SHA25610b730e51d752ee39ef515bd42a7c95868fef79c275e213cd08ea6f1f740d3ef
SHA512f8c3b9e7236ae23c779740c4876c38054c52a4b737f750aae12e86aaf5cd07ac73b1e33e513a629680296b208960a77d2afb2d5629db498eb6bb0cb6a3fd0ebd
-
Filesize
512B
MD5e2e4c09c007a8db34a7ac341f48bc75c
SHA11aa6c5cffeeca95020001041f8a4cf280c71c03c
SHA25688d2518f117ebacb83fe60f7cd8249025752eb69e95acf8615a717038e3ddd37
SHA5127401863c26c9fa74c0e47a0d0564993fe1157ba55ec75b256aa87e5370d3a92a9a51dd2b9fb5982e56825fbd46e002018e93f1543e25eda1264a988e73c000a9
-
Filesize
8KB
MD53bef006862448e6aed4eb69dfbddcd98
SHA1d1d34a181e48ad1b51c94fc4a309ea88a5c5b51f
SHA25619e3cb0ab7c4327d9baec1a9cadc2cb03ad35f0c5bd060f818b35812b0eaa547
SHA512882ecdfc4601b22cba4f65900e77b22b15b37941b8a2fb621dfdb118815178be1c807eef8fc20b61d3e2620c621608f280c16dd3d5868d926b924153874f9548
-
Filesize
8KB
MD564443ce333f1a34c42312cb6809eea1c
SHA1cfa0ece09fbe3679eb801e8b9beb40f81f98613f
SHA25648985ca7417aac7478823f53c81dffafdd8e9362b932d7f4b5aa9b7911e7e2c4
SHA51270f7848d412ff9ea3243ce5a1d2989edfaf5ecd34e87702fd2579d627a0c666001513794223fe5128c269ce9494ca5db315855fc181f2fd79c206ed8c67ff000
-
Filesize
8KB
MD5471bf59c8498a6c6eac9cf4549e7b03c
SHA1d2f090ea748a242ebc7cbbc5bddc157cb909d62a
SHA2567277f9e9a9a2efdf8984dbb52013966ef7ad41daea79c734a48916fc4ff58df2
SHA512950db23c60e27c31496788b0607350859da7afc9522ac903bc4c2d37a836bf148ef2b364d1d706c993d584fafd33cff09a44723b4b4b9facb229536d9a6d5405
-
Filesize
326KB
MD5c2d9918b89a2ae313c8d7c6cdcb30af1
SHA16a49e0a17b50722ea1cb00a3ef9b4d9a504a6525
SHA256cc695638f6febe51bce80754c040da87dbabca35318b4aecfae132ba2c501190
SHA512adf13450bf027b9637ef0a918abc37f7736aec0025a19e17cc01a957f3e8a662af6a8f65e9dd5305d3cb00c4960c082a3f610fdfc35feb030f74bd2b6f37e2cd
-
Filesize
336KB
MD5b766bdb156e61ab55372d9fed442f45f
SHA15dcd61a8b17a916bb3d57804dbb913fd678ca423
SHA2565086de5cab42eaf3601da97f3c11ac84ff406c77461ba8c97e3b36e5f1491e86
SHA512c7b1b2983199494db18addf61a55d5d3f5b9b5e77e9ef4120c5d5ec962c94921d7493fc3e320c7f539f6eb0f68b40d282546da9429ba938371b463333f42ae31