Analysis
-
max time kernel
17s -
max time network
174s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
24-08-2024 08:24
Static task
static1
Behavioral task
behavioral1
Sample
be3780d79c9774ac539fc21491cfa14e_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
be3780d79c9774ac539fc21491cfa14e_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
be3780d79c9774ac539fc21491cfa14e_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
be3780d79c9774ac539fc21491cfa14e_JaffaCakes118.apk
-
Size
763KB
-
MD5
be3780d79c9774ac539fc21491cfa14e
-
SHA1
ee6056b2c63405e00ccf5022ad8e22f323d7133f
-
SHA256
e1ef06cf082a26043305c730f719ce56205ab522181398b26330d7bdff0308af
-
SHA512
f69c084626454b7cf433f03a619e011a337516af8f5c03811264fe0ca4f864a92a252e58664c3ddc1ac5cc64f050399ac1cc878284ffa772257bbc6a3fb72e24
-
SSDEEP
12288:b7ecpxMJdYb3xFARpLh0OA9EjXQ3nRVqZhDW/8ab5mXXc4:XtpxMJ4xFARlhLA9EjgX7eg8emXXc4
Malware Config
Signatures
-
pid Process 4209 com.eset.ems2.gp 4209 com.eset.ems2.gp 4209 com.eset.ems2.gp -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.eset.ems2.gp -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.eset.ems2.gp -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.eset.ems2.gp -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.eset.ems2.gp
Processes
-
com.eset.ems2.gp1⤵
- Removes its main activity from the application launcher
- Acquires the wake lock
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4209 -
su2⤵PID:4333
-
-
su2⤵PID:4360
-
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
9B
MD5de63553ba6b9d50701b9712bf4645e72
SHA163d79d75ad5d81603227112991c5f144ad1b8fc1
SHA256e3ddd5cd104b923dc337b2a20a7502c9b57b8a1198f1554dde945a98704a90c7
SHA51207c0fa5df977670b635b4787dd328e9357c17958e100c0e2bdb93700a0662d424f726a325d6d7b0a5684e67b489a78179a0db863ab44d6af6c0f3a47c0aa2baf