Analysis
-
max time kernel
112s -
max time network
133s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
24-08-2024 08:24
Static task
static1
Behavioral task
behavioral1
Sample
be3780d79c9774ac539fc21491cfa14e_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
be3780d79c9774ac539fc21491cfa14e_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
be3780d79c9774ac539fc21491cfa14e_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
be3780d79c9774ac539fc21491cfa14e_JaffaCakes118.apk
-
Size
763KB
-
MD5
be3780d79c9774ac539fc21491cfa14e
-
SHA1
ee6056b2c63405e00ccf5022ad8e22f323d7133f
-
SHA256
e1ef06cf082a26043305c730f719ce56205ab522181398b26330d7bdff0308af
-
SHA512
f69c084626454b7cf433f03a619e011a337516af8f5c03811264fe0ca4f864a92a252e58664c3ddc1ac5cc64f050399ac1cc878284ffa772257bbc6a3fb72e24
-
SSDEEP
12288:b7ecpxMJdYb3xFARpLh0OA9EjXQ3nRVqZhDW/8ab5mXXc4:XtpxMJ4xFARlhLA9EjgX7eg8emXXc4
Malware Config
Signatures
-
pid Process 4492 com.eset.ems2.gp 4492 com.eset.ems2.gp -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.eset.ems2.gp -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.eset.ems2.gp -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.eset.ems2.gp
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
9B
MD549542f738bb949419e861f54bc6ea25c
SHA158f3df0f04fdfff0c86557bef615538d55264fda
SHA2568a0663f9c1982f4ae628ba2e70edfe192be532b2c0bdcda6a3c33112db373485
SHA512db95fdd28a4ae63892a7af8472d53f0cfadc34fb77b13ae60eb38f09d34cd88e165f1d36312dd78eb60b05f98eafdc67f05564a6c891f18fbfbd0e6fa516e045