Analysis
-
max time kernel
23s -
max time network
137s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
25-08-2024 13:08
Static task
static1
Behavioral task
behavioral1
Sample
c0cfdf18b4670edaca2db15601c2c1fe_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
c0cfdf18b4670edaca2db15601c2c1fe_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
c0cfdf18b4670edaca2db15601c2c1fe_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
c0cfdf18b4670edaca2db15601c2c1fe_JaffaCakes118.apk
-
Size
2.0MB
-
MD5
c0cfdf18b4670edaca2db15601c2c1fe
-
SHA1
47a32a5220a9ad41aaedc6cc50006542e673cfea
-
SHA256
bc057f0bae84d48e79944eb98154795acef33f5e6670766227eb68cc73a3cdeb
-
SHA512
a867c897f2d62db70d73da605525398222c00092e8d224047bd53bc8199fc33de0e75a9523f59b4095722a1c7132b9ad7a285b4748cfe7a22243273d696d238a
-
SSDEEP
49152:U+7zCZ5clmITPhMFB50QfFYAYtYj73ZTe:i69eL51e7uQ
Malware Config
Signatures
-
pid Process 4237 com.aim.racing.hack -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.aim.racing.hack -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.aim.racing.hack -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule com.aim.racing.hack -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.aim.racing.hack -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.aim.racing.hack
Processes
-
com.aim.racing.hack1⤵
- Removes its main activity from the application launcher
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4237
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD55d85664f8e614fcaef42be2e6f649027
SHA109c6288922102f6114a823f4992415fd3373d61e
SHA25655f8907e91226ef43a05583c7b4623b4e26994b62d20c8603975ccc1fa3b9409
SHA5123d6006a3e82d00fe9bc443e940acc5df12ec84114fcbcf8fbc8099c085cb1229b21a217b7445129b50558bfef5100894686d7359eb80b7ef087b65c7be3bc6e9
-
Filesize
16KB
MD568b7ec01933967addad46a2e47701e7c
SHA1eb7e8731a3bff12de987e121ec6935948cd621bd
SHA2562d6a3152023a9362a4e7956fb2a2b79fe372384b3f5833a4c3e36aa12cecae7c
SHA5126439864732b0c718859d8c0485fc912783b52b60729f0168137e91dc8afac5cfb1e20c0c44c6eccaa6adba23ecebbe3b293d1d9183e461e9e137bf41718ef29f
-
Filesize
512B
MD50bc131468ed45ab7046f3fe1717fa6a5
SHA154a557d2137464b89d5f733cd450de0a10898b36
SHA25630e9af5b948d3111cb43d7d255bd7658dac5b9e266d7f48ac049f20480d31678
SHA5124ec2be4bfb4f6f2af75cf81bc3d6e976a4df214fad590367c35e4d7fa9e3439156f7e7c2fc3338b061b0782f7729b17d85fef06311cae2bfdde99f62fcd08a82
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
28KB
MD507e008dad1d6df348fd3edc8ca14f151
SHA17fffb68b7d5919d2f5b9c0cd15586bf2baa8d426
SHA256ce785b57d1eda5092b08c9a32fa9af8e0b8a3fffbf4a460c48212c164ff1b350
SHA512d584f8d694851e5ca690acbecf1b7a3ea395183293f4a39690545d48c1982f66fdca9a99004a9b214d7d9d7810a88f6e958820c4d47d011215b3edc367294b27
-
Filesize
4KB
MD572b05d4d5556c1566c3320cad4f4ed2e
SHA19b8e99862b4393a8ec383b33750a4d702eb09fe7
SHA256d627d59aac07138fee83b930cdbcc18632fd37147c951a74fb2d92ccc5070b72
SHA512d9b03b0f4a65adaf2e8ce2b53ecb60193b3c1881719c0342e518f67777a771804199d4f43e825b5146fc24c5041a5ed74f5d1fe373ecb742bc26f01643643ef7