Analysis
-
max time kernel
19s -
max time network
175s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
25-08-2024 13:08
Static task
static1
Behavioral task
behavioral1
Sample
c0cfdf18b4670edaca2db15601c2c1fe_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
c0cfdf18b4670edaca2db15601c2c1fe_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
c0cfdf18b4670edaca2db15601c2c1fe_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
c0cfdf18b4670edaca2db15601c2c1fe_JaffaCakes118.apk
-
Size
2.0MB
-
MD5
c0cfdf18b4670edaca2db15601c2c1fe
-
SHA1
47a32a5220a9ad41aaedc6cc50006542e673cfea
-
SHA256
bc057f0bae84d48e79944eb98154795acef33f5e6670766227eb68cc73a3cdeb
-
SHA512
a867c897f2d62db70d73da605525398222c00092e8d224047bd53bc8199fc33de0e75a9523f59b4095722a1c7132b9ad7a285b4748cfe7a22243273d696d238a
-
SSDEEP
49152:U+7zCZ5clmITPhMFB50QfFYAYtYj73ZTe:i69eL51e7uQ
Malware Config
Signatures
-
pid Process 5073 com.aim.racing.hack -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.aim.racing.hack -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.aim.racing.hack -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.aim.racing.hack -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule com.aim.racing.hack -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.aim.racing.hack -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.aim.racing.hack
Processes
-
com.aim.racing.hack1⤵
- Removes its main activity from the application launcher
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:5073
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD512627a2ec645c4a4bc50dba5903afd59
SHA1504005c938517e61bcf68b65a055c2faba635c2e
SHA256f177ffae9650eb4f407c2d9a510bb5a5abe1ece2fdfe24effc62478a1bfa5903
SHA5127ff69589296e02383a217373399e75d8a82fa17146e4273f4c0eb630f096dd9f394a3324d60858b02f7e5cf177c82c6d966f5cbedb68ae6a98df7cc851b79cfd
-
Filesize
16KB
MD5e2e903c52e27a12d15831f46372e910d
SHA1612a15ae79a4657a61b8c770e4b1d59ba3feb93d
SHA2561c215d57054ecaf23a75b0856e9302e3c62efbd7149846ff8831e46be2eeaf4c
SHA5120047cf9edf14e1141b213bae1cc43b55f121f995f329cb337ff24d1c188ca0a8790bb63447507541e14f7068dfeca71fd09f4d9ff7f436ebc74c039bf738227a
-
Filesize
512B
MD50896a8b08aa0ef93ca9e2b781a0ba89c
SHA15e671bcdfbbd1bea8fca8d60bbdcd97c24377c5b
SHA2560b772b2c8f490f58bbd2e6e0e547ad9b93a3835a523f2edced1bb76f63c5b9d4
SHA512d7dd4cbb5646a50793bc57c67cbfe6b4c576cec64bcbb767a8aa94fc884c86610f3cfaab277751628a6562ad869ce9f904658ccb6500241da9bae46973dc169e
-
Filesize
8KB
MD5fb1d580753bc39f60b3476aad26e67b2
SHA1bc98db5bc221fb4e72461c95ec7a1c4f222d681f
SHA25667667dbcae22e0409829045f98ce168768c63060a62b9ac8f68a7f402c40d601
SHA512e8d125a7b24c8dcfb248ab1339f5b6290da05a917e18cd61d1c18343f5befd14456109071bd1a9d8d4f9e1402168de5124ae0429455b2ac5e79581f3780db063
-
Filesize
8KB
MD59b63db7330031326809bbd09b0d5acbd
SHA100d12610ef9f1a862e71957a1afb353f35497a1e
SHA25692a4be94543f9deda7d32cceef87bf4c6bbd51706ea1a8cd5613affdb265ce98
SHA512f365386f7d2fa4860f379500350e04909fe3d9d7bcdacc1abf1dbf2e752ce5cd770b68fa239a407c444baf58a8e8fc8a8525caed9fe23098a1caa51d3b61654d
-
Filesize
8KB
MD518c079d1b96a1768023171064b459036
SHA1c4c4b65e4737f50b08abefb02eedeea6ae365aca
SHA256d0c134fa720c89b5de67b02bd4da0bdab87817bb8fc8b4ebcff788c4d24667c4
SHA512e93bf3a7bcc6e3610f01dbcf80d95832922ea4fc36c427d34d5c45456056cf0228edb29ebf434d02a9838310f0c7457d68f85dbfe738e7bc9cffed22fc0329b4