Analysis
-
max time kernel
121s -
max time network
151s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
-
submitted
06-09-2024 00:22
General
-
Target
ce3c27f2093bc7c87b267643bf530569_JaffaCakes118.apk
-
Size
5.2MB
-
MD5
ce3c27f2093bc7c87b267643bf530569
-
SHA1
858a0434136ded6ee2cdc84f689c6ae393bcde63
-
SHA256
35388c45bd74e105a99bf7c25a15dfd874af229d2891690c9d065945fa972a09
-
SHA512
63981c9ea9da102ff02eced243c32addcf50e06fbe9550835f081ab0e0585158f1376d600e62c8a41596a028a47c8dbf97fbce7f890f8ef451e5230c0716fedf
-
SSDEEP
98304:qDQTFIt1C1oWtyHKQcMYmxA/CD4fYQIugFEJGXzeXIcTxzn:qDQTq5GLyxkCD4DjgFEJGXsIIn
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Processes
-
com.xigua.wang.freebook1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Listens for changes in the sensor environment (might be used to detect emulation)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
193B
MD518151b8e2982bd2ad69b7017d1d69710
SHA1aa99dfe8604f3333d4fec728b9c1509b1828e215
SHA25676193ecb0e0376be026ad64ce30c78ed125d63dfa0828ac7aaf9890c5d8a68f3
SHA512eb40991da5ddceafaa66da42cc28eeecb9d39a23b6fe4a6049cc6ef02a871b3d9171f654b3f96f2f08366d34e634210110f09f8ff6943025d3e29935651c94be
-
Filesize
193B
MD5a015100a9d28b1c8f0cd41e25379ba1c
SHA1afa6d1d6516aad549c0efa96e18ca9e44ad2ebae
SHA256e47ce3a01d4b94ca1179cdb7c0fe3796ed643e5f94d8eb36b355324c0aa290db
SHA5128c282ae3ba923539cbf29ad3dae7003332650ae906726a46871af05dc48dec5b36339b6f2b11440dce87352c8d6434cf5c3b64fcf8e02db556a665fe86c591af
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
641B
MD5fd186ab5b69c522c0f52affa05f3012e
SHA133b9b54f4daa6d82c6802023bb339566a9517cbf
SHA256d5a8fbcaf6b40c6d6cd9f29b4556f1197ebfea94d9e91ab0a0f259c3bd1a41d9
SHA512384d0f38d2adc87f80c4d6f541fdecd56920099bb2c2f86a084c8782172854da3cc39bba9e0aeafb60314550d564e59c7b42af36e3e1dbb861f1bb46f9573533
-
Filesize
829B
MD5c496b3417f4574c5a04ff4b933b76985
SHA10c241c770a8a93d0891b94c7095a2211c0ae7c65
SHA256f764673c8eb236ee22eb8536cabc6b54c8ca1b662ffc00ec384e612e764ddee2
SHA512700322da8863ea28648312aa1d3fae171da1e560a887150dad0638e284c556aa3b1fbd6f114ebf80e8907a267e30f6dfd4a01c6ddb160bde6283b119e902bb15
-
Filesize
109B
MD58190c775289649775737f6f9c3c6ad30
SHA15d5f6f83ac4704e2358c7a81879fc326b643e7fd
SHA256356d4f51284d612a6d6b70c375d37b9b8b06c0a30cec26546d5d81b491b47d95
SHA512dd2bdad4a3e30052a174f7240e7006310efb17c29df806879c3a587997b7e1ce541807866f0d88f88a3573c16cf63347874aec6250cd53f3ec7502bcaafcec3c
-
Filesize
1KB
MD5e627f75b664c6f2306af5598ca344a66
SHA12efce9b4aa946fe5c040c43849fdc7d8dfc134c6
SHA2566c2b94c74392ddd1caa17cf9962cf33f0936eda24db9ed57aea21bc3236d24f9
SHA5122c8240f0617aa2a82e9582b0ce58eb0cfc57604a1425daeadfc8c08e70db79ee4548959944e041cedcc2ac42f1339ee12865e5fa07bd2fe16ad264506f9f6ddd
-
Filesize
350B
MD575db160bb43f455403e09295f67297eb
SHA1bfa23cf20b77a261b89feedde6dde29f4b303bda
SHA2560380da41e166f82f756bafe92ba6b873b11a01a70cbfb78ab942f985f3409f17
SHA51271ab626b2aa7d2037f1e69407de85ce27fb5429775d7a024cf6b1caad3094acaf2503992eae0e9aad70da6b24c1d8f3c938d6fa856bccb6521b8b901e28622e9
-
Filesize
20KB
MD5e31fe5c5207a9abb116e8b90aabf8b66
SHA110d6ad191ff9d46a65f264899f104f475a3b1469
SHA256b3e5232237c4988c6874a205cb9fd093de022fc03df2a7bfae0893e466775581
SHA512a378fa240b23f566a4809f621a03481a66942fb275431c87e58733a78c23eb5c7273c7b5b496ce06fb0ad14b7621e0b79efc888b401810ce08eaed8b22a24033
-
Filesize
24KB
MD58f198adc65fd27fa2aab4678c72e8ca6
SHA1cde2e2d31747def52da4a9fe9020db12d0befcdc
SHA256e7c3d408ac16c3d4a6fba14a65eb2514671ba4c22b0b8948f6d7217468e7cbce
SHA512e71e2da7632ad2e2214e5a868840ce37f52e9f8cec6093b19b422dd947311e511a6611c60f1740655d0491d54287364a363e57f55e39bb38b8b6e5da270e1a19
-
Filesize
24KB
MD5394fdfdaf3e6418e06b10daf1eb37a35
SHA119fc7fe344509b4603c8f15d7ad176f8264b3b2c
SHA25665f834543a70131861585480939a3a00ca4de04199c52c6dbf1e43a6be94a4be
SHA512ce1ba39fb3c8eda74a8e84f85f98a0f67168084aa9f9bf6d2e201b1942d4738c43bd2f5cebf3b23b144cf3d60b7a1a68bac0ed51671065c287b6ebe961b827f7
-
Filesize
24KB
MD5d76fbe21d5aba990cc72bcc5a6805e02
SHA1c24fd35e28ac4d1e18c1d618815917fb7fcb0d77
SHA256b49251f13e8bcb6369cf44ace83602be13461feb43a55503a778ab36deaaed9d
SHA51288caf75a859dded2545ee7e01a1aebbcbd33616a5bf9237d8671f408d5181eb51845ad527b6ccbdc5094f9d579ce1e6b01f0d3297df6ddd24eb9201220f81ebb
-
Filesize
32KB
MD5a6ff960d5d32d15bda237ee78963c2c1
SHA1eec417c58403e82239c782f256af7db5e386d051
SHA256b4b602105ab6edadfc3fdf59087c48cfccd5e568ac561acb3dbcbdca8fd7e21d
SHA512b0b52a1d6e22a8995ac17684bfac8513c67368d03156753e906acb1302f71cee72ba4b42fc9c64a5c8e2fc0d7c2b23c233ff0d5fe264e9e36c57a8c389273371
-
Filesize
512B
MD5813bd970e5d7155e1fda9533d1c0d2cd
SHA11911e37361db9c1eeec2f273927cc2716f726099
SHA2564c47a7175f1cc16e42fc18fa9b52f76b603858986fe721237a2e5cafed77998a
SHA512b837e03b9b23caa0ebabf018d1780dbcd8c719bebb319ae8b7c02f7254102e7f333e5c9fd869b33a657a9530c45d9736e726b6d844dcaa79ca79f32f440d6cfa
-
Filesize
8KB
MD5a4fb656dbaaee90786df7800c4d7a1c0
SHA1620c0436e97e1bc8b004308d60c8f3ec5ee4803b
SHA2563c02047c3d3b2b3231e34e25f02342ae84d0ca660ea1f9671280b1862445c74e
SHA51220e97f43c9b82b737bfb6967451f566fefa67c7cdbcccbd7ea269f5ff510c254831ec117b46c09530f0aea261615edefaf41b7039aff33cd5043c8d608e7d1ae
-
Filesize
4KB
MD5b0e6d70b0baf1c6df81367e7e59f7faa
SHA16a7fc119b4049668a9f193195629e349cf67766e
SHA2564b173dce759b21220d4518300ff799f9d5df19eb94a46c1db6507d63bd53198a
SHA51225559400a356e4779d143e9f6179e53384271ecb459960d22614075d77c9ee1af2e90c1ebe29e103d4a0c497b8886bcf1b8669d1e94f0f19105fe62033714dc1
-
Filesize
8KB
MD5a36d7028ffa5705b7336ca7d3f8354a0
SHA15127dd9414a35dbf8c8bd6503ff730da9c82b01e
SHA25613a065071b9710d24723cd0605a1476e0b1a34425b874456304f550ec00a388c
SHA5121c7ff8466094b7a46355dc4a40c42a8091c7078efcfb9f13d565ce5645d067965a3ecef8307d1afae6569a0cbb25096bc7b19417ef10598dde4a630162e1151d
-
Filesize
8KB
MD548f876c64a7c04c0c78f5e37d0a22e36
SHA117b51e10a96af7d656a84adafff094d6c469b3bc
SHA25663c3878740658e37d9e03d9910bb0fe8df4b766dee76b48441d05706a7dd6e71
SHA512f6fc6e1a7802566f8cb4a3dd37041175d3f649201ecc20801a7849ef71d1204845d612acf2209e952bc3b79f5f590cee333482efa628117059eb770a9006ac58
-
Filesize
12KB
MD56b7f9763e427456dfb580903278d38e2
SHA13547f97323d8724c9fe105844a570aebd50003b8
SHA2561d1315dbed4249138b4355b85bb319a64fef96dc53a0e0042a9550b61e8646ca
SHA51281ba825b85a1d39e602264e47fe67580674d939ef56c9dc49befde56039f9cd5e8ea078e2cfef04bfb510e42dd65447ccfec5fd8742efc1e75bfa0ddd4949c8d
-
Filesize
25B
MD53d11756e70c8ba4b0db664c9c8164259
SHA14868b4767ba9c25ec751e2baa38d317395dca39c
SHA2569ffa56a8921be011ab64cc8a31f121e1b9481f6b5a88e955db756a5ce49907a1
SHA5129254a54fc12c1016ff35bbc9e31ffbf7359c666dc7411f136dd0f43b898c9ce6ae321f47dc6d19bdbf94f13b02ebf06d671a1372f76170fef53512f5d701923f
-
Filesize
55B
MD5fd7a136486f8cce5899de9e126d31adb
SHA12c49aa2771005aeb4ac1ae9b2ee17b15c4327794
SHA2563d2744309cebbc276920785f0597016f7229fcaef95d21adf0b9e64d3f51e24e
SHA5122e969759ffa8437f2c3a9aac5c2783fae8173fcbb64d688c107f5312255ef4dbfa18081a33c95311828e5dffc30081ed100b37cd32b7e6da5645a042b8d5d062
-
Filesize
84B
MD504ad450c8cb2878d6f66f87d0a3f0fcd
SHA12bfaf697f9c5f2f1b9b4272a9c407c053c6019ca
SHA256c8955e08806514e076d72dcd659134e72ad32fae0516c6b5580a06fd5c5cf084
SHA5123ac66e5d3ab7dfd6fe7a6f6b975df404917bcaf1ed4e78821240c8f166c962017713e56a8d30943b907405b158bb0a4d7e3182bca8f116d16757d31fa206e0b3
-
Filesize
114B
MD537a7e0675da626f62c81164998e77227
SHA1dc6dd903957dd3a1cf2184a86b04400db7c226a8
SHA2565ad5326cf933ec7fe0922de818adfedd722f525c4d62b2b23c1226abb7d2aa81
SHA51219ea2072b018a0fd3a718604f480d232db9fd3767bbcc4cb0374f0b94f45bc7c0bf236c483432fec1b7a0f0c19a1e56e0b4d5dac51dee981cd3e80ba80078c79
-
Filesize
138B
MD525e18a9d401d7f18ddc722f9dbaf74f2
SHA1ba507791673e15c151eef312c8227302adc33485
SHA2562b4e36f5db3fb4dee4cb8a021d58dac39db5a6c49689b24f716e54f9965ffa9b
SHA51291c79c5060ca384910ee86ac9fb23932aa4a1a1054889e9cd6391e1e35e0594e61619f30893eef27ea5d9ecf7fe1a6485455bb70ee097d50e2445f777d3b9989
-
Filesize
3KB
MD574737779e052a8414d7061203aa09a81
SHA1e190a5062a25878454e65568ce0d08ab99906c12
SHA256430b5b5fabaa2c1b1fcf3fbb5629af6785420c77b66269c49c18eaa7c67ccbd8
SHA5120f55bae71a2c581dd6bfad102104e46a7e6d04d03291cf98cc4e4c4b402d64865089c1bfaac2eb980ef5ae3d845ac1bec0ae5362f13ff224329d8f4d4e38e992
-
Filesize
3KB
MD5a2b22f1aa4497bbb57fe423efd66e0f4
SHA182bb9c6d1f73e3746d0af0595f343c0a5b8160e1
SHA25612c692b6c0915e9bd385fff8fa1f2cbfe522360f19bd5d0a6cfa9030f7cdb5aa
SHA5129aef1386d6ddb4c823b317a60e07c9dce9cfc67cafdb07c4431a3220144abf673e91125b9799d4782415756c357f832f629644b4f149e34594551e3e407480c0