Analysis
-
max time kernel
66s -
max time network
152s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
-
submitted
06/09/2024, 08:15
General
-
Target
cf16ebf6c12c4000778e386b9ccae521_JaffaCakes118.apk
-
Size
4.7MB
-
MD5
cf16ebf6c12c4000778e386b9ccae521
-
SHA1
0abbc5befcfe7c4a8939e5dbf5581b2529116a81
-
SHA256
b085f40400fee4e0a7d6e467cbab0ffe84da19c4d97d5a0bf61d9822e9e67dc6
-
SHA512
824130bd8a7ec6fcdf93d0d1a6fb41ed05171242c915adbe3fde8568e6f7f664139c672faaa8953724fac8553fe24011605890f699777622cd8dc6bc33b87573
-
SSDEEP
98304:sE9++Mh09/NM6pPlAqim6G0vjgVxozVXFHxhuSHeuQMemx0qwmAnzLqMuOnT3m:MjhkJ9fBbFVxopXHhuZPMzxymSqMJnLm
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.njnlmenpmpmomhmejgjhjhjl.asf1⤵
- Obtains sensitive information copied to the device clipboard
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Listens for changes in the sensor environment (might be used to detect emulation)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
557B
MD53af547cabef9cc3dd89193cd91ffed4a
SHA18462c8e58e0033d9a5ba7689efecd361f6c02ca4
SHA256dfb398b4f7b2becf54da50be89f2a8b24e8e005ad68a5f6f45ecab043327a1af
SHA5120d7eafab5471a127e4896f1f0201c2fc4e1494c8a4d09c8374d9fcfbbc65ef34ef94607cfa907a03137a14d41f500fb26ce0c7ff01567b0811da072c285086e8
-
Filesize
218KB
MD5459559bac3be2277f344b469c1c91aa5
SHA1b2dba0f45a260664d700750a4c57dc3bcd2bc4ab
SHA25623ad1ebc36c58fad8c9b6ca80c12f588173a091c5ff2e938f3308d6cfc07ec05
SHA512a1e8e53687a6c0c3b06a79d9f72e367f631a3c9eb909fd218df71aa7ae6a416901d386ff48963aa7ec8851cd0eeecb14531de75c8efbfa36ffb6e0701d80137f
-
Filesize
3KB
MD54c155ec8f4d083335faddd80792554a6
SHA13f94702e902b5de5e46477d9ba74ba834d124537
SHA256b1026364e06528f6c6ab9f9e9d4a51ce53de6d5c3b321d43209fcd22bbe6d05d
SHA5120fbf3d68d76880b15c69d237cafd81f6fa97739c19ca20cd7a02aa44b49e33f09dae8dc20cf6ee708a8dd58260c98e095a63a93be8e57864355e9f66d3f8e6e8
-
Filesize
233B
MD582a5542b972518936a5d64968e09c582
SHA1ddd7e1c19b411a9397ddadc333bb6a9c9591cfc4
SHA2565adf3c12a3fb9112107b597fc67cbae45ccef2185b89d9b02ec779eb8a005f2e
SHA5128c2417ecdebcfdb2d58a480efb79759672cce5c2a22f1fce7afd453959df915a11a99c6c52d8a98d68c9512d040ae971bb12036645b4a92959490fc69862fc56
-
Filesize
322KB
MD5890453b31bf834f35a9054cfda8e33d1
SHA1326660946d6fc3b41eaac14daa874355132297fe
SHA256ae57e5802f7c4c91a1e84634d429c1322d6c89087f2a78d7b6f3a17a92956b7a
SHA512a0ed58b74b82e6a3f9e9ccb9194c17b4dbc65cc41202704e968366814dc98ef03e44b7fd39fb2e8fb8df5f50406ee46fcbe3c288437e4f32984ad973dc2c41b3
-
Filesize
299B
MD56ca4589ee45ad9219e1b0c83cfa26f2a
SHA1ecce2d4034636c4ecb3a309fd9ecfcb3251c6a11
SHA256d1ec23193382b69af41514b2517b0a4bfd91f75776ac3d5bb39e6ca394096fc6
SHA512a08b68f67a6028ace605bc38e14ca2c4d04518237a1e7d45eadf631ae8bbd9937f46e5a2de428a2de09a6ea0aa8b4de9e20c5bea74397f00f628e3aa8db495dc
-
Filesize
2KB
MD50647b8c9dffe00f635a0235e4c2aa750
SHA106710fa26355132bedc512f925d33bbb65e384bc
SHA256afeefa4b1966a66b8e3e53e991bfa5d2902cd8ae41bfedd782bcceee1bf231c8
SHA51259c9c272571e2ede8efe7cd22268647559de2e709b3d24bc03dec123b107c8fe01a8caf416941f205ebb719a4c44edff931746243b5545c7e3519fb72fac0df4
-
Filesize
311B
MD5c2b5846a922703f82498f9289dbf638f
SHA1f304e8fbda346f41e5338cda4798febe3c553dc7
SHA256f07646dfde095f9987710493e992d75ce59f8e6c65e79e67f0891f8348636634
SHA512b643ccb895903fe616966451af86a4134fddd10fc8924967a7df68e9581d8a2bd85bf1cdab9085dda1159d34c2b44cf1fa2e77125fd751c8807777ea933f2705
-
Filesize
245B
MD5c4b9ad0ca79b5df9cbb75256616b4c43
SHA1851d91a5a82ca8f6a699df260bb20942fb2c7882
SHA256b5f0ebb48d36b70bd7f662e2cfc099dd040bcc17e838b12d93f3ddeee34da9a7
SHA5121c9fb1b66a0aeb24fd00c825292780658070af700c2cd2375cca32451bea68fd1b1f5b8ea768763e783218bf7728acdea2ae85d1bdafcab0fa59733a5ccbf53a