Analysis
-
max time kernel
4s -
max time network
145s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
27/09/2024, 07:21
Static task
static1
Behavioral task
behavioral1
Sample
f9f94d38d05a2ecb87e71eff05835b95_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
General
-
Target
f9f94d38d05a2ecb87e71eff05835b95_JaffaCakes118.apk
-
Size
15.3MB
-
MD5
f9f94d38d05a2ecb87e71eff05835b95
-
SHA1
80c709c0ce1e0122bc62d1c4c8c381bf0ae95d1c
-
SHA256
92d1d914cb2b4b8cfcd5f4087351d84489971d71d65891f5395c813bdd97c5a5
-
SHA512
9c4c84a37b685e0a7b99b7b300ec0814920a16b25f9cd7a981a077e4b87af191572cd9c2db2b9d4da20ee0038d97758163adf9f07fcd1527f80da5a584834223
-
SSDEEP
196608:WH1Kmq6/Q0t3Pyr9/uC3ly5Bbc/w529RSN8RPf+WHPj8cWjb5vl8+zuKwunMTzMW:E1C0t3PMocE7cgo8BjbwluMThHhrtN
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
ioc Process /system/bin/su com.cibn.tv /system/xbin/su com.cibn.tv -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.cibn.tv -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cibn.tv -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.cibn.tv -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.cibn.tv -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.cibn.tv -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.cibn.tv -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.cibn.tv
Processes
-
com.cibn.tv1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4264
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
59B
MD5c8b982a9c4e13ce8c243734002584940
SHA1f403aa8a3fc9118f6b19832953e1f13ea1abc144
SHA25694da7259eb299d8003bc5ad6e954ee66d09b2c51ac93b9a27bbe8226be0849be
SHA512872217f223359ce60bfa72a71790b5e30c8da68cb935a95567c8d0e927e568c8c790b57cb00e1a4188e9c760f4d7c800fff66c8e460ff43dbd613ac4662099e7
-
Filesize
307B
MD54cb5c6d7ce435dd7aa318f4da8c1812a
SHA17454dbbf29a461f120eb698e87ca2c4765208755
SHA25637e087438f93e6227b5f94a85bf52b373bca0521708ede35f0d600daaf02d1de
SHA512dd99acb2773aeb3d410da0aa66242ef922f3c46a16add9a74a61e0a42fce61b39a185c6ec7d1377edbff0ee1afadc335dc195c728cd734e3b534c79568554a7b
-
Filesize
102B
MD508f1970568f5e6f2da561c102fa24a6a
SHA17cdba8d84c58df155302aff30a9cc6560f3f3d48
SHA256f64d29fd2fe8c9309a557f04db8a7447c2d848c2b95a663a41214a31f82ce9e5
SHA512c6fc838f9e6a2e81b19628e8d3e159da994c613a02cda6621c68d5751e472ff3782941b0cb16961064d54e5e1042fcdf8bdee8b51019bb9230888eacf4415b8d
-
Filesize
926B
MD50db661f7a8de3685033932b41e9bbd8c
SHA14cd1dc69c8eacc79324046d09001b75278904cb6
SHA256c9b810c74865af122d372be4b38cff7be898078a6778a046f4572677c40f3e35
SHA51226a3cc8bfb70bbfbdd8d99ef6c7639cdd7f9fe3d896a3033ab40f126a988dfe0e974a5f8e1f6344469a0545a64205848aa6373a11d764bf7f9d8dd2ed02abeea
-
Filesize
45B
MD5b0a3a076f095de451bb516647aea32d6
SHA121c9e4a674a324e3e6b71d68d9ea0bd0d978584e
SHA25647ee34650101258063c3ff66e7b8355241bdeaeffcc1550fbc5d55630e4673f8
SHA512642bf8c987d41cee6d8f9079d64a0f9dd3354535ced77ebecfb60bb363d4943ec2315fc4282108cf301f43524e281a4f88d0ccb8bd085a3c5651f70724876662
-
Filesize
89B
MD58bedd412cc757e10fbb04d96c60ec2eb
SHA173530eab7da5235fbf73a43e0d2a9ce6ae7049b8
SHA2560b6120009f68ba59d62b31c0fd148b598e927cc9b9e6a5409e4d432cc675be89
SHA5123215a8589c29ce73fa933dc9e9a1de5ecc0ab2fcf3b42fea9d8ad54e0583288ada6fe5494a3b59772b8726af15a1590ead93c634eaae18d8b768d3e67757fbe1
-
Filesize
83KB
MD5e48aba54fdad6880f653d1009bd858ee
SHA12c753c11cd26b59bc1008f642d7f5734fa5d9fa7
SHA25663ff55d3a45cf577ed6da6bd5549aa1d059fdf6d0f89a0838609b1f8c508ad15
SHA512a74c15c25de212c65a42e396c04c236f2311b58492c75847f85d1e80e2d3b4a66240ba0a03ea8397f9359046e0110da6912454a71edfbe0b74bf2f2a20a1d813
-
Filesize
7B
MD55bc9dd02fb26595ec3f65ddeee81427c
SHA17ba5566501907b1d4a83f46f9ebfccd8a26941fb
SHA256d686b70bde9964e0cbcd961ec4eafedb42c130548b2c0ef4c0b7bf73d257b511
SHA512f394abebbcec695bf1ddaa454923682e9d4b1f2d667c2e9a0b2ab900b7e1426b876f0441f1894f8497c08643e947ba257e46af2c22043bdb34184a13a71a27f7
-
Filesize
152B
MD542e4f985819d2fa0397e99c7b2d7fae9
SHA1649e191daa370560e7ac5eb7f9d798abdb487dbd
SHA256603c5d592f57552f4e281ab48cb67d7d79fc3f0a53cc1352e1cb3621a31c1c21
SHA5126bdccf87a40cb4096080409f21bb81cb4f58950914a0e452d79ee52612f95c586b6773325e8914180bddc2133cee7d79bb8f1023ab9c3418d6c4abd7cc98128a
-
Filesize
111B
MD53d1da258a5e6dff6f58723db6a9e6e33
SHA1d3d937d132e5e8205bef83619532673dabdc3baf
SHA256240767b90b934bce3277456b6cb6202f04477b5ce1d841654af40c3b3b1dcf0b
SHA512329ecc67c0994e49b0dfa44524d070a438109fc75821b47c40950081094e878a6cec2869d59bedec479e2a1362f924ccc7d54557b606321640b90bfde607e12e
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
111B
MD5d0c1140e84e5906f3b43a5183731dacb
SHA1983c2b113a24558ef07cc7051df794a95ee2224c
SHA2565d306c1ffe9d6a76e523949d9a8e8e13aca2af02c2b3ebf6b2eaff5e7985c787
SHA512156dcfe004009d4b3deeee2055e06f34a77fa5f4b925793da69ead866b169e3f7babca2eaf1bc4b41d11c6504542ae0dcf0543c204b596846dbf6edaefcb3d9b
-
Filesize
167B
MD569a096abced7700d4e7dd7e261f44b2e
SHA14584207557737982bcc66a8d2f4ad69fe25cbd73
SHA25684c63f42978a583b6da174176ab4ec39bf8344b7418731d161570a987a5cdaed
SHA5129693885e141ab76357c1bab870483e0c745c144649fc439c4d19118c1b2881d864fa5ada262d24aef4ff838c566d4d0b9b1cb03a3e5de2592521cd3ac1c5ffd4
-
Filesize
31B
MD58c92de9ce46d41a22f3b20f77404cc1d
SHA18671a6dca00edb72be47363a7071be65cf270373
SHA25668bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA51230f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56