Analysis
-
max time kernel
7s -
max time network
151s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
02-10-2024 01:30
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
08427abaf1142fe2224f2ba2da1130c2_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
android-9-x86
6 signatures
150 seconds
Behavioral task
behavioral2
Sample
08427abaf1142fe2224f2ba2da1130c2_JaffaCakes118.apk
Resource
android-x64-20240624-en
android-10-x64
7 signatures
150 seconds
General
-
Target
08427abaf1142fe2224f2ba2da1130c2_JaffaCakes118.apk
-
Size
1.7MB
-
MD5
08427abaf1142fe2224f2ba2da1130c2
-
SHA1
600a269918d66856c5824d5b1e5711bb469396a9
-
SHA256
d4d38d24815c1d9be3bca1741172938f19f4cbed46e40be276300c52641b3463
-
SHA512
7f65df0abb57985c4c2ec23877a35e188c312385f7ca340f09923ff3378e400f55d01f83ad53af621f8ebb8563c57fefc798e098a0e316e06a50952d3c84a0d5
-
SSDEEP
49152:KC72lQVvKlIYXZHcqYa5b2lbvKStohooUrmEUNUDPFOKShX1pgkHxqvIekL5LsoN:KC2aabHcqYDWGoUrmEUNUo7l9qVQ
Score
7/10
Malware Config
Signatures
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo net.rhmnpljs.hjjtks.puvj -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone net.rhmnpljs.hjjtks.puvj -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver net.rhmnpljs.hjjtks.puvj -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal net.rhmnpljs.hjjtks.puvj