Analysis
-
max time kernel
144s -
max time network
155s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
15/10/2024, 19:29
Static task
static1
Behavioral task
behavioral1
Sample
499d227e53e2e0df1dc808d2529507ac_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
499d227e53e2e0df1dc808d2529507ac_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
499d227e53e2e0df1dc808d2529507ac_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
499d227e53e2e0df1dc808d2529507ac_JaffaCakes118.apk
-
Size
342KB
-
MD5
499d227e53e2e0df1dc808d2529507ac
-
SHA1
eeedbf4c50f68467e6ffd701a425b9ec8fd53a0e
-
SHA256
0b08c1a914dd791f3e6ef369c1103b3b8e6c310d17f36a667189811d8a14f11d
-
SHA512
864a01a2c164e33e97cfb36fd551a1dca274286ecf3242a2fc844b8ab2ce9f0cafb52f6e32a3193294c10d2be66d596032d6fecad307755a4123c4e8ee403693
-
SSDEEP
6144:2Tplw2P+sb/S8sN/Jlf+xHssYRXBlvNqUH/wD34KSvo3oEkZvBdkqj5:2te38Elf4HARX8UOIFvHLkQ
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener g.xqbooster -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 25 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo g.xqbooster -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal g.xqbooster -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo g.xqbooster -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo g.xqbooster
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32KB
MD54cac7d31fb94d5c9581893537f64c5ed
SHA196bef3288546196ac3058b5eeddbe9da1d999fe5
SHA256d1b111041f8aab3269f3da846b2ea199498d99f6905174a9d641f0faedca41c5
SHA5120ab95e51a640148ac007d47afd5b9fd03ae5a3b9053e5e19a4f0b8089e17e41e311790ee9fe486b6752926799577bee041ed67b64d8772794e9d2329a96ce747
-
Filesize
32KB
MD5bd4bf956fe2d4122742d80bf9669abb3
SHA186d38865d857c5564df0641172640a79e027f4ee
SHA25641d7fb934643cb4d678613a689a9f6c6ee229eb43866a436403a6fbb0b226779
SHA512c2940ac597758a01ac954207dcc2356e607682c2f72fc6e6153fce59362dbd2edb2d9cda4496e02d95fc8ab25f928c963991688b22501828d57464a8439fed60
-
Filesize
12KB
MD504a423b92e6f81065aa2110e946138d5
SHA1ae1c30aaa63e1addc05b3354764a968333e6ba22
SHA256eac6cc902b7687f2e941417f6c3d9854c0e72e7d17ca78abe402fb2361816b7f
SHA5123638ab2038e360529ad540c8c21ad17e04cfd261a8d4ad6f96913dc7b3a768ecf5f8d369230713c3cd7dc8fbc65ccc804dcc0c7172a98a03eadc55f2af475c25
-
Filesize
512B
MD5dbb49a7e1f0621f0b4bacc19923676f8
SHA158893453acfbcd367f6478a73bd306e671661e65
SHA256832ea3c0c00bd3feb9d4a8c534e95c7c6e9ab8c0a1e52b2a07db77a5d6f0d3e7
SHA51223d7559f187b4306f269345fdaa8752a34bd3fe23459170bc1578ba4a3d171cc0d79b757c79de1a4fc457e733c82575be2cb502f142ef7b8a910aa942abb5704
-
Filesize
8KB
MD5b7669c358c20616436047bb721e779bb
SHA17731277daf1e332ec9846518b2a98a8b6c1e36f0
SHA256702a0188329c94d03379837257bc7f65a9aff24a055b9ab66c80e2e73fee6e14
SHA512c85ea72c8ac7e6774dfbf24e0dfc5ea62b715907f90ea8d1dab56d7354ec29c5c75506ae879d53182c11641f12d32250be309e3a7f0955c8e6624d4e50ec5253
-
Filesize
8KB
MD512a8dac0be98f7b92c568462a8c18286
SHA1b3ccda2861c3e4c847416ca14b3d1e875953f93e
SHA256146892205dc9b7cabff8b611b60852c455ae0124aff9a6078ae9a81de0b69d90
SHA51269f5800588b043096ca9c81dec26c78032e3680efd59cb43e38564035419c9ee138e395d4cb96dda568904a41a18ddf4408431f85415f23f76d02e75c1b7d356
-
Filesize
16KB
MD5f146f068056f537742763925c45d5faf
SHA1c8ce11d799b6fa57adef3c0643363fd13aa4ef5b
SHA256231ec8d786acdeeee19379f17f09e91929e6b8fe19ca112756e47634bdf4e5c0
SHA5126713d4806d65d959ca6cc491da8b254c8a84cc7ac37cf380cf15b511021c89ff96744be69905c74ce38b995a5fd665dce317a3e8d4299716ac20b16487d6d895
-
Filesize
36KB
MD54cfe777c9f6e7859f5efe2197401d8e5
SHA1bb3774e8879ad5f6db0c37f151c3d6bc7b4b207a
SHA256c422190539b6414072fc3950da19a17985c0c4c2172740b2f74682b520af5231
SHA5126be469864edaf8eaa110f618f8abd27962da92e20945dcd38073ade2b60b10f00552d54d5db9d9f75ca133213031030e71e2e30113ff033e5ef507a28fe0b1de
-
Filesize
36KB
MD586752a4be6564d8370f2f0e403995003
SHA129f7d50675f6e59f3b808eb6dcc8619384412115
SHA25650484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c
SHA51279c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec
-
Filesize
512B
MD524afa22537a75dd7b44897a9b41349cf
SHA1404677f2949ef631323d255bda4505fdb4378f0b
SHA2561ff3a20da732c7c2e5803f80fcb66017bb09e3c573dc7167d54a6db268e0c7cd
SHA512ed5a2c7c1e347d4c5cf838a1cca16d5993a193804c9fedaafa5a3c088e8a3d7382b933053766fe57a0df7c2e39578f572a68bb011fa25e7ab7f1206a277171e9
-
Filesize
8KB
MD5ea3229c77adf666a0c1153aa31b53ee0
SHA125c7286388ce2f891a0e891e9fc0867ee28fb1da
SHA256831d1193d118f5c3c812e4d56994c780a65ab2469de3fee24652b61be4668269
SHA51261aff3e7d8a4fb518019ba528f3f576be84beffe09c772f4276030ebbcc830a0262948d91dee95c26d8922ccbd4043a9477c0afeea845ca67745be5a59e01ecf
-
Filesize
8KB
MD55b9758e11e6ef407741f93b79c5ecc54
SHA1b27c236991cf91bc9e537d63ad7eecbdab153145
SHA2563c9aa14cad7bbf8da0e78f088add84a1afddea859d5a9eff8fb2cf725fa79dca
SHA512909b9aaaaf863286f97d00f663399a25b8713b8bf5522f5a1a32d93bf886248fa8e22c75ce8f954d8ffb486219084d48c92f02fe19cdde1b339c4aa532e140d2
-
Filesize
12KB
MD5e2ab8c591be3897eef8eb68f1be044f7
SHA1a788737db1f91adcf1d6c56adf1b6fe63fee6585
SHA256bf9d1cbc2a35a9723358028b8e75af9e89b56908e15541dcbd845d96f130360c
SHA512fb65c71bd0d61f2dff84e7abe99044e89d5b93cf42af648402b48ae24268ea540c99de65a9520671796c44e838ff43e2466cd6fb68b7dbb833968ec257c67ca5
-
Filesize
8KB
MD5dd4d9b0afe8fdb9e5131dd2cb9e03d53
SHA1f027907e608c36fcf1b937ba3d31455c321776fc
SHA256a1e5764b6a3da771c3bf5d5706afbf5dfc81ea5b44afa6514e0192b88e86bec8
SHA512c163a43deb35d57fd4298ab05f206a2a3c26ec14e5b7ede50ddae84b7ba76435e2478327b6d9cf7bb6c93bfe820761b63f204f173c12503a23b5d68271e2140c
-
Filesize
8KB
MD5c2a83af8837edf01b7ac8f09de4e6568
SHA18ef0608512179dbf2fda199720423b17940ff119
SHA2564492debafdd44e9ca1ff863b4634dc3c28200b25e3ad08debe641717c7dd717b
SHA5128d028dba4052c9ce39d466f93e353b0b1ad6de7360e9e9e55d019f7f1bf6d6e3f6b8ee698b8099c8bc1db7d899a802ae469a0ccae002dc38deb37b7ccfb13b0e
-
Filesize
1KB
MD53f5e56a29486f26678c999d1938c58ed
SHA1a9af830cf446fb009bbde1aa802ae695437ba665
SHA2562f9c86e1808871ba9652eb64cbbeea9747cd0eb4a72fc3887c286b728ee14869
SHA512700625af6ab555b3ce88da604f779359e845473cbb249b3c43eb7858c3d2da91f0f7ba220e716aaf23a935b3ef87eb0f259166d73ea7ccd025b726a2af48a4b0
-
Filesize
162B
MD5e0e6f1dd185d0e0b79d1d64b6c4b63a3
SHA12b85d4e1f758734b44606c265ad5b119ddbe52c6
SHA256adf9f5002ddc88100039e321ab229fe1b50e70c4cf845fe2c06741ecfe396e66
SHA512aa377e422b37225976275ec0d26b0d4c36be7fb8ea773ee49c45fb7aa702682a78df1589183577b46b79b9c8a8c5c6e9ccbf7c4b9260581736378ff6b3e0e3c0
-
Filesize
53B
MD5e817597aa9e9c29b4af7f6bead1308c7
SHA11b5747d90b99072c080add45965d67e6085d4f71
SHA25637818b7e717e6ee471f514a976c5686c2acb6e473c4edd2a3b9880498f9c2822
SHA51208555fd8982b3e8bddddca22717ec10481ea566524b035dff00cba1d52a089699bf383217fc5406f24b9775433becb7fbe27008e748e862201f970829d11e6f5
-
Filesize
433B
MD5e6e5aa9fead140bbd47c0cf6d002cd30
SHA158b5c29fce493a0e41099c54537f7fc28e1b64ca
SHA256f75f2a581694ae989a7a91de6fec7d9e326ba9b3c5ffb949958c047a7cbecefb
SHA512fa2f47fd722d7a66474f9f96e124201222a2807782f1ff021c896cfb840cf87e104af9d070f602f1c5a19c954ab83f03c90c69b73b9f551ea1e30e4d92ce950f
-
Filesize
111B
MD5efee9c7d5aacd9a0ae18c14a484b1d67
SHA10abf6b35593a1ce6cd4980739b6faebab87d5a00
SHA2563923306d360066c76d3e449dcb327184b0741e088a182246407c19b01e2e4dc5
SHA5125694cfdf6fb3d086e96e28aac9833b4d4b8f99978ecc0d58b43e67eaf9ebdfc6e9d498ef64c8f97f08080d446d8877c75e6a7b61b71b0e8c63d96852c97fe1a6
-
Filesize
213B
MD5e8332d2742fd831b86c4dc15726be99d
SHA1fdd4dd58a5ed12f6ea7fe5781dcdfebd2029eb11
SHA25609770d2dc2114e735b705e9371b9e9e85edc7ca121a21fc10390c0c4088e0dcf
SHA5122be09ade0d37db38244a5d83383a5ed0fe06781cdec27ea9c065224076574f11f703acf506b32bd5c36c6205ac395266e5b364920cf651a30f4aa489179475de
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
111B
MD5acc5601132d8cc0e96bbf81532ead76e
SHA1ca94dc051c53656ea878505cc86e65a9898d5af3
SHA256c0f6cf916809cba95e24ba720d963b14de9e21be0a4f1991ef21b1def2ef231f
SHA512d4e268f7e66e969fd9a65b4893a70cd4197dd14cf5373fef316cbd36cbd97e8d76eec444838f1e08ae31b7f3907d2b4c769de4cb8e031a28d40d22887e8a2ec0
-
Filesize
167B
MD51e2da67a7aa0ad3bb2fe4ecb7f19d3b2
SHA192f4c459f7b86dcaf2411cdafc7dffe3fc9aafed
SHA25605384e5580eee6e4bdb0e7e0fafc65d3077b0bdf280e5c52bdbd9f04c46c7bb1
SHA512716be4ba905c59e32aeae22d951c66e6eaa3d303c0a0d6b33e0073924f2637f57fba2d31b97d52833f6f49efb74cbf6eb329c2be3aec395b1edd7243c26b24e2