Analysis
-
max time kernel
32s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
16/10/2024, 03:42
General
-
Target
4b41f7728f70dc46fcb53621c9a38f37_JaffaCakes118.apk
-
Size
26.3MB
-
MD5
4b41f7728f70dc46fcb53621c9a38f37
-
SHA1
2466f82d930ee98ffb3000872684cd366f33e24f
-
SHA256
fa06ff88a64f89f522b511b73940230417c62eeaf19ccee2f577a8ca7170b68f
-
SHA512
2af67979a5122b2039907e110a68bb05f2ce90b031874a45cd70c2e9a83df93dd3f8671ac208a31573c3e7124372091b5e97e48784bf566e25d6669bec0a833a
-
SSDEEP
786432:jVY9aFNeWkkfjtzEVPYQfmhlPJfOBlJiP/rlaww5Jsv:jVXptQVgQWyiPjUwyA
Score
8/10
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.sohu.inputmethod.sogou1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)