Analysis
-
max time kernel
68s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
17/10/2024, 14:53
Static task
static1
Behavioral task
behavioral1
Sample
526be06edea4e2e860adfe833b09dd51_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
General
-
Target
526be06edea4e2e860adfe833b09dd51_JaffaCakes118.apk
-
Size
1.6MB
-
MD5
526be06edea4e2e860adfe833b09dd51
-
SHA1
e1d1bcf52b8b2e9487afbd4663a392e27dab1071
-
SHA256
e36b4c5aaff9be0e99fedeae418a75c0cb0fa685c83aafe0fb3a1ea545c344c9
-
SHA512
2392e30f5d170eba33e1b9f686eadf55c90538667d802159428d5cc89cac44aba283fb8a88e7fd11b212008f5650795f84872d6bbf2640304728c56561f9afbd
-
SSDEEP
24576:fG5v6LWhxef9XymZMj30CYdj/YdMYjgFAxLQXu6bLIQK40bf4IrPD+LYsGwkcCn1:+5v6IMXy3e1/YdMex4uMK40MIzpiCn1
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 10 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo wpz.wrov.otgsak -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo wpz.wrov.otgsak -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver wpz.wrov.otgsak -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal wpz.wrov.otgsak -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo wpz.wrov.otgsak
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5fd1271e80f2be33c36e5b24afba97a02
SHA18c02820161c3457e8b6c83bc35a0ef597797daf2
SHA256b641509e29233764c86884e70319f17f553af564dbba674de4772ed97a6529cb
SHA512b1739f7e2ee2086528b98cfd41db7635cbf3789a1d38276705a59843284a6088336a81ada64b2d1afcbee45c0167592a8a91164c37eeb5eb10edda9d04d2c02f
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
20KB
MD505935ec418fd7c8ecacffb09ce80fed4
SHA19299e5c584eed55e5e94e4796ede9f32524fee34
SHA25663f79cc00dd4fb6a0872a8218de102db9c157dd8e219dc5ebcb08a4de8952e29
SHA512edc7c3d627d75e0700a8e126f5e35263576d8b37113a086382743d34efc1d3706fe63babcab63c2fb616d211b08666eefef4a887bfdae3cc011b9d863f80b984
-
Filesize
704B
MD57e503d2fb933e6b9589418edf014b7fe
SHA1945fcb0ccf0e3b5ee2bcadbb2375b56c9852ecc6
SHA256ce266afe0ecab2ea48ec2462f8ff71fbcd05e408f53447238ee0e234e42f6814
SHA512c6b077b7203900523e776cb2818690e52f75483cf3047b9b7d0668b6a47fdfa6197f4e4ce86a9cee98408476a9b43663950a9ee4f2973502354a15dd929b6aeb
-
Filesize
162B
MD5fd94e98ce20d1c92a67a7fc65be407d4
SHA1087553f36e5c4a245b28553079a022e0db6eb8c0
SHA256aa65a86acac215abeb489e3ae927fa11e424a635110fa182415feac581577353
SHA512468d53c9862e11e7a398fd531c69cf9bccab0e4577ad1e29baa17f4ca3f7af6b609ed4dab5cddc08687a81d81db8570b8553ef0e3e04e03080e4c0c72a14cb2d
-
Filesize
415B
MD50d1a29d4a5c01fc184ef2173116dcb26
SHA18053ca274f9c1bbf05d5dfd1b1eab0321cbba34d
SHA2563e9203322916001205b77cf39b38e7676668fee438da32bf347a68729475ada0
SHA51242c0248768fff88a6d981f9edfb00f6ae4fd5db93f89f1f8e145bf151462ca99abd8a495245895e5a99a70b3ce78bc47f09955df890abdb0bdb31c4b4deba86a