Analysis
-
max time kernel
133s -
max time network
151s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
17/10/2024, 18:31
Static task
static1
Behavioral task
behavioral1
Sample
5317bbac93b3477260ab2ffbb840826e_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
General
-
Target
5317bbac93b3477260ab2ffbb840826e_JaffaCakes118.apk
-
Size
2.5MB
-
MD5
5317bbac93b3477260ab2ffbb840826e
-
SHA1
7e7d8c264d49df6da9df555f83a3868d32371c1b
-
SHA256
2c64b3570597f0a8a6ca83943be338b78e0d048309596ee171ab535cbc253d28
-
SHA512
eafa329c04042f3405fdc3f0ccbf93c41388efbc3d455e4b815870671e77b13554641c0a78f0d0303ac0c4efb0e37c37e01b6b7c4f95e40d72cbd9c8d3be6409
-
SSDEEP
49152:nIJssYt5CeToI3VOUNkWvDnbteSiJ2BbzykOXKP5wiwdl1lXgCw+e:nZhTPkMrVBbDBP2iwn1hgCw+e
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.sogou.appmall -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.sogou.appmall -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.sogou.appmall -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.sogou.appmall -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.sogou.appmall
Processes
-
com.sogou.appmall1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4253
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
108KB
MD53a9fc2769bc39c698ecb05e61110f951
SHA1554f2ce58813a9496f0592c9965a5e180e5126ed
SHA256a74b00f41f411b651cdfa7915d744930faceb3a65fc3f64dda8365860d4ba78d
SHA5124a4f5d207f9e5db20678a8d678d583f5fcab4fff14196f45f348e57879bf0ce8bbbd86a290da34dd83a211943fb095b4dd333717f31a2c6cf5269f0a378d320c
-
Filesize
512B
MD5ff153e66ac95138b69691ae4a4e70672
SHA1d221b88da2f87656f9e130821696c534c6548b97
SHA256776c4c80e9990977bd33dd1abf78a221f0d5a6b7088cd04720b17feddb2c212c
SHA512125e4d2ad6267eb074d51b76fa5186aac76400f3184ab5e074d8d199a577ce347cb442ad5e64f97a7d1afcdaa3754fc4becc579b59614eae0c430326f500b76b
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
402KB
MD567513d3d3e7099f1a90df6760f3afc25
SHA1f1cb8e0ed6b7b2d3c1fb0f8ff147eb70794f8f85
SHA256c4fb7a910014565d6c43f455f72cf373fff5f17a4aea361f91030b1ceaddac8d
SHA512541c68ad9cfca6b40e0cd91259239ab776c98417e68b50318c27cb95bed3b471a562d7f1e04f0a3092650dfe499175e919abd4d7ba5d7e7734e2d89234e0f2a1
-
Filesize
124KB
MD56b784e56b1f695399bf853cd14e73526
SHA1d0a6aff2f3f2c515af7ca643fa30c7c2fc445265
SHA2563ec1f9d73d13e495322f2bc2f4188d24fe2d81917c2b1446cdf39082e00cb568
SHA51224a2b464195193f730e88f275e95688addbef971ea7eb15bf031d4448a2d50be106954a0d8b56f8d7ec2f891391f3a56e3aa3de34b19cbf5febad2c8d18c7894
-
Filesize
1024B
MD547c80b07db4ce22f3dea0ce05e360050
SHA1a3850d41186da11ecaf9211b0c7b41452888e2e6
SHA256e6f1592bca3fa3b834bb5ac6b304e560f0d4006523442024ea0930e383a13242
SHA5122b844035359fe00aac41693429d2ec12e71219bd8b1bf161335e644305a9c49db649cec0c2c40a07543e93f3d7fe4aa8e085762f06871abed82d97dbbe4cf8fb
-
Filesize
1KB
MD565a8ad05e13642a2b50f74a61b39842d
SHA10ddcd74919c0dbf485fad96cf6b23d7881233e42
SHA2560190ed7663ddd873fe1848e1456540b27cd69f760115e902a988548c6a176572
SHA5128f822050b8596369618b738ef98058aed7b9b218000ad4d59b062b48f6c230f3490c665fa91f078e7496c03dc6ec2a1e788c55db995a11a8c23d24f75bc5f741
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5d119f8fe0c4fe8e79e45355369607ece
SHA1cd7152e111c481460e5ed741d1f7703746f8eff1
SHA256463eae74fa3744501918645fa220e1110fceba17e2c3271a5fcf8edcaba7f2d4
SHA51284a76e63ac96141e83a578d872e500607dbd48c18f871318689005a135f1c88e596a3afa0509d0a8b90b6bf54ed220876829305c71e657fb99a2303b4239ab18
-
Filesize
36KB
MD519d8fe08c06dd8d9657bbcfad0d5aaa6
SHA14345f980be69510fb1c779cbf4f704747695fb4d
SHA2569697acb013ba2dd5531d609e46707fdd3cfe664879761d224764b4e00fa03e20
SHA5123600f5a5266db4707305985ceb5beab9c8319861bd8c9fec5ad4dd24b7c8eb25453b2e4d888f306aa8e422fe47498ce1d8b347ad2e50ca613f7880fd9e6ec61a
-
Filesize
109B
MD55a1c145c55125fb2e1ed38f69d7b6af8
SHA164f16262542fca0724eaaa12d533d6318006cee1
SHA25648ff134c8b60b845bb4d76dd291748356d0fc20d6366bf8caa60a82055d119ef
SHA512665434921a604b12e7c3449337050692ad51a38668e18373cc61e0e8fcab3ff3b9a60957a9898a2a7cbabab0b8c593921087a86f013ecaa92efd8df77f8ec200