Analysis
-
max time kernel
22s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
23-10-2024 14:30
Static task
static1
Behavioral task
behavioral1
Sample
6f6612d138f02c54beafc20b98a4d16c_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
6f6612d138f02c54beafc20b98a4d16c_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
6f6612d138f02c54beafc20b98a4d16c_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
6f6612d138f02c54beafc20b98a4d16c_JaffaCakes118.apk
-
Size
1.5MB
-
MD5
6f6612d138f02c54beafc20b98a4d16c
-
SHA1
3959fbac9bb931835f2d0b389df937dbab0f6a7e
-
SHA256
8e39f0694ab0d2d8c162cd25738b555e1b7a42c8b29b7386d17e880dfa41750f
-
SHA512
0a49da912990d9ffcfa86f09fb8e537650461c6001b3b8fe93f8dda58243c6310c48f6fd1fa503ae08b880ab85cc56c4ecbaaa0367d93e625b16ec44a2394293
-
SSDEEP
24576:C3NUniUTg/FDfY+z+RpHVqFsX9nxOpUPLQcO6bHNQav+APpzjq7inq0:CCEd9KVqFsNxO27PQamAPpz27W
Malware Config
Signatures
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.yybergeanzhi.ruhutianyidescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.yybergeanzhi.ruhutianyi -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.yybergeanzhi.ruhutianyidescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.yybergeanzhi.ruhutianyi -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.yybergeanzhi.ruhutianyidescription ioc process File opened for read /proc/meminfo com.yybergeanzhi.ruhutianyi