Analysis
-
max time kernel
33s -
max time network
132s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
02/11/2024, 06:25
Static task
static1
Behavioral task
behavioral1
Sample
84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk
-
Size
951KB
-
MD5
84de8f4e8f79e7b3271cac3b2d4ca7fa
-
SHA1
db4b11540cff81a99160ff0c8fef3ab74e6937c0
-
SHA256
8dc5a50cfb17110faf8614d27ca02130a933b03ea4d9e6626d5eb48fff095118
-
SHA512
724a94fc21a49e8f82859a46aa92e891611dfac9ec129d17e1a2d27b4fef389ae423873d8fa23f6161fcc769ab7f6a46e122482d457fe5283b87c5d90e20549b
-
SSDEEP
24576:dempTfemZSAqZrt3m/bemfem13emGNPN+QDGkcBJgKYOTEAFcyTmz:dRTfhvqXWDH93+0pkcjjYeFFcyTq
Malware Config
Signatures
-
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
description ioc Process Framework service call android.accounts.IAccountManager.getAccountsAsUser vn.adflex.process -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo vn.adflex.process -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.gasgarena.store -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.gasgarena.store -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.gasgarena.store
Processes
-
vn.adflex.process1⤵
- Queries account information for other applications stored on the device
- Queries information about active data network
PID:4269
-
com.gasgarena.store1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4333
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD55f3a37a846fa112d9db14009fadcd18e
SHA18bd4442f25b1fb1bbc6ce257a542ed4f903dc613
SHA256a5a9e8d0b73273e7ab1cf04d689ecf742539849d41b33532b235b1f71c39cb07
SHA5124e2dd27a0ce4283f7a63d62a75779ea3a1392b98fdad2e7205db7ca29342c135405752e9d8f12ed07bea9bb8e0a986f24f82f60e35afcef85120103e041b25a9
-
Filesize
20KB
MD5bf0cc6831add8537315ae9c1226b9a70
SHA1e10bd70ce479fec1bb0d0a303d6d732c308656d9
SHA25697a0b0cabc7ece49f8e23d9c5422d33e47bd0e7a25a5c636777c06eae015cf54
SHA5123ed8a6f084259cd627e5efcb58a853059f2635e1c0b0096c8b940666a1f843d6e718b99ac40b95e69563489bf088fd226d24bd3686ec24d3ab64138071db7bc2
-
Filesize
512B
MD585515039863e8b552458c086ca9f13a2
SHA1b6d7690c43989c66e5669df7c2a7e838c49026fd
SHA256144f1d01eb4e338318a3564461210c729db41cdd03356860f360acbac08c0553
SHA512166f1bc86e0b1626aa9600d3b6e4f577fbaa0452dd5dc63ba0fb5de932bc2650e75eee0de955f1fc8eee31ce545b44b363b17b977582596b8401bd94b0151cb1
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
52KB
MD51fe21e8989606a1bf5a12d8341dfbb47
SHA1299ba694b8e31b9667a14a936ac5d05c14e80b27
SHA256f1ce7b01f7f3544bdf5771bdb80ab0a855333386ae96bb2d0c3ce842db7121a0
SHA51262c28a9758531b9c14d7d876e762615c65d97e99dd3f2679fdf7212584e2e7059d57a91c84d2a6d8bca051523a156dc5b949680e0829028b4dc2a7de19d35cd8
-
Filesize
8KB
MD5b634847006ebd4d502b2865562d9eeef
SHA181c56ad82f0bf0c53cfb4f3862ddafbf7953f1f0
SHA25692e233638652c5026c36b65600107a0474e2e5f54df450c627dd5d0dcc19a0c4
SHA51269a6e9916e6662b1ffe7ad101ff345d689fe305d1182d1db753eaf5518907d1d497f55a35ea83ac69506c9720b880889c1e32a6966451468f6cd4fe7c63a2178