Analysis
-
max time kernel
49s -
max time network
155s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
02/11/2024, 06:25
Static task
static1
Behavioral task
behavioral1
Sample
84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk
-
Size
951KB
-
MD5
84de8f4e8f79e7b3271cac3b2d4ca7fa
-
SHA1
db4b11540cff81a99160ff0c8fef3ab74e6937c0
-
SHA256
8dc5a50cfb17110faf8614d27ca02130a933b03ea4d9e6626d5eb48fff095118
-
SHA512
724a94fc21a49e8f82859a46aa92e891611dfac9ec129d17e1a2d27b4fef389ae423873d8fa23f6161fcc769ab7f6a46e122482d457fe5283b87c5d90e20549b
-
SSDEEP
24576:dempTfemZSAqZrt3m/bemfem13emGNPN+QDGkcBJgKYOTEAFcyTmz:dRTfhvqXWDH93+0pkcjjYeFFcyTq
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.gasgarena.store -
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
description ioc Process Framework service call android.accounts.IAccountManager.getAccountsAsUser vn.adflex.process -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo vn.adflex.process -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.gasgarena.store -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.gasgarena.store -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.gasgarena.store
Processes
-
vn.adflex.process1⤵
- Queries account information for other applications stored on the device
- Queries information about active data network
PID:4961
-
com.gasgarena.store1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5000
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD53505598dfc9be2e9ed3452a8d0aac1b4
SHA16f45cbc1c240696826f3fbc2e2ee74f2bd6ac51c
SHA2568cfe219a728c310d5cf3e4386d2fa1009dffb661d040aef55b44da30c59b85f4
SHA512d07611f89c17a12d2a54e5be8ec3e29541689f9fad64e8053a05c38c5b4c17d399e13df3c8950c49dbbf947e870e721d0f58d973e109af416bc17089adf7f6e2
-
Filesize
20KB
MD56ac602fee4b97cdd0f2c6dca9f5a3398
SHA1d31037d532f453330bbcea7e14467090bc0901bd
SHA25675c4ad29d62d00f70caa6441dc36082ee629b456c3da64c74aa6427860a15676
SHA512119a2dc635dfcdd86b2617943aeef779b58e2bea4c1eecf2be576c71563c4b8cbe554628325529e1e4454353645427a372782ab2ba079f2f92d6354fe07d488c
-
Filesize
512B
MD507e4ecc422ec8cf4695f50b1b3cc023d
SHA1d55c7ccee948fa4d226e09659352c23c18df5a5e
SHA2562ea7ff49cb5c1b47cdaca0362c4f14d1650d2889e0f3c1ea3ecbdb5d7569b48a
SHA51239c91b0a30950612a74ca9f0634d5dc47a2aab86b552febc3be158ce4ff5303f3a20dbdd77163cada6b498a034ea952c5cb2b33c9514734c371daa6058972ab3
-
Filesize
8KB
MD5c050853f1097c638adcf8d9263755825
SHA125f3c9d8f653718d030e5b6409ac10d05082ee66
SHA2568ad35c148ce2b918c106c1844d7e5adcf046859dfa9df09e4765a0d9176d6f5e
SHA51213b4ec27c35c5966399df505d442e5135adfb6b190f13d47bd2101a5106c27e232212d4ed62fef2f3da23b73122f6ddbfbd068eb3e7b30949499ed32bdfed079
-
Filesize
8KB
MD5f621f16e415a1d7891efe34baeafac71
SHA18bb3e5e8cef4baed695777531e04634fe4f0fc67
SHA256f1dfd0f8c05e7a11d1d8b356c121bf98e27efd3d1440c1b7e86fc8e620f7e044
SHA512320a8cdd97729e50141e5e62adef05bead99cf1cfc120c9fc1d8f0a183935e207ca26e782a71d69bf696d9da67ec255a5bd0decbf0c95c89580a9eee88149cb4
-
Filesize
4KB
MD5b2e1d588eacd42f4f6c2c72d4c0c5bb7
SHA1c78483608a1f07e4e3d0087a53ac37622a2f1d0a
SHA256a7113306a8f4835d78b477ac2b70dbd0904523d804d8008d011a6ccf49a97159
SHA512f0def2fa8d3809e0a908578f6dcd31dd7d88d63e8b10940c2cd12680883bcfe79b83bd378da097a42a7509961589ab4128f774635e3a2ae3a990aac1f941fbe8
-
Filesize
4KB
MD5a9316316d2a1f0a3a471bca9c4462c91
SHA19304805e36d2ed79007a5811b6357a516ba8c96e
SHA256de29d99473e2fb71d21ce80575f945492f848b310a83c008aac88084c44c523e
SHA5124cc59c1b62a59db3fbcf35734309a041efdeb5b8fcf138747cfea69123a260cdd286d875059fa2dddc55595ac0724430588176d68274771d37a05e27dc1f05ee
-
Filesize
12KB
MD57ab44c3f8508519298b08cd1f29f53e1
SHA1621853a58dc90cfe4a2ccf49a199fb6f3bc177b4
SHA25643a85df3262088bfcf7c91290a286dbdd7c91c0f4ec8b79bf511b0790fdcc63c
SHA51261bc9192a9c327ca1f77a04f9282f4c0d184abe84e50c3dcb5695354a5b6973befbd828ebf4ff1d775bc0e0f0bec8bc38e88600e826dd319627ecf8625176ecd