Analysis
-
max time kernel
48s -
max time network
156s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
02/11/2024, 07:04
Static task
static1
Behavioral task
behavioral1
Sample
84e306a14890a5bb79344646fb64d4fb_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
84e306a14890a5bb79344646fb64d4fb_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
84e306a14890a5bb79344646fb64d4fb_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
84e306a14890a5bb79344646fb64d4fb_JaffaCakes118.apk
-
Size
409KB
-
MD5
84e306a14890a5bb79344646fb64d4fb
-
SHA1
74fd7a45593a8286e37464010c1fa501dd4e5bcb
-
SHA256
2893fc43e69b95a0a092f44b32fedb52cf70feba354760d346088f3dedd4a2e7
-
SHA512
3f251c5e0f3240a6f12960246bac99b8221e60a0c8429e00449ab32700f08ac90d819c4ab53ba4c10a71d309a7bb800cc8afc4d59cf70d3e25aadbff7eaae829
-
SSDEEP
12288:GyZcO7C/R5c/4kho4HQMMuy66AhU8uFZIzMd9Ek3LB+:Fd7aR5c/ZCIQoy666IdF+
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.vns.mu -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.vns.mu -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.vns.mu -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.vns.mu -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.vns.mu