Analysis
-
max time kernel
149s -
max time network
156s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
02/11/2024, 11:16
Static task
static1
Behavioral task
behavioral1
Sample
8529d06bceb4698e53788b840352137d_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
8529d06bceb4698e53788b840352137d_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
8529d06bceb4698e53788b840352137d_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
8529d06bceb4698e53788b840352137d_JaffaCakes118.apk
-
Size
2.0MB
-
MD5
8529d06bceb4698e53788b840352137d
-
SHA1
89e11371e77e473df8c54d1e5ef9fdaf71ecb77f
-
SHA256
1d5d6adad6260acfbdf62853dc69ee5f2f37030ec96741bd71675d90db8c146a
-
SHA512
dcfa041c4c0c3d7fdf03f9bdb8e7bf5ad7a7fe44b59714265da7fc57fbbce193c409eca5879c5f49c39c7424997d47c66b84c9ab7e3bdd20226ba14a597cdeb2
-
SSDEEP
49152:KcmHVErBjCreEd5z40HXKAzlJhy9UzOpLv4tm2M4:oV0BMXd5MOXKElyP8te4
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/labs.hands.fighter.twoplayers/files/8859ce64.dex 5036 labs.hands.fighter.twoplayers -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener labs.hands.fighter.twoplayers -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock labs.hands.fighter.twoplayers -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo labs.hands.fighter.twoplayers -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone labs.hands.fighter.twoplayers -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver labs.hands.fighter.twoplayers -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo labs.hands.fighter.twoplayers
Processes
-
labs.hands.fighter.twoplayers1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5036
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
260KB
MD50a5e2225a6428970a4098a52fa282935
SHA16bbe63de4c745b36edf368f874005497a6ea4bec
SHA2563423cca794e42d4daa815d066c3c795871acac7b460fda2d74012dd012af0a2f
SHA512177abc6d51fa72a9dc1fc048405cd7d8ee3c125e74c85f17316f15ac8c865c604d03d5f560a2a8b844726d91bbef06304f6c9ccab11f94b59d715e338dc64af8
-
Filesize
460B
MD51bfe97d63e85c55cb7b28e1dd825331f
SHA1f7ee48881ab70e4d5a9f043fafa185f7b7a359c1
SHA256eaf53ec42af418007cbb036be1752784ad94bf6fe4cd56310e7ec4e0a80fc997
SHA51285767faf90c273bc863f4895a68dd79b88d1ce3520d0e79768f890704ae03c113f73680413ba43a9b613cbc5d41ba12c4e5c748b2007ef27037cce46fdb4de6e
-
Filesize
535B
MD501af51f10781bee11de89ddc64675e43
SHA1a2b4c7033f90d1ccc11ef51b6fbbc140a3df05e6
SHA256cfe6c80f9b4e9a0814923bf1020ade7c90cdd35044ab41e063e635dfafe33578
SHA512212b3369f5db64545db4d7271cb21fcf2efdf416fb9710216c0c0554c96bd7055d52eff9ac7b061db7f5a83648b2615a716084c92e24093f7165649d43ecc069
-
Filesize
336B
MD563f4bae8102cecfd2b7a3b69d079f5ba
SHA152da32f6f7b80d5eea086f578a1a483896f7853c
SHA2568501ad8c9ef3d9178d8e626e5d4b2794c7c792b91cf2cde3ac52a9c58b7b0544
SHA51201d98a244f7b16def3c318218db774dbd96ce46046536085a88debfcee9fe54e64456e5f900615087f43e317a6ba8f73137156f88bf3303cc1283b599e1c56b0
-
Filesize
336B
MD5851be5bff6e667c21994e7819091727b
SHA1c5b170ba568a23219296dcb19fa6789b55605d2e
SHA25625e9fb0efb1b5642f5f9d5283f2942ad6be583cb4192665397e09561a61d190a
SHA5128c672fa466ee4bbf972c3e1c7505def5ece707d47aeff99d83bb35ec56110d367b4149a26ddc53a267c7bcca358b5ef0643ac82ee498917c076f00d707b78093
-
Filesize
336B
MD59e615f5cb63fad41d26d2407bb9592ea
SHA1c36dbb740f867705a23f771f0dadc80e74896969
SHA2567f481c53b6d70d5ef95d1032006d6e9c820241b9039186b1fab18d260ba6fdad
SHA5123d50d849afb238b6413e5f0418407f381fb3b541ac25113b922ad2ac6432296837a7340d64caba90a31a74a74dbb1aa64641ed8bb11f69af9e9d726869479e7a
-
Filesize
2KB
MD5761fa52a48339f2c74db48b68fc1241d
SHA1143b8f446ec1ccc33a8112c6cadc8b9d5a86d8cc
SHA25645d0a4a648ad27d20989c518b34b1c5be624a9010a8244ff87aecff65023eaeb
SHA512f846cc08efb3e06b08dbef2e1b5c99ad70f6f681d42c91aebbdf29b21d5c96a324f5ebb1f41b892df333462c7f5e95f5687ee740d2ac34340dbc167008ecc3bf
-
Filesize
610KB
MD57811081ed59f58e9488e0c4ca4de3a80
SHA14172f3eca58f9b680cea6d58480f1248541a50d0
SHA2565eecd797092618e4a632c1bb074fe611a9a76f8ec0d3f3201d8d2d62c1ea4fcd
SHA51277bee3f0ba12a1284fcbda37b741b0e1fd24d0f12ace2a95c7dac146034cd0a48ca5e4b2e497321b9de91242247de2c753fe135ae29980f4706cb741fe1ef340