Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    02/11/2024, 11:16

General

  • Target

    8529d06bceb4698e53788b840352137d_JaffaCakes118.apk

  • Size

    2.0MB

  • MD5

    8529d06bceb4698e53788b840352137d

  • SHA1

    89e11371e77e473df8c54d1e5ef9fdaf71ecb77f

  • SHA256

    1d5d6adad6260acfbdf62853dc69ee5f2f37030ec96741bd71675d90db8c146a

  • SHA512

    dcfa041c4c0c3d7fdf03f9bdb8e7bf5ad7a7fe44b59714265da7fc57fbbce193c409eca5879c5f49c39c7424997d47c66b84c9ab7e3bdd20226ba14a597cdeb2

  • SSDEEP

    49152:KcmHVErBjCreEd5z40HXKAzlJhy9UzOpLv4tm2M4:oV0BMXd5MOXKElyP8te4

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • labs.hands.fighter.twoplayers
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:5036

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/labs.hands.fighter.twoplayers/files/8859ce64.dex

          Filesize

          260KB

          MD5

          0a5e2225a6428970a4098a52fa282935

          SHA1

          6bbe63de4c745b36edf368f874005497a6ea4bec

          SHA256

          3423cca794e42d4daa815d066c3c795871acac7b460fda2d74012dd012af0a2f

          SHA512

          177abc6d51fa72a9dc1fc048405cd7d8ee3c125e74c85f17316f15ac8c865c604d03d5f560a2a8b844726d91bbef06304f6c9ccab11f94b59d715e338dc64af8

        • /data/data/labs.hands.fighter.twoplayers/files/BGEaUZrY

          Filesize

          460B

          MD5

          1bfe97d63e85c55cb7b28e1dd825331f

          SHA1

          f7ee48881ab70e4d5a9f043fafa185f7b7a359c1

          SHA256

          eaf53ec42af418007cbb036be1752784ad94bf6fe4cd56310e7ec4e0a80fc997

          SHA512

          85767faf90c273bc863f4895a68dd79b88d1ce3520d0e79768f890704ae03c113f73680413ba43a9b613cbc5d41ba12c4e5c748b2007ef27037cce46fdb4de6e

        • /data/data/labs.hands.fighter.twoplayers/files/BGEaUZrY

          Filesize

          535B

          MD5

          01af51f10781bee11de89ddc64675e43

          SHA1

          a2b4c7033f90d1ccc11ef51b6fbbc140a3df05e6

          SHA256

          cfe6c80f9b4e9a0814923bf1020ade7c90cdd35044ab41e063e635dfafe33578

          SHA512

          212b3369f5db64545db4d7271cb21fcf2efdf416fb9710216c0c0554c96bd7055d52eff9ac7b061db7f5a83648b2615a716084c92e24093f7165649d43ecc069

        • /data/data/labs.hands.fighter.twoplayers/files/TrPJFdsN

          Filesize

          336B

          MD5

          63f4bae8102cecfd2b7a3b69d079f5ba

          SHA1

          52da32f6f7b80d5eea086f578a1a483896f7853c

          SHA256

          8501ad8c9ef3d9178d8e626e5d4b2794c7c792b91cf2cde3ac52a9c58b7b0544

          SHA512

          01d98a244f7b16def3c318218db774dbd96ce46046536085a88debfcee9fe54e64456e5f900615087f43e317a6ba8f73137156f88bf3303cc1283b599e1c56b0

        • /data/data/labs.hands.fighter.twoplayers/files/TrPJFdsN

          Filesize

          336B

          MD5

          851be5bff6e667c21994e7819091727b

          SHA1

          c5b170ba568a23219296dcb19fa6789b55605d2e

          SHA256

          25e9fb0efb1b5642f5f9d5283f2942ad6be583cb4192665397e09561a61d190a

          SHA512

          8c672fa466ee4bbf972c3e1c7505def5ece707d47aeff99d83bb35ec56110d367b4149a26ddc53a267c7bcca358b5ef0643ac82ee498917c076f00d707b78093

        • /data/data/labs.hands.fighter.twoplayers/files/TrPJFdsN

          Filesize

          336B

          MD5

          9e615f5cb63fad41d26d2407bb9592ea

          SHA1

          c36dbb740f867705a23f771f0dadc80e74896969

          SHA256

          7f481c53b6d70d5ef95d1032006d6e9c820241b9039186b1fab18d260ba6fdad

          SHA512

          3d50d849afb238b6413e5f0418407f381fb3b541ac25113b922ad2ac6432296837a7340d64caba90a31a74a74dbb1aa64641ed8bb11f69af9e9d726869479e7a

        • /data/data/labs.hands.fighter.twoplayers/no_backup/com.google.InstanceId.properties

          Filesize

          2KB

          MD5

          761fa52a48339f2c74db48b68fc1241d

          SHA1

          143b8f446ec1ccc33a8112c6cadc8b9d5a86d8cc

          SHA256

          45d0a4a648ad27d20989c518b34b1c5be624a9010a8244ff87aecff65023eaeb

          SHA512

          f846cc08efb3e06b08dbef2e1b5c99ad70f6f681d42c91aebbdf29b21d5c96a324f5ebb1f41b892df333462c7f5e95f5687ee740d2ac34340dbc167008ecc3bf

        • /data/user/0/labs.hands.fighter.twoplayers/files/8859ce64.dex

          Filesize

          610KB

          MD5

          7811081ed59f58e9488e0c4ca4de3a80

          SHA1

          4172f3eca58f9b680cea6d58480f1248541a50d0

          SHA256

          5eecd797092618e4a632c1bb074fe611a9a76f8ec0d3f3201d8d2d62c1ea4fcd

          SHA512

          77bee3f0ba12a1284fcbda37b741b0e1fd24d0f12ace2a95c7dac146034cd0a48ca5e4b2e497321b9de91242247de2c753fe135ae29980f4706cb741fe1ef340