Analysis
-
max time kernel
134s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
02/11/2024, 11:17
Static task
static1
Behavioral task
behavioral1
Sample
852a4a3e857aec31438df2e7df684fd2_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
852a4a3e857aec31438df2e7df684fd2_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
852a4a3e857aec31438df2e7df684fd2_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
852a4a3e857aec31438df2e7df684fd2_JaffaCakes118.apk
-
Size
55KB
-
MD5
852a4a3e857aec31438df2e7df684fd2
-
SHA1
cf872ea72fd70d91b3d08c3169cb74bcbc91fab8
-
SHA256
f804fa5ed2b19a05bc0132d693cda5f7dd3fd7b4236cf1f1075b14aca5eae21d
-
SHA512
3c9dccd609390fff7da300997622b12551f7b24a4f3b8bf922b70418320b16b188c811d37e5315e89f48996e25fa783339da958a36fd4c319862cdda07e26cc7
-
SSDEEP
768:rWEbFuW7/Xyz6PXQ0YzBIt03WP8h470oDWIHOAOrwTYionryfFYSRpdaPWk3W8Io:rLF6zoXXYFNNxywrL+Eo8E7qMaWVa
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.example.voltz -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.example.voltz -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.example.voltz -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.example.voltz