Analysis
-
max time kernel
148s -
max time network
155s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
02/11/2024, 11:27
Static task
static1
Behavioral task
behavioral1
Sample
8535139e782e91ca1a80272110a540c7_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
8535139e782e91ca1a80272110a540c7_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
8535139e782e91ca1a80272110a540c7_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
8535139e782e91ca1a80272110a540c7_JaffaCakes118.apk
-
Size
3.5MB
-
MD5
8535139e782e91ca1a80272110a540c7
-
SHA1
f0a6c93260ed95aa8d4ed65f3a3827c995a8633c
-
SHA256
efaf275c986c600620bd21851c23c6e03160d874de29e3d4322f73ba95f81d7d
-
SHA512
58325d82034816e354886dcc2094cc32b575c9dd71d72175da0d9eb50eb6a586f5f629c3bd6df20fea5153bf71f8db990c178629bccf9abf9af3610f150f0c56
-
SSDEEP
98304:kW/fGzIoiYjG4Sh+Ppq19JcPxIIt7wu1REXHvGol:1fYJisG4C+Pg13cp9tN16Pv
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.holy.idiomstory -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 6 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.holy.idiomstory -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.holy.idiomstory -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.holy.idiomstory -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.holy.idiomstory -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.holy.idiomstory -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.holy.idiomstory -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.holy.idiomstory
Processes
-
com.holy.idiomstory1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4961
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD5653710ef7f6a06e00e981adb12683e2f
SHA1e8a1718747ff359c3084ec2c0f7f2586119c90da
SHA256e25f08c7a081b452f680b9b2b74bf4a758421833ff42f44a6ad6cd2510118dae
SHA512f69272f26176434c5e66183a55e72a9a0c85b9c6006de33618bc652930d98890beed77fdb73cc422d3854336457b2af64e5ac7346fa06668ead7a0178af4cce7
-
Filesize
512B
MD569f68001b1bfa13ada375c6aef479b4b
SHA13b8a2ee47e2abe43eea43f9e5c40496571ff5069
SHA25601a7593826ff198142a66da4ef580cc2dd44f0a8ef25a8c05aa9517b3e998334
SHA5128a039dcfabb043877bba98ab19973d75afae05a38368ce48d11935589df1483ed3c9e8c750d653bc746676c1c0f5abda22863cb85aa9138c14ce2287cfd85dbb
-
Filesize
8KB
MD541f2fd6170a88f6f54e24db591a32aa8
SHA1a22bcd4284b91e1fe7512f1c19445bb4e63bcd0b
SHA256af7379679ee87ebf3c451d12697cf6ce1084ad29f3e97dc94b430efce652e707
SHA512f9ef795f301f52c3c5d84c838d3010fcf04b26af6c5fa424b29bb9bdacbb0a89812a0fe32fd1a316d83ccebf78da3ce7a25db18831540c6350bb40d1d67cc96f
-
Filesize
8KB
MD5112e706718d9e2671273847aca792e71
SHA11973a0bf991c75dd05c643366449f4332511e23b
SHA256dd9fd68c11cdbeccd0bd16733e7691e70fccb46f59f514241af36756a4df1d98
SHA512a1b0f68bc581c88800b28a443a9e4f64fbb8392cdd7f6c7d8e879328adb8ed99e8e036bded2b1bb1ca48870105cdf504e53358a7fc60953955cad15481ff6aa0
-
Filesize
512B
MD5849d7605d7f327f304451b66b3f8a548
SHA1938dc24c432cb99f1e083f845d66a65de49c6b3a
SHA25638bed143848eb3a0b71c713c759dea4c4428ed589fe5cebe10442da13473417a
SHA512722bdf25a8485a4f57a3e68a61e75a470149b164bab4435982aebd7a9fa5d8930f57cee20d110d70dd70374ec4bed40977e050afcc8861c84ed1ed40336459fd
-
Filesize
8KB
MD5962154980a42da00ec526f1e7e54b091
SHA1b7fd4a586e2ee58fd4fbf2bb38da6c78dd3541c1
SHA2562c9c159e57283a7166c564651093c28a90eeda02abda8dc4a31d6b81a497f412
SHA512a315b87ab4b96498f7f06b59c66e0bfe4a7ec10c9bcf0da81df912bb3f129ea2487c9323b51b1eea557ce9bf9efa8b5b5a7bcaf84497274a5f2aac50322af816
-
Filesize
8KB
MD5b3db1093c6cbfdf5ff5c58e506746386
SHA17cca880c3e371a3ac0e70149594fdbc8eae24096
SHA2560caac1cb520d61b2f6b49305f6e3f8611d294aebaafa51e41f8b7170eba28aef
SHA51213342cd10156947e0fa220105843dbdd33f49f23eac493bdb84a24714710896d405d8488020d6bcb0578e796416ad438949f24740ac33b77e67c58756235233c
-
Filesize
512B
MD55bec4686b0690c6b14947c259d842a0a
SHA19b6a9d234f0f42f1b1610b476d8bffb2bbb52444
SHA256f8174c05ea85c5dacbe78e238bcf3965119ef9ed5f38b8006fca6c437a13a188
SHA512754a2dbde4d9db2be5801d3bbdeeacab268be800275ece7f13cfae16199dfbc8f338c5675e12327965604ad7fcef6b67c8365df57892c6031496574e32a9fbad
-
Filesize
8KB
MD54aaa9850a9559a820184ca3897503a66
SHA1b7cbf017daa0c3c589397f6f5961ca6ab1ea87ae
SHA256da8f4e237d8e56f677cd67ecfbc3e4da5ee4b6ba56047bc933f8cee5ee528d38
SHA5128a82a8c517859ae9553d72d2022ad3d010665515a4f8ba13c50d65142c193cff4e0b1c8eb8f9b054930aa864c47374d322bc5a177fdef7c18d6c98ff55f2352f
-
Filesize
8KB
MD5346b36da343b0ff1482d04c30f605fd2
SHA1ce41aaf7abb069bef2ae89ca07c90f086b77ce71
SHA25600631c5629ceeb024228fc2868abe7c3908b149f718c7a1b48fc435ab642517c
SHA5128efddf2010dd8c295c7e85d58bb32cb0377db5976a91318646004aed00373b837e1a8725d839db43739a43d562837e45bf086837dabf4033b1e12c79faea3913
-
Filesize
5.0MB
MD5ed1b04d64c7dd2247059911fde78eb34
SHA19ce8cf3053c2fd14992ffe482e08a429cfdd51c4
SHA256d094042dd6d3d367e07b7175e07bfb3e8987b0a0616a17a48dba9726aca609f3
SHA51262f9c58640e80eebae80efd6cb02777730c33ee7e7fbc619d63f4eaca2feb4884de9865cd673a54a3dc3934d4b23b825ff456d6ed88e80661bed5fee0f692887
-
Filesize
2KB
MD52b83d5383ca922523a901489df28efb6
SHA1a32c780ab8b0f0bf9f713c36426d38b5b8e4385d
SHA256017e6cf34fff51ef6d9bf291e4c4eaadd546cc27b121ff6b348ee6fb2a5cfa9c
SHA512f2dbaa36f1957fd150e2237f5aba2b6c632743130f5772cc0f3bc6f2292681e0088e218164933328319e6ec96e2b7daa103789a5c81cc21130fb748ad8da1b84
-
Filesize
2KB
MD54fddc65f77474764d2d635a219e90c6e
SHA13d794f66b9d7588fbd6efe11e0ee8d519f963d68
SHA256025c1a46d4a786fc8c494e157526377e76619aefc02076881e3947c7292a5540
SHA512ec441bbdc504037ce43aff122a7d601b9ea14c31492578d46f332f7def3e21dcd186590682eca2488970c181e133c45a7f91746972f4e353d34b7c2d360abab1
-
Filesize
1KB
MD506233eba7b0f040d30ff098c970112bd
SHA146b4a46bcfdea25235e83b4a80aa1da9b39c7150
SHA2564625a04f88091233aec6483e60fa5405c6481063be0dd872603eb3b30f394d08
SHA51201260434e37334ce3423c07d0a1706306fa18dfafb66eecb5c02f1645c1a5d653da6ee549b24970e03a3df288fb135dff25c9381e00ea61f617bfae803d185c3
-
Filesize
24KB
MD50831e7409f4719cf4cae2e154106bd73
SHA104f6b7592f36fc7c3aa8befb3ea6cc247c3b3190
SHA256443349b5ad00c150da1f10fb05ef5905ea42f92826469a52bd24c9ccdb133331
SHA512e2f7e79713153daecd31aeae488fac12415ee9792a749eb976ec9f210889c43eda42b53391bc2aa46a3ff59de3602865ca68bcc58af96894050718468e253796
-
Filesize
512B
MD5f1d6691291e67577474bd7a3051d43fc
SHA1fbeff3685bd7d007d3f3cd7f17c69390f6cc4885
SHA2564fa1128a6330dbc5c4ff17089793c93fe3cc527995fa263dc25077cb3a239056
SHA51240565ce18ef3b42c51bc8ec10d16cf5ba65432886f87c2ed64b7a2de580a6a1997a2f4e1fca77d117d9b9dec2415e26d5085193364f154c1903e00fd8658d750
-
Filesize
8KB
MD57c7644dce74a7e0a4a7db61339480931
SHA1ea597bb6f16486f7fcadc6edbd7aa5d743cb7428
SHA2565b56e51a3cb147026eadc1a9c26d7cd839dfb0d5bbc8cade7e6646a1ad72898d
SHA512bbdb55e51811b1f8708fe7eb4f4061af9a178138790a4b16e235c8348b6f46d34b4857f6d7350141358261d4082660876cf84a1b99b6d8b04726fb43848cbe83
-
Filesize
8KB
MD5d1ba5649eb914011f2d9502a7982e595
SHA160cf1b659d7aa1721987b848eba582fe6d911a93
SHA2567c57f3c2de65030d55fa2ab36fc3357c68b8209ae636444aa5cd8ecab10efd62
SHA5121a7650223491f71f6e3b79ed84f430fcf9735d2cde2021eb6555eab3a8491e29b9c3001349bd733e3a4638998e1e8f60666b5d3207782b85eb4d0091e9e8143b
-
Filesize
24KB
MD5ecbff9653eef62492fc88d864bd03eef
SHA1ba72b8a8e90d4264e28c94d6b6caf78a04a267d3
SHA2567dca83b099edb9689164bedb8a6e99292e1dd02c63efe1671dc1275e4b5ce3c3
SHA5124018fbd16e983db63f5e7d59c919c20357674cac3796aef290f4399e4e1d26e7842f8dbfa67d26a54ca8fdb82c583fc449fbc2ac39c0c8f94f454ad6c8a53c2d
-
Filesize
512B
MD5d0521ef80fbd0fc8fcc4d1df0f1c81d2
SHA1b68aa093522d27ac3c0e93b5463281098bf3c643
SHA256cce39d87b9a2626ffb57fe03cb3e12f114672b0fb054f8a6829848611789e876
SHA5128a5a684f7f0e6684fb6115ed0c4216173a4d92a4a1a48d55ed19e615809b74f3e4346ecea6e7a99d148a6ece6eee08b72ab341c63c73628cf4ec16712775d412
-
Filesize
8KB
MD5c1df64a1bcdadb0b444ade3f78a1229e
SHA1a31819f095823ef075a62b92810b85b5f806901a
SHA256ae9b0d53ac3a71c93570dc7423fe16a9ca049a6f761fa55fda64dd25575a7f1b
SHA512d698177b170e931aa3731bdec19e65a21309ad6a8269d1c8a3bfa0534eab5ed1ad5207d9490e11556b03c0eb5cb67d074457d1740af02015c438ac241d100a2e
-
Filesize
8KB
MD590f6303fbc414220c45a9e45fe1757c2
SHA12438e2e1404fb6904aea0b4c28102b55ee15ffa9
SHA256b8693e4908f2061978293b4cd430de79cfa22632b81921d25bf05039d8f1c119
SHA5125169d4078a1c4b6ee7d9b88b0c64252eca823a100770b91fc6fe0eeb66434647cc591bc718b99989256175bf3d2d3dd0ce80d3d3a00eb66411df1cca2d1cdba2
-
Filesize
24KB
MD518fe38af58e5f87856a790c33aa701e3
SHA1c6891a756dd4fb4dc0579264bdeddae216b38d6e
SHA2560406afc81c76b3b2e95bf4856a2bb48ad44ba02e4c45b45b64d1a495da518b4b
SHA5120713ec95c92b5d8faf3fb30545c197c5fe1865f05e850f06846f35fc0b473d0f85cfb60572b1861defda63c52ac88eee9d4b71ceb184c5e1dd8ecb29333e1438
-
Filesize
512B
MD5226a1e1f3f590a18623164ec8f8a6577
SHA18b28407897b60633437ecee0a1febd944f01c65f
SHA256fad2a6ef91459479a8e4294ba4820045656bd3e2c1e2b19edab5ee24874e804a
SHA5126c8d5c4d345cbf93f55d846fede29e8a34ce99c8c0ec15b0dcda11aedf1049c0e647e5e519867c54281124df69e63d437b6f1c97f6c949e1cce8a5b57f3b23d9
-
Filesize
8KB
MD5b0253570ee1fdb9a15c629f231ea04e0
SHA1b6b7de342a6e1632438568b0e16343dd9c43aae6
SHA256e2b014a5693b94d55e72732f4716db7bc62d0b935952a734af60378bf5e8d16f
SHA512ea6945c2bd866309e86a78e9509336a895a3a2f10704207d9871b99ceaefe333dcbcbb101299dd63a6c95cd1ce8744234114b6b70ee1252b67ef86a3b04556a6
-
Filesize
8KB
MD5c6759f50f53ea55a47acb829d7b36c91
SHA1806ab8005f2d1785d80932e5ee14de0a5531f522
SHA256408807c82786feb9b79bd43f780cf5897f6c571f333830280c6b201e937aab26
SHA5122b6bc27e1bcf0e71e929152f77838c11da122242af616b4f54ebf900bfab5ca57afb897e26b78a8b4062af6425c9a279ba9d1a41eafbccf2c2677356e3b0c580
-
Filesize
24B
MD5bc51a59f793204e53617040d713c7232
SHA15920db5e438f7486bba3ed204dddf9206f24d388
SHA2564ca23b0af17845231164e7d8531b7177f1e27afbd3e0f9b6fd4c2aae457363e5
SHA5125ff5ef4057e87b6e8e2f0048694fb56eb86c81164ebc792706a0f328985c54f8fdc3851afe07559af875e9d108c608e03d84ab4c201b6d750ddd8c5008ecfec8
-
Filesize
121B
MD5b8a05582ac2d83c1853bb0ca03b5de4b
SHA1bc043ce9af42884eb6204106f2f1eb3a973310ca
SHA256808957ecba5c3f61ba0f922f9767367e745fd2290ddb98bd891ee96940ea496e
SHA512c2d6cda53a0c6afa0edae8aa4d3e70d34738a1b7bd6c48797f8a28aaa71e1bf572bf86f6beee2c6d938c3491fda6ee71ea2e3f122bc001e65781ba8e99501811