Analysis
-
max time kernel
131s -
max time network
151s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
02/11/2024, 11:27
Static task
static1
Behavioral task
behavioral1
Sample
8535139e782e91ca1a80272110a540c7_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
8535139e782e91ca1a80272110a540c7_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
8535139e782e91ca1a80272110a540c7_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
8535139e782e91ca1a80272110a540c7_JaffaCakes118.apk
-
Size
3.5MB
-
MD5
8535139e782e91ca1a80272110a540c7
-
SHA1
f0a6c93260ed95aa8d4ed65f3a3827c995a8633c
-
SHA256
efaf275c986c600620bd21851c23c6e03160d874de29e3d4322f73ba95f81d7d
-
SHA512
58325d82034816e354886dcc2094cc32b575c9dd71d72175da0d9eb50eb6a586f5f629c3bd6df20fea5153bf71f8db990c178629bccf9abf9af3610f150f0c56
-
SSDEEP
98304:kW/fGzIoiYjG4Sh+Ppq19JcPxIIt7wu1REXHvGol:1fYJisG4C+Pg13cp9tN16Pv
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.holy.idiomstory -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 24 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.holy.idiomstory -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.holy.idiomstory -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.holy.idiomstory -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.holy.idiomstory -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.holy.idiomstory
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.0MB
MD5ed1b04d64c7dd2247059911fde78eb34
SHA19ce8cf3053c2fd14992ffe482e08a429cfdd51c4
SHA256d094042dd6d3d367e07b7175e07bfb3e8987b0a0616a17a48dba9726aca609f3
SHA51262f9c58640e80eebae80efd6cb02777730c33ee7e7fbc619d63f4eaca2feb4884de9865cd673a54a3dc3934d4b23b825ff456d6ed88e80661bed5fee0f692887
-
Filesize
2KB
MD589cdb55eeb627b698027134f76fa8b93
SHA11f621bd7e22527063bb9b589b4025902a9bffb42
SHA2565e375a1020a39d2043f58b30d028507cd666b30f99e9be8e7e975ddc69c6a571
SHA51231e9aff2253286426d482eff2ab2bdfde950203169cc1a22d66f4aaf791824bdfe40d2cf1130ff8cf32216d75a50193f3198a2f212276edbf8d223087a653dc7
-
Filesize
2KB
MD5e04038c92aee7f93355e89a041bf2bb5
SHA1294d505d59a091774263acd605c4dc9a3b241457
SHA2569a7330395c1ab050839e7b5318497c11a8dfbe9b399469e10bda76f6dbb2fcfa
SHA51285089b281095cf61dc1a4844b2c54479bb23488373bc4354099752f2ccf4a6f5c9b89088497c07c43e20d460c14f7c8888e837649039edeef727d3edcdeed3c6
-
Filesize
1KB
MD58fff10ab1f6c318fe97888fffe040943
SHA19f4cc53ba1a8cd396f0494995eae18ab9ebfc3f0
SHA256289f1cd761612503e7773bfad39e785a92802facfea88d73b3f005cfc2926c85
SHA512a5a8b5e1b92f98d473352d5b25b0917254be0902ffdd4a315eb34c238a786c2258e2847a7f95b9359184fb4062f1596fa23da4327c611df793e1655cad46b0f5
-
Filesize
24KB
MD5e293bd58700e15a3e37051b1e22c05b8
SHA19ec1b070915b7ead90620e7c148ffad3a40c9ddb
SHA256862663fa28a6147d3f73ada313e5471bd4da61592ce3ef63adc149dd5eb3852d
SHA512ecc35d41e676a1f3b7a7c2577a92f3bb0d521ef371cfef94e0550d4a32a42dc0b0af0ede5cd1dadd378c35f0b9140d2850f7519ffe50f18bb109bad5f88539ec
-
Filesize
512B
MD5054bb234e618b636f539f23a70ff4ff9
SHA1a787ba0405fe38d24eff0ac326a51e6c914ee56e
SHA2569c6b0154e77b24f6543424eadfdb74907f28066b70dae7448464e826c4d52d83
SHA51252d1fa7478cea704ece3f8447c298d71fe0f142c9b745d0a8dbe719b63e0cb11eed24427e2eedd376fb7949b141c67e185b224dbe3b10d03d3a1a583fd018537
-
Filesize
8KB
MD5f1be317023a3a1fb3c4bdff1a66283e5
SHA101431b13a83b15377c89095dd604f51ea3a667c5
SHA256e803738a3bc7792e71d28a93d4b61119720904e0fdd06e49c1562c52eb10b81c
SHA512560156dff5e08691f709b2ae2d94f082a68b415eaecdf01aaad75be4d84cf5a7b073fd8d905836aa14f5c5d44b24feaf5fb3d1c7fd8d9d607aebd00d3829e40e
-
Filesize
8KB
MD50f67ee83909a84b05ab3543fbcf7de60
SHA14fc469a694f7e4598ef1096ccf6b4f06202456a7
SHA256f561ef72b08d78d32916ec5708f49962ff720574c6447b2487018408e3d72d85
SHA5120dd6b81a1bc1564626fdfb50067c7cfd15d1d421fde79f9a838fd81e6cd300ab5385d3d34ae856f1a570e354f3f8d83a65088dc35e7bc40f1d2ad8a2ed2ccd3e
-
Filesize
512B
MD50e555e5d83fae1b027773f16d5e646a5
SHA1a989ff6bf05b447bafe15bed5c782f9aff7ead76
SHA256b6e35af28dcaf06937d342195ec4ceac69601ed59a0f9a52dd0a46a850fde9ae
SHA512f9da6fa8687cb7e5e911a5cb745b8ad199291e776dd64ade167b1eec2863e10dfc4253084cc3ac8084064b87c2f93080fa74a663eca46136df8dd12adc469263
-
Filesize
8KB
MD5904b33cf906b1f4616c5050d743ce825
SHA161be9f48da4dba31fafd0679629ab2e98f81eb5d
SHA256362e3279b63e5f407faa9310a979ec0705bdf6df69746a15c7871ce8ef08ea82
SHA512783f2672493faf4fbdfde2ed816cd56005e2b2ad05e7a3a4ac688f8d3aca444587cdd1e5e32debcdd89dde76c94bf132cdcfc58ad452765b983893731393a973
-
Filesize
8KB
MD5da467e0521b903397fba5997744f7b59
SHA1129aedb69126b0826803ea92ffe02f1b57236579
SHA25672d65abbd45cc515436e9fd773ecd82258bdc72b28664a87bca7169d6c83980a
SHA512672609a2143ce61ceeab90a025e1aed34cac1f712738c3ab306f9311c939a4db1dc4bac48d8001b30a71173fd1c591229f47c9f537b80f0137bc692579dd7eb7
-
Filesize
512B
MD5cc3667dead69056de604b6d5f6fbe79f
SHA12297065b441665ca8420b8bd4a612ce808db93c0
SHA2562995277ffcdd2db98be8d2dbd2993d875fee3dc3501d15ce3fece06b1eb02eb8
SHA51286376ef7dacc7e82c92d54b6f968b488b112b3621c9013920dc02c922d3c4853b5b70bf1e0ea3d5683c70dc42bfba098961b8066ba80507ce3e0f120cfc9f454
-
Filesize
8KB
MD585e226f3ace35352227a51a06e3f3bc9
SHA1d7408080dcbf3737db12a047880c6f082f70c3a8
SHA25672e6c34d0b483dcc17df729b89cfd5a128e926f496f8c3f0734b34b88e46facb
SHA512aeb54332d5862ba0acd889ff456211dd630c3053597d6cee1381e7e9f51427958a9af8285e4594360612797a531e9cfa6789d2c91bb7ff8d3fafe2209f73d569
-
Filesize
8KB
MD525451087f1f4da648bce7e37e1d42fb8
SHA1dc2f29b167446f3bdac6c5a74dfcfb5d5f0286bb
SHA256d60987371848f61fea7a9b701f5ef5e0f9055a0356b7d5ec70eaa38e3c2e05a9
SHA512296b7e7e49774e94cc92c15588a5f8459382f45afeb613657745bb72f839e28b5b965412193473fa99ba9d172a532a746cf59bbaeb0c482878e08881d4f40413
-
Filesize
24KB
MD5025e56e140a8ad94151c4a5afd61593c
SHA1bf9b5c8d9d7d7cf08821fbcf8f8dda5ce7e06eef
SHA256ae00e644099f56a6cc0d1a91767c2633209a0bd06c7224a0d5abc0a2131816e1
SHA512045a870d4d606dc7bbbd022b013c11c2f6ba2231fadbfa68a8496965ee80d324f737b00173950316eb43f49dfa2b9f4d1d26dfc0dc4f71d0e8459f60a32effb7
-
Filesize
512B
MD5753abac3e6559f930a302d728c3ccbd2
SHA1cb2e24fef3a5554e9889f85fb081290d8f267f2a
SHA256be6da4588a2ebb29db378f62a20044a36ee52b5bfc314383f94075d30df30bc4
SHA5128a7b651821cd2827c1334f4f2fe7297eb04b422f4bdfc291ce84a99fa30007be4129b93157671cf6c08d04528fa79cfcb11b62318bca8f56e12dc243b0ee9338
-
Filesize
8KB
MD5deaea7d3e36c011bc8c8c331b3ccf6dd
SHA17bc55f21e70debdde64f3d9798892800325b3ca0
SHA25607a61d88fa7e0dede9bebd5eb2b6539410799a1b420787c05ab8c4faa90e8df6
SHA5120466507b5eb4be53907a8f4eb6d2af0cb835fb402047a4bc428aff3a0d4160dbe9203933e1b5002611f469382a2bb143829a5e04d95997eb6a3040c718551954
-
Filesize
8KB
MD538a11c26c50bb88f6c951565f3d7d9c7
SHA1ecfd4bbd4644e328ce313bc4df7285bbadf58d74
SHA25654cdbed458165eb09f2fb45384ffa1e8acf37d3532b984ceafea24132df7edbf
SHA512e2cb1271f481d44bd20916e9f8c20feb8c0565dd9cb57b1ba653898f359b5c869a14943a9f62bdd3451d34b34056e4e62d33d4a4b3b67a90a193bb4c605c9ed7
-
Filesize
24KB
MD59bc818834bc3f0c969b4cfeb8541c982
SHA1b9503bce4e2f77ceef0f1b9d430b750bdbef8647
SHA25651ebdbfb7608ebbcc8a409c55d1bbc82b884480a12666540e8d9c96b368876b2
SHA512b98335dc9164b7067956f311a94d2de9911f00de90c48f118c20870014f56df415acbf2b3b2619bd40a7cb33b4011d0ca1c6ca9af1d51519aa5136ecabbe5894
-
Filesize
512B
MD598bb2c0bd3a55d93313dd8a371593900
SHA1645dffc8762454f0079560ed58c1fd8ffe07431b
SHA256a9ebb1311cebc76b567a34872574d2c61f7529956c23cb0bcb263772daf63f9c
SHA512d05dc823c93e4e8047cfe57ed0896f52082fbec823acf8152c8223ea205a8d2203cfd5f5016642c19dcfee74f0b91633eedd5eb7327634ed39d1e29ba5fd4caa
-
Filesize
8KB
MD509e41e0302c97151468250412051af19
SHA1bc4d9bbebc622e40fcd86823a694c222f40dc13a
SHA2562641c73a1d934a4b05ef361e6db9242bcc57e9376a4cd5f0f9efdf07c04e4b8e
SHA5123b3cf9039406836abd42190607939e827db5926c49e09a8de28371a8616933d7922c9392b2fd6d81cdf474559fe760af4b1fd909f7dbc998da6b17f71a917cce
-
Filesize
8KB
MD5c9065b328a1c67913825ba9e4831a08c
SHA1edef33ca8011fbc158a22a89188cc2e44cbf2ae6
SHA2566f5bad40a0dc72eee215a0b5369fdf4d8c653196ffe44e1af0b863801c7bca73
SHA51297816298f1352002827ee215799a1c124dba86e2235c8df139f6cb3c877350adaf1082b7878f36e4137175435b05c47386a5341c58f539f7495dd5ddeaa8c83f
-
Filesize
24KB
MD5ee404ee50b0a8b608431c827eb7412d5
SHA12fcd5f95d113dc1ec7cef52833d0d86d31a7c183
SHA2560f76a9ccbfd5c1ead7caad5059bc8e019f65d4de05a449bd494c9bcc89e1043b
SHA512e33289ba9977eef8ff85098786b523cd2e1e7799af8cdbea36961f870ad717b63947c4dd7829b1219616b2ce0858fff2a181d8e4e52213f5ffd6894270741e0a
-
Filesize
512B
MD51051904449b06368da66cdbd968f999e
SHA19a4fe719f3d6c33c52789aef459d35517985d2d4
SHA2568e40dd484a6e6d1183717b9828261c6340862917a3b53d5b6fe05b6731b62ad9
SHA5128329226b17b3ee0a084f1a7899580d6b1a42a271f9f9fd802a20f3afdce232f0cbba7ea55c162c7b3c4781c5e6ca4f4e0f94751d8df96f89e1f24ed0f17619b0
-
Filesize
8KB
MD5382356c21d239cbf9c4a5e6aef10ffd9
SHA14af4bd1d95f7a465392b1fefac77808f8343a1e6
SHA256b3c4c82e0c9f37be7bc3cddde5c5e5dc6e462b45be3575ff4e565695c8e459c9
SHA512d61d320f615a9b9a78cd53555f5aba77c5ec775e9ee4cf4d24a0cd6368e025c439b38685ed8a7804c741f1f3b9dda50f7832ce13fd2f80ba2d9e309ae1125d76
-
Filesize
8KB
MD5ed1586b009cb929f71db07d6466d7f99
SHA19ab93333f73cd9adeebf9600e02d7cf8d69f1fc7
SHA256740bbd8e121fb5d0f6f48625614209b372f7b9a5a9d07d0cf526e0dbb92b7f75
SHA5128142d8b99eaca94db31e0e5b00b9d1000991f81707f2e6da8a3c371b54d3815703a386d3d61970c0f6113c7cd2b935a852a7d49094fb3755d6de468eb8df6cbe
-
Filesize
24B
MD5bc51a59f793204e53617040d713c7232
SHA15920db5e438f7486bba3ed204dddf9206f24d388
SHA2564ca23b0af17845231164e7d8531b7177f1e27afbd3e0f9b6fd4c2aae457363e5
SHA5125ff5ef4057e87b6e8e2f0048694fb56eb86c81164ebc792706a0f328985c54f8fdc3851afe07559af875e9d108c608e03d84ab4c201b6d750ddd8c5008ecfec8
-
Filesize
121B
MD5f8f46dc373717dee62d143abe3c16b6b
SHA1cb25040474e133028aa31fdd9750d7f0b01be1c6
SHA2560f5c21458cfabda1a5259e3272437094bddff49b9911375a4829fb9ff5d4864c
SHA51200a3baf49d187761a4f22df3f1e0438d56acdf8f36467ec999f0c0a9947fe05e04b439e1a8ab3d4fca8c60517957dc071afd7dfb16b77c74f9408aa38182b57f