Analysis
-
max time kernel
149s -
max time network
155s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
03/11/2024, 05:00
Static task
static1
Behavioral task
behavioral1
Sample
89bf2bdd3cd00b7b3bed1ce7ba2ff29c_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
89bf2bdd3cd00b7b3bed1ce7ba2ff29c_JaffaCakes118.apk
Resource
android-x64-20240624-en
General
-
Target
89bf2bdd3cd00b7b3bed1ce7ba2ff29c_JaffaCakes118.apk
-
Size
3.5MB
-
MD5
89bf2bdd3cd00b7b3bed1ce7ba2ff29c
-
SHA1
4eb78db11e032460f2216b99dc8959ac52960350
-
SHA256
480994d381ca8b5bc03f38e557210ba6e48b2091f447ca8b0b57829e72a5eef4
-
SHA512
46e740d5c40dfbd69da0ee645aeac03677cc39967f48771d13d6e415156ef0ee0098d12e1c086c0be139c4a03775cf326de092ff3ed704d6b575d1078fbccc95
-
SSDEEP
98304:EZFveMagFFAgQDzkZcLZbUdcm6Yga4U8hhZOmOttZuSS+8NG1ZE:EZkYtJga38OHBJST
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.aioapp.battery -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 4 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.aioapp.battery -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.aioapp.battery -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.aioapp.battery -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.aioapp.battery -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.aioapp.battery
Processes
-
com.aioapp.battery1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4990
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD5fd573c510d811268def30bb96ebbb749
SHA1c700817a2692973ca45a01d8a37eda4be6a5d9b4
SHA256fe19356b81c8bf1a9769da56b83eadd56316d49b8b0df6a1c3c3962e110e7208
SHA512dfe909cfc2857aa44f1b91b98fe355b2e649ccd14e3c5bba73e8367adf14ea8ae7da0e921e082c6b9b5942862a75283514cc6fc917b3331e71a5e66db4a53831
-
Filesize
512B
MD53b5deacfcfb5a4fdfb2add62c3e6034f
SHA15e7d8af2cb1b63fdc5a7b3276ae2b4576916386a
SHA2568431668dea324843819f5fe1daaaa35cb4ea98d34ae39384c24bf573b04b10b9
SHA5122e1146741e522eefa4279b1e0574aa41e459c9df8e4fae40496bb00acf6a1baed3388a46a839532b8b6cc781d61b21376c9f10eeeb49a03d57eb6b263012ca46
-
Filesize
8KB
MD568c8eafdc03f5a318a60ad787d1def28
SHA1cb22ce42cd91c1166c7461a8d7fa7d21bcddc4c1
SHA2563071d91dcd6230c9018662f34f324fc7d6f7b42cf004bf85e8214c5858010987
SHA5127d4fe8a42029cd96c52fa14a10b129e526cd4aa7df4eb2cc7558b4a4db17c26a59afd57ef1db2d0b43769131d087b753f2003864e4dc15f06b430b5814c9dca4
-
Filesize
4KB
MD50d280a75607ea594b5d1441ad8c16530
SHA1eb58a855350f81d911e6d8ada0adac9de7a8767b
SHA256688f2b024a6780fecede0acfc74253d7bcb98fe8436d4a08f15c5e544595a8d1
SHA512ba80634e8293da54db104b0c3292ad86a6407fdca09b92a9f6a8e855ebd3f0917cf52ba5cc65296ad35a71f47e2b2adfb43398ec1080cdf7d98a87e426d2e251
-
Filesize
8KB
MD53030dbe35ea4e68c0f856cc7469da314
SHA117ed64e3b5db6e043b1a3dd90e5d5d7651746ac3
SHA2560106358f8adcb5683fbdcd4f5248a079221f021b3401f78e2ddc8cba0e46263b
SHA5124d1625fb215eb7a892adff83d5d646cb0ef6eb4eba246348bc3cf675f648390d688b1656f80f5d26d2928de6c617bf967b91687231447961afadebf671d48b93
-
Filesize
12KB
MD585732c63de554f1b0f678da8bf0f0e18
SHA1b99548d4fdb45d6d8114f9df32fb9cc8997ee198
SHA256386262688331b7290cfe8162c6aa8858786debcff2c621701cbad5ed629634f8
SHA51297723e72fa1dfa703ecba86e12479811a87e3a33150f2a8c2aaf078cf6f69c527053f6f370f594851fa67fa865294ff11857edf344bcdc6b5ea0e0f7d77fd9d7
-
Filesize
12KB
MD56da302a2e5fc0263420684f38a00e3fd
SHA19e1c35e91c3b84600dd8ebc10e072ccb91b5895a
SHA256a9b2f6227429fd83edc4db9e62c5e3f8c45b55598f7b10c3132d6b339283c8d2
SHA5126e91d3076e4f382a5e4119e6429b90bd4d604c858acb4914e8b67226f4ad0626e29726e09d12965f075ac6aebc49eb22faf0f5c6a286913aad9515887f91fa1b
-
Filesize
512B
MD557e2c49083b3534edcec19d885317e52
SHA1b0c9cdde90fb4e019d0b8f6a11277a5bbbb31f9a
SHA2566d33ccf177f0ff6e62c9884baa88b257cd6f37e04970da45d03b7532da5480b6
SHA512d8ef6ae7c11db1b8bbdd251100c954430d578d9f39e4d7626940dfcef5f30cdc2d8ad6ced942a875d9d8707ccf6b94dd524e51d3695f2faefd87fd231106fbd0
-
Filesize
8KB
MD5c13772547503bdefed6e011ccb4015be
SHA1e21e8c282291e3a6567f03562f17c7912deecf46
SHA25648f345b89a212a417cad0e6b677383a30a0c7b191824182e8c8a8d0306079f7d
SHA51285f64a98af3b601e3d356805a90d204d951d40da91ab51762c51beea468dd8c2f31d2c7b153eb4a9dc492e7ea8bea1a36059ff2d94aad4130868e3511e1b49a3
-
Filesize
4KB
MD56f6eb98d0d53ef99a626505abe5e4ebc
SHA1c22dbf802612f51a8c359aa17742bf7e5a5e9d93
SHA256a2dbfd2fdc2d332e0e9d7588d5996bf7a5dcc8a897a7b64182dfa280b89a4830
SHA512434e3d3eb22f986dd437bf1636bcb6aaf414bf8a2bae624cd2fa1de9f19a72a6d2dc2b4b468a1b1eb6cf96dfe148f5c375feff99fb607b9df6a36677371c8e15
-
Filesize
720B
MD5794de42d35a4e8707249ce79416cee62
SHA11b7b929475c16bfb6b3a5fc89c6f36348fed63da
SHA25652307797a54f203088acf41fbf1c62be728f2c7a1e814e09864ba4c14d64986f
SHA5124ea240fa3d9b9612b2cc8e1509f073d8294e80f6843a0df09f654bc13a07f52be036693ec022898eec275109d8b6b1076402b6a50f2b16e802f48fc25bf55b75
-
Filesize
162B
MD58f4e93d495b2fcecba5a788535c8ba53
SHA1c69f04584d653bc937fc3f468edfeefc04a7ddf3
SHA256dc6f9f5277697e75e5e87a84bd6f971c24682a3cb6341f39c61278e631ab0865
SHA512eb3070adc2542db8870eefccccfa935f692df128d43ef9d8cd4368ea8d450a33cb40ada621167db2a46ed2032185f2779cc992a937a582c8bdc5e858d2843d75
-
Filesize
2B
MD5a50fd48289342edbfcb04a73054c92c0
SHA1853fd953986170e03f7a583c06df5db61a3b5595
SHA256f2e1f83e93d224a7240af6963ae223028639fcd69cf42493d94ecdbc3c4e1b4f
SHA5124878460194e19a4374cb71304313b448aa36cac202faff2eb81a715201f2aa0f141ab29c853f1210d4e93a54475260880b29b0265eb7cca7f887ff525a3a352a
-
Filesize
182B
MD5850a7a5ae9e54b98469a70615432533e
SHA14d2b7a2f459f444850e709005c3ba7266e505cf6
SHA25694216246fd620a7cc82c530cdb1c44c8047c660a569f9ac09990d66dad90a07e
SHA512a04b1600a9108f7510f43b098fb56e794a0cbcb07d9388d2e81e936805f0deb53be303050429499e0b3fe39b968df83d7419c3d13795a4c2da5505eac2acfc42
-
Filesize
144B
MD5a61faa4e347352a7b546c57345a7f8ff
SHA1166b96c862e4945dda4122a9dbf370ff79b6f643
SHA256928e153cae9ed2efa1b928275c8fa02266d03fa95568a2d993ed6efa40bcc99b
SHA5127410e7eeed34188af7d8b4c84ad4b193d42bf68a05b3c294f75489840028c568448e1b948f196cfb6c104fe5bfd6162c7e19f837adbeb5e0cc8e8e428d8734e9
-
Filesize
976B
MD5f6af30f37eb123ab3579f2bcfe54ad04
SHA162555ab001f58c3bf3a52732184fc3c469add30f
SHA25663d8e466c6d8a059557697e2f715d8c214c63d27ae087da8a33e90916b4d16c1
SHA51285400077577de95da7f1df6508fab39685567e5465130fc5b643a061dd1a380365dc38f17b6d3f64268753b7c583d72d5924a6d69a12ae3c251e40c68b8e7397
-
Filesize
350B
MD53477f82461bbf57f3e7c966165014464
SHA1bf47f1e3351a2617a146cbf9febbedbb7f8de2ad
SHA256605fb7b9a111c33608147e46bd0b370e2dfe8a3c9c4905ab45b8cc914efee66f
SHA51282971ef68258d2dcb2495e8f98ce5012ee788894c9503e763f2459abb10a19e634164835b363170fe1a5ad631ef23a1015f07d8775d85eb535f3ba0c3789946a
-
Filesize
28KB
MD559eaf4f87749e4672d04ed5b5421b1a8
SHA1f0f45874f9f31c0bde7537a08e46693bd367478e
SHA256dbb62a8b3d509f98b8d5d6bd1b289f2a653d8821fd345d2370a45cb9e2cbcf04
SHA512d499d39e34bf79cce4abdb55bec56806d79832f7ea92ad55e8ec6538d5ebedd177e06dd7a9bdabd33107bc7a76dcf9ad6d2f85d365c86c13dfa75d9b6e299d98
-
Filesize
512B
MD5621b5904e3050b938ea64f2aa6869ec6
SHA12c403fa390beed4c166ea2d135ae7a93eb66092c
SHA256a51bd5c14d306759b02b0085e8c00bcf3d0494a8ca43842e50d870a2394de052
SHA5128948d2cc79f82a461500f040e4d7a884a1170fe2023724c140f7d06b5394f81b8c00e2efed3f99b8fac5f2b9147909086c2740b6081d1e4656485ae46345a4ea
-
Filesize
8KB
MD572e3f10b1b8d56549361ad1d8345d603
SHA178404f745c3f8aeabf5736ac29f626ff57edaf55
SHA25632d00a648b180582f00709a031b209ebd0a845821180ce8e99b43010280b5e4d
SHA512a607f84974fe3df178bed6c562e2ea724c38eeb2acee5a5c5dd74f142f70fbe71b734864775d285a2ef9adda5a041fc30dadc64cc7a4134c5384be49d467d8ee
-
Filesize
8KB
MD5b7d76a9f1bb1cb292076be6f749f0a3a
SHA1de5e3617e9a88658fe3024c9e90f84ec7f6d0dfc
SHA256f5923dc8170700990c00d770f6c75f9daf1347fdb24454df6f6c0f8e010a5b02
SHA5121197bea13ff014c11b4df7ca87a8ee84e88483413c2f88d51db50a9f85694c35560c7dd9b6a4c93444220a30e7697db08b4786592b52c6e99fe14bfca42f6991