Analysis
-
max time kernel
149s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
03/11/2024, 05:00
Static task
static1
Behavioral task
behavioral1
Sample
89bf2bdd3cd00b7b3bed1ce7ba2ff29c_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
89bf2bdd3cd00b7b3bed1ce7ba2ff29c_JaffaCakes118.apk
Resource
android-x64-20240624-en
General
-
Target
89bf2bdd3cd00b7b3bed1ce7ba2ff29c_JaffaCakes118.apk
-
Size
3.5MB
-
MD5
89bf2bdd3cd00b7b3bed1ce7ba2ff29c
-
SHA1
4eb78db11e032460f2216b99dc8959ac52960350
-
SHA256
480994d381ca8b5bc03f38e557210ba6e48b2091f447ca8b0b57829e72a5eef4
-
SHA512
46e740d5c40dfbd69da0ee645aeac03677cc39967f48771d13d6e415156ef0ee0098d12e1c086c0be139c4a03775cf326de092ff3ed704d6b575d1078fbccc95
-
SSDEEP
98304:EZFveMagFFAgQDzkZcLZbUdcm6Yga4U8hhZOmOttZuSS+8NG1ZE:EZkYtJga38OHBJST
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.aioapp.battery -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 24 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.aioapp.battery -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.aioapp.battery -
Reads information about phone network operator. 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.aioapp.battery
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD5a6011efb2d6ed2de3952c6831d18f81c
SHA11466408e4dde4f86487b25b333023827038c2bd4
SHA256afd60be54d84a04130d5ee5e8f5364357c0807e32a357295b44e04ed72564aa5
SHA5122597d1396d75dbe019da8d83dca0ec35c2c5fbcefe10dc6aa9a6cd40139e1d760749e6888c42b2425a4016f81b094a1f96f724f39ca241c7f9167536c111f8e6
-
Filesize
512B
MD516016e9fbfa7ea1795539b420bc722e0
SHA13ce403f30255ebdf9a52eefbf721f1d8ea073b60
SHA256b307c0bc31c433dbe0d253b7605e182b1a1a8a3613fb15156dc8daef325e513d
SHA512fd9e00ee05c519dc2528e78f01c3735cb6d665589f84efa568659ddb521dcfefde7b80be6b934d71d89a1cfac040b61eb4eb1e5bb45d6be826432a9bc0f3c965
-
Filesize
8KB
MD5aed2522398bbd0c8c342858311254467
SHA17d38d48bb1a0c126360adcfbd5a4025d26ae1bcc
SHA256b4448f6a5fe010518fbb0e6b9bce9827d44b10bcf1e12b9e958ea033f6ad4980
SHA5128eef41dfb125e85b3b830abe32e3c5c4abd37f68c397c91386589187dc58c4f607f1bdabf8b114b448c420346459081094a57651ccc688c8e82eaa0a464e3767
-
Filesize
4KB
MD5d9e51046e71d43d5ff2ad31629d858ae
SHA1bf51f48484e0df5c55336b57d573651c3b60efad
SHA256bdcea03ed77c9804fb68d65a3bf37eae1615b2fde832c401d715630dba007f3a
SHA5129c2454ad965516fccc15889b5aba542b04a3a6b543655192fc172db9e89acf106af581eb193448010196a1d85e67263f1e2dab1ea6b5a2498e9145e6f3306b4f
-
Filesize
8KB
MD531553e26ab79adc8afe1f35270a34dab
SHA1c98a1afd1a17a14b08af00fffb1cf5b11c4748eb
SHA2562d5e2fb88979a3323cc7101bb7a20e18807ad9313434a9cb7a764e1e3b51c537
SHA512080ddbbc73f05fceeef9f6e69c8872c41c90d5d341f61cb7828fe6fa216091f8c6f42d8674ea58ec8b61c0ef750ddaafd582a71a0d1a01641de1da13bf3f7aac
-
Filesize
12KB
MD585431fdb16584aa2048cfe87a4bd1bc1
SHA123bd9f337d2e0655beac3682c2531c5e4fb24338
SHA256910bf5690cba6a9d490f28eb417175c2cf6da6dd31d21d4d078c3b6f0db481a9
SHA51202a6571b312a89bf6c003466f6c4b401cb40d391e74fd2f23b53bd3bfe7c00e8dab120f2639bd708f386ed787748db3c136d263c7ce90f18c2257ad7e48a2bca
-
Filesize
12KB
MD52e8d2b7e3b1a8758ee427d301314b7ef
SHA132bcf7c03fd4934e1224feaf2114df2ae56d0551
SHA25667b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d
SHA5122a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f
-
Filesize
512B
MD5a50ec590bc1f29a253d0807ee36a45f9
SHA151af012afbed26522ee0a1f4de034e333f75ea9a
SHA256bc5e8a419dae28863163dc8912726fe65563d2f421edc1d904a99dd61be4eb72
SHA512954f5dab3232f14dc9ef5e2856cef8184dd064174a94b972778f716202f24750a565635aa848cc630296fd51daf2e35d157c01b8b6e459fedc241bb7d3caddba
-
Filesize
8KB
MD59f97750fa2fc75edc15875320a20ebc3
SHA1db2f90c73c0bd1fe4b1cd61c50a9be5ae2682230
SHA25663c193bb2ac4cdfc9d9a5ed94f8fb437210774cb97e4616bcbaa7430f33fc656
SHA512e988d888076a2e05bebf56d1368acdb0df62a3508ef88c7ccb9929901967fd6d7a6075639dd719c911b9a874c89eeb645f8a298acbc5d47e6e6891fbeae1bdb0
-
Filesize
4KB
MD51455badff992d298d18c6fe6e5f95909
SHA13bfd6da27b143720deff2a6d911daa4c00bca90b
SHA256c3f89c9b62e589d705e3a89c0fed1620b32bb7ad6bf53367649a5e22fbb843e3
SHA51224c7872a1165af54e44c11064e87fe7c7c8ca7f8b4a17a6e211aafc7709b548819f23dcf7e88a64d7e26e73e78b6bdc5d4790eecbd502f46cf5bf1491e2a7e16
-
Filesize
713B
MD52d2d25451e4d154eaf45d64d8008bb1e
SHA1245988641f3f06a2dc6371a1e63d58b8a099e22b
SHA2569c0199a18011ec439c12485f38313174446824074c7315f4e167a39346ca3053
SHA512bc0ff0631c0fb6f5eda957c201726af750d12cca06d70ae1cfeb274f6069b65ef8293427c09d9bf8d84945efe470203a83a2e049b28e1f1fd938a7719d2a9f30
-
Filesize
162B
MD5422fa3647ffeb16a06195d995adb173b
SHA1eb2eaa6d6bf329a848dcdd398f4d566ee7b4f638
SHA256b4034e6ffe0e845afe17319581e0d9193c4a6646c500eea92164dbc383cb7b1c
SHA5129763b4ab51a7f92d76946aa9ccd973e6979182c01d2862f366c2515735aebb2c7337be2f386a90f5a46116014f93893b8a352d8b701652e3e98cc2d526dcce13
-
Filesize
2B
MD5a50fd48289342edbfcb04a73054c92c0
SHA1853fd953986170e03f7a583c06df5db61a3b5595
SHA256f2e1f83e93d224a7240af6963ae223028639fcd69cf42493d94ecdbc3c4e1b4f
SHA5124878460194e19a4374cb71304313b448aa36cac202faff2eb81a715201f2aa0f141ab29c853f1210d4e93a54475260880b29b0265eb7cca7f887ff525a3a352a
-
Filesize
144B
MD55a594cd2172abe2899c129008cc1950f
SHA186b2671ebf829ee04c07786666c935a731c2154a
SHA256a63277442c55d747ed7acdefc95e10e09da3b33c2cf618627b8b13e5fe96adcd
SHA5127abbf305a3833995bf1246f2c9fd8c22558bdd7ed34c6c4506060f120fda1bc7a6cf04250465d2185e534db33fb43491702a8c5e3cf246a7aec0362266cf275a
-
Filesize
348B
MD5b1fad7f3f62af01ac6ff1d97262c1471
SHA1c8e4e76e8b1f8a5449162bdcc01aed9dca02e648
SHA2566092db8b4bf6ab716d7f17a16fcca2d5c43ac7719d43bad1de700320d2e6e0a7
SHA512d9b730481b58d49acd6b30dabf6e1a04d4d17702326d2e4913337e3540e53f1b580aad99ed5aace74b801594167dedeeba0e66b958854c0330a6c3706199b15a
-
Filesize
28KB
MD51bdf91f9b2ceb26e156497259fb93ade
SHA156245bdc5e2849cd6e7b32882d26c8d9c31e7681
SHA2566ca4da6f019f8add6b7fd5e075abe95e42f4f3643eefe930a3a564a4789a3b70
SHA512474cdf6aa823d70a78b98dd3941ee697320459956a5cdf41f40b435d2b0bc18bef623a5d0fcc545a34ade5ee9591cf30f87efda78874f9320425d451fe8a7424
-
Filesize
512B
MD50af3677e9f6d085b45a011363b89b694
SHA12dfd850e6795c3ec4ddead57eff8f222b7ddb735
SHA2562b0605cc357f4fba8dcdf2584b6f6932fccb0b24080b9919cfed4df45702cb12
SHA5127e1facb01ca6d31702f2af353266b160ada037ac7db47fc3547d4b58b69c5b42cd27bc67b5887a9c935ec05ae31491241a641aafa980a380d210959b3be9f5fc
-
Filesize
8KB
MD5e48f7d79349a9727e0c2629a0f8bbb8f
SHA11b1c053a0ab1806271f56ea2c7513c7c722b074e
SHA2566a1ead7db45c7316a7944159d0e8944639191b95bf676c2df170e4d994761d31
SHA5127923c328ad904b9fe4659c369325d6990439045f5ab7601644a53a27992179a305aef79f8ebb3edc4287b83f1de5e3efcc997a01a2155a4206901390de9f85bf
-
Filesize
8KB
MD508c15d7363a7d398e9a264d95cebfe6a
SHA158425f27f6bb8612eccf4462581fb72d9a850ea2
SHA256fa2fb4cb9969d541f04aee03accdfeac33583621a61e9ddfc4bd2062c29f26aa
SHA5124b1b281496299f776749dccb182e9df42e15641c1e64f52a5031c32dcf479fa20289ab859dced0cf60d75dfb6deb4dfc9878bd399f25bae44ff73d6330d374ec