Analysis
-
max time kernel
122s -
max time network
133s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
03/11/2024, 18:08
Static task
static1
Behavioral task
behavioral1
Sample
8cceef6859cdee6be42adbd542de77db_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
8cceef6859cdee6be42adbd542de77db_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
8cceef6859cdee6be42adbd542de77db_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
alipay_plugin_20120428msp.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral5
Sample
alipay_plugin_20120428msp.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral6
Sample
alipay_plugin_20120428msp.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
8cceef6859cdee6be42adbd542de77db_JaffaCakes118.apk
-
Size
9.4MB
-
MD5
8cceef6859cdee6be42adbd542de77db
-
SHA1
bf0feb57ee3ca52b06c3f62d5d206b64f898cb50
-
SHA256
f97141d8d2262d927c34db678fdaf9ff6960c264e715bedbafac7f783d7499ea
-
SHA512
b56effc0217660a1d2ebd426285045b6454c3fcd1d1bc3b9947df52a4d94243166275de826180b79cc994c781390c954de7d6fc363ca754b9d936422e5c3bf6d
-
SSDEEP
196608:ZsVdlwQp8iTLoFeU4YlDBUADbJVs4qBLG413Ji7FTV1Lfk3SVqKJ:ZsJd8YLNAlDRbJe4WN3YFHDk3SVqo
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /storage/emulated/0/ncache/afeq34u312.jar 4249 com.swanfly.lobdwjyx -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.swanfly.lobdwjyx -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.swanfly.lobdwjyx -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.swanfly.lobdwjyx -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.swanfly.lobdwjyx
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
51KB
MD517e76adc46244c2eb8240f6fa60ea08f
SHA11b3f04099dbfaffd44b175f2c70443d64652c02c
SHA2568c237818675f2ab34fc3ab2a3b0123621bfb6986f9f3e51bc19bcbf53f40e19e
SHA512110426e67ececa15a31214f06256aeb70e3984eb925becff6a9193600e52f3326939a1102b0e5f42ccc2c35ca5f35653668afda0c65409cfe5f1bde4eae5844c
-
Filesize
51KB
MD54c04c839c4c1663e740e6b9a6f2b6938
SHA1727f1d98bcf6619fea747d1e0e1744c8a79b04d7
SHA256a0f66d4a51dfe41f03e551c00ecc18b276b0af74c057f5af128ebc1751b1930e
SHA5129fe91d59d0887f7fe99604610884be1a7bad463eca1bd3808a74a5466afac2549cf6d5d1242dfce0ba2999fe595ec7bfcf4ccbe6bdd3a1260beb020a457a1dcb
-
Filesize
16KB
MD5c24ad6a897ed9afc6f6a525c81572db1
SHA1b907b6a07dbe7b88e1be3cf6c50096703a1b58b9
SHA256ebb371bc7e91e49add5517321d6c7f02dc4638e6c0b9c51f57ac03e92f036762
SHA512fc5d5a66f1ecceb52f034443f1bcfc738f5871436bf6dfe2e568bc2dc2e40a37f61042317261fa1a4d8dcc577d78b95123970e4f8d5aa199be732ed23229bc1c
-
Filesize
512B
MD529bba90518c9921fc34856dda8803989
SHA16bcdd8a45f795350f8ff7af7478c8d4508371e4c
SHA256683bf8f66b4c6910268e7014ffbf8e4103123f15f230853a1d4d2fdc9fd22ba9
SHA512ffd12b9ea61a46e3fadbedfb706b1b3b3c0e379f5ee7afb4135ca0a1454ef123caa7136be19994c4851a6ade86f748b85583057c3fa3d0bb1775e34f98c01f7b
-
Filesize
28KB
MD57371e4fc75a4b42e376110b1b72415fc
SHA1910d4cdc98f297684c9219a983130c1c99e7e97e
SHA256a89755ff7684eefbf9f55c3afcc81aabbcd11c6ce13ac51a78095e9c2397c2bc
SHA5124e06fde16c8e927ad20234e27b304fd7b4995f573bfe5fa5fe8751dcaa5d2e62bfdee38469c8ad12e7d85caa0e820f84a652c954f62b31bba308c0ae0977b375
-
Filesize
16KB
MD52750adac9317748db4174d805e7dbf27
SHA188df93ab99971a0aab9d9b16f309a0109d72c3ef
SHA2560da0ffda3419a83ddd919ba7605d052aa267961f9cb6cd4f14ad15e1e4c92f22
SHA512b7895578ce975ce0a9416fcc403547afe873bc52519667a0c441e6f16c32a8bbbbfd5111b3a22e1ee5a9d32070c03bc6a4037bb4d85fc8b289ffd0c5944a4945
-
Filesize
512B
MD58a9c2992813d5b3a2493607e78c2f744
SHA11c04b3c3dd7ecfc45dffbaa47eb3b54b58644ca7
SHA256a7ec3aab56304d19e034371dd1803b0858402f0c1834cbc2de426dcb7ee8a575
SHA512d7341238e1d7a8032a7cd174554c067a9fd90343847b1d238ca33a6e5a5025929e94c0510b4c7703e59b793adf6f9e2507fabced51489e6540649853412d9dbb
-
Filesize
28KB
MD56744f7773cba4d59a3670f4ce894565b
SHA10952ff3ebca616ec4bb2543036d3e6f857d0332a
SHA256cded3e1624f69e9ba93cfe4e9633a35ebbe1f588ae99ab742d39f02cf440eed6
SHA512d8cde83ef7b02be5b3f111a9a0f4b4fb2e96eee80bd0819c4e89ad1f49da1c7e76088c68e2a79c9794f3af38fbc714d254180c2dfcc465f1cac08589ed149dcd
-
Filesize
16KB
MD5f5caecd4d0feba797eb54a06f01c1012
SHA17671a267afb8fe5fdd28a8eade9aa9d5aeec711a
SHA2568221cedc03b2457c8800965a5001f084511e3ef0cc6e7cf63ffe235330dbfedc
SHA51283f7973b709da245b82e57ac6266f3f72e6c6a6fcb8704d5b134a8c323e0d9634e72364dc69838e5a409a59ad16bd81ba1dc684c4ebefa5192816adcff1ca8de
-
Filesize
512B
MD551ba78c29e880574f95603a30c6759f1
SHA1473edef891b4e021bca043b6355d6c964dbbad50
SHA256b7bb6a05374458363bb7be8be137a6b1f20e78dd9a3c83361de0dfeba67f0ea1
SHA5122c336ba46dd6c7bed37d3e1cb71db416338e36fbd78ea72475ce58823c5e9ae927ab1c89fa5a2345cbe367e60e0609e6494ed9b83f4e817e8261fe3f0213c061
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
28KB
MD555220d48b28e29e0451f0689e2b07b6a
SHA1cf71244f1b5807234fa903915c8538248424f86e
SHA25665f44c8e1d007fea33846c243889698c96054cb9255a75a79e990028d4d75435
SHA51255e20571b11c538ed3b2d24dd3b2fe09641756f860a5e7458a2f8bfdac4f0b6caf60c9522c77f3648d159293e8625a1768d79b86c94a45307593ddbb32f4a641
-
Filesize
905B
MD5741fd87a8a9ba8eae387dabd17f907d4
SHA11c80ab063ff2b308120d7e4bd1d68423153c3ca2
SHA256674bc5f6f6362bd5bc2096c182729803f5fc631101f6ea681b35ac0370509cc0
SHA5128187cb51753fdf114ce53943f8513934c1e2d4f6c16553f1e12b93343b04dbf56efecde1a88f9fb4082ce983058b1f9069675ee7c04f719f0db2c6160aeb87dd
-
Filesize
58B
MD52b53b6b030d7bdb5da6ea0d501b6a165
SHA1fa4e9e8d724d91963a3fa3def11790559cac11c1
SHA256d8209526853a232417c586b6c130ed3ec53af8a2928b95d032ddcee37b4698fc
SHA512dceddb69f3c907593c47edd56cea3b5cd68e560f020244e6abf9e63c58263d38b36e8736617758f2c5c7292bffd815af44fee3805217aa9065cd143e0599b128
-
Filesize
15B
MD539f3ef1737f6ba2485a4b2b68bdaefd8
SHA114c4db5d40606f6aa59062686d6171a46f0391b0
SHA2565c48f84b438c21cbd530e73fac331bf2c82ee878cf965d33fedc1a9e1a189504
SHA5128c296a2d3311451eafe9313d93c6ae96a384428d253044347a543120b5c0d549bc10b65a204e46e4d23c3bad0aa6e7a36b1ae342b2de67e3d61a28850a934ded
-
Filesize
50B
MD5c95cfb0ad189b04c48ad9ac77e629a61
SHA1eddebc3401997d53ea90370512138be287dbf024
SHA256d14db32e91db77655b327f136d839db837e5235b47d33adbebc5fb2b1ac0f264
SHA512f83d3b91b08155692b76bd5f2d4e075c84612738b0a491f130dbd73ef5d2a44402f64de08fa31e22e27376f38103574e7d20d47ae43f5e5bea678ef4fc545fc6
-
Filesize
7KB
MD5ce8bb67556e0b26dc28ecaae54476bb4
SHA18adc1899753a24d2028959a63a1e9ef98d5fd91a
SHA256eb099c07a453c2d97c2152d103a4efaa3c8b3e25c99bb3c0f943deabd6df1827
SHA512d9cb81e8456f4164ae8d188e9a82627472004143842d33b80262fd4b09771359f75275af881420e7f44a25fb8b148255ed6840805eb942db77a0961b853ff9ea
-
Filesize
13KB
MD512719079037e160d993cbc122cef5ee2
SHA1260a575f54b79624ae822b4caffe5bc25977ba49
SHA25654ac1093d6934779ac41fdf0ac91efbdefa782d10fdef9c93af7018d88cf3c51
SHA51264fb047d12c44ddccfefb1c428fa2fd731f2ce77daa5868f97b325bbbaab2ee3654f09bd1414d41970c7e09d40465acbef2ab177ee1c748fb07f3004ad62da17