Analysis
-
max time kernel
149s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
03/11/2024, 21:11
Static task
static1
Behavioral task
behavioral1
Sample
8d8690ae003b6a0246da7ccd19bc27be_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
8d8690ae003b6a0246da7ccd19bc27be_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
8d8690ae003b6a0246da7ccd19bc27be_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
8d8690ae003b6a0246da7ccd19bc27be_JaffaCakes118.apk
-
Size
616KB
-
MD5
8d8690ae003b6a0246da7ccd19bc27be
-
SHA1
a57f05e71adca743a747c24c2750b43a78b34016
-
SHA256
ecb81af73fb4ed31194847f301d0174581884355bd679719150df9c62c59f1bb
-
SHA512
f49165797b8b8f312f2e097589cfff22f9d0661c1b1cc31c9406af19f6c8186bb8cb7f2ad8402f69ffea7ee8e27ba6e2be95528a9b54ef316d9626f84322c032
-
SSDEEP
12288:SoU+OlP+NuDdolDR7EApMxJR/eyIVW/aF0DFTIKn1MQWnA+Rhffmdart:SoU+OEQil971pMTR/XIVWxFTJ+RE0
Malware Config
Signatures
-
pid Process 4473 bright.view.land -
Loads dropped Dex/Jar 1 TTPs 3 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/bright.view.land/app_ttmp/t.jar 4473 bright.view.land /data/data/bright.view.land/100classes.dex 4473 bright.view.land /data/data/bright.view.land/100classes.dex 4473 bright.view.land -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener bright.view.land -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal bright.view.land -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo bright.view.land
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
97KB
MD5abdef17ba4f14424b320d595b75dd5d0
SHA1d9d857ff7d8d27b46ef15c36f1ddc446de6a65e5
SHA256b1e8ba53201c08f510930bf2dd7bf9a1c5ce7c83220c31ab4249c37123551a55
SHA512e048a6510d619bffb814cb1c6725b540fba2c9bb01e117c227e04b92d56c8f4711f82b6a63eb43796c4bea941ab2284f8eb7d48e394ed79e375dfe59188b7e25
-
Filesize
220KB
MD5e3447d5435bc33cb03183a57f3474f1e
SHA113b41650892f79bff94f3edf8689c3218ba962d0
SHA2568eabaa1e5b64a753f5aeeee5e02ce584ab8e65c5edfc5e3bdf38f25462024dc9
SHA512e4e7906b57056c413942ea3f5fa91cf3bc5f508a2e9c8273524c0cf84d7189f26b770f0130f57218ecba8982ac337f46a6d11d10dd8f8dc4f5f0c0fa02447ab6
-
Filesize
469KB
MD54e1e6aa783bb8974b1436f0100156de6
SHA18d2d20dbf86960783c889dd9834e281bac850642
SHA25658665fea32655b49869f9f7e6812f36906cd75dbe4af3f1d497e9bdeaf33fc53
SHA5120a45ddb1269a3cd8a789ce3b9edef67e69c2968480938aac76e9e975c4cce049a42ebbcf0cf4058eef117e1041a1e7a8f15d504c5a9ca95b1b3d014ca91aadbf
-
Filesize
72KB
MD56fd0ea849fafce4729d7179807c79c66
SHA1412eca6adc8788dc5c3eebbe3788d22f19c662d8
SHA2568e5cbc858ce6e79db4ca4c65fa4bb02f4a5246ded5b9a955193ac6fbb09f6c74
SHA51205f453db5cb11ee15a8aae6dac1fb23470894a69912ccb85bc3d30a7ecc1a7564cad21009badb1dee7cc3d930f5d024c0abc9aa7d04fe8ab47d3efaf895b1387
-
Filesize
512B
MD52c71d18d364dd84618cac113565976bb
SHA1131637da8954a23f50f7ba2ad5b650fca0fa4162
SHA256e1efe540dab2e0101687fab9e39dbc0e4d2c801ac741772e62901cb1e7ed9dbd
SHA5121270af66b57f1b95b5966375d73f070958ff00a9eaa469702948d25a139fb6bf6406df09254ba20b6b8017fa974413d5f02cdd2db159dec007135b4bacc2a1bd
-
Filesize
8KB
MD55f2ba6363dc3b912f9f6108bad5658bc
SHA1a1ac80385e7f406c8dd03faadbe5f52d9f6cc100
SHA256166d1beb44ea5b26ff33ec3e1651242b9da44ab4f33667cedd765a5a4c702289
SHA5125753f6bbe6b6a7e2cd66b6506bd557d05f1f65025405f5b0da89e534a0e804bb324c8015ea7e3be503affe8fd43bf6443fd42474c20211077f790794f7d3ee89
-
Filesize
8KB
MD5659c4fe8fa93a154f4db97631efc2f04
SHA17e4afe43e362f76e5d612e8b1bc8e0967f4ac9c2
SHA2566be8a7a5c3d099740135f3234166bca8152e5aef9e5223c871d252655ab0c5ca
SHA512c012a458d60b726b46abb9ccb86a9ba0cbd1de6d7f95ac2cea713c27546e6f34706f08546c32f0fc3ce7899c82b3699d1245a8a47a76d507b53ed429bd464287
-
Filesize
12KB
MD5739995b15c03d4219951359d2a1512ff
SHA1c550cd6e2955f8f32cf4ebcd3978c7752824675c
SHA256bf10ebff8eb015a904f148abc6990276ac94e4906680c7df62fc485eeb16e922
SHA512aaf3686efca49a7027604e9473f997845e1c4a874e97504636b30421fd685c2481f5895d9db92fa49448d405bc5c8024e05c32eeff5a5cdb9a1f25414c5c6bb0