Analysis
-
max time kernel
111s -
max time network
139s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
29-11-2024 12:56
Static task
static1
Behavioral task
behavioral1
Sample
b160b217ade33093e3589f2dc5a146dd_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
b160b217ade33093e3589f2dc5a146dd_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
b160b217ade33093e3589f2dc5a146dd_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
b160b217ade33093e3589f2dc5a146dd_JaffaCakes118.apk
-
Size
29.5MB
-
MD5
b160b217ade33093e3589f2dc5a146dd
-
SHA1
381422931a8a7b2f96303ecdc79592db12c6ebe4
-
SHA256
3f3ab1f617649421a443997d84a5583d6ac5043c38ef6ccbec63fd4f9322e810
-
SHA512
e3de72ddfc8edfbc58325af9ea785385d007dfa23b2072b039341a38a78c13b4341df9b8adfb0995ff961d95e5936a75c66977b49ea97e6ae6ca3754c63f705c
-
SSDEEP
393216:XQtBWdYQtBWdjQtBWdVQtBWdCQtBWdXQtBWdzQtBWdmQtBWdkQtBWdIQtBWdaQtm:A+B+a+g+v+2+2+H+R+Z+3+A+j
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.zu.zudescription ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.zu.zu -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.zu.zudescription ioc Process File opened for read /proc/cpuinfo com.zu.zu -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.zu.zudescription ioc Process File opened for read /proc/meminfo com.zu.zu