Analysis
-
max time kernel
64s -
max time network
130s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
04-07-2024 05:38
Static task
static1
Behavioral task
behavioral1
Sample
24d060032ddc3551b7de773166b6634c_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
24d060032ddc3551b7de773166b6634c_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
24d060032ddc3551b7de773166b6634c_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
24d060032ddc3551b7de773166b6634c_JaffaCakes118.apk
-
Size
2.1MB
-
MD5
24d060032ddc3551b7de773166b6634c
-
SHA1
7f626e88dae186e415945859953bbd8730ed2a72
-
SHA256
3e22a8145ea4b66cf17378176990f1eabe01f3bc6656974093e4fd8f8b7c34c9
-
SHA512
3256319d092d6ddb5e0912a2ac4a0eb60089e77e64725410801df17c8ac45fa742b5e64942d43fa75945edf483cc5312b820d1e02e913fee16242170f81a6124
-
SSDEEP
49152:W/YItbdFWtMs3cbzu3yG4u7mRwEKqoryzv5aCf808xKFHwRpH/r:UFW2sMbzuiG4u7menyjECiHH/r
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.blogspot.fa3d.dscsioc process /sbin/su com.blogspot.fa3d.dscs /system/bin/su com.blogspot.fa3d.dscs -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.blogspot.fa3d.dscsdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.blogspot.fa3d.dscs -
Reads information about phone network operator. 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs