03308e5d5640a075c15274da4b0c7f911acf2560271ce45a1a6c0ce6f34515f9

Analysis

max time kernel
4s
max time network
138s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
28/03/2024, 16:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0ab62dc4766c3aef45c62362477716a2_JaffaCakes118.apk
Size

490KB
MD5

0ab62dc4766c3aef45c62362477716a2
SHA1

cfafd5a7f5592005066193e2a39db737e5e172d6
SHA256

03308e5d5640a075c15274da4b0c7f911acf2560271ce45a1a6c0ce6f34515f9
SHA512

92099b63e9626616611495525a29f3972eb3bf226c91c4811b61a711adc271a061975644b3c294d073fa49c71d6a750690fb3132f1859160a6c465458bb7747c
SSDEEP

12288:JumMj9msSoi9VRUDCLIVCglDRX/LLq42VKYG2:JtItSoWRLUTp2PG2

Score

6^/10

discovery

Malware Config

Signatures

Reads device software version 1 TTPs 1 IoCs

Uses Android APIs to read software version number for the device (IMEI/SV for GSM devices).

discovery

System Information Discovery

T1426

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getDeviceSoftwareVersionForSlot	com.txw.android.activity

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.txw.android.activity

com.txw.android.activity
1⤵
- Reads device software version
- Uses Crypto APIs (Might try to encrypt user data)
PID:5050

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.txw.android.activity/files/CNZZEvents_1711643948663

Filesize
86B

MD5
14e6c8ea0071e4826878dd2ca264dea8

SHA1
8c3533a1fded083497f9711d435cb69f93fac4c1

SHA256
844a539d41092b1b675127f35c905a9699982f33b672ea3236a1dd86efb626ca

SHA512
69fab76eebb6ebc4629a78b201c5016191411b64d195a6e410fb37bf29017de2ef4909af5a4852867b7aa2eba125ddbfc40ee69b0369cbe66cee10769cff9f90

Download Submit
/data/data/com.txw.android.activity/files/CNZZEvents_1711643948663

Filesize
141B

MD5
89f85bcf068f72b4f7628931f3718640

SHA1
d9c90243d53307d9bb80cdd6dfbbedbfb141440f

SHA256
8c134e6da02ca58f8a5f31ec2c8457684c209f857ca1d6887eaac1c1231e097b

SHA512
c709cc4dd4d67e75778d2093b18b5ddf840afb41855f5645aba865054af614a9f94b70b53fca2c8f0de1ac604009ccad6b43834024a10a871f66790a16e4694d

Download Submit
/data/data/com.txw.android.activity/files/CNZZEvents_1711643948663

Filesize
183B

MD5
a2049a49a2f65eb4dceca1abb7d8efc7

SHA1
e38e2bb81ce424f9668dc3eb19fc9380dade58b2

SHA256
3af02f6700547986a7d9d3c9e385a2f7a0bb11c84ab7eae076545454184bff34

SHA512
60332aecc790d6f520dd98dfb1793b2c62dcb1a19b4801b983d093791e69927f44e9968330be1b111f321f0d841bd95b17c00a8bf9b464abf4cd4c2da25fd47d

Download Submit
/data/data/com.txw.android.activity/files/CNZZEvents_1711643948663

Filesize
223B

MD5
5e26b691da2228361805bed6848185f8

SHA1
cf4bd5fd2b82cd32988199e42bee8052d216a514

SHA256
151337eb9d66b8f980717b33aaca3306cc4824fd2d101aa496ac9b0347447c43

SHA512
458680853eaf198de65fb93529dfce431f2c87dab5dced40a322acd08fe268e02a6fe1326f05cc961e8069f3fef1b8b2aaae78b09f52fe8cd8e4094e75e9ceca

Download Submit