03308e5d5640a075c15274da4b0c7f911acf2560271ce45a1a6c0ce6f34515f9

Analysis

max time kernel
4s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
28/03/2024, 16:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0ab62dc4766c3aef45c62362477716a2_JaffaCakes118.apk
Size

490KB
MD5

0ab62dc4766c3aef45c62362477716a2
SHA1

cfafd5a7f5592005066193e2a39db737e5e172d6
SHA256

03308e5d5640a075c15274da4b0c7f911acf2560271ce45a1a6c0ce6f34515f9
SHA512

92099b63e9626616611495525a29f3972eb3bf226c91c4811b61a711adc271a061975644b3c294d073fa49c71d6a750690fb3132f1859160a6c465458bb7747c
SSDEEP

12288:JumMj9msSoi9VRUDCLIVCglDRX/LLq42VKYG2:JtItSoWRLUTp2PG2

Score

6^/10

discovery

Malware Config

Signatures

Reads device software version 1 TTPs 1 IoCs

Uses Android APIs to read software version number for the device (IMEI/SV for GSM devices).

discovery

System Information Discovery

T1426

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getDeviceSoftwareVersionForSlot	com.txw.android.activity

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.txw.android.activity

com.txw.android.activity
1⤵
- Reads device software version
- Uses Crypto APIs (Might try to encrypt user data)
PID:4455

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.txw.android.activity/files/CNZZEvents_1711643951272

Filesize
86B

MD5
e4b933e880eac0095e5e1ef85bbfde67

SHA1
5eaf9a4faee6ab2cd176cdff4ee6fb799bce97b9

SHA256
c68d08dc80e3c17cfba52d76d61be2f23672804769de58a7f1fc63b52ffa3f12

SHA512
2de6fef4e4e2d89651f2b5c4281668a14cfc331360a3cd8344ca061b7a48c8a1a7f2c4b45431f3515db934b5d1fc9eca4718574119712d7ff1ad14607405c49b

Download Submit
/data/user/0/com.txw.android.activity/files/CNZZEvents_1711643951272

Filesize
141B

MD5
b8fb5e46d464ce7ff93c79ccd1dca065

SHA1
c666cf3bd99fc0d2ca66e58ccdb1e2b8eef462ed

SHA256
797ff2af4ccfb4e59b0bddbbbcc6c670aca58fe6d638b22d5f932fee6fc9f4cc

SHA512
5fe87a3f646c6352efb0c7d7b61569e903f0117ae105c5e0b4040209d48cd6695596a27c28ecfc112950620894b5df77ab27579d0f8e65dbb9031b33fac18b66

Download Submit
/data/user/0/com.txw.android.activity/files/CNZZEvents_1711643951272

Filesize
186B

MD5
f515ca1bb097e944aaae7a10c74c5ef7

SHA1
35256e3209b3867f6702de96810c3b9152100784

SHA256
943bb4f7e1715cb8a54f60d4a0c9a9c0537913efc134b3c9bec5a82a3f39cd4c

SHA512
94c74d6c1a604b4655a8c22565769ddaea3b2ec4df7234bed485a33885b43bca68b6a1c24b1f79b2f4262962d216e088ea53a087d418fa38693769dd8e3e51b2

Download Submit
/data/user/0/com.txw.android.activity/files/CNZZEvents_1711643951272

Filesize
226B

MD5
498710dc2f9525df6edcef1da8277959

SHA1
cde192ec4cad2fa52b9ae8d4d3268ec24e5148bc

SHA256
e9edb20240cff67d9198cf644d876f57e357c00002a5f830df9a96057e71a463

SHA512
2655cd95201050eb9a0b97c79ec73452bc8431e034b05fe65f20e9510735c9aa3ab5ff8646f74c937765ba3826b69f3860a5dfe45dfa4a30576964f5cee55038

Download Submit