f09c8ec97b11fd680f0e613ee7e80ff62277d15bdac386b4b5579f4174138826

Analysis

max time kernel
10s
max time network
156s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
05/04/2024, 01:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c6d32a08a27ce448114bfc96fcdf832c_JaffaCakes118.apk
Size

6.2MB
MD5

c6d32a08a27ce448114bfc96fcdf832c
SHA1

557ea327f350dcaa964febe2ecac5462b12ce5c2
SHA256

f09c8ec97b11fd680f0e613ee7e80ff62277d15bdac386b4b5579f4174138826
SHA512

cb138e164391edae7dbc98902a811c123a3c572e37cee9c240237e900331b0d9f58cce17c2d93ea39aa4f2fc5c60ad3697c1db88f31a5868b221404ddd8e4ae8
SSDEEP

196608:6+fxbvsb2zYgZLV9lMTrY0Zo1CDFmh1J0Y51:6+fxTsSVZLhMI+mP31

Score

8^/10

collection discovery evasion

Malware Config

Signatures

Requests cell location 1 TTPs 1 IoCs

Uses Android APIs to to get current cell location.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.vst.wifianalyze

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.vst.wifianalyze

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.vst.wifianalyze

com.vst.wifianalyze
1⤵
- Requests cell location
- Checks memory information
- Uses Crypto APIs (Might try to encrypt user data)
PID:5057

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

System Information Discovery

T1426

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/WifiAnalyze/crash/2024-04-05-01-15-41crash.log

Filesize
7KB

MD5
61168ef293d1cc82b1ed2e5e100506c9

SHA1
9ca7a92c0f4b50895d2e7fc37b2a33d2a402154c

SHA256
cb9afc4faf0774eac11582311c7a406e07d5a902053470a007ed157caaef207e

SHA512
0282765e4860fe4293410d23f11ff7870ac4d64f22f7c6865a27be4c221f770185bff960bb667031a189c997e5ae2c4caffd95570def1f4e832b8747f059137d

Download Submit
/storage/emulated/0/WifiAnalyze/log/2024-04-05Log.txt

Filesize
78B

MD5
9a8f0e8932600bec99da3d88d4d72fcc

SHA1
c1765db0fc7929bd6fe9f4983a5fc554ac08f607

SHA256
d75be34aca916496646ced526f02a677de87996cff89dacc46b68af325ac7738

SHA512
d1c3198f54033f5697199c037c5c18404b2c033f5a5682971dfc1163ca5bb76130f7fa2841ba1958946e796064d7ef11561a3efd2b46c597d8243da14f9e8060

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads