Overview

overview

8

Static

static

6

ed6d678844...18.apk

android-9-x86

8

ed6d678844...18.apk

android-10-x64

8

ed6d678844...18.apk

android-11-x64

8

Analysis

  • max time kernel
    148s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    11-04-2024 12:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ed6d6788440704952d19b2bbbcc280c8_JaffaCakes118.apk

  • Size

    726KB

  • MD5

    ed6d6788440704952d19b2bbbcc280c8

  • SHA1

    5a04f3564b99c3f2a4cae4540f5b64fc0371cd28

  • SHA256

    cc314c4f4acf97313871a514e2520cfdd14629049d8ec38440c1109da9d5ed0c

  • SHA512

    a34529f3d893bf2916509829d514b7a4c76ac7e08380a3670f9eed8593f3cc30cae9f10f9ae96862aab761f91edb76ce4cb22194000da303eebcdb7826272ad7

  • SSDEEP

    12288:AoHlEEAqlsMji8AWk8vN0SQ6vDdYU3w3Zy80cSIrRJqljGzBmuUaLsVIs:xZZrjLa8vNEYeZyqS8UgmNaLDs

Score
8/10
discoveryevasionstealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
    stealthtrojanevasion
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator. 1 TTPs
    discovery

Processes

  • com.app.open
    1⤵
    • Removes its main activity from the application launcher
    • Checks memory information
    • Acquires the wake lock
    PID:4177

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.app.open/databases/wap.db
    Filesize

    16KB

    MD5

    d0e86385400a9f03c6e670ad49b175fb

    SHA1

    ff3f0d52281406d7ba75ede71be1c1e99be0536f

    SHA256

    9391c96b42639e751cbd87539f9ba773ca3fc8c0603201099820e7897a5b3d6c

    SHA512

    07508fea5c764ea759cdb32d01e8e9c4e08ab5c9f55198b356d2c719e966a885e1278e4f500061a842ae839562aec7babbb6f80cb328812404816c0048eb99a7

    Download Submit
  • /data/data/com.app.open/databases/wap.db-journal
    Filesize

    512B

    MD5

    027fab38207ff04e45bf9a2371e09250

    SHA1

    5184a407cc72a4cbcc990748e7ea249e0a82d2d8

    SHA256

    57d0dae58dcf7a8d215f4593baff34aa42b5c56762ed3be3a8bb38e4a3bb7b89

    SHA512

    8e99c8a3293dce5cb0a38fb3cb42ea67e53e5a5d8c2725e995f3ab5375c0dfd8fd78f1539f1f3075aea2952a2e2997edd8fc1d253f2a44a092ba52fc3fa20061

    Download Submit
  • /data/data/com.app.open/databases/wap.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit
  • /data/data/com.app.open/databases/wap.db-wal
    Filesize

    28KB

    MD5

    109d108cdd7e9f478509fb6a7e25b752

    SHA1

    72b6f4bc3af23b461b3f66ff3c9c395ca09b5ca6

    SHA256

    cc823e7ac060c4669c7cceb8d0473bf191ec99dadb0a4071e9f6b84213de9697

    SHA512

    3065e2b9a20fa405f09104c4e84c2292dd83b0d6b9288b7845d465411ef45416d59133b1af2e5e3ad9022b95a7bd577e12f9b0129dd9aad56a527c7b54640fb6

    Download Submit