cc314c4f4acf97313871a514e2520cfdd14629049d8ec38440c1109da9d5ed0c

Analysis

max time kernel
153s
max time network
153s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
11-04-2024 12:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ed6d6788440704952d19b2bbbcc280c8_JaffaCakes118.apk
Size

726KB
MD5

ed6d6788440704952d19b2bbbcc280c8
SHA1

5a04f3564b99c3f2a4cae4540f5b64fc0371cd28
SHA256

cc314c4f4acf97313871a514e2520cfdd14629049d8ec38440c1109da9d5ed0c
SHA512

a34529f3d893bf2916509829d514b7a4c76ac7e08380a3670f9eed8593f3cc30cae9f10f9ae96862aab761f91edb76ce4cb22194000da303eebcdb7826272ad7
SSDEEP

12288:AoHlEEAqlsMji8AWk8vN0SQ6vDdYU3w3Zy80cSIrRJqljGzBmuUaLsVIs:xZZrjLa8vNEYeZyqS8UgmNaLDs

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

com.app.open

pid process

5048 com.app.open
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.app.open

description ioc process

File opened for read /proc/meminfo com.app.open
Acquires the wake lock 1 IoCs

Processes:

com.app.open

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.app.open
Reads information about phone network operator. 1 TTPs
discovery

T1422

pid	process
5048	com.app.open

description	ioc	process
File opened for read	/proc/meminfo	com.app.open

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.app.open

com.app.open
1⤵
- Removes its main activity from the application launcher
- Checks memory information
- Acquires the wake lock
PID:5048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.app.open/databases/wap.db
Filesize
16KB

MD5
d7bf7ccdfa025796f221353f0d87ee38

SHA1
162bcd1711c5f50be09df6a2e4eebaa9c69ad69b

SHA256
e8fd65c3418408d09c4e40426d0340c9043c320fb83263c8103258f44d97feaf

SHA512
1dacc1aeb84be133fa33ad79640220293bf777e2801abefa41a355f9573b279397df4e3488edbddbd291cff27dd91ffd9f5f5dad92ff86c099845512ee81fb3a

Download Submit
/data/data/com.app.open/databases/wap.db-journal
Filesize
512B

MD5
255f0bcf3b483b8db9d090a171f14499

SHA1
2d38100d2a7508f5d731e907f90276c506435188

SHA256
32dc955bb267f429fe02e85027a1ecd21f1c87e9568ec22ffb8e94b7694f9382

SHA512
be9cdd83d3c445da7cdb0f08b43a8fec887d5947a830a13c01d45d168bc945a81b504f4191f4bc4dba9f09cac6f61bed674f669795b16f732b2f6136b619675a

Download Submit
/data/data/com.app.open/databases/wap.db-journal
Filesize
8KB

MD5
ce9180395bc5a30a30566c4ba3e82df0

SHA1
573641c0eccdb943fa788170c012940534ef9ed3

SHA256
88f43b6ebe3829425f7987dfa049ba01fe621a4178f328c2322c4ef586748470

SHA512
8cbc51b0a2925cb66cc89dcbc09ec98854382e0a2f59bc15e0b8cc48f652a0362b440dd39f14867639ec24c27983b62cdc81c1bd98039d1e6fcb943bd9d4e6d7

Download Submit
/data/data/com.app.open/databases/wap.db-journal
Filesize
8KB

MD5
b3ac37df69f9388b1d03aedb15e6d75d

SHA1
b993edb13a685b58f72d56b0a28e346de54d2d49

SHA256
e65e3e9bf5f93adf198b30565cc10f440e1907fc6a1c88906e0540647736158f

SHA512
3ce2524f86372450f21a2b949f14866873b586644c9d8193d542db724f132f6b05a9e7e610d15ca0b159e8dabfc0fec1090e82d850802081e6323cd3a4506787

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads