Overview

overview

7

Static

static

1

015a3c2358...18.apk

android-9-x86

7

015a3c2358...18.apk

android-10-x64

7

015a3c2358...18.apk

android-11-x64

7

Analysis

  • max time kernel
    3s
  • max time network
    140s
  • platform
    android_x64
  • resource
    android-x64-20240221-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
  • submitted
    26-04-2024 18:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    015a3c2358706069caafdddb612a0585_JaffaCakes118.apk

  • Size

    2.6MB

  • MD5

    015a3c2358706069caafdddb612a0585

  • SHA1

    efd4cc56a19cf7e403495a43cebc286a29531c7e

  • SHA256

    d486f778a0b677bcd70ea3f6ed99356e4f03d674a6bced28c9728fa625b88db3

  • SHA512

    a892776600e643754cb1fd21432868cba76676b962c1b1cb7f3767c0d24113445d3b191d008c05347db3c66af3759d6a127516165ac30e51322d53453940b11a

  • SSDEEP

    49152:ga3Ei2Lnu2S9xphxvrymYbIelwvCjhUctRs3wZEqU7Tk5TC52QlLb9E9kNyK1g:138u2SkmYll9YqUTk5TC5p3E9kNc

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion

Processes

  • com.yxxinglin.xzid73248
    1⤵
    • Checks CPU information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Queries information about the current nearby Wi-Fi networks
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:5052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads