28ff56f012a5a2f3d9484483f7e101cd779a16dc40ca55134b942278dc0c7e6f

Analysis

max time kernel
147s
max time network
130s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
29-04-2024 01:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

06801922e51f9599b3f78a19c7be469c_JaffaCakes118.apk
Size

602KB
MD5

06801922e51f9599b3f78a19c7be469c
SHA1

4104aa1fe43314df19b61165af1d6da2941778a4
SHA256

28ff56f012a5a2f3d9484483f7e101cd779a16dc40ca55134b942278dc0c7e6f
SHA512

811fa3114754939e52383dcae81ecb5a79ce0410068ac37f645a4f583961beeeeab87c0b2c2cf2a022e98c69cbd90c1c20f7c1840276ea344d2564138f9f93a4
SSDEEP

12288:IEaFZvkGGNUuWW1NVwCKn6GAx1d9H1BY+0aTBpqSol2KpEhpX79w:IEaFmFN9v46flH72wOSoMK69w

Score

8^/10

banker collection credential_access discovery evasion impact stealth trojan

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

feifei.shasha1.meta.face

pid process

4452 feifei.shasha1.meta.face
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

feifei.shasha1.meta.face

description ioc process

File opened for read /proc/cpuinfo feifei.shasha1.meta.face
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

feifei.shasha1.meta.face

description ioc process

File opened for read /proc/meminfo feifei.shasha1.meta.face
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

feifei.shasha1.meta.face

ioc pid process

/data/user/0/feifei.shasha1.meta.face/app_ttmp/t.jar 4452 feifei.shasha1.meta.face
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

feifei.shasha1.meta.face

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener feifei.shasha1.meta.face
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

feifei.shasha1.meta.face

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo feifei.shasha1.meta.face
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

feifei.shasha1.meta.face

description ioc process

Framework API call javax.crypto.Cipher.doFinal feifei.shasha1.meta.face

pid	process
4452	feifei.shasha1.meta.face

description	ioc	process
File opened for read	/proc/cpuinfo	feifei.shasha1.meta.face

description	ioc	process
File opened for read	/proc/meminfo	feifei.shasha1.meta.face

ioc	pid	process
/data/user/0/feifei.shasha1.meta.face/app_ttmp/t.jar	4452	feifei.shasha1.meta.face

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	feifei.shasha1.meta.face

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	feifei.shasha1.meta.face

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	feifei.shasha1.meta.face

feifei.shasha1.meta.face
1⤵
- Removes its main activity from the application launcher
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4452

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/feifei.shasha1.meta.face/app_ttmp/t.jar
Filesize
276KB

MD5
9aaea567e0c93e51718ba7eade0e83df

SHA1
0005116aad1779361b70093db00fed5ac090ae23

SHA256
b30a95dff6f65f444472971c8aaf895ffc8e66e0117ce242ec4cb8a8a519a5ec

SHA512
2aef1034335d8752f4e25ce6c5823ce03019536cc6e51ee61b5291c77a0f356a2517e0cbe7f2c4cc2d897115dc856449a342cfdc247c9d34d313187d15b2f890

Download Submit
/data/user/0/feifei.shasha1.meta.face/app_ttmp/t.jar
Filesize
587KB

MD5
f72c3d07507c3e26d317e9117ba757d1

SHA1
cdede4739e9dd9fd95243aab5e44c24f93f825c3

SHA256
1c65834d9ca018c6496a8b9957589d0e94657911b6635dc21a448d78f9238887

SHA512
3420714252e7503abc13c99274d767b0bc08671d769460dc61823ab9470e145fb75c5dfaadc617d3a05cf251ed5ecf38ea7e8c1d7b343bca4d7e8296f1b805d4

Download Submit
/data/user/0/feifei.shasha1.meta.face/databases/feifei.shasha1.meta.faceb
Filesize
72KB

MD5
ce1b192faf8421499069714e9ae50c4e

SHA1
d63620044b42db586a2c1a85a4cb5273cc7e21fc

SHA256
6553b1e3968bdca0a42e18657736ad2e3adc18ef6d2ba5de3673c4a06f9a73cf

SHA512
0f949900567f6c422874e197bf5f060dd00777cd20537513abc36b6513573f186c347a19b772eade4c449a0c00507a311f65fad253230a3dc7f3df967f6b04b9

Download Submit
/data/user/0/feifei.shasha1.meta.face/databases/feifei.shasha1.meta.faceb-journal
Filesize
512B

MD5
ab56d4179bd8df0c4c7831491cbe285f

SHA1
766286c1e9fb0d27442a3e9419fb7aae251d8efe

SHA256
a52f7c2b94f3f67c67391839673e42bda15121501322824050d466db2530f085

SHA512
3063ddd8078de1f919d9e4605ddf2ad6ca677da680cac2b285e83cabd935eb7c43c440d9fffa1988e873fd9032c82ebd56359a183d0954c74678d418fc2cba90

Download Submit
/data/user/0/feifei.shasha1.meta.face/databases/feifei.shasha1.meta.faceb-journal
Filesize
8KB

MD5
16f9415187104932f607fc7af7aac565

SHA1
02e4fbec3e3216ad40a95df07cc4c18d639c2ca8

SHA256
5923ac6e8363c5bf21694bbcef96adbd9b4739e9485376a47bbd981a0743641f

SHA512
a947c63b3e37e09d11542ef731d8ecb8e56458adf5a89367745e27a69f56c302645b59cd54d03c4aebd6d672e535dd35929c52f05a8c657d9393512ff541f405

Download Submit
/data/user/0/feifei.shasha1.meta.face/databases/feifei.shasha1.meta.faceb-journal
Filesize
8KB

MD5
fa335154aacb134517845b205bc311e8

SHA1
512d652d61fd4d8b0e3193867bda1d55cee5a298

SHA256
65a329a138e3f028e03cde3b6b93a29ab543bacabe0e2528139fc77ac559c7bc

SHA512
400bdb68467ff8428a7461aaf3220ed6240e4d802eec404cfbfa119f2c2e55a5e9177ac788e566f6a8fbf394101bc6d79905e56c4b4821f4446dd9d486172125

Download Submit
/data/user/0/feifei.shasha1.meta.face/databases/feifei.shasha1.meta.faceb-journal
Filesize
12KB

MD5
89e605c8d2dd307ef10034b5e9c54661

SHA1
1dd0ffbdcad8968ae605920b56cb76faf40b7642

SHA256
3dc6c2b2b011d56003b8fd0f1b34b9364e8a0a547011ae22e977b395f7125f08

SHA512
31f324bfadf38906265e2aa47c8a36dca0fdab11d4a6a035171524a28402ae7325b8ad3400b534b978e6b811191942550638618aecaeb1d2e6c092b8c5e8448b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads