Overview

overview

10

Static

static

10

09d559ba11...18.apk

android-9-x86

8

09d559ba11...18.apk

android-11-x64

8

Analysis

  • max time kernel
    143s
  • max time network
    169s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    30/04/2024, 13:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    09d559ba11446b0c11df03e469815b2b_JaffaCakes118.apk

  • Size

    24.7MB

  • MD5

    09d559ba11446b0c11df03e469815b2b

  • SHA1

    177df61715268f7bfe5742997d574914396cd5e9

  • SHA256

    eb2ecdf71f136dd27d79b14b1278c8e807c49373ae724b158169710bcfcb5cea

  • SHA512

    55e26ff9987a6d56c120c2bb4fea566c56bceb2627b7c822e32635f903d10437304cfec784d56705d7da43a4ac7606855e01ae63fcf8c2cff69bf169f7153397

  • SSDEEP

    786432:M+G8CNnGVBy53373ldjmFZl7JmttLfWIw8+ek:Mx00hdkD7J6LfWIw8g

Score
8/10
bankercollectioncredential_accessdiscoveryevasionimpact

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Acquires the wake lock 2 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.speedCars.racing3Dmod
    1⤵
    • Checks CPU information
    • Checks memory information
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4464
  • com.speedCars.racing3Dmod:pushservice
    1⤵
    • Acquires the wake lock
    • Checks if the internet connection is available
    PID:4518

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.speedCars.racing3Dmod/files/init_c.pid
    Filesize

    80B

    MD5

    43ae7828623783326ea4aae901e4a6c2

    SHA1

    173428aaeb9a2f3911c2a53fedfbb4f341860fe6

    SHA256

    c0c943d78c99c4e1f10282fc5eab4c74b6aa5ce76c45428c8f76bf0467b3c2f8

    SHA512

    27c53cd905c6f0d42ac873c46c725f9e637dc5e2f3f3f83696ed8e2806bc7cbd94538865013086f4d2a935351d10b4d09c92b562c0a74e5cc9126f6dd806b2d9

    Download Submit

  • /data/user/0/com.speedCars.racing3Dmod/cache/1582435991586.jar
    Filesize

    20KB

    MD5

    fde2ee00cbd121cfab5290b078aa3ceb

    SHA1

    e2b77d5320e155e413d040a8c20020962065b2f8

    SHA256

    2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

    SHA512

    a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

    Download Submit

  • /data/user/0/com.speedCars.racing3Dmod/databases/pushsdk.db
    Filesize

    44KB

    MD5

    ac58bbbb831dea9edc2ad365f5fdf231

    SHA1

    bf0d69480692572c3d0b1a2531f99cc0d27ad9e7

    SHA256

    b75981d406079717b8b38194fe2c49a1c800f5ccaed5c501c4bb452450198dfc

    SHA512

    bf68119bc3342302651e3abd4161606585c87f6971e1cdb6b72a335e5569fc751d060ad89acb4100c7889888814571352aa76337e239d832d0de5eba32d0afcd

    Download Submit

  • /data/user/0/com.speedCars.racing3Dmod/databases/pushsdk.db-journal
    Filesize

    512B

    MD5

    58f2620d5be8f3f2b0c3acd4b2907ec2

    SHA1

    b77f23e8b9fb831268b97ca77fc444a3506bd9eb

    SHA256

    2dd5b9b6d880098ef6c916094ac9f564b97bd7e782d65432032d1465becfaefc

    SHA512

    f4ad630c9a3881b63daf9c911dcb5ac6c89f18b462ad4ebea58669bd9dfad405e15f0b5ebd96b996559bc9c08b9a3d301980a04b229562563922eea3df66d6ee

    Download Submit

  • /data/user/0/com.speedCars.racing3Dmod/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    850442b6487de8b162c701a62bb6edb4

    SHA1

    cc6edb9f9cb9457019c9f9d3468f5b513185770b

    SHA256

    ce5f33328de45f3ae317da5c8841f1f4e8b56561097bff39e137f86ff8beb98b

    SHA512

    97665ffe9923e74eb9ad5011cad220827ef998caaf1f3a3ca1ab58ee14fce37daf9cf9a1ab6a9097d89e614300efaf65b839c83f89dc7984b78113d3c01ed7a1

    Download Submit

  • /data/user/0/com.speedCars.racing3Dmod/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    3f01430dc8d1f2452e4392ebcbf66e94

    SHA1

    cb23f5a58d47581ea14ae056e9815af5e8ff3ff7

    SHA256

    1c53ef957894517b09d5fb979f0bc02a2a935a08e4d37468a17e2149eb565fde

    SHA512

    35925c652973e18a7e84cce4bb72e4e8944845df9efb9efd4930a118848f59e6958e89792fe8c72e76acac5b0aaa98fb69802610247f3f26bb22f7431dc894f7

    Download Submit

  • /data/user/0/com.speedCars.racing3Dmod/databases/pushsdk.db-journal
    Filesize

    4KB

    MD5

    4b001ad1eb06a77a8306800bdc9a7534

    SHA1

    013e62cb61b2c360de607134af318dc21cd1a0cb

    SHA256

    80ac6b93d3a13eb38db9a167f7c54adf6a610806344f62ba81ac66004641821c

    SHA512

    2701a4bc64cfb16f15c78ab2b6e065bebb00e8780c5e226a4cd45559e6af1bb6e41b1ccd0f799dae52802ce2ae62757f8989625532e9dd0013a9f7aeb799a01d

    Download Submit

  • /data/user/0/com.speedCars.racing3Dmod/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    6780ab449dd92bf2ca4b6c8961ad19b0

    SHA1

    43fb878787e80dbb2384ab333c8723f1d6cbe73b

    SHA256

    286772daead35b82a20510c3312528353dc91e721e7385fdce931caddeb799b0

    SHA512

    878c4fd0fe3bb8c22685ccb37bd04e5aec23577c11d340f929facd82c65581f08fe936e286e9ce982f4c1b7930c92007b2987645de683a2c640ccb68ebf3d104

    Download Submit

  • /data/user/0/com.speedCars.racing3Dmod/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    3c5c0444ca525a7611fa2a2dde5bbe6c

    SHA1

    99ce9181c780531b4f46e9aeee72a4f503995315

    SHA256

    048501862dabbf729aeed133603a3fdf899d95e11e32585dfcec7b726fff4f2e

    SHA512

    29763f5447cb08d213b8f90d5237546a4eced26cac6493428045b32cb002754a51ca20e688d62d5050b1736f1ad30c0ffcdcc2625c0c8df328991a15d01e8be5

    Download Submit