a97029272a3b3a9cc90f27e08958b628ec0d85c34c715d3533441b85aca5ff63

Analysis

max time kernel
22s
max time network
151s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
07/05/2024, 03:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1f39316ee42a388c1a35a3b93fc1c56a_JaffaCakes118.apk
Size

4.3MB
MD5

1f39316ee42a388c1a35a3b93fc1c56a
SHA1

f285e4c9a5154e5525ea459566e89e05af199b8c
SHA256

a97029272a3b3a9cc90f27e08958b628ec0d85c34c715d3533441b85aca5ff63
SHA512

f326277d0bf1f61df6229e0809f1b9d3a9a1c49b5ad7b7c62b6e490e426e4869fedb4ee6113637e71f9ddcccb5c71f8f1614eab8667599add700009d8eb1ea5a
SSDEEP

98304:uavUGpJ8xTsds4uMiYHHpL7OskoIZurqOnLk7t4S:0IJdh0YHHpPOsdournk4S

Score

8^/10

banker collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.rexsee.kkc.s73731

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.rexsee.kkc.s73731

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.rexsee.kkc.s73731

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.rexsee.kkc.s73731

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.rexsee.kkc.s73731

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.rexsee.kkc.s73731
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5151

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.rexsee.kkc.s73731/databases/application.db

Filesize
16KB

MD5
219fc92e18433e2bb697f665bfaa4c15

SHA1
bef34934bfae2915dc21a047589cd50576c0c3a0

SHA256
a4c004eba005d0cb14f317eb7a440be3c351fe7564e9900f0ea73c59239a7d2f

SHA512
d3e7f1ec0a9d11aa8469b65e12521ef69d0518a39f4058473edb03a03b735bb8a0ece8faf5a27b39ede0f68f6e16a90e9999f79c47939b6ac300a5863d063202

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db

Filesize
24KB

MD5
6bd3d6edd62dd5c5e67802eb20eb0aca

SHA1
5f61a6cf3a53286b2d01b50c23c9767030a7da00

SHA256
2f4f5fa58b317d315e475e997b655f4af677d0231956cb59f96a0f53f7697ada

SHA512
5df6b6d7ffafde389b187e2f95477cb45c62f5e793e07d7203a087f3a9cdeac82b3e51af9757cff9e87d1641f71e07ded9f1df9cc209fff71e1dce1147035715

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db

Filesize
28KB

MD5
9d8c5c064f0e3cf566eb512045624df6

SHA1
25d639cc918603f63b78a13cf19a5a78d53926c8

SHA256
d916b5e849a960e5a366aa0e17155f33b7fcd492fecd27b3352321e7e824604f

SHA512
a1b6044cfba09edc6f75b79331af485b26337ca75dd69ef94234f9948e7847feb3f9b5e1b36a974745b0bf7acb0a0a88e1c38bfa502686da6d590a14dbff931d

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db

Filesize
32KB

MD5
af1bd811f7c6b2ceeb0aa1348786165e

SHA1
ddd916fe60c647f71e3d62b1e99fd9a7e5c716dd

SHA256
431c4a932b948d3a2a98d200cd329b28b1196e03e9ca03a60de2c31b15aeb2d6

SHA512
549748ac44211e9abfd5fede520d2b89a538e49b0632e9407dcc056f4d69a53363eb36342ef316aac161ca51071a3c330d8589eb75a318c0c06519471be6b3bf

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db

Filesize
20KB

MD5
1d12b8c627c5aac92c9599843fbdb18a

SHA1
9202dc01f75e9652dae6b7b24fa3295dde7a2834

SHA256
917cad111e1ba8d53eaa84e5d01fba998dec8dfeee032b22d97ab93a27333e15

SHA512
40dabe8267a59d953eb81ba420d0b9031003f39037241a34130801273df3349d38b9de90b88674ac8520ce8568b93dce3c927ea4b810d0ee7252f5a4d16cc144

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db

Filesize
16KB

MD5
5919f4f402416b3f01bdbabc8b238e16

SHA1
fa1f8093018a874ef20b6b6e48cc98fa77f59595

SHA256
1a46d582574827c2bef91160f65497186b7855339905881f38a453fdc5cd3e43

SHA512
2fdf0028de922ce5b052c754738d9f396d6bf0f471d34dcbfac513b8f28e970dda50d0d860f205d770438e2a50e12eb44e18f871bf53329f71aff49c451aebc9

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db-journal

Filesize
512B

MD5
e7b62966685c02491bdbae9f3924980a

SHA1
a52518fa95d2ccdc4aac6578ba66d6cd76608ee6

SHA256
74620ae984a54f072b61847215df3be00494f20603095f3356790c54f24948d1

SHA512
617d61f761e4c178e903fb50e4d04df5bf70917217c0dbaca5b2182faa0ad68fa9500c91d10ffa9308a87410f28142d70e42687d488a5cdc4a3d278d0f4f94c9

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db-journal

Filesize
8KB

MD5
8787c174859d65036d5e78d527cb8531

SHA1
d3cd4123959d39f4cc2247256683f94445c5fa81

SHA256
b2b1c692072a6dd1490e4ddb6829fe09a6621e384840ed26f34f97fe71a3bb5b

SHA512
fd5fdd7b6f7df52ed586252ef782aaa7de13ad374e53aaf64ab5b8568eae156fa35e22caf93861e0b13cbd37d1d5f4d973f67d5ced3e62f79a6cd870b2202781

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db-journal

Filesize
8KB

MD5
e887477068db020f65198cf75b54ca1e

SHA1
195319968dae581ae19a6b1b77618bcc78f2211d

SHA256
c1b7601ef185596e2043d37d474c734e64aac856658d64917c1df772dbef47f7

SHA512
7e63f8137a11a1d915e1f260e19184b4e90e137055bf99c712fa2758fde39df74bd863f73c48b44e3223c1c41802bd2b33466a04cae43de7314422319790046e

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db-journal

Filesize
8KB

MD5
c5e026c65850fc0825a4db613b8ae9b2

SHA1
19346f8797c4a30b7c41be63d3fafbfe91edbcb6

SHA256
135ade067be8227abd6224adac29f4812549a96b15b414b5cbdc1541b9d87a91

SHA512
f7a646729b6aeab65e42a492f2fe831efeb67878cd5b71a38392a39f0753b0df3593b8a63bb61c82abb64c3d43830f8a0187ab28ce7818e02aa376af78ccd0ce

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db-journal

Filesize
8KB

MD5
57b48a71056ef9baa718a557e6ee8b33

SHA1
3472046986688d7b04f64862be83a2ecae4d74ad

SHA256
c8cf8ffc7f3dd00ea5c507a12cebf85490ceb3389a49ea4078d07c8031f5f1dc

SHA512
0b8ca80d5049592a40432f721fc2a7d4e18d14559f6b0dfc1cf53dbcd8f0636661ef815aa2339ed38b984c95b32c4241bed61292eb4ce69ede4d1e6c73f1d858

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/application.db-journal

Filesize
8KB

MD5
720d376139f151f8df902b4e1ac66830

SHA1
4468b35a483b48c2d72aa7925c2fa20ddee1668e

SHA256
82b164a27602012a8814e28b770ccafa1370a10174874b83ca1bf81320e9551e

SHA512
3df094c627de49e73c0edac82dbca2990575b8eead037660fb440f28bf10dd8f6d70d7f64bf5c38d1b3736a9223d346800199ab770cef72806179fd9c156dd02

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/push.db

Filesize
32KB

MD5
c1e2ea108448a205747f296f975af63e

SHA1
a285564b00c73f2fc7284a05f53dad0c68010286

SHA256
b04c1aaf06de93303b4b58e430245b3ad6778744700da75c6d8d139ce430e1d3

SHA512
161a63ed455da1c00783316c0ce9f17258744c64c979c4c85256eace10f681fbe8d14885811bd0af2bc9be38c5ea82fe4ef492b6446e0bb2ce0ff3d40b6a028d

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/push.db-journal

Filesize
512B

MD5
1b0e8d14df4434d28c7bc7368201658f

SHA1
bf881cf2de79b03d8cf24936cc6729e85c9bbb51

SHA256
f7b748886ea77640d2847df4cff7bf6c999e54e350c41fc77c2f4154df228659

SHA512
fb4911b7c9450d8d4987238b001357304f11266bdad7f854613fab8d843a98b61e8114d3236951444316d241d223228a4fabe07051ed3a864074c0e05c57e586

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/push.db-journal

Filesize
8KB

MD5
654260fc16bdd7ca4401dbf661b1aacf

SHA1
e0aac1207b237eb8d7cf943f216568c414bc7b18

SHA256
57378a5f34e90cd077a42e8da299f331d66106eb527cb3e288371fdd61e24539

SHA512
2b8e085172ef72ff54fb80cc6084ef53fd032e815bc405a2eafb64dcb1d70428fe4371ae9a59f721fa11d54b74ce9fb90e3c84b4a02d3b643e4de390c02d3b2d

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/push.db-journal

Filesize
8KB

MD5
e6c97ff88cb12e45cdfd1126e9f51841

SHA1
2e7c1e370cd5f1aa9fd767d737b3aec91733c961

SHA256
715a994084fd07b1709159b6c3c77ae130882bd906877fdbcef27cbfebb62d68

SHA512
a6d6b0f48cf45303a71cba26b95806bb2cd139dc946981257a4beb0c85ae6c288a22dae0f9fce686512458e06f6db4b39e8ec6e36aaff8a468d2530dc83c39e7

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/push.db-journal

Filesize
8KB

MD5
2f9fc6be61240083a72f1fe1f85f7951

SHA1
390c845ddd9d6c9061529db651ddbaa5db98c833

SHA256
494f280497c7530af3a5b7dc05ad256eee49a75f117953e01b39f8c69fb5c7c2

SHA512
12b20a9a46740e72732ce5637c4e5cb99de2a3843b887ed608254f1759abebd9bcc7804ae0842f9d2b37687a30ef8727839c4d5544aff19558a866251043c0a9

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/push.db-journal

Filesize
8KB

MD5
384f2698a94ce6a9501ee5a8c7e01d4b

SHA1
ee76d508f8d7cdfd62d3532530e2e746e8449b9d

SHA256
2d339cc0f6655baf92fc057e8903b17df8a1fead0349073b02b117843c836910

SHA512
ace68b91133c94f317946ec06b0095f32de0227c331e5086ae78650e1a4a12a00fa4b7912e32ba2bad7a5bb89785eabbd96cb0b5fcdff76f12092ad505523f2f

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/push.db-journal

Filesize
8KB

MD5
7ae6b9ea76f57a627b9d1b4440857dca

SHA1
d745219e3f8d8f4c8f59365752ed96e897643c0a

SHA256
32e0174e5a2cdc534bfdf181252418b8ae9fec8dcf2e65377c670f701a3b63d5

SHA512
3bdb3baa2fd738c87055620c580fcb2a1d7608881199ffff57c9f58822081b8479ad7cc0a4e588fedd72c16f4d543bf4903da7acd0eb55efd82e14580260f9fa

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/reliableSubmit.db

Filesize
24KB

MD5
5c5c3d0352a134ee0e24496c2c4a4e91

SHA1
3b4605668435980693c6e612b6c5cf98905908bd

SHA256
31ad888384b2d4b98080003bd65f5207963263382f1f3a4ae091d30004b8b831

SHA512
88733fc835df6dbf7d0fc03d8b5e7d497ed7578ca8ed585624f68c6b5b962be1b3d2e70e439cbd14e302e220f21205807a836bda3770179434fd5844b1319548

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/reliableSubmit.db-journal

Filesize
512B

MD5
87ca460ddb14b0f0a8f683178328ad13

SHA1
22629675175fb4b791f58379d10e1079c26f2bb6

SHA256
172e30353b58f4889b6bf4b358d2b0d6fb730dda52037e9c6ed39a4ab38325f1

SHA512
c577e771e0ed2a9c88993e725780f01ced6914a0030bd8a91f3fb89c2bf8cc6065f39042668fde5125c6a6a877be7185d97be175e7172300abef8ae8225b7d8f

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/reliableSubmit.db-journal

Filesize
8KB

MD5
fac017550c3eff36c2554c5394ad6232

SHA1
a96d09b295f5ce9d6d11e571b7bb216d09206bfa

SHA256
3d52a93fcea78855749d77e720acca11781ec0f38859a99183bedb176e5647c5

SHA512
eb6de9232efeb0446a9c0ccf1f66bd135fe094e5612df218f9be4f691be72a9e8514d078975f5b2e3e8b567ee2ff709f5a64941dabf5788f1e48dedd50f4cf87

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/reliableSubmit.db-journal

Filesize
8KB

MD5
e3ceecf1712780b3ba136e3689846647

SHA1
c9424a0f9bab73dd9df02f2848e6388b0028d94e

SHA256
455c18b5a95dc1d78de3dcd662373e69214a704274ba44a2cfd7485ae1406023

SHA512
727e53229d63fed65d1dd5deca1a859b0c462188e2aa1eb208a93ccdf9a3b92c8ba0660da4ef3829f165091fc7288cf99717222b711ce8e6e98579e86d707243

Download Submit
/data/data/com.rexsee.kkc.s73731/databases/reliableSubmit.db-journal

Filesize
8KB

MD5
e8f011f97856644e870b469218c08845

SHA1
4adbcdaa8b19b741e79c77445f606e4d03e908a2

SHA256
34b6fd0f877c02d53c3633f565a4fb2fdb28654c14f025eb5ea0f417f565946c

SHA512
b18f8686833780cd871d55862e0d16c670dbba854a4b510f929309ee230f7f5a37645f7f6c323843d0a51dd15a007efd28dd1f1f7fc475c58e1f9e195a5ccf94

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads