d67aded33ceff703377b509bf9919b2b83863eb3fbcca6e8089b8bf95fc940da

Analysis

max time kernel
6s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
07/05/2024, 09:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

201d47fe7806da36f6434f88524a49db_JaffaCakes118.apk
Size

1.6MB
MD5

201d47fe7806da36f6434f88524a49db
SHA1

374c8627293febb0b58b4cc00643f6c4020f23fb
SHA256

d67aded33ceff703377b509bf9919b2b83863eb3fbcca6e8089b8bf95fc940da
SHA512

4547061340c8d5806614cb63f99fb04aabb3038d2bcfc372fd48176be0075ed6de85dacc4725e4542d6a70f787a4464698701ac21ab1a193f16d7da050eccc6b
SSDEEP

49152:eXyb42ndTZac1pEAqKassYDptOQmT12MZZmYCm:eP2jaZhdYDpgQm74m

Score

7^/10

discovery evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.eft.feaete/files/xio/vRXPsFGJ.jar	4155	com.eft.feaete

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.eft.feaete

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.eft.feaete

com.eft.feaete
1⤵
- Loads dropped Dex/Jar
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4155

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact