c5bc7e4f06979628b1924af67271e996b5ea4c81706e8caa7321403500677493

Analysis

max time kernel
158s
max time network
131s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
08/05/2024, 23:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

274d6a670f85b3427bdf763ae9a287d5_JaffaCakes118.apk
Size

1.5MB
MD5

274d6a670f85b3427bdf763ae9a287d5
SHA1

b4a57051e49d28aae87e692e2067962be0e00435
SHA256

c5bc7e4f06979628b1924af67271e996b5ea4c81706e8caa7321403500677493
SHA512

2be703e398caea48e14bc8aa66eaebf56d9aac09d196ce10939c51b731eb5a0718dffa825db6ec7c39d5ee595b4a7f9e0ba88d9de4af80074a80b12752fd6e53
SSDEEP

24576:U1wiacm17RP9eascKBPVu3ET+/AVMa0q8XC6HAGXjXB3Rw9vDRaAswRZrJAnr:UiJ17F8az2Y//AKHAINO9vDRpbRZgr

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/info.ofad17e.kc797bd/app_lnlnq/classes.jar	5112	info.ofad17e.kc797bd
/data/user/0/info.ofad17e.kc797bd/app_lnlnq/classes.jar	5112	info.ofad17e.kc797bd

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	info.ofad17e.kc797bd

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	info.ofad17e.kc797bd

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	info.ofad17e.kc797bd

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	info.ofad17e.kc797bd

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	info.ofad17e.kc797bd

info.ofad17e.kc797bd
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5112

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/info.ofad17e.kc797bd/app_lnlnq/classes.jar

Filesize
72KB

MD5
f7844fe5c186227c34a79288fd1cbc3e

SHA1
5e2bde548833aa5f0626d177f304623598cf16ab

SHA256
787b8c8b533d051d147c2fe8070b420d79e0dff47b96ce5336789d9f847f42b2

SHA512
20fe11a35709ab40004d633f131b351c2e262152a6d482fa6c579bce1c7dff36e33bc6cb91cc6a0a1efc9ea0a49f9e0ba27651e4996525d042a4e4080ae4b765

Download Submit
/data/data/info.ofad17e.kc797bd/app_lnlnq/oat/classes.jar.cur.prof

Filesize
189B

MD5
228f741b931c8e700b7c8ae7f81c19a6

SHA1
cb467447bdb8857ce851977a553d98d7fbd554b4

SHA256
ab58c764d8ed933fd9f0d0b63a582dbca5a019a570a889227abcd870f147762f

SHA512
a4cbda05170cc17d55209a4ce00c2cbfbb1a4fc44ee1d11ef4c78434c5cc2a103c20cc76c391279e2294d39131b053213e1afb19a2ea1e1377a35067fadd926b

Download Submit
/data/data/info.ofad17e.kc797bd/databases/dbfvh

Filesize
32KB

MD5
56e2f6cfa247f648af8d034b04e9006a

SHA1
8725646937aa5ae5ca6f98db50354991b3eabb75

SHA256
5f95eeb7d0a9334cb095383c0dc601cc1d7cfcff203cdbf87bdeacd3a76d1e5c

SHA512
54f2b951191b301c114dec323767d20d99a3786dd7259bfe1122721090476db66bcdee8afae1d641961e2dfa255fd6ac0adcc5a06069c28675205c7f2d0a8d9f

Download Submit
/data/data/info.ofad17e.kc797bd/databases/dbfvh-journal

Filesize
512B

MD5
73d586dd5d69ef55617b127df197d9bb

SHA1
40c65f8affb870be1f6d08baf8e6abb74fc43e44

SHA256
cd87938f1fe0a54ae4bfdadb24841d3dab489057953805b2defa3b48c55ee96c

SHA512
3c3a22a8b966323e33c98aab296477ee94b6aeacea3c01a73ab27bd1f72e016097702123dd2477ddb997504dcace4678dc2ee4af68c7d75f5556e792e812be16

Download Submit
/data/data/info.ofad17e.kc797bd/databases/dbfvh-journal

Filesize
8KB

MD5
3f84a063a03f2384fa1d4064d1dbe6b6

SHA1
903b08a0a9befa5af571b2944c47ff9fc1b5ae52

SHA256
d452b0332a9441659cd6e4ab24e4626417ca917b344f371ef99e1a72a31f7ee5

SHA512
9f5827f863f49b8c530807323b8c448765f2d0d38f218f30ffb4e2e4e21d5e23b18bb1cc4bb768980c1aaa21537a3f02de615ea0b844b4b90588754532e85cdc

Download Submit
/data/data/info.ofad17e.kc797bd/databases/dbfvh-journal

Filesize
8KB

MD5
9d4830d7ef6f473f1762b04de1272e9d

SHA1
2772032a6af49ba7dd449b3ed96fbfeef3e56502

SHA256
64fe40504697f0d3f7119181a10f8c6f5680093a33835760a9ca342a01aeeb01

SHA512
c40ef149353d0a0e22904ba26169eb647239c393d6664eea0cef7f3884c45c9f1a49f7b76f5d442040eb6ee927fe8f40a3177523d3271f0aad30677ce328b088

Download Submit
/data/data/info.ofad17e.kc797bd/databases/dbfvh-journal

Filesize
16KB

MD5
f2992a6f0744617c79674972b2963e4b

SHA1
271c8c6892319131ff60cb17919255e04849dea6

SHA256
4f811bddd4bfba113a6efdd0cca0e3833af2813060e13af4256bcaf348615eb8

SHA512
c4b9c48790cd39b746bbfbf87f40ded1a7a21f91f4f0ef76beac020e7de55730cf440d8c9cc37d7772c721dca3cd1a396e632ec08fa1a6ef04a5e9e91db5cd87

Download Submit
/data/data/info.ofad17e.kc797bd/databases/dbfvh-journal

Filesize
8KB

MD5
4e7ced2ed3a5b809b9a181de5b185b5a

SHA1
dcf401712d63d2160d41f01bf5610c8cab96cbc5

SHA256
ec0c156dc6f268046061ec2691d03861bb617beaacb2f5f210c01c401356e1c9

SHA512
a0518bad6e6f403e58d19343063f37330cd3c94e8ef37787e422ddfc2f96760f3f4452271557642cc081d06fb73e1eaa3786139c97367eff7ed76963f18d854d

Download Submit
/data/data/info.ofad17e.kc797bd/databases/dbfvh-journal

Filesize
16KB

MD5
c69005301f10084d234a6733c9f8a1b0

SHA1
8f500dd3934b00609ed5be356988bf128e4751d1

SHA256
967132592e6d1fa43d472808a2598d8acb874130b5fcb8e4fde368b85d8f4f45

SHA512
6de06f7c868d6de9d336951629e52d8a9c7411a0c487d0ebd880a5a790893f3b291b687d0f299571d592673017ec419fecae1e2b7a589853e072f619ee9dde31

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_analytics_v4.db

Filesize
28KB

MD5
85796667126441317e56c50bff074f1d

SHA1
41fc20e4f91ac4f545b82806e8ad7dacca914d41

SHA256
f2fb1c5df2f3d9a7f4be50f3cc9093c22347e55e00404725535939986a890bcc

SHA512
a09594f4e13363f65091c1e8cfd44a976a03f9b8dec53e64ccc7feadd77feeb8e4cbdb714444f875030067938ff03d1974265c12b5232df225757324615b58a4

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
d7fb275d60ea9ca13cfad333fff9b84d

SHA1
994cb97ac7c2588888d2adaf8bc38f4229534e27

SHA256
0c469f6779d6f64b6b6c66d317852552d387d88e51a59352d0dc60ad4e8acb8d

SHA512
3e54160baf93d15646ffdcaf8b67bcb2e8aa0127cbc473d62a276b9c37586a6955b67c3c6735294ba360e1a5b83e6d01235bf8b49341e777e2229e409ea28e62

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
780a4ce211f25ca6990fa048b9a31fe2

SHA1
58e72c4b9004ea6072f6a35a43b30f7edb0d7d9b

SHA256
10ff07ab76d22264232820b1e12ce4493a9094a45f22a85c1417c7dcea600bcf

SHA512
1bed155de8580601d124b01706f6cb5ebebebc530a0a1cb36da340fda4d446627b9d971b663bdc2f9049523a061736218109fd3ab5c1422bdcc572db1584e976

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
4b9f9ef6c0ff8f9e9748965eabf54efd

SHA1
6d3b2e983134b55fcbbe275c223dc12e5395f5b7

SHA256
810ab32f66ea5f754c39fa50b6d13cd5d0ddcfec6001433a837cfb39a6a04de9

SHA512
0dca38d2d1168004a8d30e92d82a84d93bd26b68b6137ef64b7e216c065afb21eab3b9a50634aa6bcb64f6a21384d8e604ad1c91f1cfe8bb59a368d3a035103d

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
3a7737842a384372cc460bfdca37be0b

SHA1
1672dcfb570adcf915664bb641f36e334603faef

SHA256
06f533e25d61e341643ef3f593447e6c48bb534a0bc6b2700f3aa3b546d9afb5

SHA512
78b41ba302e84d729ee17ea76578db0dff9b31f374f24737d9992ee0f4dec4e058e5db56f3480e8e0711bacf417dedc9dd92b24c661a61dd77f4fbb9c90ab01c

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
4ec8ebd7845b045a0e13b69107b5e1bc

SHA1
925bd24d79edb5b2bb64ea9c6f8aee447c3eb0e7

SHA256
51422b239288f8cc988509780ebd7f9a49c3a5f0c9a4f14623c0a277b349915e

SHA512
5b821550fd63219eb03132be68adb3cfd412e8746a481c0b9a8969d58b85fec09af9ec68383ec5a5bcd72a90f43c6a7ade0238808ffc915edb4ccc71ff0e8c27

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
4d36522f135b27955add615cf0d0bff1

SHA1
73532d6d375446a47a999e8bb2f93776eff980a2

SHA256
35749daea0b45bc7e90b4adddba4d2d78b616d365c7b83ea131311025e2b9817

SHA512
a1ddb8f9e8c629ada48849bc6b69c710fa51fdbc56599d81363443c9900351e1e68ef6707ebd36b7eeb143efdd950fd32fa6f694b587c858a1f3fbf2ef7ab1c8

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_app_measurement.db

Filesize
76KB

MD5
460affff32e366124cfebf549b857d84

SHA1
f8be96bbadf2ecb9646e3e47c7e766967df5ddfc

SHA256
985edf25f0d5a2c139205e6e9923f7177932bfa0b7d358b084b228bdb5bccb05

SHA512
e90168b903504da1dfad39ab02f2f885b37ca9517c9742552a84009612ee61b22fe9bd409a3a211e813de325433c85733d3622e8a877972fba0c6a217b440d5b

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
e98b18711d597fc230ea4d920b7a936e

SHA1
e4bf6430ec5a881885ad36d2170f7ac68ae42519

SHA256
06235fa827083c4a752c803c8537379bea345971de890bf49acfee6dde6f98cc

SHA512
d959868d7516e7b462df9ac4d30931a8ea0bc872b44488b677f698838bda11f37fefe37c48d0e233a663f12f1333e4413c1203d8525064588f71630317712ed8

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
cd4e9f734f4e6947ee5d45994d407b68

SHA1
c01672d623dae4bdc836a42adb5bfb5d358d5d9a

SHA256
adc442526eb4a8f6439c7a5ff3da924dfdf1fee8e54194661a8cd763bed4c07e

SHA512
71dd88355c2301812a4c40ffaad341bffb491f8cabf3720e9155aaabee0e15bfaac4a2ba0c708a3d3e330bbe738ec1bca154d4507a091fef55763227963998c5

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_app_measurement.db-journal

Filesize
512B

MD5
aeba124302e5a0437f848b5ead1e2bfa

SHA1
516635c8cf0a2936af9f65e87d0230fe243fec4d

SHA256
d250ae1bbb78b0894340dedf2c41aecc7811b6f29db2aafba0d0f169a653367c

SHA512
705e6427334909a1bb77dab69e00835a92e7bf929b353c0cfe90528d89e46342e67dd0a5507010fd439160a979f8308fd648d2c797f99b9d682d56dbc47dfeb0

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
c49acca528bde2c12d128df41806c6af

SHA1
f5cc4c610256505288282550f68820b9133432c7

SHA256
a43f58195ca6000074cdb4dcc99b91d2b85d5ec8624901ba465a61cc91e28bdd

SHA512
55c3949084244bde290dbe404062fb3f7673d7096ae4443a312a259b439df1001e7f4e93dea54617a3168163d0f14dc7ffc7bde4452134f500d967583805a3c2

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_app_measurement.db-journal

Filesize
4KB

MD5
0c396e6e0b5625bfc68bd5cadad09535

SHA1
f6dc7fc3a4ceccfddbf4176bda1a2b60cde9ea90

SHA256
5e90e21153da962c58aede1919cc6f264cd68872c62416f588dab6d24443132b

SHA512
8052272a4fb48782ef920257822e68e9df8e820336447e45ba86bdc1fa766a37a30b395218afa470f9e3ec3dcad131ac2286ee3ccb1f6138a8ea32ca0b3e08da

Download Submit
/data/data/info.ofad17e.kc797bd/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
f3252c1499b30d3df42f8aa2db2fde41

SHA1
a01ae6c49d34af2016b49cbc88edf0aa02d8967d

SHA256
89bde42ee2e5720fda49a401f86934d8059068260606c8a810e890b3a8a134eb

SHA512
3869f35d5bdba1e0a5c10bdc8911909ef3eb60e84296463fd4040508453a4725aa9b204c9697a5ac23ca129e0843feb20df83adec7f8382300d9795276d91a19

Download Submit
/data/data/info.ofad17e.kc797bd/files/gaClientId

Filesize
36B

MD5
1e1ebc031b7b77e47a002635b3dacfea

SHA1
dba2eaa8d860d8827397921cd3c34e88da65edec

SHA256
7f73a38f4abf613a1426924b03627f8ab7fb265770abe20a5d0e78c1826e191b

SHA512
612118b077e0fb04b46920d37485272b7eb1d2d948c9831a3c81e38d0d31c6b068adeb808af39112d5383f3609a8bcad38983d0c44cc5ef566161568e98109df

Download Submit
/data/user/0/info.ofad17e.kc797bd/app_lnlnq/classes.jar

Filesize
168KB

MD5
bdd932e2f65dae416ef9ed731eaad0ea

SHA1
42000f49258d850d4ac457590ee7e57acaf4e69e

SHA256
228c91ff5ebfed3bf2953d8e3df71cb0acfb48706acd71ca1fe33556b977068a

SHA512
b0e15fca0ce46edf5714ff1c4127c0bdf02eb8d8cf53784fcc09323279d3beec2bf89743db410ea112264f0a47d012a14d0fe4340523dd05c471f91647a27d48

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads