c0c92111b26ebfec6c1c8dd2588300078dc8501337c95fcd905b89c8869ea7f0

Analysis

max time kernel
150s
max time network
148s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
08/05/2024, 16:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

25b9955776d8180169ebbabfc2ecb0ed_JaffaCakes118.apk
Size

1.6MB
MD5

25b9955776d8180169ebbabfc2ecb0ed
SHA1

6c9fa14c901f27559fab4e79bc905202cf0f8649
SHA256

c0c92111b26ebfec6c1c8dd2588300078dc8501337c95fcd905b89c8869ea7f0
SHA512

bff4110926758f899589084455d7ddaa3dabe9b9260edb7547e5b68c7ac062a2f4c1f687731fa412f121156ba907025551cf2503aecf91e4b7b781de29197d85
SSDEEP

49152:nmdG+No/0cRYQdiBr0raVfv1xPsvuKNYF:n4G+q/0cRxiFc4Fi2K4

Score

7^/10

discovery persistence

Malware Config

Signatures

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.lextel.ALovePhone

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.lextel.ALovePhone

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.lextel.ALovePhone

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.lextel.ALovePhone

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.lextel.ALovePhone
1⤵
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5099

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lextel.ALovePhone/files/__local_stat_cache.json

Filesize
25B

MD5
2d805b13f2f28dc3ca9bbcc000f49bb5

SHA1
9eac165b4d81258fd3967cde5cc53b53b1dabcb1

SHA256
c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

SHA512
5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads