9cf542903232785e6719f05d0773b0b5a494edea45a335336a82691ce6027cbb

Analysis

max time kernel
128s
max time network
153s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
10/05/2024, 00:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2c75049f9e6a498b23efe9c793c3d43d_JaffaCakes118.apk
Size

18.0MB
MD5

2c75049f9e6a498b23efe9c793c3d43d
SHA1

d7d38e7bfa5ec54c739487020dd622995d3bf749
SHA256

9cf542903232785e6719f05d0773b0b5a494edea45a335336a82691ce6027cbb
SHA512

0702a4fdbd6b75ed58eba1f38e2ae040c1c5779e3339d2d6f275153d9a4744432e190af7f82057dd30e280a59c00333fa5015c904c437e5bd18cd8e5ca556c05
SSDEEP

393216:oUxn8XQ5LcpAHOu0dqtoclRm5QfIG3rDBbywfA0E+IZ:oUJRLcpAZ0weclNnJyOvE++

Score

7^/10

discovery

Malware Config

Signatures

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.mobigrow.canyouescape4:ngds

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mobigrow.canyouescape4:ngds
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mobigrow.canyouescape4

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mobigrow.canyouescape4:ngds

com.mobigrow.canyouescape4
1⤵
- Acquires the wake lock
PID:5065

com.mobigrow.canyouescape4:ngds
1⤵
- Queries information about the current Wi-Fi connection
- Acquires the wake lock
- Checks if the internet connection is available
PID:5130

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/.ngdslog/com.mobigrow.canyouescape4/pushv2_part_one.log

Filesize
1KB

MD5
0f637b29ed72269f9f4c78872d3f7219

SHA1
17765b35cd0984e812bda76f39acbbb4102e3bf7

SHA256
5bc85f799f81d98cca9a680df92fd365554ffd0f9eeb3922eca0390cfa75a3b0

SHA512
b5bd6899d6bc86e6d5dfaafedfeb2d173edf3649050f9542054442f73898e5c907f036b38cfe84c9db43f8b427d196e7e41509b54bc3ec53a13c4d5e301deb01

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads