c8100a06df2796d4549c2b6dc20f46f874a40fdc8582ff19ad428cdcc7d3e4d1

Analysis

max time kernel
64s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240506-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240506-enlocale:en-usos:android-11-x64system
submitted
10-05-2024 06:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2ddd7f3b1c71d8c6b442abebd75e10de_JaffaCakes118.apk
Size

15.7MB
MD5

2ddd7f3b1c71d8c6b442abebd75e10de
SHA1

49bc4c09f7be23abcd7f792de875ff032e53a032
SHA256

c8100a06df2796d4549c2b6dc20f46f874a40fdc8582ff19ad428cdcc7d3e4d1
SHA512

529392f3725b340278957aff4c05950add1a2d32d620ce437ac63232eaa3a0ea1a73c70d924e00593c1f9d9d7339e138caf514774a985a7e5d67b8335db28c35
SSDEEP

393216:sg3o7MVLSJjNbkrkALQugrPE5nbCtP3xlFnBtHR5A:DRtSNNmnLQtAbC1hBtHE

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mi.trader

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.mi.trader

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mi.trader

com.mi.trader
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:4814

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.mi.trader/files/mobclick_agent_sealed_com.mi.trader

Filesize
524B

MD5
8109bb81c547cb3f3353e4b3e3e75e89

SHA1
dbe65c4e6c173e5444fbf2a34b211b00168a2c73

SHA256
f390ba47ef9364c251c8500c1796c3d5ca185cdf2d8f6178e8ed2b4138a2ac81

SHA512
1ea9d323e457be30edb71e1d45b1dab4e74d33391ff748bf1d57a235a40121e43131a9bc69172726ad3286dfa7358455d0c718d01ad249991e63c1c1f97cca65

Download Submit
/data/user/0/com.mi.trader/files/umeng_it.cache

Filesize
148B

MD5
ae1ba1b433f72d5203a0876dd8da430c

SHA1
7b568c7acf7dcf29eeeb27f8eb5d5a993ac484bb

SHA256
1e9854a1a328ddd3ec8f9a2240beb59eb615dc2daf222176c919ce7d5a6248a7

SHA512
06b7f1d7d5bc1a3dfaeb2693cce396e524c3391513a464db3e080ac047fe438811bb978d785dbac81f854179bde619ce3758a52588759f97e85e2ea3cf5f8136

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads