15d22edfc88648c578c9c64c310cbd08bced650df872f06cf8abc5f5c4cc1796

Analysis

max time kernel
127s
max time network
152s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
11/05/2024, 23:54

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

3734f828b836c87583c82e5105726d36_JaffaCakes118.apk
Size

17.8MB
MD5

3734f828b836c87583c82e5105726d36
SHA1

5f4162d16872f2b45197ff46bb3aa5f316d2d557
SHA256

15d22edfc88648c578c9c64c310cbd08bced650df872f06cf8abc5f5c4cc1796
SHA512

4cc4b30d968ee4974e23ffbf34fddaf624b0e718586de0d5b3a77960927cb61df689634dd9adc449f3fb02c86d2f800a3edf4bbc34b5c9947a0257bdec3c68cf
SSDEEP

393216:r97OPPb3GpixA9AuaA/dZk3dN0fdhnUelvqDh2d9FhJp2pKpxJRip:JoipwA9A+lZkevUSvqDhiHHBnop

Score

7^/10

discovery

Malware Config

Signatures

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.dm.timber:ngds

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.dm.timber:ngds
Framework service call	android.os.IPowerManager.acquireWakeLock	com.dm.timber

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.dm.timber:ngds

com.dm.timber
1⤵
- Acquires the wake lock
PID:5060

com.dm.timber:ngds
1⤵
- Queries information about the current Wi-Fi connection
- Acquires the wake lock
- Checks if the internet connection is available
PID:5101

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/.ngdslog/com.dm.timber/pushv2_part_one.log

Filesize
1KB

MD5
9b3e222793663dface34a75ebe62c389

SHA1
9769accc8dd747050dd0bfe91ebec5ed1d414132

SHA256
96bb1f94976d82374e2e3d1f5798ce56141e2dcb574ffbb505747da6cf64d657

SHA512
31972bafb9c10c0771d476ab5c6fffcb2b4c1d68b5567faa4975dc6f4a2eac95f7ce2738c1bb447ccfc390ceb8ff745b5408a7e6883a3c0695c8ad7947044ea1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads