9db73fbfd159dbb6079c686525c13fe4f0170cc03fd6ccfdc16c1ba629e85831

Analysis

max time kernel
33s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
11-05-2024 02:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3255f86d597b1bb2ecf4664c6c03db04_JaffaCakes118.apk
Size

4.4MB
MD5

3255f86d597b1bb2ecf4664c6c03db04
SHA1

e01f374c7be2e2421b94923bd78f14e6d83c5f62
SHA256

9db73fbfd159dbb6079c686525c13fe4f0170cc03fd6ccfdc16c1ba629e85831
SHA512

c5ed735a1bd8aa11f0a7e6baf868ba69fa470381fc96a3145de9b18168dfc0ae70df6b35bf5abd660ba88613b4172924cc603867f2cfbeffcd25fab41ae4f456
SSDEEP

98304:VXF7rWKYbgC4Y7ur1mtYXIPa/fjsllHlT8zQX/A6/kC0hz3RObFX:NQKYbgVYiAtYX5/ri+I/A6c7ROF

Score

8^/10

banker discovery evasion persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.d252905310.xrt

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.d252905310.xrt

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.d252905310.xrt

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.d252905310.xrt

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.d252905310.xrt

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.d252905310.xrt

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.d252905310.xrt
1⤵
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4219