a642cf240ab20683172ddcc1902be618934191329aa8871579cf96b49c6c3b36 | Triage

Analysis

max time kernel
7s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
12-05-2024 19:41

Sharing

Report Analysis Logs

General

Target

3bc2ec87a2ed27ee88809b7f05a7b68b_JaffaCakes118.apk
Size

13.9MB
MD5

3bc2ec87a2ed27ee88809b7f05a7b68b
SHA1

0686ccd0b2a261388694d6ab4e852c6ce72fc9f5
SHA256

a642cf240ab20683172ddcc1902be618934191329aa8871579cf96b49c6c3b36
SHA512

4419ed1fa20ebfac3c42ba024fcd61265f9e85da9752b6e962e28e8655116eee93d2b940075a4e875c85a1c5b9decbd539ee1a87eff7050416573a5ec365da82
SSDEEP

393216:D63UOPFoEoK7G0da+MESxtH6YZiPiUL+87E9q/J:dT27G0o+vAz1gh

Score

7^/10

impact persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Broadcast Receivers

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.suibianwan.sbwgzzjmj

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.suibianwan.sbwgzzjmj

com.suibianwan.sbwgzzjmj
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4461

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.suibianwan.sbwgzzjmj/databases/ehooab

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.suibianwan.sbwgzzjmj/databases/ehooab-journal

Filesize
512B

MD5
8bc58c0888c622757e108858cf88fec1

SHA1
fbbc37e4fbe5211b4d97b47254f20fc7fb31d227

SHA256
f615ac32dec0b564d827e1566b9d16b765431246834ceeef4d2230a5515f40b7

SHA512
7afa594a226116a8c8a24965b425d6e925f731be594610ca06f1815bd0affebfeddca9aeedb9030d85dba772f8138b98e7320a293287675f3612180c0d354137

Download Submit
/data/data/com.suibianwan.sbwgzzjmj/databases/ehooab-wal

Filesize
32KB

MD5
dbe0e93e5ad0b49fa0404ecf333606bd

SHA1
f81c601b1ce09882c1f088688c38e1882bb1ad8a

SHA256
a70e9df074fda7f9553533f3da3035cb9789cac3218351e4492c264195fadecf

SHA512
c752d18eb6c69b78e3d53808403b52ef4e30affe605dca9ed8d3a39b692a0c10e68f52e5ba82cb8bb8fa293af422e4d95147ee01f5764080f055663b9c89654d

Download Submit
/data/data/com.suibianwan.sbwgzzjmj/databases/ehoocmt-journal

Filesize
512B

MD5
e4bb3cc85b30ef7a4a8999cbdefbd946

SHA1
23347c6bb38345aca7b2d5eca6c608443fee10c1

SHA256
995c0db110da4939ef25751b651f7bfd425fad5e768c74e346ca965f8b8c8f46

SHA512
59996bf1e8e98da74bd80f1cda82fe039fd65cc2ae566a67b04454eee04c43b596925e19ecbdbb4f574143edd964191f4bcbf36fd93477e309c9c5f5189e4448

Download Submit
/data/data/com.suibianwan.sbwgzzjmj/databases/ehoocmt-wal

Filesize
32KB

MD5
e6cfc786368bbbc1fa83f401ad95f980

SHA1
8f98f84f232788674d1c0f31cf556e2154dbe778

SHA256
18760fbc8e3388a3a69fe562c9270b7909572dcfa28dc1271d01df777a4fb7fb

SHA512
a53ccd790c8961bc7a935a062deaa56049bc89b1aa86f77faf78571a8be6e72efb12834c7410f1d58bcdb59ed24de909836f0d80a2df3e27aa1b2c36a8782ad3

Download Submit
/data/data/com.suibianwan.sbwgzzjmj/databases/ehooep

Filesize
20KB

MD5
74a25acefe3c79e982c0149f99975da8

SHA1
344d2c7b9ad4ca2d9aade5f48b44555d4956031e

SHA256
00296fce3d766cf9ca84cac7b44e57128f07f1a517d50a8d449ba570728208de

SHA512
5db10c50f3917f0b315efd7764d913d5dca14aba8bfcfb419d5f14e56847b59572345cd58fc06da7508cf216c7c35ce66d04358b51b2a483514291d0e7d4dee2

Download Submit
/data/data/com.suibianwan.sbwgzzjmj/databases/ehooep-journal

Filesize
512B

MD5
e59750039d3018ee6b93c213f482db3d

SHA1
b8985882a8872724c2d1087747f4370eccf06e08

SHA256
2dfce6d504246f562431e07a42c207fa17063848928fdf9e33e59a9944514dc4

SHA512
a519ba2b0f6221602ce9e987af212831881dc045ba67266ccbf6aa3a0d5726319b75a7613bab6a935054134ab2043280c53eb8762d5cb059e068f63c69de8930

Download Submit
/data/data/com.suibianwan.sbwgzzjmj/databases/ehooep-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.suibianwan.sbwgzzjmj/databases/ehooep-wal

Filesize
32KB

MD5
7ac5d51b6f6b9a01991811e7d4968eef

SHA1
2d8928cfc2377ac007d422e64998d0fc85ec66dc

SHA256
7ad15f1e5add205d051413e0056fce7d2953dce20fc4e0640b46024c77934761

SHA512
54a067674f5f5825d322ee3e73e5269065ada152937136c9b2c6dfaf58867243b859c7870c85c310ecf2cf2957b3c75474759f9aeaa759119d12d303a9821e5a

Download Submit