6ae77ad263d418e73d9cfd3f913af20c17f576ddecdad51ca0cd83bcd20c193b

Analysis

max time kernel
64s
max time network
131s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
13/05/2024, 16:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

40518cd52f021c0f4e12bd54d848d473_JaffaCakes118.apk
Size

30.8MB
MD5

40518cd52f021c0f4e12bd54d848d473
SHA1

99baa305a6f5de98750574b41c79ed9b9dceeab7
SHA256

6ae77ad263d418e73d9cfd3f913af20c17f576ddecdad51ca0cd83bcd20c193b
SHA512

e16b958edd9dbc8754491cf0c8b7ba8bdc63fd7baeccfeb4148826fde9c4cafad2519769af0db120b2afe6b4df33907a60ccd3e446922b9dd406c0e96685c250
SSDEEP

786432:3oYQLfEORAkkeqHETmMEgsKcTs/AG9I4LsQAth8D5iOzH5oet0V:RmAkkVEaMEvKck/sQw6lD5oet2

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	cn.vszone.teenagemutant

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	cn.vszone.teenagemutant

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cn.vszone.teenagemutant

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests dangerous framework permissions 6 IoCs

description	ioc
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

cn.vszone.teenagemutant
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:5054

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cn.vszone.teenagemutant/files/mobclick_agent_sealed_cn.vszone.teenagemutant

Filesize
529B

MD5
df14150d876b9f1ac4b606e7d1028f20

SHA1
dcad6aaa778872211eec376c21a34f4d3dc992a6

SHA256
201e2d72c1d2c4b48edec3624149a27af2a5078e518fa2a29daf78d7f60250ab

SHA512
8d7849e56fe9da98b08dd849ccbe2066fd760c78476e4c326d96dc6e66f2dd0fdf8d535e7d2c51c4d21ddcebbe1ee9ea9e0b8b2ac4ca81526de9fc29363fa4da

Download Submit
/data/data/cn.vszone.teenagemutant/files/umeng_it.cache

Filesize
148B

MD5
735f11ce6c5349b9b95ce53d7819058a

SHA1
cccbcf6200375fe0bbaa8a10fea3a646e001fbeb

SHA256
9f2dc091c000a7d7030e44abb019c3b3f40f5c56a440e0332eb02650d521c9fb

SHA512
c49f0d034c1d18f60dad7eedf28b089b816778d38ccf515a6115a5eac8cfdc68ebdd8f177bbb792d12c3ed1c4848d78248767301807f16cebd9e26d10a4ca17e

Download Submit
/storage/emulated/0/KOGameBox/GBA/roms/KoTvGameBox.apk

Filesize
26.7MB

MD5
1230170068cf9378065c5ae68c18cdbd

SHA1
5bb423f8856be49f36f444dcc7ecbb43a10a259b

SHA256
0cd6a9de6fa5c0c07c34bce7f6d70d3e07c952dfe739c00841c71dc16b3f4367

SHA512
cc2df4d5a8d32574f614673302f1f2954819bf5de8efe7b8731627488a55740ef06fd4e133471b196776f62321d29e1d4041f0f015f83914ac845ae7d0aa14fb

Download Submit
/storage/emulated/0/KOGameBox/GBA/roms/TeenageMutant.gba.temp

Filesize
8.0MB

MD5
46416a84a4c7ab82acd5b1dc3ca52bed

SHA1
b3fdaffd7ad3fe810fe3bbe983bd28f4b85e1b0a

SHA256
a85bafbfc00df7169e9146a2075838bf3c5243107dbad5aadb2144277e5efee1

SHA512
8a35c47189c0edae9c6d44f76c889ed33be958c5a5a5fe0f53f53e200b838eecc0b2a74251437a87d3c74b049c7fa3b83e21c9996e29ced0101e968caf192053

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads