Overview

overview

10

Static

static

10

3d812f2347...18.apk

android-9-x86

10

Analysis

  • max time kernel
    5s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240506-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
  • submitted
    14/05/2024, 02:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3d812f2347769dfd107848153c7a1377_JaffaCakes118.apk

  • Size

    5.6MB

  • MD5

    3d812f2347769dfd107848153c7a1377

  • SHA1

    6c76c0d5a7db5d3dfaa9eb05f364b31d47610e63

  • SHA256

    f5c5fee10ceee52030e0216f68b83e46970b0f0071f1067cca48dfe2960dcec4

  • SHA512

    f6e3103fe1162f709bd2186c1f38fdd6c9a2a1fcf1234e8fba6979407a2fe1c1cd0c21eb9b3b4c0fc42ef3db6316086c1014c5a4d37447d44cb09db8dc62d6e1

  • SSDEEP

    98304:sMspe9iF8Gghf6Y1YW7jnnVBhDokAZgAFCN63RQWeW7QzlNmNha1zXB13eUd2SMc:Cii+LpnnVbwZDcNQRQ7Wcz3wCEgiDA

Score
10/10
badmirrorbankercollectiondiscoveryevasionimpactinfostealerpersistencerattrojan

Malware Config

Signatures

Processes

  • com.klt.game.yjcq.dw
    1⤵
    • Requests cell location
    • Checks CPU information
    • Checks memory information
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Reads the content of SMS inbox messages.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4268
    • sh
      2⤵
        PID:4379
    • dd if=/data/data/com.klt.game.yjcq.dw/lib/libhelper.so of=/data/data/com.klt.game.yjcq.dw/helper
      1⤵
        PID:4414

      Network

      MITRE ATT&CK Mobile v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.klt.game.yjcq.dw/databases/qy_db_pay
        Filesize

        17KB

        MD5

        ff77b5d69b34041a8e08a6aba4eb1767

        SHA1

        1f78eca6afe441a5c059b58c98d7bafb3450177e

        SHA256

        78607f7e8ec75e26163536369b8a14de47aa35609616dfd520229e056d596f77

        SHA512

        09ed69804f14f75356ea2d4e57b7553f7df7cca1b182f9783da585ccb7209f7c0f8c35623a6fb0760779d32bd70301a7cf94d97b6274b58a35eb175ed5fec84c

        Download Submit

      • /data/data/com.klt.game.yjcq.dw/databases/qy_db_pay-journal
        Filesize

        512B

        MD5

        a2b40b182172ad2b1d16efa74b4e429e

        SHA1

        0ee5c1ca22a4b85ba6713f9f8f2d49c629e6ec5a

        SHA256

        71f5715dbfd805ee0fd21963f6740da9108e89382b528960610360c0fddf53bb

        SHA512

        d1f47a599665e51527da3ccf43cceac169658bb30ae98fe7d5be0019c5a17fd79e798000b93ff609dfdc44e9f32eaa69400c3e16f32d900780a90b06d2490b4e

        Download Submit

      • /data/data/com.klt.game.yjcq.dw/databases/qy_db_pay-shm
        Filesize

        28KB

        MD5

        cf845a781c107ec1346e849c9dd1b7e8

        SHA1

        b44ccc7f7d519352422e59ee8b0bdbac881768a7

        SHA256

        18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

        SHA512

        4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

        Download Submit

      • /data/data/com.klt.game.yjcq.dw/databases/qy_db_pay-wal
        Filesize

        48KB

        MD5

        d0b20ec5370038688b8f677faf3876c9

        SHA1

        b0714de91160b1e187b95e75252bb236704f3614

        SHA256

        f573942311513bb0a4cf5d6171aa2f6bbf7903156372873c0c6677f397151426

        SHA512

        b7d095c9d86a532c8b364257a8bc6dcfecd077de8b65a83594bfb16ceb86649e4d7622df3e9851b77549c2c94ef401dd5aa9b7b5dd3dc559c9752c78044b6d8e

        Download Submit