Overview

overview

7

Static

static

6

4454911d52...18.apk

android-9-x86

7

Analysis

  • max time kernel
    3s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    15/05/2024, 03:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4454911d52d3f65271fcd35b28b755df_JaffaCakes118.apk

  • Size

    4.2MB

  • MD5

    4454911d52d3f65271fcd35b28b755df

  • SHA1

    5cacec44dc10d52b2d63fc0e265a4b6b11a7fee0

  • SHA256

    5ee069d0ea343cdba308eb61027896236448a67d404105d817648b03a9143973

  • SHA512

    baf669580aedcc8d6d13c748195422f32075db5e38dfb035543c38953e7ad5976ab95d61829cb5b7b35e7f836fe25af90b08667f86e8024f3560af80a4dd9b4a

  • SSDEEP

    98304:sIitnewfMQUa+61igrUkEXPEGQjRwPeIdCgKgU:KhkFbsigrDqxKP

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion

Processes

  • com.yiwyxb.mh559088
    1⤵
    • Checks CPU information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4271

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Android/data/com.yiwyxb.mh559088/files/tbslog/tbslog.txt
    Filesize

    2KB

    MD5

    bd1d91e23de5248e7be4dad576e7ba22

    SHA1

    ab7c5bb192ae86ad49cb74c2ad2db741ae961192

    SHA256

    a5e6c9b98a98c84943ee00c7badde75971a15415b11fd87435acd129b9d44410

    SHA512

    f3d4b4a18f31750308801fe1bacca56ae173dd4695265b41e737777812b4b0c8c5137386aa9b55260404c5408eff32ed836147aa4bb5f3d2c043769b2b9875ea

    Download Submit