34a48742babda8a6c97235bb8d9517eba922c6007a1ac490e208d79e489985bb

Analysis

max time kernel
25s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
15/05/2024, 08:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

454d5c301bd5415dea0abfde5afcfbbb_JaffaCakes118.apk
Size

4.0MB
MD5

454d5c301bd5415dea0abfde5afcfbbb
SHA1

0a50a5cb677eb70308f381f4bcaae041df436f1c
SHA256

34a48742babda8a6c97235bb8d9517eba922c6007a1ac490e208d79e489985bb
SHA512

0e4064f30d2982f908d70152c9d35667457a021970002ff20212337a05591cf03cb2826b196303e5f1224460fe8dc66302540e7f84a29f15d1510052537518b6
SSDEEP

98304:rB0bSNfvb7pTdRgYhAVGDIVRYSz6hP6XBh6IG9:rmG9vb7pZcM83YSz66hm

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.jacey.camera.detector

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.jacey.camera.detector

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.jacey.camera.detector

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.jacey.camera.detector

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.jacey.camera.detector

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jacey.camera.detector

Checks the presence of a debugger
evasion

com.jacey.camera.detector
1⤵
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4252

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jacey.camera.detector/cache/image_manager_disk_cache/27512599d4ab565c93f53dd72aa22cb61f24cdaa61e02ea83477757dfe23c1b6.0.tmp

Filesize
202KB

MD5
4e1758b1463b4e5447ec7da8edc93680

SHA1
0ec3e948910757694a98b0a59979423fa7a9a887

SHA256
e52ca4d68aed9ebfc0d214eacb3c8bd3c35b05d2393ce6d545384df5c963a2a8

SHA512
4ebe4ce6f011883cf91d4f199553919676a13d2cfe8c303d117be7670c984a64626312e9cce28accb87b9276a3f06dcd02a7ff8b9591a8eeab8e1e5e7f9fc50f

Download Submit
/data/data/com.jacey.camera.detector/cache/image_manager_disk_cache/journal

Filesize
180B

MD5
bdc4a101323a7f1d126a54fd6c669735

SHA1
72c7e4f0688f09f785bf827cc64af9fcb400ac2c

SHA256
5ac73f9d65118540128950339e64213004970950d13384039e4086f7fa3f91d8

SHA512
a4aeb500e6e6023c5f775ea64b5f479a8b55ae489d251007354069ffd4cdb2fadbddb92d7aeaed851bbe10f6cd9ae80d2673851c1a14d37e452f635c96379df3

Download Submit
/data/data/com.jacey.camera.detector/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66447128020F-0001-109C-28F43D5DC220BeginSession.cls_temp

Filesize
77B

MD5
ba98583558e44176c9fdc67348bd0760

SHA1
1900bfd08409e440d6adce4977d1bb6be3a74f1c

SHA256
71af1d6e68407d33f187797c04cb25dc13a79417c87bd2b7823278f0004bf1a0

SHA512
a5aa7f50db2cb38dba52e5a8dd8e6b3af560d3cfbf6b3b93c1a1d4eae2f5d7b63e593d09badaecda79674e5227f3f1c46a725d91ad98a141fc54f70bc9bc34c5

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66447128020F-0001-109C-28F43D5DC220BeginSession.json

Filesize
132B

MD5
da98cbde7d35ab2b365534421e4b36e2

SHA1
66ccf192886c42c6fae3e636ecb4e7fa7759975e

SHA256
1648a0ccfe6672149e1f28e162155ce63c5a0d2820bcedf1405bb2363a0ec371

SHA512
43920c942f8fd869dabba74c3d1effb78cc78ffc1af95f8b945a784e222c17795474d3fc2cd68fa25581f6a61a8348a83762e84f959215377097aa1a6a5c5d70

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66447128020F-0001-109C-28F43D5DC220SessionApp.cls_temp

Filesize
119B

MD5
1ba1792706541d1aee5c33895e0a11ed

SHA1
46932cd2fbad3f182fcf26459b439ccf196a872b

SHA256
7b2138dfeadfc8778ac4fa347f07d2174e9c2c523eea7e556d5af56d45e7a3f9

SHA512
c791145718131e07f1221ee45d8c344b2cb37dcfcf2bebd6b06c531c1038cadcd940d0a8ba50584214ad9e49a05dc5e71b113cceefaec50fcb52c841ebb168d3

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66447128020F-0001-109C-28F43D5DC220SessionApp.json

Filesize
233B

MD5
b68a75c40f68fc6827403e8dca39eb7d

SHA1
c109228a3d845a62f089b101f95497d6ab8a7595

SHA256
af2bf70e1ca152b35286286c0232f08e401513e3fe65ea136ebaed98dce64ad8

SHA512
f839610b3529281e518823f4fb4f168cd8ba8239a27f22c18b2b1d8e983911f5f9588bfe78b6b777f28813cc649bc19629e98b8faac6d87452ea2c2eddd0313f

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66447128020F-0001-109C-28F43D5DC220SessionDevice.cls_temp

Filesize
48B

MD5
cf9cb0612d588a1f71b63084cea67316

SHA1
3d035bb92fd3f8997160cf8025c40239af74d3ca

SHA256
0d37c5a64baf86735501f9044eeb926b3d46548cdcf67c2cd1f773df36624ac9

SHA512
70f000233e181e3b7c6fcf07aa04fdb570f970335837f8d1c4680a9f78af9f9e17c73a0a5646770f7a8787e338899edc4a5197b023865a4da894b1aca12bf600

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66447128020F-0001-109C-28F43D5DC220SessionDevice.json

Filesize
202B

MD5
75db92d50c80a89e068550028c62acec

SHA1
d78ea55f5dc682e4da456d26383249f608fe894f

SHA256
1dfc488309883b61beb3462567a9befeaf36bb475a07a7ecef2be60bedb4b5a2

SHA512
dbb81daa5fab357f087dc295e7861444f945eb4c3883a09926b47312ce526bc069266a8a24b2a5b4921fb13e797696c5824195f0a79317e279ccf7855ca2ee13

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66447128020F-0001-109C-28F43D5DC220SessionOS.cls_temp

Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66447128020F-0001-109C-28F43D5DC220SessionOS.json

Filesize
54B

MD5
93023624eb8dff5c20050da136aaae0a

SHA1
acfd1ffed752c28fb135ba83c0c6345ddf2f6995

SHA256
968bcd7c4f1abed89a09cc0e6dadd238a81e8655e64196b39a86be49ceecd39c

SHA512
bb25dfa144d3f0e17203936c503c5fedec5f9ca710e177f99e273010ba4a682199d4bda5684151d65f3cb1549f4611b3a645ce39646d3db9a1b2c17d6b160579

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
3KB

MD5
81655a337222881816c1fc8333f9da18

SHA1
4c726c77aae473545216da65ecf3433f9a9d6849

SHA256
dcc56aae7324882bbb43696fa29f74c2424346d4dd0f217e369a3df0e6a0fd71

SHA512
6f619812ea37193828bf2123ab5864d5f0a5f20eb14e895fe89bdf27c8f708338a93812e583160e6d18b2434d5b9c2a251202355c891f8e75ac58a57059caa1c

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
436B

MD5
7947d598fa00da854323347a865bc914

SHA1
1cb9ec31564751546b038fab809db0a52c546cff

SHA256
0cc021f77f620d50efbf3fd872c3fdaf91aaa9e2e92367a60932eee939861e81

SHA512
a4e6c465d6749f4cdf7e263340a8c391286715ae0eb9f8b33d0d33ec9e15e692ce43018e42bc4a9c7051c1b3c7b71e4548abf9c1e3902668fad8afa2f262aba9

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.jacey.camera.detector/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_867536d8-5d33-4899-91c0-80cb5c9e0902_1715761449027.tap

Filesize
352B

MD5
be957a544f968b4f4e8a8cd2c488599b

SHA1
ad01ded800bc0833f7a4de51f67bede77b498f2b

SHA256
19692ce27e01a43a4d8f9fcc6299a8b0232f55f6c96d69902eda0ea9e28ed093

SHA512
5b85a1eed82c04e6e718c062acb503ca7d69693a97f39e4897f1513b4b8b31044bd63dceed56cc0fa9bcef692fed0310c5e3bd8c5d49850739c96c94379b17a6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads