Overview

overview

8

Static

static

6

4e8d2d68ea...18.apk

android-9-x86

7

4e8d2d68ea...18.apk

android-10-x64

7

4e8d2d68ea...18.apk

android-11-x64

7

bdxadsdk.apk

android-9-x86

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

muzhiwanapp.apk

android-9-x86

8

muzhiwanapp.apk

android-10-x64

7

mzw_d.apk

android-9-x86

mzw_g.apk

android-9-x86

mzw_g.apk

android-10-x64

mzw_g.apk

android-11-x64

stasdk_core.apk

android-9-x86

stasdk_core.apk

android-10-x64

bdxadsdk.apk

android-9-x86

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Analysis

  • max time kernel
    12s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    17/05/2024, 05:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4e8d2d68ea46ffdc1c21c3af0699be9e_JaffaCakes118.apk

  • Size

    26.1MB

  • MD5

    4e8d2d68ea46ffdc1c21c3af0699be9e

  • SHA1

    3410b56eb08db1db175e0abecf5074dfcd48eaa8

  • SHA256

    b17fec8f357130122913624fa16dcb12442bdf3851a02b2aefe5593167636b2b

  • SHA512

    9af6a2294245947f6a6d31b073ed655e5b1b946e7ecd24f929cc6856bdc44b5e66dc95689b9cebb82c7287c20c8d36ec1465d41ab0ce49c55ed3d37f69611d7b

  • SSDEEP

    786432:P5Q6kax8MJveravd1sjpk7SF/ClJL7ud7XlBYvv5nL91b:PKxOvaavEjpkWF/kL6lXlBYvv5nL9F

Score
7/10
discoveryevasion

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
    discovery

Processes

  • com.heuer.helidroid_full
    1⤵
    • Loads dropped Dex/Jar
    PID:4238
    • getprop ro.board.platform
      2⤵
        PID:4356
      • getprop ro.mediatek.platform
        2⤵
          PID:4393
        • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.heuer.helidroid_full/files/stares/updates/sta.jar --output-vdex-fd=55 --oat-fd=56 --oat-location=/data/user/0/com.heuer.helidroid_full/files/stares/updates/oat/x86/sta.odex --compiler-filter=quicken --class-loader-context=&
          2⤵
          • Loads dropped Dex/Jar
          PID:4464

      Network

      MITRE ATT&CK Mobile v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.heuer.helidroid_full/app_plugin_lib/libabcdefgh.so
        Filesize

        61KB

        MD5

        042246eb7c48a8cda97de99465e6a177

        SHA1

        f71816c4a80fbb7b63bfd6425d98db513aecb00a

        SHA256

        9a712cb778e9d43f8f4ea9fa2b9f4b8cc29daf74984d04f0c938dff21c118342

        SHA512

        2d201619998113c5d2990c92c28c973d557872bc4bbde153b5fca39bfe0b799ef0e9bf8c29d1304847f8e6691d55649d04c6a82fe8f03e621c9e8da50c50faa8

        Download Submit

      • /data/data/com.heuer.helidroid_full/files/stares/updates/sta.jar
        Filesize

        1.8MB

        MD5

        2c7e5cf6ce19853349cf4855aa6f6c2e

        SHA1

        79ae3d41e9db5e2c18678a24019938158cf41447

        SHA256

        9343c0370eed443445df91033156e60ba5416de9f8a63e5d555b67b8a76e6191

        SHA512

        5451363363dd55b9ea79186d3ada8de2658b72df194a3db3a087ab4abf8218723ffb5de92f3e785ab7fea510e8a7cbdadf33db842fb22c52a33551dcb748121e

        Download Submit

      • /data/user/0/com.heuer.helidroid_full/files/stares/updates/sta.jar
        Filesize

        2.3MB

        MD5

        de19b29cd2a552399bbbb10f50bbbbe7

        SHA1

        66d15c9f1d457984e5d49f8e434afa1e73c28f89

        SHA256

        b1a31a1c9a3388ff2af90e988dad275add0d810fbfb4d9ee81977a031947c610

        SHA512

        4b4958abf816062bbfc406637096217347b3cf2108547e96127d9391adddca9f7d0083246a35d5116949f3ede99f686004befbbe1c90b766546e66b9fa9c80e3

        Download Submit

      • /data/user/0/com.heuer.helidroid_full/files/stares/updates/sta.jar
        Filesize

        2.3MB

        MD5

        c6c63be3b89eb603f4627853e1607e4b

        SHA1

        766971709d8dd316dabbf8e11acb03744ec66ae2

        SHA256

        74e9a4a0a3187ca1c65673322a56914e4c9c256b7a67445fab5517cce176e366

        SHA512

        c5985e1763466d2ed918a43e38cd60198ba8ae7789343a135815e010be9bf04f77a7a904238b41b394690a65b077cfc8da388af38b80d23267dfbed452f60baa

        Download Submit

      • /storage/emulated/0/data/.systemid
        Filesize

        36B

        MD5

        929b88cf5b5a087f84c25c819146f5c7

        SHA1

        b58f0dfa72a3fff3bec14f77a42250d5e5b96ea5

        SHA256

        0a3334122d17e29720bebeef85ca704cc4554bfd092a12e22afd8315f40abaa8

        SHA512

        150c32febed2652ba628475d725eb562acba5ec5e7c7b631e96bff3c80bed41edfd41f212d4124b659ce1274cdd2b9a3d103faffec80ca9cf3ed312ec8e1d8cd

        Download Submit