b17fec8f357130122913624fa16dcb12442bdf3851a02b2aefe5593167636b2b

Analysis

max time kernel
8s
max time network
148s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
17/05/2024, 05:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4e8d2d68ea46ffdc1c21c3af0699be9e_JaffaCakes118.apk
Size

26.1MB
MD5

4e8d2d68ea46ffdc1c21c3af0699be9e
SHA1

3410b56eb08db1db175e0abecf5074dfcd48eaa8
SHA256

b17fec8f357130122913624fa16dcb12442bdf3851a02b2aefe5593167636b2b
SHA512

9af6a2294245947f6a6d31b073ed655e5b1b946e7ecd24f929cc6856bdc44b5e66dc95689b9cebb82c7287c20c8d36ec1465d41ab0ce49c55ed3d37f69611d7b
SSDEEP

786432:P5Q6kax8MJveravd1sjpk7SF/ClJL7ud7XlBYvv5nL91b:PKxOvaavEjpkWF/kL6lXlBYvv5nL9F

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.heuer.helidroid_full/files/stares/updates/sta.jar	5107	com.heuer.helidroid_full

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.heuer.helidroid_full
1⤵
- Loads dropped Dex/Jar
PID:5107

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.heuer.helidroid_full/files/stares/updates/sta.jar

Filesize
1.8MB

MD5
2c7e5cf6ce19853349cf4855aa6f6c2e

SHA1
79ae3d41e9db5e2c18678a24019938158cf41447

SHA256
9343c0370eed443445df91033156e60ba5416de9f8a63e5d555b67b8a76e6191

SHA512
5451363363dd55b9ea79186d3ada8de2658b72df194a3db3a087ab4abf8218723ffb5de92f3e785ab7fea510e8a7cbdadf33db842fb22c52a33551dcb748121e

Download Submit
/data/user/0/com.heuer.helidroid_full/files/stares/updates/sta.jar

Filesize
2.3MB

MD5
c6c63be3b89eb603f4627853e1607e4b

SHA1
766971709d8dd316dabbf8e11acb03744ec66ae2

SHA256
74e9a4a0a3187ca1c65673322a56914e4c9c256b7a67445fab5517cce176e366

SHA512
c5985e1763466d2ed918a43e38cd60198ba8ae7789343a135815e010be9bf04f77a7a904238b41b394690a65b077cfc8da388af38b80d23267dfbed452f60baa

Download Submit
/storage/emulated/0/data/.systemid

Filesize
36B

MD5
0f8b0c7a51a18c6fe0716e619bed8dd4

SHA1
cef4717f06232a144c4073e227c4ddec19bc7e79

SHA256
d970acbcf070d8c88576745ce4f79f4c2d530981c1fbae872304ed9b6d1b2e1f

SHA512
cc664f0ba9c2e563f1093cb9b51487c4c3e5cd53f5d2bdc2400d648c1cce6bc4a2171d6e7e8301957c6009e6338c51b18a5dd71f3d4e4a6188ba29903ed693b4

Download Submit