b17fec8f357130122913624fa16dcb12442bdf3851a02b2aefe5593167636b2b

Analysis

max time kernel
7s
max time network
140s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
17/05/2024, 05:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4e8d2d68ea46ffdc1c21c3af0699be9e_JaffaCakes118.apk
Size

26.1MB
MD5

4e8d2d68ea46ffdc1c21c3af0699be9e
SHA1

3410b56eb08db1db175e0abecf5074dfcd48eaa8
SHA256

b17fec8f357130122913624fa16dcb12442bdf3851a02b2aefe5593167636b2b
SHA512

9af6a2294245947f6a6d31b073ed655e5b1b946e7ecd24f929cc6856bdc44b5e66dc95689b9cebb82c7287c20c8d36ec1465d41ab0ce49c55ed3d37f69611d7b
SSDEEP

786432:P5Q6kax8MJveravd1sjpk7SF/ClJL7ud7XlBYvv5nL91b:PKxOvaavEjpkWF/kL6lXlBYvv5nL9F

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.heuer.helidroid_full/files/stares/updates/sta.jar	4483	com.heuer.helidroid_full

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.heuer.helidroid_full
1⤵
- Loads dropped Dex/Jar
PID:4483

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.heuer.helidroid_full/files/stares/updates/sta.jar

Filesize
1.8MB

MD5
2c7e5cf6ce19853349cf4855aa6f6c2e

SHA1
79ae3d41e9db5e2c18678a24019938158cf41447

SHA256
9343c0370eed443445df91033156e60ba5416de9f8a63e5d555b67b8a76e6191

SHA512
5451363363dd55b9ea79186d3ada8de2658b72df194a3db3a087ab4abf8218723ffb5de92f3e785ab7fea510e8a7cbdadf33db842fb22c52a33551dcb748121e

Download Submit
/data/user/0/com.heuer.helidroid_full/files/stares/updates/sta.jar

Filesize
2.3MB

MD5
c6c63be3b89eb603f4627853e1607e4b

SHA1
766971709d8dd316dabbf8e11acb03744ec66ae2

SHA256
74e9a4a0a3187ca1c65673322a56914e4c9c256b7a67445fab5517cce176e366

SHA512
c5985e1763466d2ed918a43e38cd60198ba8ae7789343a135815e010be9bf04f77a7a904238b41b394690a65b077cfc8da388af38b80d23267dfbed452f60baa

Download Submit
/storage/emulated/0/data/.systemid

Filesize
36B

MD5
1aa7be67755a33f1e6822fd71bbe7fe7

SHA1
992d17f575a3179bf921f78b044fd6712a97589f

SHA256
45717c6b3be2d6f669da9dba4ea2c58c30d203e986d429d131e755bb3a2a4433

SHA512
50b1fcbadbcf416efc8d732e7be6f61c2ea0991d0a9c6f52a531a4dd6a46252f77c4ae6eff3c6b67e105c0ba8a2093abcbc321f86023e2328b8b20a848d70280

Download Submit