Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

50d8e1a3d9...18.apk

android-9-x86

8

Analysis

  • max time kernel
    178s
  • max time network
    171s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    17/05/2024, 18:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    50d8e1a3d9b8d25f2ed9f48f323499e7_JaffaCakes118.apk

  • Size

    7.4MB

  • MD5

    50d8e1a3d9b8d25f2ed9f48f323499e7

  • SHA1

    b76c781d363c75e5e835a168d80e07dc3505c9c3

  • SHA256

    aa6d870a492de72dd282f3b935fe44407d780f32f77b5479190516e542a54b2a

  • SHA512

    295d1e097d1cf905f630d5937a1c0e649cec0eb0c826b551c486729522d0772dba43639dd6ab8ac0dcc446bd6a0c9c300349e631ac16bda2b39fb1bb51a708c4

  • SSDEEP

    98304:Gm4ir5KgppQZecsExRgzkvsBasjZ/RJMDwnu+4+gmZ/eIg4AVavo4cRZ77HUGrDs:CBso8jZbMDuxabH5riuw9D9YHxqXYvX0

Score
8/10
bankerdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 2 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • com.fruit.pop.mania.saga.free
    1⤵
    • Checks memory information
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4256
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4317
  • com.fruit.pop.mania.saga.free:mcServiceProcess
    1⤵
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4315

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.fruit.pop.mania.saga.free/app_data/eventlog
    Filesize

    227B

    MD5

    3e803f65a0f8958bdf4f960af9f1b8d6

    SHA1

    7e277e5506cf38a759ac4f75ef051bae61a43e9c

    SHA256

    b450bac4874b580ee5c25ba0d25b912ac074a32eac56eb30325d0f1eda285b32

    SHA512

    c14383ff815ed72e29a24eb2b6e40251ed7d2e9f766dd544cb4eafa5f51376be34a19f5c9a5d80a1188a3b4855e8bc5a3c2fa9030e79a75e5d67ddecf86b2a3d

    Download Submit

  • /data/data/com.fruit.pop.mania.saga.free/files/.FlurrySenderIndex.info.Data_KK3DGNWKH3NB54TF224Q_150
    Filesize

    1KB

    MD5

    c3f24261ce0ed0c0aa9d8045927eb80f

    SHA1

    2970066bd208f46c0cdd96ee163ffc2af265b1e5

    SHA256

    1f60ae12f8e8d7d36cc2eb591e00ea22a4f287f9ddf1602b42c18555f1f38d85

    SHA512

    b7756d323a4438e5a3a2c3c7de3c613e56da58a80dfa8b7255d83bce51fbc8d20a40887aad642efbd0a52a96c5718c5964c4b5ae4f5ae58dbc5467e03227c93d

    Download Submit

  • /data/data/com.fruit.pop.mania.saga.free/files/.FlurrySenderIndex.info.Data_KK3DGNWKH3NB54TF224Q_150
    Filesize

    4B

    MD5

    f1d3ff8443297732862df21dc4e57262

    SHA1

    9069ca78e7450a285173431b3e52c5c25299e473

    SHA256

    df3f619804a92fdb4057192dc43dd748ea778adc52bc498ce80524c014b81119

    SHA512

    ec2d57691d9b2d40182ac565032054b7d784ba96b18bcb5be0bb4e70e3fb041eff582c8af66ee50256539f2181d7f9e53627c0189da7e75a4d5ef10ea93b20b3

    Download Submit

  • /data/data/com.fruit.pop.mania.saga.free/files/.flurryagent.-6a34ae27
    Filesize

    1KB

    MD5

    48129a547058322938ec28d6179654a6

    SHA1

    9edbbfc9027dabfb67b815351263fd34fcb07bb0

    SHA256

    2bd03b5e2a92e060d8dbae424444df2e2a244ca14278f34560de33b95aebe126

    SHA512

    94765a62bfa3ef0f000de7fa9b9b3969fcb205669f18b7d3fbb5a7e2633f73ce797dcfb84c93649df40fd3185740e6b0b7a983cc61d605eff3a6e4c093d16aa3

    Download Submit

  • /data/data/com.fruit.pop.mania.saga.free/files/.flurrydatasenderblock.d3823053-1ff4-4ebe-9d18-2d933ac4ae1f
    Filesize

    1KB

    MD5

    282adbeb1abfc0d4eb12c7706db9062d

    SHA1

    226e97aaa993acad93ceef94c038633acff3e323

    SHA256

    c1df8323003f098cbb2b7d021f264220b83d39aef4177299ef8e048954440fab

    SHA512

    a0c707a7d6066af19ed42b21f20a657b7bddb4e72e276f2e5878ad685fc5767481f7088ee6a1822da29be506748bb598bcbdca47922f18dc87937e197c0a0c46

    Download Submit

  • /data/data/com.fruit.pop.mania.saga.free/files/log_stack.dat
    Filesize

    1KB

    MD5

    f9e3d3bf57c724c689b770588f529b97

    SHA1

    086f325fd7bcfc7df957a9ee8cf19cd19b247a06

    SHA256

    37575a54aeb523edd8627e0f4e303561dcbc36e35f48b72f3ca41ebbf315ceb5

    SHA512

    31edeb524e19a3fbad68f7c946495e68d58701c80940351c1d9a4714ca92b94a0a248f11edd57fefd4c30b85144743637ce6af537ca5a4c0024a46eb2ed09ab9

    Download Submit