Analysis

  • max time kernel
    7s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    19/05/2024, 05:13

General

  • Target

    58b7ab621db29fe7d87d3e3dbd29193f_JaffaCakes118.apk

  • Size

    8.6MB

  • MD5

    58b7ab621db29fe7d87d3e3dbd29193f

  • SHA1

    4da9cc24cb61e32e6ec00f9afdbd9a1b7cc7d913

  • SHA256

    6794421b8e26d4719999a973dab9e5b6629edbed29261c612f101ddf8a4393f3

  • SHA512

    042784aa165bab55772161f6eea49416308445edda2f94c3136faec19ebc0367a84af3c3ebab493c00cf9688c8b209360979586058fd6f3cdb4b1bfa92ac3bf7

  • SSDEEP

    196608:NfDLYKTuy4f6e59L/62XembLV77Tsq0m2DrOJApo:NfDVTu/42umbl7gLyJko

Score
8/10

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Checks if the internet connection is available 1 TTPs 2 IoCs

Processes

  • com.jzyd.BanTang
    1⤵
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    PID:4266
  • com.jzyd.BanTang:pushservice
    1⤵
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    PID:4298

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /storage/emulated/0/Android/data/com.jzyd.BanTang/files/MiPushLog/log1.txt

          Filesize

          217B

          MD5

          4922fc2af6de3e040f989807ae5c1787

          SHA1

          2f0573f1e26dbe832ead506f830035f6464b3103

          SHA256

          a5a8a6e5e56aff545f8105cf24d12ddcf9b38cb130670b9af8088651670db5c9

          SHA512

          d26e86225a39a9766ee2ea7c35ce0678a3b3df1c3fe5259efa89843caedcb370e7687433a0aaa12ca414a0720c59794ca1be5a13efa6d6e985f7b18833a4ed2c

        • /storage/emulated/0/Android/data/com.jzyd.BanTang/files/MiPushLog/log1.txt

          Filesize

          54B

          MD5

          24b05e4129a4908e56d90cb27887943b

          SHA1

          51c3ddbaae839fd69dc7179ba72fc491b7aea180

          SHA256

          adec20e58dba7cd71c23e2fbd28c916bc295e782e2b84c03683d78d427fde8db

          SHA512

          2dd2d1ce6d66476afd3c1698c3afe976adffeb5efa321cb7ad0d0c5d06d298fef5793a0f54c793c6b2b3598ab659b937a9888da03208a86a1b585425024330f3

        • /storage/emulated/0/Android/data/com.jzyd.BanTang/files/MiPushLog/log1.txt

          Filesize

          238B

          MD5

          ea7ecde641742d42c19370b44f34c437

          SHA1

          d6f8dbf965db6cab8426744aebe2ef0dec38d631

          SHA256

          f5eee9af300cd037bf195c12a2af7846839fad897911e53d0c22a744a9ae2e4b

          SHA512

          10904133078439ca978609b0c73ae7a168ec47f8446365a334805c0c0cd4407953a9a2d8f2bacc6952b59da7ba31dd1415deeee75dce2b6f95af7ef1ef0bbafd