Overview

overview

7

Static

static

6

5d27833955...18.apk

android-9-x86

7

5d27833955...18.apk

android-10-x64

7

5d27833955...18.apk

android-11-x64

7

Analysis

  • max time kernel
    63s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    20-05-2024 04:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5d2783395550e2ab5e2bf5d3c6e4d5d0_JaffaCakes118.apk

  • Size

    1.7MB

  • MD5

    5d2783395550e2ab5e2bf5d3c6e4d5d0

  • SHA1

    f82924c0f2dd2f4cd0515946da642cfa64e447bc

  • SHA256

    aca2b1d864b87cf40f923282b14ca44c28bc2529017e5a6d8d877c43a377971e

  • SHA512

    06cf9795159856081743f9ee0780d7c71c94e46f08fb0518827d787e17102d2c555cb5d1cd91d2c23d7ec19085f229db70ea34e712154b661226a17eac57bdfe

  • SSDEEP

    24576:kxW9NbuVGDxjm+I/YU5OuQcZdE22crnkN4OfS8ce3q7ccw+th3x2ep0ko1vS:kA9NbqG9STrE22cwNvN39exL0zq

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery

Processes

  • com.sdp.yxcz
    1⤵
    • Checks CPU information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    PID:4243

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.sdp.yxcz/files/mobclick_agent_cached_com.sdp.yxcz
    Filesize

    121B

    MD5

    4c24f61fd5c02ce8abef3e4b889a0e68

    SHA1

    d18c5a974ae11bc79dc3a22f00f1c0c3eef5897c

    SHA256

    1fc9b571f83cb7fbd8462c58e592bf940496c4042e2048475b2fef29de5445d1

    SHA512

    adb703c66b54428dbc9973b33c3594d445b0ca2bde3dc7f238d7ff6b5d7c18511c8931f20b5e360792d61c1832bac81d26a235a393e7085b3d8fb65f554804f8

    Download Submit