72eade037daa07f9561032edc8b44161cfa19f022d57af569e3decef204b62b6

Analysis

max time kernel
4s
max time network
147s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
20-05-2024 13:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5f3dac17a4049505e8afaafcf067c3fd_JaffaCakes118.apk
Size

22.0MB
MD5

5f3dac17a4049505e8afaafcf067c3fd
SHA1

07c19e8c55ccf66d818b207f80b1a0575d3e7fb1
SHA256

72eade037daa07f9561032edc8b44161cfa19f022d57af569e3decef204b62b6
SHA512

379c89e3ec58f4e1a2da16c32f77c658b7d815c7ab531d3286a7d0a16050a3c20138ca9285348b9df715db2ea3531b6e0ad159c8469f7256540fd401795d43fe
SSDEEP

393216:65vMSOxHIQ8PnEkeWsE/Pshm8+TEkKaNpdWUZXm+4zLPf548a:6+S+nkv7/k0AI7Sfk

Score

7^/10

discovery persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.sinosoft.plantrec

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.sinosoft.plantrec
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5074

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sinosoft.plantrec/databases/bugly_db_legu

Filesize
60KB

MD5
9c9f64e061899f0a9dd7f766fb638c06

SHA1
c658500d03da960b9aa8eadb4a4f18e2407fd5c8

SHA256
6d1fe6004b549919495f844a7f041ac566628f307c865ffeb88f8c81aabe65ab

SHA512
123649d33b6e75d26e8210c6a3f47f1ae7b674ebc790f9a18fa22473eafb172cca42e2856c1e3366f273bcb96e723a3ce46dc296999b4cfb8700ffa3ac190346

Download Submit
/data/data/com.sinosoft.plantrec/databases/bugly_db_legu-journal

Filesize
12KB

MD5
edc8f8a961c67626ae80b511af89cba0

SHA1
83b02418dd9ec9c8b5f7097e78b8737a86d0d881

SHA256
12c4a9327f2c46be2ac11d60d119c7c396526f9b3ba120ace88b41b87b7db206

SHA512
3682a97167f871db8414df5d644872948acb17eb55152de3e3b1749bf5457c22d11a1b59231b047d3c908666f996c8e5fd9fd612a0a174938a0a452d0715da81

Download Submit
/data/data/com.sinosoft.plantrec/databases/bugly_db_legu-journal

Filesize
512B

MD5
8b6cc793e8e0650ecee56b8d6e9d2b54

SHA1
de9d4e84ea24920682682a70caef8008eebcce81

SHA256
0f299bcc6928403c4ac014b96a2dc75518ca0ce3cdf5db522bc4eec28746f8a6

SHA512
5149b1b5940d55b9fe412ed1a83de37e010c06dbb78b65997a60a51490a7e2512dc2c6b4aa3cf6b2b9d489b539dd49c4c415af46abdabf525773ccbe1c23b787

Download Submit
/data/data/com.sinosoft.plantrec/databases/bugly_db_legu-journal

Filesize
8KB

MD5
600c0c1438c5c8c903f03c2070f73303

SHA1
bafd3781433182cb92b3f88461636f77184719bc

SHA256
96ed7c0e7f630233022e40aa0eb291996c6cebead243720112b508596e02aefb

SHA512
c1cd98018a944ea2fe43a662083fb02ec7c9ca37b1b4418db34cc9308747bad50267cdf23abd7b4f39627f5693bef18a6af735b5bfb5cd083f883b67a2b96b98

Download Submit
/data/data/com.sinosoft.plantrec/databases/bugly_db_legu-journal

Filesize
8KB

MD5
c2cb793748aa4442f21d2000711bfadf

SHA1
5cd339d4c1fd0f8df90f24b0eb30ce804b71b5a6

SHA256
67ec219c4ce97f8aca4debbe6fc990196bcfe4da3e7686c5fc7fe146f3fcbeec

SHA512
3639707471fb35487d63c535953d70b5f8dd45a046bac16d3c308d5ef1729b139aa30d8f7f74a061d7b59ffb3f873101ac0a07e10d09d099d7ed40a287d635ef

Download Submit
/data/data/com.sinosoft.plantrec/databases/bugly_db_legu-journal

Filesize
8KB

MD5
ef9b1f80b568620b2b545855220291db

SHA1
2b35e74f18a47dd4742c307fee34bd2c2708e300

SHA256
545852beeb9d7324bc549424cc5ce32ea96699036a5d61953745bc024a1d12ed

SHA512
13f057d69d5c292bfe9aa46984694343de5ea6a6dc3e4538a580960eb9dd2d57893e5d15346f197aa02dcb3046ba7ae8c22a19244b3b72956e7be8058fed5348

Download Submit
/data/data/com.sinosoft.plantrec/databases/bugly_db_legu-journal

Filesize
12KB

MD5
d016939e704615d05c8ebec26355b4ad

SHA1
0b88747698f30c14ea66d6c7b69820661ea7a04a

SHA256
6546ad4f4f503b447a4c34442bb58cf94613c5ae5e08b54b12867f49affa4ce0

SHA512
5e5ff847056892b2549c7800038bf9ac3d3833fdcc3ce539290c481ffc4a55d147243b15d4ace6deb628dd823bd83786c8a85637adeed87720658c666ee360ec

Download Submit