20f161a7a3db06167981d1156a7ecd2cd51f15d359478504adecf9430f851340

Analysis

max time kernel
162s
max time network
163s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
20-05-2024 15:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5fd2f2ebfb80a49a92da9c81ecef6729_JaffaCakes118.apk
Size

11.9MB
MD5

5fd2f2ebfb80a49a92da9c81ecef6729
SHA1

18163c445e07bf0e5e705d5bfb83c3c197648a1e
SHA256

20f161a7a3db06167981d1156a7ecd2cd51f15d359478504adecf9430f851340
SHA512

2606cc986938bdaf9c09633b63c545bd45bb996c906df4e3603feaee032063d4d1b872071333cc18de6a5ed1c81a437251c35022ffdd0eef70dc9f7ca3d52be6
SSDEEP

196608:A5IVck0unfmFN8dcCch5fFXsKKsf33H8T84YviOPDVPnRfjH9/3GxVwqASeF:A5e06CsyJ+K9f3HbJvHrHKvM

Score

8^/10

banker discovery evasion persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.l.sjmao.android

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.l.sjmao.android

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.l.sjmao.android
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.kamitu.sjmao.android.pushservice

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.kamitu.sjmao.android.pushservice

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.kamitu.sjmao.android.pushservice

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.l.sjmao.android
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.kamitu.sjmao.android.pushservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.l.sjmao.android
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:5113

com.kamitu.sjmao.android.pushservice
1⤵
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:5215

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.l.sjmao.android/databases/TDGAtcagentgame.db

Filesize
32KB

MD5
4b1bbf1a77300360ead0c51452872dd1

SHA1
1517a6b5e51a9e3529ee5e84e700497211017cfa

SHA256
b2586116a3f8c66eca4f6fa66a704cc97ae019a6b323ad036cc523a93e10bfa0

SHA512
f5967560c1608f75631c0361c24193db70c1f2cbd5d53ef57eeb419f50d07182f9d2b313cedc1f20cc01486996a16ee1e53522ea83706a6983fc7937aa14e46e

Download Submit
/data/data/com.l.sjmao.android/databases/TDGAtcagentgame.db

Filesize
32KB

MD5
39387a61a7e1b20077127b9e03f73eeb

SHA1
1bdf642fa2ba1628074b94c2752f4548ba969aa8

SHA256
3bd367d7538423246e87e1c060c9969f2cc3775ddb0409b60994b54bda379dbd

SHA512
4de2ad4c0be6c964452fee47f8375a6ebcd182d62730c0c2035de9ab79da2c5aaeaf4569908c2c71acbb975d637064e09e5e4d648990d72ee7bdfadf25f47b81

Download Submit
/data/data/com.l.sjmao.android/databases/TDGAtcagentgame.db

Filesize
20KB

MD5
d959263163adc263199c0a942f4af8e0

SHA1
2382e52766f0857d6aaab7d9e234632ccaf6fb2d

SHA256
5d2f700315ea1d99c242ee10f2d431e2498f9fe96b7fd819ee132b56d8e85442

SHA512
04ae6800624051739d0fd8a8012a420a1551a7d2e5405d4c02b9a4404a9b66daae4f6f07749aab549e6f66e41ff87a025c8a07c22ed9edfa1264ff7cc42d612b

Download Submit
/data/data/com.l.sjmao.android/databases/TDGAtcagentgame.db-journal

Filesize
512B

MD5
cabd48e590c98c39ea9651055652a09a

SHA1
84863bbc08dd1675005b6ad60e86c76c881ac30b

SHA256
eb9323fd64f140e128d4e13410441054f2979c5605566c6017f71313a53a4310

SHA512
4d5bdf8388644cce458ac2e8f8359c7e04d33c5b5e65bcf895af0b4f3f06adfdaea8d69907a821297098cdac6945a408c9b57fcc3d9f7a532e300482c8962e1e

Download Submit
/data/data/com.l.sjmao.android/databases/TDGAtcagentgame.db-journal

Filesize
32KB

MD5
c8252d938b832e722acae02f2f10c2f0

SHA1
f258e9a142c638b60cca0e29e4db829a15731b87

SHA256
18b690c88f95d595d4b1ccd683a26789d188ca55bbc55e5fa18fc80a8feffa7b

SHA512
1c8d2c6b9249be32ebc634b4fa122dd6efa806f8cc94d0f0c503f8780d9d4651e8772f9119b34f40c17330efaa4969c994b78d31311c2109c45299c845731412

Download Submit
/data/data/com.l.sjmao.android/databases/TDGAtcagentgame.db-journal

Filesize
8KB

MD5
cc5889f7a08d7773568316c981efc9b2

SHA1
775361d218284ffba5976402b42d771d8878e3ea

SHA256
caec5daa0405682e53466e3813c5e52f708eb5350d283e319764f9e600fef246

SHA512
759c47e5fdf92c8ed087321f72a412fdb68c5b5827b77aad117aed01bcd594a48b1cafb77d19cd4ddba49cfde32e0f527c72a8700105601813b60baeab85f18d

Download Submit
/data/data/com.l.sjmao.android/databases/TDGAtcagentgame.db-journal

Filesize
12KB

MD5
9c66bb96b5ac8c3ab41f2efda4c0964c

SHA1
cc6e490dfb81f6da803c53bb664beb2cabb5a62f

SHA256
a6c95573117d2c18a207e69a6d5e343ac8dfc72f81029e28f52ad305ec1b7308

SHA512
9c8822d86090cf2244b5580216abd5c08001a3c1c8f8fdbaf55105e9fbfe9be7178ed27880be11683c9ee8b74006a42d92945d55df19d8e538b4b2b323c7e1d0

Download Submit
/data/data/com.l.sjmao.android/databases/TDGAtcagentgame.db-journal

Filesize
16KB

MD5
5da543d58f1b4f54de75a6c6f4ac1bb1

SHA1
7a9e6ab8d883e44ec57ea4793d8e5d14706c1f39

SHA256
880b72a59141de1e5351323863b3109c6535d68c424296db1b37c192aece648c

SHA512
17a0e8de0b24c65174cd74f493077404d935f1e49de0c7ff7a0669f3d52c328f2cd360fe2ecba3faec476602a4a4daa5f7ee9fac750c22c4928641e3222c167c

Download Submit
/data/data/com.l.sjmao.android/databases/TDGAtcagentgame.db-journal

Filesize
12KB

MD5
522f0cfc4662b7d4a9201880f3a1a5b2

SHA1
55d13df734201b6b92c2301102d7f06b6019aee6

SHA256
46f51cd338ce65eb44c8c6045f6cc8f1779e350da01311661075989f0a5cf219

SHA512
0a7bd10ee250ed894229ba376202e83ccb8cfb76089d0ffced4aef625e75b420db621bc63085254bd25d3169f9af9c7514f12a95f8410dea8008d9af1c254ea4

Download Submit
/data/data/com.l.sjmao.android/databases/gxdbapp.db-journal

Filesize
12KB

MD5
7f5882d1fd8c54c84fef240fbf332399

SHA1
84027532eef833dcca4b622d2ec27fd71151eaf3

SHA256
8221a4c67a0a7ed69acd87c0d19a9447df45a8a20bef351709f7e3d0fa32f13e

SHA512
fef6cae2b2b1d5de69c637e5ba6e3d942bb81ab28f7e346a7ec296a016de172fd9671fdfe1bf37cd6cf75e162104f0412bffbb4713efe1e75b526a6b92a90e3f

Download Submit
/data/data/com.l.sjmao.android/databases/gxdbapp.db-journal

Filesize
12KB

MD5
a4f733a680fef9741157319a3428f226

SHA1
7f4fb8a8283d08cb683fe19ce3f8513dcd5e4bb1

SHA256
f9225391d2968b71e8e4f900283a3b5ab05d76422bbdb6a910ba9eb4f006757a

SHA512
c1098667f2901a36cadad9fa1f95304f03e79cd27231e18133d2e1ead49fe2ff3f5046bdf8a83afc4830805022df4a90a2fd688e8304bc27a684446e4a57a16f

Download Submit
/data/data/com.l.sjmao.android/databases/gxdbapp.db-journal

Filesize
8KB

MD5
beda6173308a2d0346938d4ffaa793cf

SHA1
03195f0a56796136ccdcc66d56771f8f47673b2b

SHA256
a82600ab55f20b4e66023eb456a2e9e18a5b1d78bf89cca8ea5e1e169cefcf91

SHA512
46f11e373d15899f96dc16a2f81e1c45d3dc12bc9cf747c1f765a8178afe8ac26397dc05c772007b354e93d36890a5b742e452edc1839299a487a080438b896b

Download Submit
/data/data/com.l.sjmao.android/databases/gxsdkdb.db-journal

Filesize
8KB

MD5
90025a0d69ef044a21314552bf241bcb

SHA1
18ade8c72286492bea20f016353b9ed80fd06c55

SHA256
9e9d7d75207ad957f5df046eb9308d4100fd92a60e3154a62ad1e7271deef756

SHA512
4167740a8dfc6fe63d289d89598122c87838290dd1266b3b6ad86dda8ecb701003867f418614f12c2a095200a09e99572fcc5aa259672f56b38682fcb1904ade

Download Submit
/data/data/com.l.sjmao.android/files/passname.ini

Filesize
12KB

MD5
47151d0da0064e5fb22cd57634021b83

SHA1
4ff057b768be8cb95057de18b4387ada7aadc268

SHA256
d4e7d5c2f2236e6dc4799585072d1c96e2655a58f9026f01f7644773b4a2a5af

SHA512
5dcd9e9e04f9ab8ca63d2eac43bf4ee8a4e163e591d7b2fc7ae7366525fbcebefcd956a4425c72a24a9c9e3692c8356b75dea1e04d2c3b28d9538acb19c36939

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads