5dfc6e5d74d73582a93fe20e2d66e8f2c9cb572ac51f80e3b74dde448b29824b

Analysis

max time kernel
12s
max time network
151s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
21-05-2024 11:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

630f4cf1ce4292e41f2b2bbcc95ca0d1_JaffaCakes118.apk
Size

2.6MB
MD5

630f4cf1ce4292e41f2b2bbcc95ca0d1
SHA1

c1b82ab2db553a7b17993a6e1f00cae7d9855765
SHA256

5dfc6e5d74d73582a93fe20e2d66e8f2c9cb572ac51f80e3b74dde448b29824b
SHA512

eb6781b994157e83e19d71d5b649a83beb03eb8d73905bd22fd33ae240754f775fde22fd4d1fd8993a83cd17321e1f6c6c11e2250f4091a4c080d631e186f912
SSDEEP

49152:RjCLZwnbIdDr/ZovZVPadP3vhb5ZtN/AhprQy/tLqFQYQcbegf6mJNZ:R9bdvZ5adP3vhbr/Hu1qFQYZCeNZ

Score

8^/10

discovery evasion impact privilege_escalation stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

app.six

pid process

4271 app.six
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

T1422
Tries to add a device administrator. 2 TTPs 1 IoCs
privilege_escalation impact

T1626.001

T1640

Processes:

app.six

description ioc process

Intent action android.app.action.ADD_DEVICE_ADMIN app.six
Reads information about phone network operator. 1 TTPs
discovery

T1422

pid	process
4271	app.six

description	ioc	process
Intent action	android.app.action.ADD_DEVICE_ADMIN	app.six

app.six
1⤵
- Removes its main activity from the application launcher
- Tries to add a device administrator.
PID:4271

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.six/databases/a
Filesize
24KB

MD5
56c3b883b89768a572d72d5e24f6037b

SHA1
eb6296d234fbe5bb3958bdcca8d1d21cbf6798b9

SHA256
fe7f7123a850794ea84998f7e6142199110607005384120c337577517c664501

SHA512
0c3f233673b2156194623d3326291337d9c108badc29edee2ac1d4faa4bf6f6d7a73ab8659f676092c144fd510195f663e6dd1ab1edcd04a7b35332da6bdfa9f

Download Submit
/data/data/app.six/databases/a-journal
Filesize
512B

MD5
eac14c5d72ed9583824c2507ca87f741

SHA1
0a788473850bb1307c8c894c311ae421f1bf3596

SHA256
d1e3c3bb5a52f72e35d86041eacd88cb8dc02565b710758fd64918a0a6583ffd

SHA512
4b9fecca62b990e0207c6f39c3e66a8cc6337ea074ef080f83980fd6023247dd4c063dd1314cf8be4c0889f27ecaf147ea73c2c487c7b33898a02d4ce4b70946

Download Submit
/data/data/app.six/databases/a-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.six/databases/a-wal
Filesize
36KB

MD5
2953be1d5165dce6719f58ad914d5ca2

SHA1
480c489875ce0a92cc7499dc3a4513416f3f318d

SHA256
f91df176dbe7ffb80c0144c667d02025a80ddc7ec1d6e8306621852eb3fc2fc6

SHA512
a03f01b6e5b445d678a12045fbec3153ae088735ebd29abd9d01680d1e8d598c8004231e11edf2631e2eac6ac8006460ced34433108219af7a554bf11e72494c

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
a7fd5080cefd103309a7f1a8f0045dd5

SHA1
3f00e916e505b24e4138dc7e7331f34f79d544b3

SHA256
b84af7a8302be85e71e51b10f45b81cc8ca812e13268da7cd0b215131fb76d64

SHA512
e26c8ffd0a98813eeb00f8fb26fe09303d74cf156daa62923329be446688e7f8c9fa21591c088f4bc69c51d2ba47384bc3dc9f9e429570a4baadf3b76650c580

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
5d19fffe05d02d8e36fb6494f2996856

SHA1
0b80e45877f98615f2b197cee823ba3409d5c0a2

SHA256
e6a4924f77a716bf0d48f2a5e46fa5f0020a846e5f00d52c46074c4b4a8098ad

SHA512
4c4b57838972c96dead74bdff3054f56e2c30269b20a0dba8af894355e55f42625f277375a3a488e64f33904cd18fdda053d8b783a2bb9b6ee33e134fc13c868

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
512B

MD5
086c8c66d536dd53bd0b4c68625fb98e

SHA1
ede888b2ea335a4914cf5a2a4de8ddb9c2add854

SHA256
06d6a8904eddd25ae91e587794e52d92b9fb3b72317854174dbf31d58a8a858a

SHA512
995a2aea0704a2e6c90ec0ad38e7dcc3b35654bae36993d700fc05590dcd792d985cf0bae6bdf5c56859266fb2c685d779ebd3848edac044a27bbe2926a871ad

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-wal
Filesize
28KB

MD5
61e95b72ecbe8d6fc6fc59c0fca0f26d

SHA1
8f26d0bb52489284d90ba2f4eb5d0d4a867c9800

SHA256
58f7839b27143e671772794247fe153d220f5e1454d45e8297c3f2f044c4a32d

SHA512
5a2396893df0fff4ea5b8b4a232b3296469c6eea867324e5f745c0b3c259b290a7286197a668aa944f2dd99a6e11e5bbb5234efc7602691cd487d79472448a4d

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-wal
Filesize
4KB

MD5
e01c786a935bd30c9bebc8d4cb48870c

SHA1
4a63f0320929bb191fb4c6200cfb9b8379263c9f

SHA256
1131a72ab2c76a53c490961cb57a759405b479630b92fdc8f7c4d8c505eb78b5

SHA512
ffd068804d89456241e81df3368b44314a9fc685933c51c36d9672ff07034867b03f4ded1d49c6287ffe561d580b6ca675e775b9b27006bc5344323173cb7328

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads