5dfc6e5d74d73582a93fe20e2d66e8f2c9cb572ac51f80e3b74dde448b29824b

Analysis

max time kernel
13s
max time network
164s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
21-05-2024 11:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

630f4cf1ce4292e41f2b2bbcc95ca0d1_JaffaCakes118.apk
Size

2.6MB
MD5

630f4cf1ce4292e41f2b2bbcc95ca0d1
SHA1

c1b82ab2db553a7b17993a6e1f00cae7d9855765
SHA256

5dfc6e5d74d73582a93fe20e2d66e8f2c9cb572ac51f80e3b74dde448b29824b
SHA512

eb6781b994157e83e19d71d5b649a83beb03eb8d73905bd22fd33ae240754f775fde22fd4d1fd8993a83cd17321e1f6c6c11e2250f4091a4c080d631e186f912
SSDEEP

49152:RjCLZwnbIdDr/ZovZVPadP3vhb5ZtN/AhprQy/tLqFQYQcbegf6mJNZ:R9bdvZ5adP3vhbr/Hu1qFQYZCeNZ

Score

8^/10

discovery evasion impact privilege_escalation stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

app.six

pid process

4616 app.six
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

T1422
Tries to add a device administrator. 2 TTPs 1 IoCs
privilege_escalation impact

T1626.001

T1640

Processes:

app.six

description ioc process

Intent action android.app.action.ADD_DEVICE_ADMIN app.six
Reads information about phone network operator. 1 TTPs
discovery

T1422

pid	process
4616	app.six

description	ioc	process
Intent action	android.app.action.ADD_DEVICE_ADMIN	app.six

app.six
1⤵
- Removes its main activity from the application launcher
- Tries to add a device administrator.
PID:4616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/app.six/databases/a
Filesize
24KB

MD5
09a1c65be08d5478432c8a2c4c699a06

SHA1
19f8db07639eab80eb0b3d757112bd47076bfb96

SHA256
e4f66f1058ded1727a16c604ec745de9f81950e9b1d79d937ae3f12be2023b2f

SHA512
1703e390f1b373cf02f9ba92cf6e22b7ed4cc4e553e13278e36eb30aae43b28211d1b3c76ae690e8a972dbbf6d7e634c98d8bfc7333258a19950c30d82aec429

Download Submit
/data/user/0/app.six/databases/a-journal
Filesize
512B

MD5
dab3bcc1d3895bb52f8e34c2cff23f46

SHA1
6d5f3552f5427c069c47f0188583ddee4c3a675a

SHA256
676f1bd152d5c19b0464a4fd35585ec890f6aa97ab1b49e1a1ec1ccaacfe0b48

SHA512
f8367a41c8018380db3e8950966a96911d190c236a6a361e74bbda18fe62c956d75bd6f8c536c9ca9a52efa4124057fc8bc8bb45febbe3a808e85504d9bb8a87

Download Submit
/data/user/0/app.six/databases/a-journal
Filesize
8KB

MD5
4d08557b96e61920407b3d33f20baac8

SHA1
12cddeee949eb0c063f1ff484ba3eab000170603

SHA256
5367ce4d7d8037e8671dc14fad1e1250b243e89d17993b4c400a2ee0932b372a

SHA512
4ea3ad184b3252d3402dd165ca273e2719e6c87a092fd46f89ac27600a806de83c92e7ac9565a1794faec61527c16c7934d3ce3a9507280f716726d10a2362c4

Download Submit
/data/user/0/app.six/databases/a-journal
Filesize
8KB

MD5
4c72e6e5781605516a6cbff0c05ed5f8

SHA1
3c26b6b2df512a4b886bc00743806c80c6aed17d

SHA256
774b19cf6af1792e3178b8cff75700423ac8020066300e63604d6a98825f1cd9

SHA512
a97d3c0416306739b700b52170480757f5bbc744384d27a287d25ac2366bbe1cca12a9adf62cfd5951a87f0574ad8c23ae36ba1618dabfab8a9502dbc790a1d3

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
b6c1ccd9957e8665f0b405326e274b1f

SHA1
ae3361ce24b025d804a582c9f2592d27df63b648

SHA256
85d7e68702ae1757c9764ce677324b953877e9a1176e721e30b2a020e2763030

SHA512
7dafb38377d5bcf18f238cf40e150abb5ae32c54cdb77b633662504e7332a7f3dd6c1690e5b5fccbf7dbe69b7d954ea2a6c8a0560cfa9a742358a5b3733498e4

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
a36e68ddbf697e707155db56da65ea71

SHA1
c8fc6d011cb8ce162766e052c755ebbb6e9d6a3b

SHA256
595593bc246451db229e4e2cd3679bd0ad943b05a5cc1935e734650b502d4f1a

SHA512
c5e7e8c5bd92c167883486ca469a41660b88da3d89097dea0b716b9aba5aeba3202fc3d18b12fc14474165256f75b4148a39bf0cce256a55342a9fb319e068cf

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
512B

MD5
af1b0583beebbf1d1c962eabad50160a

SHA1
33b91254fd498ff0869009b0bd42198c4dc3a561

SHA256
755801e54ee5e9b9e2f240dd27856e702c16e9bef59d72d7e8cdb9028e029562

SHA512
b52761d95ffdad0f5f4c11eb75788ad8fc332d1d124eac867fc6d9529eaf0af83f409b182b40fbf0ca7f60d69136e3f6661065a3e93e7a6ce756f1e52a32c291

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
7d640ebaa11cf7201d2555a93a2f918b

SHA1
6d653b69d52a8e0cc4b5c1eef32076b8b9d5e2ab

SHA256
6ef4173793318ae6dfc35c14c41202f02139a36853c644fbbe0f8cc4d9213207

SHA512
073c524139c21d853fa5ff7badaa176404923d76e3f2c0eedcf4252944530f21c06479ec2197881d1a31a1f19098bf0b6533ad446114d8e3f5c6cc43e6eaa009

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
9ec96c919a7b1bea1a5b0114dd110dd2

SHA1
50d3c68f1e95c5fc78c29e39d51c647956f5e0bb

SHA256
2ec78762f4e1fcd1490217b1810c0a916beca3810337318027c4977013cb0a30

SHA512
c0be6cf834840269903b4615f91b358de4901c7fb0f47de9a817ed7f440a11e451ab0fff57ba13dce29381d740b0ae304afccd4d987e59ac79348b4335c0dcd2

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
0e12d7c2458bd3b2a76abd3019deedbe

SHA1
1ce3aaa18dca39139311945c2d657e55e1bc79a6

SHA256
2c167694a4c5a4ed0cb9a19fb5318e95200fc292ee87edc7cb9d5bfa88795ba8

SHA512
07c4d82d5407b886b1db569bfcf533e6537c362a84c4b1eb5bc41a9804d5e8526c9972864e3fd4b405ea22fc25edd57a0bc16caf02cc2c3769d9051bd7bc7ba8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads