Overview

overview

7

Static

static

6

63a4693183...18.apk

android-9-x86

7

63a4693183...18.apk

android-10-x64

7

63a4693183...18.apk

android-11-x64

7

alipay_plu...09.apk

android-9-x86

1

alipay_plu...09.apk

android-10-x64

1

alipay_plu...09.apk

android-11-x64

1

alipay_plu...sp.apk

android-9-x86

1

alipay_plu...sp.apk

android-10-x64

1

alipay_plu...sp.apk

android-11-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    183s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    21-05-2024 14:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    63a4693183833b1a254a16f6222cbe43_JaffaCakes118.apk

  • Size

    31.1MB

  • MD5

    63a4693183833b1a254a16f6222cbe43

  • SHA1

    ed8301894954b7a05bd8c9fecb28e318281aa49e

  • SHA256

    4301bdff0b0a6a9b92800f53c43c2ecf727b5c63068beadb6fe218655a05524a

  • SHA512

    01c2caea8ae504d697bae1a150807d9209b351630531dda40b95775b5f9cd2f6c6600702ed200a30309820c14bc30691d12d6407f33bc435930764256f7dd0a1

  • SSDEEP

    786432:i4FyeO5+FzDT3qkY6lwBak/cdhBFYLsbEllTaLQUv4CBu:cr5ynaKqEkUdCYIllTXUv4v

Score
7/10
discoverypersistence

Malware Config

Signatures

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery

Processes

  • com.mango.sanguo15.sjws01
    1⤵
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5127

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads