eb40eb2932f8bbcb5c9903a7bbbeb4d9f1a432914f3a6a24a2a1f182552089ed

Analysis

max time kernel
5s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
21-05-2024 15:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63d3e0588dbb6ecd09706786d76ac056_JaffaCakes118.apk
Size

17.1MB
MD5

63d3e0588dbb6ecd09706786d76ac056
SHA1

d3497ab8f9d098c29c1669c52e81d0d3da5884c5
SHA256

eb40eb2932f8bbcb5c9903a7bbbeb4d9f1a432914f3a6a24a2a1f182552089ed
SHA512

4946c64a5a01a552c0ead0e4327f96dd0540afbe948696655c7613dd0b27c0537a7a4324eb7722694f7f7c7a5598d73bc31ae3ca8c59b13f1a7e324929a2e93c
SSDEEP

393216:xEv4O0M6iEYWDwCF+GUjvB7ObhnFGaLR2tzuM/DxwPaEsjV:xEvXgYWEoyvdenFGaLR2tRdwzsR

Score

7^/10

discovery evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.cardlink

ioc pid process

Anonymous-DexFile@0xd20be000-0xd275e818 4245 com.cardlink
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.cardlink

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cardlink
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.cardlink

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.cardlink

ioc	pid	process
Anonymous-DexFile@0xd20be000-0xd275e818	4245	com.cardlink

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cardlink

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.cardlink

com.cardlink
1⤵
- Loads dropped Dex/Jar
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4245

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.cardlink/.cache/classes.dve
Filesize
24B

MD5
7ea4e8964042112157a7826ec0152e05

SHA1
7fd78073b9e2bf666256905dbbef3add4c311b1c

SHA256
f40592f9a1346a79474ab04571076302798d3076de625db4d021e77567a036bc

SHA512
dfa089c7db0565e49e90b0cdbf3cfda40299179f06dec4d423e5be3b8c28fca3abfa99c1bb14fea4bb277eab6378b5a42c7c7cb64d75fbc3b016c4858e95b840

Download Submit
/data/data/com.cardlink/.cache/classes.jar
Filesize
2.1MB

MD5
6d3de32a1770e7fc68dbb6fa4a728906

SHA1
c9110e812461c2b283bbf1851287d31fc9cfe312

SHA256
6ea1fef266c16527ba40dc3a39a6a3e679e35af3c459e92356f350e402537017

SHA512
356dc1602b5d2dbeb1a2b2ecd897d6f9589cd6fb163e2c438811182cfdf250c9df67904d8c7fc1ed08267e54d3081e68541f5708b37d87ad891f50c4569d4450

Download Submit
/data/data/com.cardlink/app_crashrecord/1004
Filesize
222B

MD5
a9dbfc6c23e22eeb63aa6ae3fa0a41d1

SHA1
9d36eaaaebcc954b1924fa8a56cab0fdf166715a

SHA256
8b71e3d2e84d348acfd2cc5aaa29bcc7d73a468b6fb31aa880bc93b688368426

SHA512
41dd5d831641d117cd9c68fcb52d1eebedd42a1e7ddf57e93e00bd7a24ed96cea297c96fca7c6a5886dda9cbb5441c2e737c5dc2db9de27a52bc78f646ffe0d5

Download Submit
/data/data/com.cardlink/databases/bugly_db_
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.cardlink/databases/bugly_db_-journal
Filesize
512B

MD5
d86e3715fe2946d892392fa336e764a3

SHA1
edd27fa36337b7a4835cca29f7ea6ceb607c4213

SHA256
310827f83fef5170952933da724d59db3c04d5e0ef45c6f5a8332bce6a8e2daa

SHA512
a817b484ff3d127cc59042eae8f244da32b506b1939efd7e5803314e90c691f6ab384d865eb2bf52587f007c6228fa12c036bf67069558e117e6c4a121118226

Download Submit
/data/data/com.cardlink/databases/bugly_db_-wal
Filesize
16KB

MD5
1f94e8bdc96781758eff494e56e846b4

SHA1
53d04ac9b7e46c31d84ef02dba39ba6f258c4397

SHA256
be7fa1cae8890b28cf4de47d1f7e2042aa665a6dc36fe1f1d0f9fe1118834681

SHA512
0d6a53ce8695a00117a97aebc15bc86c3e4df2a7a792a4c6f24de1ed7cc851703a6d9544d22248a7f60b9b19240123a1fbb881badfd1444b5c272b45d30af912

Download Submit
/data/data/com.cardlink/files/Mob/domain_1
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/storage/emulated/0/Android/data/.mn_410185822
Filesize
130B

MD5
f321656a466363e5192773d92000e401

SHA1
3a6abe9be1a6f4deffaa98fd27f3449c888d3c4a

SHA256
53efd5207de6ed80429ec3c7865eed2b64023a0ed66e0fd29e7f45b708a1751c

SHA512
fcf6884bf5ce8d10b3a3dd461fad96cb6cf0bc4129e01788de112551230fbc4d8ea6961b04411d1c7816e248437c4560277069d9c544e5450612abc0e2c0171d

Download Submit
/storage/emulated/0/Android/data/com.cardlink/files/tbslog/tbslog.txt
Filesize
2KB

MD5
a4e1e9e5e662505b5bf7b6d89af40ed2

SHA1
a8517a610e991f683672736d44bdb89387378843

SHA256
e5ccaa1539fb2f404749aa4c1bd52bfc8d8e62a207c26190e09fa7282c6b667b

SHA512
96f0cf38d8ee21404c060783c019575f9517784aa1e002f07dac459024d28c8d5c275c39a034d8211d2584ddd1e1199efd3e729f7ea22dfe083b103e74c84090

Download Submit
/storage/emulated/0/Mob/comm/.di
Filesize
57B

MD5
70a42cba408700f9a6c01c7941a8829e

SHA1
eab01cc2c0671538795fb0b1146017dc099d0984

SHA256
499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

SHA512
8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

Download Submit
Anonymous-DexFile@0xd20be000-0xd275e818
Filesize
6.6MB

MD5
93e9cc0d956fbf5710b1f73e96718844

SHA1
9cdd452861bd29003ae62118b1961980692c10b0

SHA256
5e2c273f277ac5014a6b012d82991ace496f95007362a44e9c9da53e873fe25d

SHA512
655d9f33b441b069307fbb98e8e363bbf7bccc39aa3276023258e016204ee0dc884a4dc18e3115095643867f29c21eb393458acf3fd1249e9879b6e14a85017a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads