2f4cc975f8114bab111685f472f6984e5494e4916ae5270e9ecd59500bab9918

Analysis

max time kernel
175s
max time network
181s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
21-05-2024 16:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63ebfd29acbc6bd81cc1798849eb9ba8_JaffaCakes118.apk
Size

3.6MB
MD5

63ebfd29acbc6bd81cc1798849eb9ba8
SHA1

e51a3b73ff26d74a08052e4eb0673853601ec617
SHA256

2f4cc975f8114bab111685f472f6984e5494e4916ae5270e9ecd59500bab9918
SHA512

918e098b1f839bdeddbe4d9ffe5cd302c6ba5273437116c3c57b01873ed9d83c4e3c4a9c0ae1a808c6e7f4e444a459b2bf9577042fa952c59d7fd47bafc9dfa7
SSDEEP

98304:DvC96a4x2ikfWAozFJ4WQ7U8TduaJktl7ADe7TcHBwV:bC9TD6H8USXkLQwV

Score

7^/10

discovery persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

cn.allydata.ymc_m

description ioc process

Framework service call android.app.IActivityManager.registerReceiver cn.allydata.ymc_m
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

cn.allydata.ymc_m

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cn.allydata.ymc_m
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	cn.allydata.ymc_m

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cn.allydata.ymc_m

cn.allydata.ymc_m
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4221

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cn.allydata.ymc_m/files/jpush_stat_cache.json

Filesize
139B

MD5
62b1de372c4b6d6f7690a644fdfed0cc

SHA1
b0090543b884e0ea30079c2d898062d3d16ecb5c

SHA256
ec2a23dcecbee3e69bbce3b9c9c2625d42730b9fd880624b85ed5218b8e18948

SHA512
ccb4fb3eb0f0870d952bb2d5d076de687ff175cfac08e7827e9fcae2d0d0e7c4870c7640faccff760e93842aa216b0c8a06ab53d36e29ddf27fc8bf0cb65db39

Download Submit