2f4cc975f8114bab111685f472f6984e5494e4916ae5270e9ecd59500bab9918

Analysis

max time kernel
175s
max time network
185s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
21-05-2024 16:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63ebfd29acbc6bd81cc1798849eb9ba8_JaffaCakes118.apk
Size

3.6MB
MD5

63ebfd29acbc6bd81cc1798849eb9ba8
SHA1

e51a3b73ff26d74a08052e4eb0673853601ec617
SHA256

2f4cc975f8114bab111685f472f6984e5494e4916ae5270e9ecd59500bab9918
SHA512

918e098b1f839bdeddbe4d9ffe5cd302c6ba5273437116c3c57b01873ed9d83c4e3c4a9c0ae1a808c6e7f4e444a459b2bf9577042fa952c59d7fd47bafc9dfa7
SSDEEP

98304:DvC96a4x2ikfWAozFJ4WQ7U8TduaJktl7ADe7TcHBwV:bC9TD6H8USXkLQwV

Score

7^/10

discovery persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

cn.allydata.ymc_m

description ioc process

Framework service call android.app.IActivityManager.registerReceiver cn.allydata.ymc_m
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

cn.allydata.ymc_m

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cn.allydata.ymc_m
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	cn.allydata.ymc_m

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cn.allydata.ymc_m

cn.allydata.ymc_m
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5105

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cn.allydata.ymc_m/files/jpush_stat_cache.json

Filesize
139B

MD5
a80bef9b35b941e2dcc7a691d8890c28

SHA1
6e7fcda7be7fd90305f6ea22edca65db1a15a9d6

SHA256
07b3163419bc4665141460fd631d9ec76299aaa6f53aba7e36e0afcd1328b3c3

SHA512
6e11799c1cc29455e82d173c1c0ac62a9f1eaaf113f6fdce533c4f4ba35ed2aeee5aafebbb3d95003e797144168229cbcf4936a5a2607f3d5291524fea742476

Download Submit