b08f4f0a3db4fd885331d1822a03b8705cab27a52b213aae450cd2cb156335e4

Analysis

max time kernel
155s
max time network
159s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
21/05/2024, 17:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

642fdf641f4cb7635a67a95c1b2238e2_JaffaCakes118.apk
Size

6.1MB
MD5

642fdf641f4cb7635a67a95c1b2238e2
SHA1

cbc1620b23886e2b353888f9edde5add2095a728
SHA256

b08f4f0a3db4fd885331d1822a03b8705cab27a52b213aae450cd2cb156335e4
SHA512

4bd720b768cdc3732e9eb312ce85122ae4aea084ee99b0b699de80c3fa5a858ed8444439231868b526a2acf1900e85fd3a34f28e8baaff88b2a652a1a1e694bf
SSDEEP

98304:P7w1V+zJ4kR1cK+aZnrtY24mm1r4aImpBn15xxEZ/ghd9JvXnJEqihoCOJ1DUpot:P01g1EK/ZrtYUmh4atpBvxW6HXrP1gM

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.ainy.luoDiamond

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ainy.luoDiamond

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.ainy.luoDiamond

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.ainy.luoDiamond

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ainy.luoDiamond

com.ainy.luoDiamond
1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4239

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ainy.luoDiamond/databases/millennialmedia.db

Filesize
20KB

MD5
ebe1a5d5f115f5e1ea6aee30d3a52c8f

SHA1
6ff2a4633d60a8ae15aac7651ffd5204c392380f

SHA256
388c5113936f7d3034b02eda4a9064e52645c15c3b4c768c099df4197ca0c67f

SHA512
005923c4bb1a9bc530594f44e28cac807efadbaa6e88dd82bd11e8dcf90a6d669db22f558af86bc02ce66913c35d07e790de0c5836866d99209c562563f42043

Download Submit
/data/data/com.ainy.luoDiamond/databases/millennialmedia.db-journal

Filesize
512B

MD5
d12a337246fa2d815989624630e60406

SHA1
0723a70645d7ffc58c1742e78180c47342e21b3b

SHA256
808e57a90bede57ccbd9be8f50971d32906b92f38a2ce44cbb236c32f420b519

SHA512
8a045ba8b591d0ad9ed1a126adc500d95a7ea89b490f6fc01e6df38f1d58ff0c6a6f2f27ceed9f2cff8c5ced6bbbe66b4f8cccdc7c2a8ea71ee9efabd560d2d2

Download Submit
/data/data/com.ainy.luoDiamond/databases/millennialmedia.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.ainy.luoDiamond/databases/millennialmedia.db-wal

Filesize
32KB

MD5
9e314681da131dcb9d2e3db98e6f5ceb

SHA1
82f07b3c2cb2dcd60b45bdd54d1989593e5f1c53

SHA256
511b281a71702935c13fb49eefd87c2d15a8633990a2b70c8d4da12216fcf22f

SHA512
946225fa2a310c6dd98e3b946653801c49be6df8dd392670b773090188e739bae1e4b28bfe77a9ae63b88da45307cbca5d860fe99d6c0bc601de2f06f357fd19

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads