b08f4f0a3db4fd885331d1822a03b8705cab27a52b213aae450cd2cb156335e4

Analysis

max time kernel
155s
max time network
163s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
21/05/2024, 17:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

642fdf641f4cb7635a67a95c1b2238e2_JaffaCakes118.apk
Size

6.1MB
MD5

642fdf641f4cb7635a67a95c1b2238e2
SHA1

cbc1620b23886e2b353888f9edde5add2095a728
SHA256

b08f4f0a3db4fd885331d1822a03b8705cab27a52b213aae450cd2cb156335e4
SHA512

4bd720b768cdc3732e9eb312ce85122ae4aea084ee99b0b699de80c3fa5a858ed8444439231868b526a2acf1900e85fd3a34f28e8baaff88b2a652a1a1e694bf
SSDEEP

98304:P7w1V+zJ4kR1cK+aZnrtY24mm1r4aImpBn15xxEZ/ghd9JvXnJEqihoCOJ1DUpot:P01g1EK/ZrtYUmh4atpBvxW6HXrP1gM

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.ainy.luoDiamond

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ainy.luoDiamond

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.ainy.luoDiamond

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.ainy.luoDiamond

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.ainy.luoDiamond

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ainy.luoDiamond

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.ainy.luoDiamond
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5237

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ainy.luoDiamond/databases/millennialmedia.db

Filesize
20KB

MD5
6daa13443ffe592bc74457715615c605

SHA1
5e0581adbf1ce81c1c9a6fa59725947f6637cef7

SHA256
05816ef73acf2d273865460cc4bed0f99e03794464ee34d4974d77f978091e42

SHA512
03ce5aa54e9b809973e7da3454555122e08ebc3744880e15e6a60d1f5f1179adbf89ceea20bf61810a4a610aaa1a006410d2d5ac58052a15cf367aa09f527250

Download Submit
/data/data/com.ainy.luoDiamond/databases/millennialmedia.db-journal

Filesize
512B

MD5
6f3e331b9b7d65c0659ecf911e5d488f

SHA1
0964fb2afe0bcdd00f9fa3b11513e540b57877b2

SHA256
285edc5174e366561fa120b4cbf9a8755322258974378265bcd37681c5ff8eac

SHA512
b4cbc4680cd59e6197d707b18d421d4d957072693bd98c8da3f2d74d1df0d09a08c2353178aaf2503f8dd549904c682b11e7aba05382e14758cb01db912310a5

Download Submit
/data/data/com.ainy.luoDiamond/databases/millennialmedia.db-journal

Filesize
8KB

MD5
fbbe41a9a3eb2eac15ffd00d65b4644c

SHA1
1d6f171b91ccfe20c093b30c3fb0e7f0e4e1f445

SHA256
cfabbcec5b99c97d09c46c231423015a69282eb706f190c3515bc2400615d779

SHA512
0a5113007dfbf3f7f641b628bef70241924e657893aa05a070facc07cce3111c19d13ec7abe071eefd902b9bed7c97b397f563dac7681a3ae6a614d8b4172a21

Download Submit
/data/data/com.ainy.luoDiamond/databases/millennialmedia.db-journal

Filesize
8KB

MD5
f35d5c8c07c004942115ce1e64f55c4c

SHA1
1a7ba6ef868fc520dd4f1942bc4695a1b9635657

SHA256
86a35ba35d6e685a073faa2a3915872174a44167bbb4503d9a2e46e5f24663ab

SHA512
00fde6afdc39cd6aad1bb14a380208c8b440b488cb0cd0fd6cec6b9ecc7a747546518491e88cc8798f54279a1202c9449301aea5021ae8961569ce55788a3923

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads