b08f4f0a3db4fd885331d1822a03b8705cab27a52b213aae450cd2cb156335e4

Analysis

max time kernel
161s
max time network
163s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
21/05/2024, 17:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

642fdf641f4cb7635a67a95c1b2238e2_JaffaCakes118.apk
Size

6.1MB
MD5

642fdf641f4cb7635a67a95c1b2238e2
SHA1

cbc1620b23886e2b353888f9edde5add2095a728
SHA256

b08f4f0a3db4fd885331d1822a03b8705cab27a52b213aae450cd2cb156335e4
SHA512

4bd720b768cdc3732e9eb312ce85122ae4aea084ee99b0b699de80c3fa5a858ed8444439231868b526a2acf1900e85fd3a34f28e8baaff88b2a652a1a1e694bf
SSDEEP

98304:P7w1V+zJ4kR1cK+aZnrtY24mm1r4aImpBn15xxEZ/ghd9JvXnJEqihoCOJ1DUpot:P01g1EK/ZrtYUmh4atpBvxW6HXrP1gM

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.ainy.luoDiamond

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ainy.luoDiamond

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.ainy.luoDiamond

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ainy.luoDiamond

com.ainy.luoDiamond
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Checks if the internet connection is available
PID:4521

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ainy.luoDiamond/databases/millennialmedia.db

Filesize
20KB

MD5
e78a74f992bc73c2e1d22bba4930e3bc

SHA1
3f8fcdbc190bd9a784d1be56a9c9293c16f02b18

SHA256
611871c8b30358440f8b9f8ba356f441da515d1e97da85ec1bc992d58978cf7f

SHA512
80f07fb8dde6686a8c7604548997a16bf8bd70815d459890c181d2106be9764e1a3d2446e4212397a7b51ce9b2066149eaf4c11187fbd3e21ca8b61f48d06ef4

Download Submit
/data/user/0/com.ainy.luoDiamond/databases/millennialmedia.db-journal

Filesize
512B

MD5
73a2156b8e48deeb8b998260adac6235

SHA1
f2f2c6d3ca23223eeced43774987505b745dbf26

SHA256
b98eccac0a9808f609d72acd2d88668b37589547da54748f0d8b8ea5cc8af1b6

SHA512
f149617418544a86aa2378b4359d3db25469d399fcb4292165390742c498b33ba4e7f9069b7610cdb8f9778731bbb5898e4ffeb14c64fab5a815eabe6ca98516

Download Submit
/data/user/0/com.ainy.luoDiamond/databases/millennialmedia.db-journal

Filesize
8KB

MD5
a242df901754f234f5eb627ff1146ada

SHA1
29d207a03dcf5e22e616b9977ff7c88dc10f3d65

SHA256
9536b30a965b7899cc598f2e57442105824db6326b7244835beb8eb594cbe6d6

SHA512
62dc314dc6aa1a9551c7be58a08e592df090872a5552cc431993809647c2159294ffe71a27579c020eec2216394096ea99acc7778c43be69f879251cf56c9c84

Download Submit
/data/user/0/com.ainy.luoDiamond/databases/millennialmedia.db-journal

Filesize
8KB

MD5
ba84843f74e1cdc2bf00bde30d13c419

SHA1
7ff716346d1135371f65166a289341b3f3ba3705

SHA256
ca8b85eab0b0eaa172bb9fc1da3f660571d0c2d9e853db6e2e0e65d9f1e24ebb

SHA512
8fb82f4c2679aca72a64a4f6452a60b0d09574cb4148611df9a5f36b1045b9048416fa870eb513d31b975500c328d97fcca88a7237280825441983f28a383496

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads