d74ea3f00f9ccd65272f0e4bf6d23f061e5e9f448c6b09590246ef022607d155

Analysis

max time kernel
3s
max time network
155s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 21:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68bdfeb41d6b9660b2f3e40bac67353b_JaffaCakes118.apk
Size

13.5MB
MD5

68bdfeb41d6b9660b2f3e40bac67353b
SHA1

31a26f443dc109fd8788994c55c2427672f9a3e2
SHA256

d74ea3f00f9ccd65272f0e4bf6d23f061e5e9f448c6b09590246ef022607d155
SHA512

3ec373855f665080494b7341c0b57eadbbcc433b47b86977683aa28c3fba4c60df91ba7364119dbee2867b20eb856f21734e0c8e28fb2c5d132f6a5bca15309e
SSDEEP

393216:WZmPWmh6K3k2ciPJ0xpFcVgzlv8AzmvKGLOsntHu0WlWCLhfmcn:WZCH6K0BiaxICvjyvKLs87L3

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.v.project.android.exoclick

description ioc process

File opened for read /proc/cpuinfo com.v.project.android.exoclick
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.v.project.android.exoclick

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.v.project.android.exoclick
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.v.project.android.exoclick

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.v.project.android.exoclick
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.v.project.android.exoclick

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.v.project.android.exoclick
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.v.project.android.exoclick

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.v.project.android.exoclick
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.v.project.android.exoclick

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.v.project.android.exoclick

description	ioc	process
File opened for read	/proc/cpuinfo	com.v.project.android.exoclick

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.v.project.android.exoclick

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.v.project.android.exoclick

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.v.project.android.exoclick

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.v.project.android.exoclick

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.v.project.android.exoclick

com.v.project.android.exoclick
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4319

ls /sys/class/thermal
2⤵
PID:4371

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.v.project.android.exoclick/app_libs/ymdex.jar
Filesize
344KB

MD5
6f8305297ab1db36ccd2548f3cd4b6d3

SHA1
1423f46170e38643fe46a1e7484087528eae043b

SHA256
9427fcd59e0f1210877a3e90dbc90e39acd3153319e79f65601c7df201c34bd8

SHA512
3496ef8404b6c7c59016430bf90218c56ecb2bc0568950996d4bf696e73cf63c2a42a7ad920c33c9b8620c19d7d2913124adfeebad51bed1fc5f6a2993905c46

Download Submit
/data/data/com.v.project.android.exoclick/databases/MessageStore.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.v.project.android.exoclick/databases/MessageStore.db-journal
Filesize
512B

MD5
b919baa2fb300607b46f46793ab4ccd8

SHA1
7a70d5d0a19e185c8391040295606e71a5870e51

SHA256
c17312d84ddf9c6247cf9d37f276a71f813602b027b21ccca14727afae7e57e9

SHA512
d438c7240e1fefbec510eeb6dc9f0a89a44cac14fdd282e9c01389c8ccc4ce4893a3fd0e0eb4168243397daddaf7e7ecf542f7ede913b936c19354d5579fead1

Download Submit
/data/data/com.v.project.android.exoclick/databases/MessageStore.db-shm
Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.v.project.android.exoclick/databases/MessageStore.db-wal
Filesize
56KB

MD5
a1a416578ef2a8f25ae584518744ebf4

SHA1
b5858ea3ebbc0110715a6fd9b2fc84ddf026ded7

SHA256
b1bf49e2ff5654fb2434b81bea3b18eb2bfefff018792a7eb2c0d648640794f8

SHA512
f668bda0d498880dbed74a6611721c0d59b92504338760c133153c3a3faf19e2989f67f86993d24b5b47a74cac45baf52b7d96962308a9e7262c88efbcae0a9c

Download Submit
/data/data/com.v.project.android.exoclick/databases/MsgLogStore.db-journal
Filesize
512B

MD5
bcd6179732a95c6678bb1f4f66281a92

SHA1
7c6d5efd3a8a17c75bb8e04cef1d9d1f994bea1e

SHA256
97fcdba8835939b5fb635eda955dcacb935d8152c8e922c99d991a040fbe3d5f

SHA512
6881527bb04848126fcfc639dd32f99837c1d673f6c70b92c7798384aa7c9002e20e2a1968219ae90835875617af3bc63a988507d5752af30278a4368fe1b76c

Download Submit
/data/data/com.v.project.android.exoclick/databases/MsgLogStore.db-wal
Filesize
68KB

MD5
50844e950eee4b18c5264e50afbc8dff

SHA1
b08f95cdd352194ca4d385a4c3b89b803f8d920c

SHA256
3fa87f9f8788a92770ac85a90c823256ad8ac4108e2128153a1abbe1cba04252

SHA512
d87391a1379258045aa33e5a272ce281f3c7c619a070c505c1dead4fd0a116644bcf1ae31f2d42b87dc6a848ca849f871720d4b451a09c5fba33a8619916335e

Download Submit
/data/data/com.v.project.android.exoclick/databases/accs.db-journal
Filesize
512B

MD5
fd9b6683efe573c3094268b688e01bf4

SHA1
4c8976ace3e05a4d91422204f340afb9e1333858

SHA256
30f209ac5fb9fd15abc1c6462c1eb59995c18abdbf9c2dba17563778c1fda454

SHA512
061a982486b379a878d21dd07703f21ef7605bc6c34a1e5262aa948da126c07f16d614f39c64429e1c8b3b87b6a5387414e46fd04403fa8fa84ce934e228bf8e

Download Submit
/data/data/com.v.project.android.exoclick/databases/google_analytics_v4.db-journal
Filesize
512B

MD5
6788d5dcef10773e5c869e0e3bbc7ae6

SHA1
7b06cf4ef741cf0e6924ec216103ac3151ce2307

SHA256
bffe67619332d6e38132dbf527ec30b351053e85f7fc79a57baf1e83f45ad791

SHA512
8d22eed8d26cf3a6b5e1c83c05aa444ea7cb4a42a4861e60999726b254de7bfe72ca645ca55ad89334bb5787c157f9c6a01c77a4318627440bd2ce20816c3425

Download Submit
/data/data/com.v.project.android.exoclick/databases/google_analytics_v4.db-wal
Filesize
28KB

MD5
56dd7ab1abbeb05af647c94c288e6626

SHA1
a87a2592f258464ac3ca0f58fc2131c60ac820a9

SHA256
27009a3e4dfd47f80073e3d571e319dde0c287525f2e501c0807d563cba37285

SHA512
f16572689a1607560743c0471eb7a4999d344d5771d79860345beb89bffd7516fa435eebef455d28542648cca637f34df15f350bf7511efc3f7f2f6e13510177

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
2a0693ee679451236966bea0ab7b3ce6

SHA1
72c5af76f76a59d7c7cd38deaeae6c271ae71ba8

SHA256
02aa2f0bccee597af2dbcad4c50d7e87d0720bb2bf15946d8427357eb9687667

SHA512
618252864f5a3e840df2fd4095adef7ed5f064ad81ef285131577eed9100bc0b13c30e00486c2bd9c507f94838e1ad2e7d54a219d24f961b8d6dac0f1b902808

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
fe0de392719c1de8d8bdd4e08fcdc8e8

SHA1
186cfce65b063551a8c2e02ded8b79c76410488b

SHA256
f5ae8c8bea859624e1a45487dbb1c6eedf0f6eb09428e205b7c99ef6de95c7ad

SHA512
ef6394f6d0055c1a6bc3f759a2abde211fd6f94fd6c2f48bd8a17add8dbb5409897a810654a52d0e33e533c29feb9168755b0b2c75e47bb13fbb74bb80988b27

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads