a87ab90a048ac6945079f21800574b90ed2498ecdde6311a19548f98a78dd450

Analysis

max time kernel
125s
max time network
156s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 21:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68c427f520db24e6bc2d6428fa6eee24_JaffaCakes118.apk
Size

12.6MB
MD5

68c427f520db24e6bc2d6428fa6eee24
SHA1

b39a2c7c418b46e3d37bf6ed428b2e91b3735fae
SHA256

a87ab90a048ac6945079f21800574b90ed2498ecdde6311a19548f98a78dd450
SHA512

8112b971d83fbc50e444eb356efca05eecc5f1e1956f1e14fce6d131ded76eb0c7b32ab4bfa226759da36b4385d547945340872ab28ab01b29a8679bc948b023
SSDEEP

196608:4v7X/fqm6nGbibTxhujtT7VRt+yVyVHeE5HfL7c3Q2SwP2aS4ngj7H:OFxiP2jtlRt+yVAHesj7c3Q2N2aSH

Score

7^/10

discovery persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.Easysys.cHairstyleses

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.Easysys.cHairstyleses
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.Easysys.cHairstyleses

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.Easysys.cHairstyleses
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.Easysys.cHairstyleses

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Easysys.cHairstyleses

com.Easysys.cHairstyleses
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4300

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Easysys.cHairstyleses/databases/db_default_job_manager

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.Easysys.cHairstyleses/databases/db_default_job_manager-journal

Filesize
512B

MD5
347c445a2571a58d96b835a6b52a3eed

SHA1
1561aaf37fc367a5288f58b8732a9d0b57a185de

SHA256
5e833397dbd6f6cfa32768c97d4317d21cfe617e4ce93e6653abdb2b32f6eb4f

SHA512
f2276e95e2a23c9b0e0c06c112c248dbf9a66d5f946e01890ad43860f46abfd2b16929bb413aac7be1f1622a41b164476ed5db950f973997c61870c04eb16ac4

Download Submit
/data/data/com.Easysys.cHairstyleses/databases/db_default_job_manager-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.Easysys.cHairstyleses/databases/db_default_job_manager-wal

Filesize
32KB

MD5
ec8cacb5dee7e610f116d9b2749c804c

SHA1
5e618297592a59c419f6203cd26576389dd4eccc

SHA256
a9652961e0ee205babfa7e69d85b92d57efea47007d15d5a60ab51fade1b4f98

SHA512
99f3f86a5323607cd6cc2edd4c444af401dd33a0fa36961ad60fe2571ee88994f84ae770e90b64ae2c2200bf31492d6ef671a9e11c2cff5eeeb4db0ee9760b05

Download Submit
/data/data/com.Easysys.cHairstyleses/files/.YFlurrySenderIndex.info.AnalyticsData_M97YQBVXXXNM6NTWYN74_202

Filesize
88B

MD5
d2159774ddb516395c134c211df1112c

SHA1
40b211ee79f48ad0af7c644872b6a71b2ea198d2

SHA256
5cffbb7264ede4ad5dbcafbb71ad0eca382c94ebe61d59e1d5b80d037619ae3a

SHA512
4aef5ad969f68f56faebe7aa46ed8876ec76817ba885bf9072febae7a27941d7aa601022da9380be66fdf39dc6e16e78781d477264c44d45318336a118b9c920

Download Submit
/data/data/com.Easysys.cHairstyleses/files/.YFlurrySenderIndex.info.AnalyticsMain

Filesize
72B

MD5
ad48590cf52dbb0ee7563b86a630387c

SHA1
d249255c6e3a57b325c35957c67d46b4be42fa02

SHA256
c1729a2404eeaa56d8e5da3f0de37651675ee915d0ddeec9574507ae6b52f14d

SHA512
63c28de09faaa1404a1ce9f9089eb3910640b6d2b53883c766ca9f27f8da9dc09f4ca545d29f698639d1bf535e9d4c4486a47f4a96743b885841f031b9fed07a

Download Submit
/data/data/com.Easysys.cHairstyleses/files/.yflurrydatasenderblock.c5096ca6-6706-4294-b0a1-ff3405061599

Filesize
335B

MD5
2fc05ace82128f314c2e20f67316426b

SHA1
c5487801de4a2081472b4b726e5649114d1c6717

SHA256
13b0fcf5cf2e8f71583b25da90fc77d32ab880636c635ffb1b65c3d70c79afd2

SHA512
b3ddcff6a7a0a63a99e8abda5deb2406e75a4c90aaafdbafc9f2ac095ce24ceadce89fe296711f9937a75b0f76bae0dd30dc718644e09e62aad6b817137860d8

Download Submit
/data/data/com.Easysys.cHairstyleses/files/.yflurryreport.-58f68ca1b945f6ae

Filesize
360B

MD5
1f4d6226c2bc5e043b73e1c1147321a2

SHA1
13a0a6b7ca348723e990fa8a55aaf13fb201adc3

SHA256
185b536bdba37122942949d99e63507964d06b41b0cd7bfadb1c5585a5953a48

SHA512
6addc0a09911377757ac032142811513473bd6e70d626c69124200c11ce60136d393ec0fd6048fb2f761d96dd0ec9cf81b98ea955579bc0bb3b53d24d365b866

Download Submit