16e74b79b257a979c21d04537cc38e4da8f7d28ac7e265a8c4570c13c6c06c10

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 22:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68deba3c65a90e99d529ee5968e044ab_JaffaCakes118.apk
Size

2.6MB
MD5

68deba3c65a90e99d529ee5968e044ab
SHA1

5f1be3eeb2be6215973378630111e5f2714eb489
SHA256

16e74b79b257a979c21d04537cc38e4da8f7d28ac7e265a8c4570c13c6c06c10
SHA512

b905591eae3cb9e519d69e2a5fef2573356b3dba4049385687b062537e2c574ab2773a8fa6bcfc84b95279e9ed97a9716c8a814d47c96c9292a840a302e993e0
SSDEEP

49152:7Co3JKae2MCx9eNdOt4nQtqJHSfug/e05HxHK5a+9Ob6:7N3J3eHKMdOO0q1SGJyxHK5a96

Score

7^/10

impact persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.cG7.arqOyCIv4

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.cG7.arqOyCIv4
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.cG7.arqOyCIv4

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.cG7.arqOyCIv4

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.cG7.arqOyCIv4

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.cG7.arqOyCIv4

com.cG7.arqOyCIv4
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4315

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/com.cG7.arqOyCIv4/config/5ac714da7be6d534dd74c84a097f98e0

Filesize
352B

MD5
c2599d3ab4603d497952adadbd2345b1

SHA1
b70c2fbac30d852374cec1df424ebce820cb5f89

SHA256
48ee6a943203140312da8f81f29963563b2ca37990914fcb584a364cea6b98b8

SHA512
0d112f7d0334758542edfe992321a334a04f2b0bffab5aa551cfaca4287c8e28197360aca55b25ced9019f6092ca3192b2b9b86097f3c82d1b5acbfa796db0eb

Download Submit