3a15ac97abe33306250c353dda5cb8d6abb3a3dc54ad6b16e58935c8e0b39fb5

Analysis

max time kernel
4s
max time network
185s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 22:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68e23c251edec78b1388479b3a624c68_JaffaCakes118.apk
Size

4.3MB
MD5

68e23c251edec78b1388479b3a624c68
SHA1

61560000b260ef395912d00b42cdfd45c37022ff
SHA256

3a15ac97abe33306250c353dda5cb8d6abb3a3dc54ad6b16e58935c8e0b39fb5
SHA512

3bf4960d5244b202d997c91492a00831df0df2ead3f4c755c758d682c718fa23aef2e979c9096170c56bfcc6324f406df6466cbd82e03f95c883b4fb7f7ba378
SSDEEP

98304:3idjivEO7yThKWzF6TZcEpHt4SzMKcQOZZOg6qpV064mqfrg6nF:S8vEOWThKrT0SzbKD6qj0pL

Score

7^/10

discovery persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

xyz.hanks.note

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses xyz.hanks.note
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

xyz.hanks.note

description ioc process

Framework service call android.app.IActivityManager.registerReceiver xyz.hanks.note

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	xyz.hanks.note

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	xyz.hanks.note

xyz.hanks.note
1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4319

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/xyz.hanks.note/app_crashrecord/1002
Filesize
224B

MD5
31061ef86558ef8389ceeecfaa649e0e

SHA1
6f0b85d4955fd410403834c5dd2997a711af398f

SHA256
b9895d4ad1e4f188044e6c06ea2e67eb45a5b502265ae04927ed79f3459f30fe

SHA512
dbbce167efc2beb9385969e5e1cefba3a66978cdec115e990310912a9c297b53765adfce88bddfe5038987651d34a4b0933a04054b4158519d29f890c81194e2

Download Submit
/data/data/xyz.hanks.note/app_crashrecord/1004
Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/xyz.hanks.note/app_crashrecord/1004
Filesize
224B

MD5
319c36b238e9f1be87405085fc9f6add

SHA1
165cb60cff8b13c9932d5e8532d58970324cd1b1

SHA256
43967453d9112a63cec18203eb9fc433e6ed4ad12d2fb05c3509a9c1c89ea15e

SHA512
cfd082c0b14dda019bfdadcaab291c0138a77d6763af865be645246b15368d447ac7d1b7e6c530fd96baa60d7013dba5e8ac1db20a7e9a189c6b7b776bbf6131

Download Submit
/data/data/xyz.hanks.note/databases/bugly_db_-journal
Filesize
512B

MD5
23a8117137a10dfc7c98ca540a7f9cc2

SHA1
1afb21cd2dff5e2281714d4b6c3b6e66908a3266

SHA256
49c50ce56dbe237e1a31cddb5995b9588c95136d61fbec6b6bfe34f1b8c366b5

SHA512
1af1e20cd555c7abd89715fdfd8ebc50c5b3abbf4663438128d4ab6c534687ce8fced30b48270d3c1f3c2ceb951eb018e55d8ca92d82675730b8db00be339889

Download Submit
/data/data/xyz.hanks.note/databases/bugly_db_-wal
Filesize
72KB

MD5
737df252a5e4c0c2b419aebd8f3321b3

SHA1
103ac5308049cee650d6ee28180f5d9fb0c77fcb

SHA256
9a345554c78e434821c34e4579c7c16a7c05b0a27d134b4858b43ec69c3a90af

SHA512
6a143814fa8d9ffb899a79c3edee185a8152f1a13962d7477eee5bf781f0de079fc9edf7bb57c873bbcc1001d8e0e222396fba7217878e14ed4b16a9dc56aa95

Download Submit
/data/data/xyz.hanks.note/databases/note.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/xyz.hanks.note/databases/note.db-journal
Filesize
512B

MD5
647142121b65897ecce8370942c930d7

SHA1
94f0ce06b1d8603aae5a048eed62b11e64eb9100

SHA256
5c073e525207988f7f2e6d008b53f2daec7e8956a4fa491bf1b7ace6320b2141

SHA512
097c132fe23abce130be86ed37e96e93fb012e2684c329ed1c96a5a47d8a8074fa42a312e6d4f0913e4501a010697bfb774f3cbb5ed2f0ad30e3c092c5549d4b

Download Submit
/data/data/xyz.hanks.note/databases/note.db-shm
Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/xyz.hanks.note/databases/note.db-wal
Filesize
52KB

MD5
49a494f9e6a292aa3cced73357f56bd2

SHA1
3d66840ca84c5148cb45e5926c72da81a5a827bd

SHA256
8da1193bd7c1e145d19e7d1be4723503ec0381560e29a36a97e89b1cd22a1ff2

SHA512
c54e4b4993ad791ded736c45bf60cf00bc4b392fc31c81369c64da71a3e0c6e4083e74a33af42dd3315e7be79deea3735b654d31b3821e83fe81e9bb716a2ee4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads