38946992ae547ceeccbe9282e18769f7d921d55c7b62f41a42f448c7e53983a9

Analysis

max time kernel
168s
max time network
151s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 01:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

65802c85ecd70712ed4d040b19a80d0e_JaffaCakes118.apk
Size

29.2MB
MD5

65802c85ecd70712ed4d040b19a80d0e
SHA1

b62e44aa6a5fbcb6be7b00af1ae4950dfbabeedd
SHA256

38946992ae547ceeccbe9282e18769f7d921d55c7b62f41a42f448c7e53983a9
SHA512

b2b61acc61e434846b918158437d152b2e70508bac832bb30b292702f460b440f544ba198a3151db03da9780399309867c0af8e9de9d159a5606b618a6f440b3
SSDEEP

786432:jPURpfrujqhfemmv6gEiSLe44Z3DzTV1RY:DXq5nqQ4RTVo

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

abnehm.app.low.carb

description ioc process

File opened for read /proc/cpuinfo abnehm.app.low.carb
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

abnehm.app.low.carb

description ioc process

File opened for read /proc/meminfo abnehm.app.low.carb
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

abnehm.app.low.carb

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone abnehm.app.low.carb
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

abnehm.app.low.carb

description ioc process

Framework service call android.app.IActivityManager.registerReceiver abnehm.app.low.carb
Acquires the wake lock 1 IoCs

Processes:

abnehm.app.low.carb

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock abnehm.app.low.carb
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

abnehm.app.low.carb

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo abnehm.app.low.carb
Checks the presence of a debugger
evasion

description	ioc	process
File opened for read	/proc/cpuinfo	abnehm.app.low.carb

description	ioc	process
File opened for read	/proc/meminfo	abnehm.app.low.carb

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	abnehm.app.low.carb

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	abnehm.app.low.carb

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	abnehm.app.low.carb

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	abnehm.app.low.carb

abnehm.app.low.carb
1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:4318

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
022ac6bbdf78f08bcdb123173d04387d

SHA1
8579ad9e5242335739d5427a9944833c03745fd9

SHA256
14a686aefb9348e9e01db39702af08ee4cd474dfbbe8a0323c2c70cb16702874

SHA512
05f894969b44a9864b3af8ce6441f7b11e58501182c93f45baf7601797311eee021c9b94ddc04310403fbbc5b98d562e6517ff0499ca274a5fe470f7b1c5b650

Download Submit
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-wal

Filesize
60KB

MD5
df793e8ef603bdd30d22e3c9f458d83a

SHA1
bc8c6e14afde176e279147f6a1a40e0fdf336f5e

SHA256
348aa9f78940b343d594ae92d5a60da09e54f47b867fa454351b8d16cbb10b80

SHA512
f954d25bbf18b4565aeb4d66c4e94a441cc8c15923c37a9aa9e5e478f62f5dadf728a8d34e0d9291e9a68b22cb9f984cffb36ff6735d96b143130804ccbbde67

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db

Filesize
16KB

MD5
06d7cc120e8fe7ebffb29168d20e710a

SHA1
fa278e2a3669003ec13f95fa6f16b642ad9d2c97

SHA256
e2bf721278e5b1692f33e8cee87019d380a9d648b7e3830f50030731c2c98f4a

SHA512
ccc280e6da5839665165d35d1af74813b034eeb24aea21e09fa342f921c0664b0b4df2b7266d83f3fe4963801a2f77b7cfd925a3d03fcaad40eeacaff9cfe21b

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9ebc3109cbd46dfc30afe322c53b9328

SHA1
c29c74e775cc7e1340b0d31cefed10e7c82c4dc9

SHA256
ddc6b71b0d6e99044d976ee702d710264836e07b1d37d483fb3cf2b267bb7884

SHA512
b754718c467cf0d7e45a210e96e6a8c4572c426f4471db8fe5382c81ab4300c7e6c81a4103936ec9e796947eab327c612268fdb88e22accdde43fbc87f4e9cb1

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0ea367b643f440a4351d69ab82b0b34d

SHA1
24f501bfaf67381621a7db5a3a16d471bda55dda

SHA256
093d67ba0a3415207294687421fdd37cbd47f32882aaf2b08816e3fde114c5d0

SHA512
99de45d6813b81d9c70c81e07ee21bd9acb593bf8047bc4eef2e367fd0ceaf28cf4444a348c5305a07ca2cd61e80b27acb1b6921d8f0ec2e44d28ed8c870e4c9

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
d5aad8453ac1de97807c076fb38b8666

SHA1
be325e95cc64292e2c8bd0037ee2515cf3a47016

SHA256
217f9853d7cab3e4e0ff0f14cd2d7eb3f7926a34ca43c66d2224be963996e223

SHA512
d4d4f5156629f423591c08b3466f8e597c8325f58fffbf14505327a799865eac5051681b656d9f6482f7b7ab9318e22c1f689c7af2511495e899b2edb4473d39

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d2b5f88a0d95ef73b957460985334518

SHA1
5792256076ef20fe2007c8bd73ac4ecfe60e0690

SHA256
b632afdc35dc6697f81e9512a21002b4783eb073871f5f0c86cf6282848273c3

SHA512
553b494905b66567c89f04f5b0aa273b80ecf262c79e0a367d28a615fbadf21f26ae289f0d7a1ee07feeb60d796571245a78633cadb972216918f1672fdefd77

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e6d0f3fecd34c72516e8eab5bc16222e

SHA1
a16fa41920a373389691678cb022508e90a0be21

SHA256
8e9ccceda4830643f0942976d5d1ca00b444cf014632d87153ae506bbc0b183e

SHA512
a13048ff298855eba25f49de9b8474d5670c133db91a9989d1327fd584985e613458b07b49e280a50cdd0ce30e94d5ca73d6f13eeaa0ff6f3b9b8cfcdd4a183b

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
509ec0d1ce0dade20edfcc813d840d3b

SHA1
1c3848b9ce00bdc1c5e77e9c0dc4a7ec60f23072

SHA256
b4bc770b26b2c36228caa9c582ccf7c85dcf38753eeb3039a5ffe9798c9f8bad

SHA512
d83f78fa4d765c1cee876637209973699cbfb7e389c20838fa0c3e62cfea204d1aec6c49778aae15a261bf6980ed98d0a4c93c9c2dcaa26d0007ef9e017746f2

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a7751f63a4ccdfe94ca813e7d0f724b5

SHA1
b02d25f23eff2dac1041197b415d4a7028537399

SHA256
c3372ec6816576de89fde291919ea39eb20569eaadc04b0713b87067bb5a8a96

SHA512
14dc9f20c7a617d0202ee4725ffc0363bf1df58d6e5bab1890582dfb1d2b78371b86ee3814a9872d08e68c0f4729ab0e0c9efa7c7ad9e744d5f76d217e510351

Download Submit
/data/data/abnehm.app.low.carb/files/AppEventsLogger.persistedsessioninfo

Filesize
495B

MD5
db72a1a17e9f80c711a359f2186e2015

SHA1
b2918ee61faa8a6a2d735eae5c562aa9b7f22e07

SHA256
dfa40d2663c0055d13a4822f505f67012d25741912258eb9f994a9ca353cb747

SHA512
23a3869283b362bae591e3229fdb2b3fc5dabe75858476d58c41adf52fa983e171e11dfdd23d709cd5b33223cec5801f1b3c21de531ec8028ddbfddfac8c21e3

Download Submit
/data/data/abnehm.app.low.carb/files/gaClientId

Filesize
36B

MD5
e53f15a0f884b00e2c96573cee07ec32

SHA1
20b26ad4c7f14b57f1a2789dd3c342b450f10049

SHA256
6af3ae6194f677b038dabc705670821d949f12ed86d1a7bf223265820943e47a

SHA512
578d4e5e47a3457bcbf686d91d6f0d3fc63397d24755a0115a137f25bdcab1b05793b2cc61a37fa185de79d9e9147730ae19539636185cdec558fa70d93abd81

Download Submit
/data/data/abnehm.app.low.carb/files/gaClientIdData

Filesize
32B

MD5
550aeabc11823cdec5124d424d9e9fc5

SHA1
a2efeb35a955f937b03cce425f448d43820d8b66

SHA256
671af055b3d6809c26fb1a6ef70861cb16148ec3ff5e69735f0b6eafb0a77d3c

SHA512
ab75148b6e180059b80510baa6c64b56378fe4a65c2599010cd1ffce3f4fbb98ea2b65d153f9e4260bf212a269d9ef3f23494496c1bf3686489c80318687d3a5

Download Submit