38946992ae547ceeccbe9282e18769f7d921d55c7b62f41a42f448c7e53983a9

Analysis

max time kernel
169s
max time network
145s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
22-05-2024 01:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

65802c85ecd70712ed4d040b19a80d0e_JaffaCakes118.apk
Size

29.2MB
MD5

65802c85ecd70712ed4d040b19a80d0e
SHA1

b62e44aa6a5fbcb6be7b00af1ae4950dfbabeedd
SHA256

38946992ae547ceeccbe9282e18769f7d921d55c7b62f41a42f448c7e53983a9
SHA512

b2b61acc61e434846b918158437d152b2e70508bac832bb30b292702f460b440f544ba198a3151db03da9780399309867c0af8e9de9d159a5606b618a6f440b3
SSDEEP

786432:jPURpfrujqhfemmv6gEiSLe44Z3DzTV1RY:DXq5nqQ4RTVo

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

abnehm.app.low.carb

description ioc process

File opened for read /proc/cpuinfo abnehm.app.low.carb
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

abnehm.app.low.carb

description ioc process

File opened for read /proc/meminfo abnehm.app.low.carb
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

abnehm.app.low.carb

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener abnehm.app.low.carb
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

abnehm.app.low.carb

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone abnehm.app.low.carb
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

abnehm.app.low.carb

description ioc process

Framework service call android.app.IActivityManager.registerReceiver abnehm.app.low.carb
Acquires the wake lock 1 IoCs

Processes:

abnehm.app.low.carb

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock abnehm.app.low.carb
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

abnehm.app.low.carb

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo abnehm.app.low.carb
Checks the presence of a debugger
evasion

description	ioc	process
File opened for read	/proc/cpuinfo	abnehm.app.low.carb

description	ioc	process
File opened for read	/proc/meminfo	abnehm.app.low.carb

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	abnehm.app.low.carb

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	abnehm.app.low.carb

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	abnehm.app.low.carb

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	abnehm.app.low.carb

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	abnehm.app.low.carb

abnehm.app.low.carb
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:5185

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db

Filesize
28KB

MD5
57ba6fb5c16cebb2b377c4c0dc8685d5

SHA1
43592bfe128adfe08e02ba7b43ea176002ec42ab

SHA256
891682a0bbf599999c187279457c34ab477263e0ea3c6b27845bac574dd49081

SHA512
a9eef032e9f1de03fa7b4029fcdea7e86da8330956feb2362ebf82b4fde4359f004c67a7bba8c6a874448ec870894ecf4675bf7a6f6c929a3727520524a73e22

Download Submit
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
2a3ad9a7f972e571e7ffe5abf8dfdef3

SHA1
758d92e10a10feba661de97b23d95682be0a8b8f

SHA256
b1f50f7f71f7bab31904854e1f4ed2c453cd5fa5ac5b7eb1ac89c6139ca7508c

SHA512
4f5a4bc3a3923303948991d3a40a42ad57c294f2db5642a4e334e71aca0962f451e718ac0e6af06801c0b28e9f4e67babd19e11aae1236af59b2ed29001ed4b8

Download Submit
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
5c2d98e4fe4e770b64aa36b985d01f70

SHA1
881e6c849bc08ecb26b41770ce1da9549b6dac6d

SHA256
12951d00ce3761de69987d8c59ad7b3a9c1184e9e1e2cc6339a7a5e584f79de7

SHA512
5146c79070c35f36311106b930413fb83b5b532cb4572f74b46778f26def9601d738c4ea77916c84f0bbafb08cdadb1d0e7511793a4dd5b3bd775a4f6e468e2d

Download Submit
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
ac245488efb442a07865b5785ec7a035

SHA1
d770cb5e73c9554d9df6cb4c1853a8e2577e94f0

SHA256
dd80b5b69dc5b30fdd5c2c3587a1aaf131ae3bb35094b21a9759c6a06001b465

SHA512
bf896c70619b4378660b3e6bf20214b9cc7b864f6ee4195dbdd06fc9b03372b3db1afca342ba75df03f32fc412e01f6d3a9b346de758bc1fab1ba7394e273588

Download Submit
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
b1484ae733edcc7ff083621afb32108a

SHA1
fd9e758a6b44ce81a93f7f0de4a575dc70d0c810

SHA256
cafd6931e79e60becf2d20c1180c9d9f9c13424cf4951ed6bf5cfd7f6f5763de

SHA512
9cd48b91e6667994171d64b7367cbe944169b971bd5950a6a28d95b0b7e591f18258e2272bd76f47fb924615454844992f0b13551d5a36481fe79e2b715d608b

Download Submit
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
a33559366c3230163fbe2521a90ab043

SHA1
bba87b0f4657be6af780c14a27ade4e74e7d573e

SHA256
a49f4e66fe40db685dccfc096674bf56d780dc2f2e6e58ef4b4ea3acfa94bf7b

SHA512
6990300c466ec9b3bcf0384d656e62cfe531eea31b20b879da57ee1187b52bac041d5f0b85e4f9e107b37291e033f365e82f34b5c7c21c6a5092eab1544ecd9d

Download Submit
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
b6aa3c34b0a4805bf10250d62fdbce6b

SHA1
9e05c98ca201360c18f7e97617203baa2a523a1a

SHA256
6f5819d7bbadee48a71f1db0d6f340a924e3787927f542abccaf0d1eb4643b28

SHA512
08c4e18af65eec55fecc359e18acbb88ab11d9c09365f5e6ddb0a3129c9ba9891b5822ad4e8055e6fd4eedaf9394252c7f1663eecfc38b758ed2b70db4064da3

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db

Filesize
16KB

MD5
920fa42790f09d0ebd3d51921d7cfeec

SHA1
e6ffe9a6c4d72eb413ce8773168cc2a3cf118e5e

SHA256
05a76ec527d7b97a9f83de1ac2a3653263acf84fa5cbaac73433db144d0c2e9c

SHA512
9fa40e47be37defe3be983fc94bd470e693ad6c82b37c368230a60ce1c7535aa00deaf44035fdbb9bf32ee154e5b14cad578204d9e935eb221cd0cc1e8182812

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ad35082fc6d893226de674208837fc98

SHA1
6c05cc001c06c075dc9023cca4bb1e4227d8ff23

SHA256
09e03eaac161037479784370945734291e43123e53c2236a503c70901b1a25bb

SHA512
5be97cf0435f3ffac51a9f03df2fb291c02e52b1c1cdd8f4bc9bbbef389e4f6fb3f38aad31cbde3e8179817f508fafa1311b1e9a31452a6a13ce3dc7c0eae8c3

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db

Filesize
16KB

MD5
05089db8f2b9c1c2b115c85f55c1105e

SHA1
9dabd312c02908d7efc637c8b405787acc42fcd5

SHA256
c97d0dd720551529633ee1864b0be60453390e918f7d4f5ecff07dcb899bde0a

SHA512
ec8db49a23d5b86c95b7145b9f7de39eaaaa7fd08a915ed2655db72434330f96e6b45d54ae97b5bc554b35f0ba6a31a86a9894232e3d975f5a00a770c7d43196

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b85feedda18c19dbeb68d8d9ee57b0e1

SHA1
6f13a26477cfccbc9c9ffed1b73fb7eaaa974d94

SHA256
e0e93ac13882d59f1d1a9da82dcc40384665479f020cab9464dd04621c9c2e29

SHA512
192130680b7ef7d5c5c408f12d068c793541b8e9f0ba1786cd3844ed7e4048e5126b8eca0978ec7a9a0d8bd55bd25b26555bcbbad8c5277f695a936d4d976418

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c63c365e549ca67279dd1bce86d8fb86

SHA1
82e443ad415ec2a43b0245d448d1b852c459d72d

SHA256
cdbe6686b086625afb92a59e523e9985f1f082eaedd083c7cabd4637a7ace02b

SHA512
e43ece1ced652718ed3ad9985617dd63270b925af3cf1b0a1b83917db9202fc3f357ee440ecde78ca348d5f2bf2b2023f7a23e0a6877ca1c8619f349354eb5ff

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
60c234e6176b97750d98fef5604e5ea8

SHA1
4909963a349244da0e92b110926352acb7245182

SHA256
cc912d56073ba0c07b21a1cb61185106f9f55c4818097513167672c1d206c821

SHA512
2e5806b09245088fc59af40941a637f72d7c0fafdec6a7efe4c5cce079f1124767284666ccf2e6fa70bb4782301cd4101bd35b627f9728dc55e5d3a2cd9fe587

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
d342b3137740836263d431ca50085f0f

SHA1
44170ccc64ab634ebbc291c147ee52c254234f9b

SHA256
a67ceb1d682753f9bc71239ee5341a3a66decb8bb398a9172a671596705e7b73

SHA512
5b87d560d222037a84898b25d46dda9636c105c6e00b429806282ef3b584d6b9c0fd3038382e7646a91512a39af3fcbcbdad76f7c91f432ed7dfb5131c162ee7

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
953b903620ccb624ad649b169242d1b5

SHA1
f3fc4297988004d5955079e34324428b929fd7c0

SHA256
5027c690dae6897f250d1714ad978b252f21110af97017777d133681c375d1ea

SHA512
9b1ad439e4de9dcee3ca5cac29dd1b37269657cda3b6ba6b00c569e6c739505d6b2d560af31cfaac3dc0bf167e05219feba310aa341a3e02ffc4c0642a0cdc6c

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
46ac0a907f03ad2826cecf12ed4163c8

SHA1
fc2051f9ff34fb5addfbb040d5e344f87ca5b96e

SHA256
b1e5d3fa3dea3d17fb76f46e60af3b4c9e2baa5bd868d1127658ffc7610db129

SHA512
193c657055e134ff1940cae935e11d3c03a54db66504ec995363e4e775762238afa03148efdb1b88ca255ed7802260bacefece5f8710254adfd015239edcea5a

Download Submit
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
bb2b176f4e640944adb894b7111ab3db

SHA1
98ffb1d5abb012c13af1b150360a3fa2b7571670

SHA256
d9e67be8326c7bef2a83a6e0d7638b5bfa096ca7ef109226106f2bd2138082f4

SHA512
4c84214a9b6b41cb3b19a80a8bb8eeb4eef6d05a1998ab99b5acb57704636bdfc37c4181f00efd0f75c2cae77f2b3518a61f2f0c64a87556feae1a1c0b34f2f8

Download Submit
/data/data/abnehm.app.low.carb/files/AppEventsLogger.persistedsessioninfo

Filesize
495B

MD5
9484454072df79028a339d6397e3b3a9

SHA1
040c0e8e0819fa2e07286220d8cc9db24c4937ed

SHA256
fa6854eee64fc3179c05e5fc75b3a5b9fc3db5e17d4b7e9747ae93d774cef5e7

SHA512
67df761f5c061c742f99af9b3561bfe0f41071bc3da6dfe50c6f2e83d881313c6bddc8182479e1307cf8df644524f469f676347b4e2f9053ac9f6b0e048847d9

Download Submit
/data/data/abnehm.app.low.carb/files/gaClientId

Filesize
36B

MD5
19f3f001afa869f0c97091c7bf8f87ce

SHA1
d5d589c62006f5a8fda174810ec01a879325b335

SHA256
5d315dd24a5855ab737d3b3357ff8025cf5e432f29baca1f315ddf58040c7769

SHA512
48b2b70ed99a6dca9cabde1f726ba3d254f0ca8845b1bd06de5987c27762a0e347ae47b4241d43ceb381ffea27a478ce9ba848faffb06518b9c49164031c602b

Download Submit
/data/data/abnehm.app.low.carb/files/gaClientIdData

Filesize
32B

MD5
839510cfc6cd6daba25c6d686a8b7ff3

SHA1
7d2c20d1f3eca36fd998c48dbc5f0434318f85eb

SHA256
43a46ab91c3dfc2bd182c782e7910e1cff85f110218d643453010faba7f4c0d5

SHA512
1be5b46090c22194da887888a196a6d98e010f48dce461f87f98033437300006b5240a1dc5a1ea08f9c7e30bf6aa5b8fb185e88aaa1424ff25dd0340baa01809

Download Submit