9ec07335a762f457ba191c101329741be771551b50dee836362d2e2b26945a87

Analysis

max time kernel
3s
max time network
139s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 01:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6587bbd66ff7be2fb700b8456302d7aa_JaffaCakes118.apk
Size

21.6MB
MD5

6587bbd66ff7be2fb700b8456302d7aa
SHA1

302a5b832366460bddd90e1c8c329a0eca0d35b2
SHA256

9ec07335a762f457ba191c101329741be771551b50dee836362d2e2b26945a87
SHA512

bf95c3685e4522ec0fdee800af6e1e5ef576bd78372bb62ee12366c3a7085d74f465ae2c1d11be2f34b3ca1cc3f0e9acf7c2a6af87d517e459c708c80b96117c
SSDEEP

393216:x8FwhIOLP9XaYXHl0IgKwLFdeuPVDdeLSQKwVKjcIbpf1oyHDaBL0r/fh:FP9XaY10Ig5B1VDde7fKjPsyHDWL0rx

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.ushaqi.zhuishushenqi

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.ushaqi.zhuishushenqi
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.ushaqi.zhuishushenqi

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.ushaqi.zhuishushenqi
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.ushaqi.zhuishushenqi

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.ushaqi.zhuishushenqi

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ushaqi.zhuishushenqi

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ushaqi.zhuishushenqi

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ushaqi.zhuishushenqi

com.ushaqi.zhuishushenqi
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:4258

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Adhoc/ADHOC_CLIENT_ID

Filesize
15B

MD5
748d9beeaa1899252a7365b780b95fb0

SHA1
2158cbe9044f2b138df0094615afe6616e526c9d

SHA256
59290d2d5a77605f8140feb82e44e8438115fb2f93dc56ed4c225b88c21baaa8

SHA512
cdeb0c4cebf1cc96ebda6940763a940df76120ee991bc7f003480caf055a970f16e4a19ef2ba2c56fa056d539b981e16542ec7239a7b91dd3828585bc2d1e440

Download Submit