8507a157b668ea7084c0a5611aee4f76d4add9a6c87670510c20de4e8c53f312

Analysis

max time kernel
14s
max time network
141s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 09:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

66bfabbe80f4ab5bb4f8da130924b822_JaffaCakes118.apk
Size

5.8MB
MD5

66bfabbe80f4ab5bb4f8da130924b822
SHA1

645c3d9dad76ea8a3862ce2feaebc8dec191bac4
SHA256

8507a157b668ea7084c0a5611aee4f76d4add9a6c87670510c20de4e8c53f312
SHA512

ae850fb81ff5e55ace14145b66cc6309f143059d8f4964eef9c3ac5345e1de17141f3bc24e422a7ea86898b60220afb8126d0699d744e8d4385e2486be2e81cd
SSDEEP

49152:bq/4L6pi4ylAHa0rr9JZ5Bx3e3x/pCX7XtZsuSaLuPHRa/A/D+dap:b8dBxO3futZLSaLUR+Ab++

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

Suppress Application Icon
T1628.001

Processes:

com.Minushu.NushuEDU

pid process

4293 com.Minushu.NushuEDU
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.Minushu.NushuEDU

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.Minushu.NushuEDU

pid	process
4293	com.Minushu.NushuEDU

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.Minushu.NushuEDU

com.Minushu.NushuEDU
1⤵
- Removes its main activity from the application launcher
- Queries information about running processes on the device
PID:4293

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

Process Discovery

T1424

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Minushu.NushuEDU/databases/google_analytics_v4.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.Minushu.NushuEDU/databases/google_analytics_v4.db-journal
Filesize
512B

MD5
abf15dbe8388eb9cf1c41dbb19f64bde

SHA1
f8ca7b3b956e0e8ba54693a58432694336dc4d68

SHA256
69b2308d82dbf8d8fb08189db1b448ff5afee46295a796a647f0f9caeb2f88e0

SHA512
15910adc3541713079cbd0eb625f4954990cef7edcd69a6fe45f423981fd08d329cef13f0f9b812776f0702da41c41f643e5bdb8a3f318f47a5cb1c102cff4d6

Download Submit
/data/data/com.Minushu.NushuEDU/databases/google_analytics_v4.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.Minushu.NushuEDU/databases/google_analytics_v4.db-wal
Filesize
60KB

MD5
8ba7e392f5a240fa18cd9a2966845468

SHA1
767cbf5574cd546984cd69d87eaa29711b00d1b1

SHA256
4063146d869b48246f1ad2854f171a25b920aefd2e8d8e5abcd977111f740953

SHA512
385a77fb3d8c0e17aa04370c19e549f0eca18c6617f35ba7e9f407fea644227019fa2694f76d2bd57ed0f89c2da2e2f4abfb4845fd2a6e46243cf28c03254c38

Download Submit
/data/data/com.Minushu.NushuEDU/files/EeJSUMWRN
Filesize
354KB

MD5
1fc72953b027fb07a60eb580a1190931

SHA1
9f3a513ccf3b7b753ba6805bed946c32ce13c986

SHA256
ceabc13543b85b641452cfd734949aaa44b662ea3fbac8c730c52dccdb7e8192

SHA512
0e5ca64ca08d87292ba515cdd136bfb4143d1a0bd081dc53c8563413439424020c5bd6b724377b007ed81b9956585f80cc83f8476ccc07b891fb3c80729c1314

Download Submit
/data/data/com.Minushu.NushuEDU/files/EeJSUMWRN
Filesize
631KB

MD5
225d0920d9777b946dcee57b898d6934

SHA1
338b38c486fd19a3bbfcef5eb40ad1b044097991

SHA256
2e45b2ca65d890e29c5bd695fa4a1a941bb2b7e619a8a50d6666dc3df606f1e9

SHA512
9145c23a96528ed81e2be467a8a90c0cfb4c696b52da0fb909595ef0134152caeba436636809bd0be7d65418e298c8718dc185edd62467dda4ccfb4324287d1a

Download Submit
/data/data/com.Minushu.NushuEDU/files/gaClientId
Filesize
36B

MD5
da55547f3e9389cd28388d14acf01bdc

SHA1
5cac00bbd09f3fe7de219c970f811f4ea1a616fe

SHA256
b7b013669da62c8cd4a67cfeaab56c43d49eb6335df517fa9d8d8000ec9c7cb4

SHA512
52d1c05b41c5bc1cabfa0fcff2948d8abfdfd0787f23a28fbb772ea5bae6e733d98bc9db4133851741de582e103aa0014751d93f38817e6b154955fbd46b84be

Download Submit
/data/data/com.Minushu.NushuEDU/files/gaClientIdData
Filesize
32B

MD5
f847a31c76d04369ca185ad41f3cdbae

SHA1
1ba043f89366a5fe79bef92bee075fb310abebe8

SHA256
11372914f4bdecf58d2cbc7b49e560c3041b5ff05270e3b7ac894e7e9f89a7f8

SHA512
5c5cb689581f161731086e5a2a84ca420aa95e9018eca7b8d20579a2928edf19be9f143fa46894f9438e0b321e7c6be3b875e61122b2cfbbd5b2e4bf1ba3a753

Download Submit