Overview

overview

7

Static

static

6

66c9c2f489...18.apk

android-9-x86

7

66c9c2f489...18.apk

android-10-x64

7

66c9c2f489...18.apk

android-11-x64

7

Analysis

  • max time kernel
    25s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    22-05-2024 09:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66c9c2f489654bba512b837783e302ac_JaffaCakes118.apk

  • Size

    351KB

  • MD5

    66c9c2f489654bba512b837783e302ac

  • SHA1

    48f09df77f0b4dc3f748251bf8eae676fd6845e0

  • SHA256

    7851e04754c8797abd29e2e5d2c7f265e0469d33815b0cb70490537631773b5b

  • SHA512

    f382245953514247ce88a1b4cfa5d1ef3c96870656a3574f0b6fe2b337628ea277ef4e1923601746a4dea9631ca4ebe960d2448f07fa0a8342b140e7c7d1b3e3

  • SSDEEP

    6144:PN8rv7l7HNc31/qcjju1Se/tBSDjPvT55E+08VSnQ/kgXSjJjYjSHhXHaQN2R:PIRHiQcjjut/tBSvPb55tVAQ/l6jY61q

Score
7/10
collectioncredential_accessdiscoveryevasionimpact

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery

Processes

  • mark.via.gq
    1⤵
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    • Queries information about the current Wi-Fi connection
    • Checks if the internet connection is available
    PID:4539

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/mark.via.gq/databases/via
    Filesize

    28KB

    MD5

    2d35aff1ca01b56baaa9cc5b750c59cd

    SHA1

    164c8b4816b59c93306a1512e13691331c2e82fc

    SHA256

    8305d50d65d94128ca6d64b033c4819d8f9bd39bf62b493513995ce9198f9f8f

    SHA512

    1a3b4d5057c39dce3f9ac041f56926f232fbb87583991ffbe787437512f150eb3f359c5bcc83af3ad344675efb8e83bea2c441b0fc91126cef648933d323e975

    Download Submit
  • /data/user/0/mark.via.gq/databases/via-journal
    Filesize

    512B

    MD5

    d216f086ffba61d88f08c546b76d7fa7

    SHA1

    14eb689bb89bdb56a322c99d9cf2836035cca5c9

    SHA256

    f34048b6711f3d5ce37a25747358b5b6b19d7e81be14bdb341606e82f9ad70fc

    SHA512

    5f3d3a2c516902873f9d1161b9837f29ac7778e76388facb65fd1dd5d25178b7d3fb3ac2a67647e027ebdfbeedc423ef513adcce6467ea94230ad94923021830

    Download Submit
  • /data/user/0/mark.via.gq/databases/via-journal
    Filesize

    8KB

    MD5

    801d3304c69470c23f242fe91760eb9c

    SHA1

    5c0353be131e4d9904ec070ebb3b3ca89080cb7e

    SHA256

    15199a470a3b95f44104ac6b32c5612919f1bfa8d59de182f7941a300006666d

    SHA512

    cac31fe6b5b5573e050673e80f7e111be28bf1a756c024aabb06825d5cbbb093c8381010541b322c9933d8d3256494b90f54fb6366c92906f498d2f6e904a143

    Download Submit
  • /data/user/0/mark.via.gq/databases/via-journal
    Filesize

    8KB

    MD5

    000d40ad37e49370c684c38ee0cb0c71

    SHA1

    e12118bd5433c76b258d5c797783219b3f734825

    SHA256

    856fba8ea4e8009a1dd5beb383c3a6948eb95b1fe1489e576bbdab2612408c36

    SHA512

    db5733662ff2ec6dd0c2a4593e690fb950fa46c17f02c706675e0830e1c199299ae615142db40a1458fe1480024e1fb6abc9d3f75a3b497c2be00c3e659569b1

    Download Submit
  • /data/user/0/mark.via.gq/files/about.html
    Filesize

    1KB

    MD5

    f3ac5c210c5ee1b39ffc192f5ddee887

    SHA1

    fcdfc269f609b9434a83f473ad5eaa44a7faca12

    SHA256

    1623f8e485b5be3591c5e97abd6525e1c3d5d66ebd71906aa2afec38594c9eaf

    SHA512

    e70053d6994f18e86721cdc8edd9107c7893365340872184b4663a885e20295dbbde2af6ba8a6fdbca2f3f54d86032cd360f4b972ede51f13f11f4b7d600521a

    Download Submit
  • /data/user/0/mark.via.gq/files/homepage.html
    Filesize

    3KB

    MD5

    d48ccc02f532e4727897bd39d5b40ef2

    SHA1

    b507f56e90860728224f2f327ca8ba28d250911e

    SHA256

    dd585710bc352eaad39344010cd11a10d8754828c419373248210a5fd87568b0

    SHA512

    3f2e28e19284099a7011fcd2477b9bb48cd2f50846bfa1c23a9a28643381b45f3add4f4387b0d890fa706494df9cb400cf41f3d6495b677110a48f3da3a4e002

    Download Submit
  • /data/user/0/mark.via.gq/files/iflytek_cached_mark.via.gq
    Filesize

    69B

    MD5

    aaeddaca6aa5c639deb002b392cfa697

    SHA1

    eab4c739ae2e48d1cf4d918d2358df7bcc7eb3a9

    SHA256

    57b434980b64978462efb2f69460ca0805587429a02a84c5653d5adcb4233744

    SHA512

    929eda737440a9f78d4b3622d3de7cf81bb70ee52809a9f0ada1fa5679893cb718af321a3796a68275493a38bc322a87915565f03ffa85af1c37873e8382cbbb

    Download Submit