cfad957a90fc93cecd4f9471f6c20abafabe7df6c7f6d3930c10d4483f605339

Analysis

max time kernel
5s
max time network
162s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
22-05-2024 09:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

66ce89a1886bca71e5aa5bb6a74ab459_JaffaCakes118.apk
Size

29.9MB
MD5

66ce89a1886bca71e5aa5bb6a74ab459
SHA1

0037521d070b95a1736bf521436597119c391282
SHA256

cfad957a90fc93cecd4f9471f6c20abafabe7df6c7f6d3930c10d4483f605339
SHA512

2d7f45697ecc227471e1eac4f3c97fe1b200b9acc0be8fd164a1758ffca2ac81b4651432895feded3254177327f38c67aad3d58c2a7c6bba0bda17f4cb6ba182
SSDEEP

786432:Egu7+NXmcFbfwxE79CV1/Myqz3HwYNrUayPLhT4g7Y884LBX2:6O2cJ9uEyyQYFoPLhL7Y8f2

Score

7^/10

discovery persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.i_banmei.yym

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.i_banmei.yym
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.i_banmei.yym

com.i_banmei.yym
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5232

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.i_banmei.yym/databases/bugly_db_legu
Filesize
60KB

MD5
a1d3ede3e8e7b8b91102eaeb7e95c5c1

SHA1
230ef14f8441f55d263e1f9030b640d684ca5737

SHA256
5384b2af6fec62d7db6da85711750dc6e7340c18b91c23bbd1438ef982f53b73

SHA512
83afb9fa4f890c06f7747836e45c2e6d0bb175785928904ad5a1826fa17e1173afadf14a28b5e70d625b21ccd394807ca8805b3c277a1fb2b5c7ae481529c4ba

Download Submit
/data/data/com.i_banmei.yym/databases/bugly_db_legu-journal
Filesize
12KB

MD5
dbcc484afd8516329292deed28fc8ea2

SHA1
833585d9c6ae699c7e9aa207384a27e629543e5c

SHA256
a8ddc62239e0e3a95bf0d61bfe0596917a647ef0d0bc759151119bb285e88931

SHA512
e0fbca00587557db1bfc6d32bdbc27fbc603ce2c77a8d70d92963b724d631959c4fb7990b46420b3da56ac92ad6529070c278d1e8321d23ce22ee143286f60e9

Download Submit
/data/data/com.i_banmei.yym/databases/bugly_db_legu-journal
Filesize
512B

MD5
0a6ae29d8fe6405f156f98752f124e0e

SHA1
ed3222e04630d1118302093d9cfb8368eba7d1f3

SHA256
df89a871ab000b6b3f2e16875f6bc211686a3c36dc32045aafbe1a2b3dfaaf78

SHA512
5069b62f3209a86a197acdf9cc72a5021d4c021f4278947eda21613d323042318a5c6d65e6b5c6797c0c4c0dca17fc5c980652360fc88a080ec24df7702fdd49

Download Submit
/data/data/com.i_banmei.yym/databases/bugly_db_legu-journal
Filesize
8KB

MD5
a9bd71dc50ff8d7e9249c58b597e6e68

SHA1
6483e88fe353292e6a6029e0d02ec6d242512ea4

SHA256
9ff743ad16920bda27902deb1a0d5ccfd837e5eb28397c207891de0f686a00e3

SHA512
0f93208c7ba59b69af2811d2e6c4bc1f363dc8f009a4018b94b1ed9d295554c3dd0bb8d2ce4930abfe1988fc44afdfd925d980d324847cbbc14d703c14e40ae4

Download Submit
/data/data/com.i_banmei.yym/databases/bugly_db_legu-journal
Filesize
8KB

MD5
c110f4f882130157578529705cddf37a

SHA1
912d47a4a2024102e2837016440d76a9ea07d760

SHA256
0dd9f6e95a4050fcefedd475df41d2b0df3dce0e869f48b2ebd7c799ac5af40f

SHA512
024ff91457b0832554d71237ae2d5f4681d458ea57cb0bc38c5e26a0f12ed24492729375dddfbbdc061ddb2fae99673024b6ca518c70b2eb11c36a914cd2a55d

Download Submit
/data/data/com.i_banmei.yym/databases/bugly_db_legu-journal
Filesize
8KB

MD5
62456ea1e2749a0d4272f6ee0cacc3b8

SHA1
b68a0937d573e3dace5087283c2fa13a3efa41e5

SHA256
becc6225694175b955ec95247e70e3e6dd3ff3530f23f639504f265e1ec64f2b

SHA512
f119adbd975e8bc372eccf29b5493bd08680e706c913989f95950c3b9890647eb8e5d8fca151cf476f0542426c93d71f30611927e8b54e813f04b0e1b5eeca9c

Download Submit
/data/data/com.i_banmei.yym/databases/bugly_db_legu-journal
Filesize
12KB

MD5
68251d4f4214fcddff4ed648e78cd6b1

SHA1
76d85ef8c01dfac33e4d1d6be8b589703ead6678

SHA256
5d1841143ca5027c1d4454ec28170b071422d13476acc0b8b66d919ccc17e759

SHA512
baa7e3da1f88f020936fc91c9880bbc8473137464695fa1026fbd7a38a589e682c7e60e17df5d55ba03e0adf908d11c6876af59a73ce8911fd593b07d2bb2d86

Download Submit