Analysis
-
max time kernel
7s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
22-05-2024 09:48
Static task
static1
Behavioral task
behavioral1
Sample
66d8702bf3b3a06202fc096da81583c9_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
7723box_pjz.apk
Resource
android-x86-arm-20240514-en
General
-
Target
7723box_pjz.apk
-
Size
3.3MB
-
MD5
2dbfa511a770cb9923d85b15a9841848
-
SHA1
7618c9af34437781884bec561d12ed2a0781e56a
-
SHA256
07d5827ef21744d399bf1888c198a3715235c887c0abc82cba3545b9864c3837
-
SHA512
fa718fde2af8f491407c927550410eb5eb6a40dc4df144507bd63b285ab7e8b630db85d11da5572b5ecb5b88ed38cc1cdc0d2fa7007717c17ac67ac859ac24be
-
SSDEEP
98304:V3XuuHwWUJrVwUOLuAXaK2Koz8sdw428SlZLx9pvY:hx0rVwUqqK5Iw42vTLx9VY
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.upgadata.up7723description ioc process File opened for read /proc/cpuinfo com.upgadata.up7723 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.upgadata.up7723description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.upgadata.up7723 -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.upgadata.up7723description ioc process Framework API call javax.crypto.Cipher.doFinal com.upgadata.up7723
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/.DataStorage/ContextData.xmlFilesize
111B
MD5f47f904f816b29d5cb3662296fca02c0
SHA17b037c0c814853d6ce52acb7a7ae0d7e692b1b36
SHA2569262acffa4adfa28f19431c507ac14a1a493c8cc7c9fd0673b0e665f64ae1366
SHA512f3618cce45b02e8aa24d87ca0e79500e51ec5a4a73e8774f04fff3ab308690da0e520036b6b815e323e6a7ebc6d6a2c3c7737e6421b82f5399a70f0bcf331fab
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
111B
MD5d8a05af40f939bc091bc89c6728df70a
SHA179485d129784de7ee129f57a87bb30738afbbaf0
SHA256a803e65d2763aed35a72ee054368da09f716d749934f2cfa0c14db6668ce5292
SHA5128798a332d3dc4dd8f2de12a6ca47a4716b0fcfe187e831bad43f229c24be24f1b217a89beff4794b89145566450186992cca165cab00dd4746ddbd66f01e6ed0
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
381B
MD536bbbcd6d458151f20357e5756da4595
SHA10036f743c3c39e3f8a80ab6d4b906d4e3977b599
SHA256675445d17c85c21fe31be1e8f4c1e7165c7d57b256a670ef89b50777701b8c21
SHA51242d28a264af469d405cc427d95cb525957879ee08fca179a06e38a66ed249f54f2c3fa40e278f5a364c7dd26d797c5ccd1bf02b673b25f53176a7356d5f74cf2