8268a7e3ca738deb9341d7dd3beba940c95af5223b10e732f1ef8a6184aa690c

Analysis

max time kernel
12s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 10:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

66f3d2c50d20ec1fceaef6efcfc93eda_JaffaCakes118.apk
Size

30.9MB
MD5

66f3d2c50d20ec1fceaef6efcfc93eda
SHA1

0e6fca934f329cf7531e72de91fa50f83a777326
SHA256

8268a7e3ca738deb9341d7dd3beba940c95af5223b10e732f1ef8a6184aa690c
SHA512

1f81e1807a4151de714156f0fbc40b45e483985b65b6fd4440a41b73bf123198850db4472694a2fd17f675f1fc41ce2d53c81b70d455777f35e32b7eca7ab25d
SSDEEP

786432:foTcVC1QQhRdwlSbr6oLgGhzMNbM6wCzMNbn9P5TJSjpSuF+y:rOdhLwlSbr57h+aC+F5TcQNy

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

dev.jk.com.piano

description ioc process

File opened for read /proc/meminfo dev.jk.com.piano
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

dev.jk.com.piano

description ioc process

Framework service call android.app.IActivityManager.registerReceiver dev.jk.com.piano

description	ioc	process
File opened for read	/proc/meminfo	dev.jk.com.piano

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	dev.jk.com.piano

dev.jk.com.piano
1⤵
- Checks memory information
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4267

/system/bin/sh -c getprop ro.board.platform
1⤵
PID:4295

getprop ro.board.platform
1⤵
PID:4295

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/dev.jk.com.piano/app_bugly/tomb_1716373811353.txt
Filesize
136B

MD5
cda3fc5489a25b850bc22df1b767f285

SHA1
d62730111c222dc12374952845222488ecaa5539

SHA256
c19824b9e1fa89bc53543cb984df089d294b361d31347adc8c3008e610b89804

SHA512
86789625804cb8b2620b0218be579ae223af41fec6c1cc6566a1dd1c0e2f4a4aa3d9a0703b2fd2145ca44b78d921874ccd33543cd88a2a96369faffb718e7aa8

Download Submit
/data/data/dev.jk.com.piano/databases/bugly_db_legu
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/dev.jk.com.piano/databases/bugly_db_legu-journal
Filesize
512B

MD5
e9f3dcd35c114786ace75f01f308fd6d

SHA1
788865212f0351b5d20c396ae0e18f04e72b441d

SHA256
dd974d2b285193a413858dc193cbcdd4f8b0e96c61decadcb033bd03ce3fed67

SHA512
18303fc5ca82c2823ff51474daf00a991532840044785bd049138bc25b4fce69273e59d509cbda345e2bda483e60a6b60949970d2ca93d0cdca1954a07a47e10

Download Submit
/data/data/dev.jk.com.piano/databases/bugly_db_legu-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/dev.jk.com.piano/databases/bugly_db_legu-wal
Filesize
92KB

MD5
fb7ee519e03db1e1c39e8c2b08621372

SHA1
057b7f9f067450718cf4c6da75222b202818c623

SHA256
b644395b7459cd35e4a65ed67e4cb4235722231f7ce0142b33ac15eaa6358576

SHA512
3b1404f210c57260183df5034f129aedbcf6f5f1636d79069b45c80dcdfc7f04acb78bd1c13aa76d746518d628596b33aa0ab80ee4e6322abb2d91371d2f4c32

Download Submit