Overview

overview

7

Static

static

6

679ca256a9...18.apk

android-9-x86

7

Alipay_msp...26.apk

android-9-x86

1

Alipay_msp...26.apk

android-10-x64

1

Alipay_msp...26.apk

android-11-x64

1

Analysis

  • max time kernel
    179s
  • max time network
    170s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    22-05-2024 14:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    679ca256a909c1fd7018f093a97eec0d_JaffaCakes118.apk

  • Size

    8.9MB

  • MD5

    679ca256a909c1fd7018f093a97eec0d

  • SHA1

    effe6a98a2653ee35770247af2fdfe4e75c61e81

  • SHA256

    018efbf2ed6517ddf37129c611500c72c61b604b0924e9d53cf4b35d8298db6e

  • SHA512

    5b0742a81c6ef3731be462bd415f38e15c2848a61b9134f1538a286d10fafa273dfdab2c9774a1ad7710ce669cc9324d0f68628c1ad4a03d4f9cb853a2ccf996

  • SSDEEP

    196608:kC7DOEYdNW24mghAxoYzLvLZRaBH5MwGbu2tO9AX4PP6H:kyJwNB8AxoYzLvL7aB6wGaqOpP6

Score
7/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.crting.bloomytown
    1⤵
    • Checks CPU information
    • Checks memory information
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4257

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.crting.bloomytown/files/mobclick_agent_cached_com.crting.bloomytown
    Filesize

    100B

    MD5

    e9fa7c64498109ce9a4a6a7bf18e493b

    SHA1

    3d2558de6000d87b11a3e368875b9a0d9f18fc58

    SHA256

    6e3bcbf9f0f683db4760adcb433da5e1caf2372015ec736b77cbda392c01578e

    SHA512

    54154dc3b5d60dbacb0934dfde0b340ea08cf81d97ca0a1bed34b6c59de1c526a0549771a841f223e5525f9816db111bca2410b76dfc4d22d98352110a692b36

    Download Submit