Overview

overview

8

Static

static

6

679fbc2f64...18.apk

android-9-x86

8

679fbc2f64...18.apk

android-10-x64

8

Analysis

  • max time kernel
    106s
  • max time network
    184s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    22-05-2024 14:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    679fbc2f64b3ca5374307e3bf343ed2a_JaffaCakes118.apk

  • Size

    5.2MB

  • MD5

    679fbc2f64b3ca5374307e3bf343ed2a

  • SHA1

    9d3209a7313019c2b82300bb9e144d2f9b094d71

  • SHA256

    b40420a5af7cfe8ba0e5c91fecb404707ce342f6a0362eee441fa734413aa0c4

  • SHA512

    1b2c5c4a87a12d6c17db0b1aa034d35b16f7f23fb072681390379860a7a3ffa79023ea6695e4ae86fd0defc9be07b6b77871a5e690744f96fc5690f7d04e9ea3

  • SSDEEP

    98304:a3PndjirR4ebFpb9Us0JKUuIk9aSBBPXcajpyi7lvgGcfgL2AP4TIwDUk:a3PUtxeJbUtcaljlvv12APoIwh

Score
8/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Checks the presence of a debugger
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.che123456.app
    1⤵
    • Checks if the Android device is rooted.
    • Checks memory information
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5114

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.che123456.app/databases/bugly_db_legu
    Filesize

    116KB

    MD5

    9929856c93b9d9052d712f93eb334eb5

    SHA1

    04e05b09dd3ad694026f81bc4641984e34287f0c

    SHA256

    9450d0ed04184fcd56650c61358de961fc8f7f3724ddb3fb917bdb176722402b

    SHA512

    3966b09669e8563d447e7392a0f2210dae5a4c016c12da4175b548c931fc06eb64c89668d61023c9e8440850cefce870522468134e019c5ccd95acb0d0adf73e

    Download Submit
  • /data/data/com.che123456.app/databases/bugly_db_legu-journal
    Filesize

    512B

    MD5

    8882f9a661950d258ff0c9aba9e1379b

    SHA1

    1e68edf5b5fec3d0777e9387cb1adb1ab4c1fe4f

    SHA256

    501087f2145c61349a1b40ba2ca12ee1edb5972ab77859b82c4cebd49fc8d8c6

    SHA512

    67d0f4d2ac237fab149ab920d203cf48b9c2ffa72cb41a563b28fa188b702b460dc8e3f4405521085e92091c55c7cb6ba4bdfd798e2a77364fb2a16b0094cd4d

    Download Submit
  • /data/data/com.che123456.app/databases/bugly_db_legu-journal
    Filesize

    8KB

    MD5

    a43e4645afc21a59d8a62df01bad33de

    SHA1

    5a22ee293cb866bccfca841d1c6543e81c31fd4b

    SHA256

    323e8fa12ce8bc6a459344fd1a5833e33dd11893f9874b00edd1f5b2d737d129

    SHA512

    55318cb1b2f32f9de44cbd630fe5879368804ab3110055884fd994a5d54ab426c828bbb2d5516a33153b2d39be65f851c49d615bdb08d40e295a52b3cb023a74

    Download Submit
  • /data/data/com.che123456.app/databases/bugly_db_legu-journal
    Filesize

    8KB

    MD5

    62102a08a28b95ae48e1fdf15d047f6a

    SHA1

    775fed1047e884c62d095728f27c27061053df5c

    SHA256

    9728e276eafb9f78428c1f05aa47a143ed6c39ec31def6e0eb721fb57cb0328a

    SHA512

    23070d7b924369f62b3e3943e70864c1f66bf8be076ef615e6ff5f94852e04d21a871afd3e7fbb68dc42d0f8ad50b6b110142173719ba29d88504b733d9cf839

    Download Submit
  • /data/data/com.che123456.app/databases/bugly_db_legu-journal
    Filesize

    8KB

    MD5

    94d6aac59a3610785347eaa780c549b8

    SHA1

    dbd353f724e2aa823533713890b61de41d9b5759

    SHA256

    df4a4ce27e39782fc0de92c46c86ac60902e2428583e97fadcf0ca3ad08a594c

    SHA512

    cc520477e4f595c786bb2fa401051f9774aecc754cf9d7439b11cac68285d8555a08a8c62ddf218d50d6ed50d2fe32d33bcec92b87e0c304063d7d43bdf8f4f6

    Download Submit
  • /data/data/com.che123456.app/databases/bugly_db_legu-journal
    Filesize

    12KB

    MD5

    9b3ee5ec1ffb3fa29942828a4bb7563f

    SHA1

    88a28c93e3b5bae955c2b798698154c972b9f016

    SHA256

    e8694fee634c038b9f46761b9dcc507a2fca85d26d17bb37b7f61342b61640f3

    SHA512

    a9fc015e7b0f9978ebb52a85537d117c43358d348cf62cd95cc04975077b892d15bf00e47fcb35ca3d6a01233996c0868477a4a4dfac279bde3f62b4f7c59308

    Download Submit
  • /data/data/com.che123456.app/databases/bugly_db_legu-journal
    Filesize

    12KB

    MD5

    7e79e27d99e813a57b0c6cec24024385

    SHA1

    b4abb8e38c4dc129cbdeaef56b2167134350e94c

    SHA256

    02b03849a5a661aa82c3ffb9deb0cd0c1773d55e60cea3a681bbe179a8be57a5

    SHA512

    d24cf880e3934e940067bbd0283d24e129cfc2db94c73cd0b0d95822cde59b5b4308faa0ae2b5b646f41ebb15b0d4e36ff09ff9c71dd2bbb33a099f110d9481c

    Download Submit