5dbcd74803f0f5db906e69e9467b12179423f6af05c988a1d264f122f056cf04

Analysis

max time kernel
165s
max time network
180s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 15:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

67c4ff863360105fb4200d625ee08ede_JaffaCakes118.apk
Size

3.0MB
MD5

67c4ff863360105fb4200d625ee08ede
SHA1

66d40982d52c1f158d42e9d7607763fd6e231ce1
SHA256

5dbcd74803f0f5db906e69e9467b12179423f6af05c988a1d264f122f056cf04
SHA512

ad2e734333a603b194a04a1cb8405994598cda908640900a469cdfa7b6575b656f1c4400e4978331af5077c975b18d3db9f004e0d1ebb639e270898b60ee6aa3
SSDEEP

98304:zoIwJK5JJHZQr3nwZfZw2qfPY7DPnBgqe:z1BZQDwBZjqfg/nBg1

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.maiy.sdk

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.maiy.sdk

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.maiy.sdk

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.maiy.sdk

com.maiy.sdk
1⤵
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4280

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads