Overview

overview

8

Static

static

6

68219950da...18.apk

android-9-x86

8

68219950da...18.apk

android-10-x64

7

Analysis

  • max time kernel
    64s
  • max time network
    152s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    22-05-2024 18:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    68219950da4733e2b4275b81538f193d_JaffaCakes118.apk

  • Size

    4.0MB

  • MD5

    68219950da4733e2b4275b81538f193d

  • SHA1

    5b062d4d60a9de5a7e1371c313775c6c68201055

  • SHA256

    e72806a1842aa2bf7fefdf85ef98424bca3abc462761111b902d408e347ddf1e

  • SHA512

    c9132f39025ffe748010e196f0b2536eb672d1d2f431c940850849256b0b5b517121f201528af138d8a3691e8667c19015f4a53918d996bdf7dacf4d4f29d2ef

  • SSDEEP

    98304:Uv62m65nrzuvsA2zFcriHPdnvEPYNYndiinySdZDuruc90V9Yf:R2B5nnuR2xQqdvEPYindiZSdZD4izYf

Score
7/10
collectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion

Processes

  • com.ttfw.aimei
    1⤵
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:5091

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ttfw.aimei/files/eventservice.jar
    Filesize

    214KB

    MD5

    0596a9ef16c617e44e699bdf5cd85905

    SHA1

    c32911f89a6207b80898408463e46c3e7d6e6c02

    SHA256

    35626d776baa83a6d4624aeaccd13d6ed16ce48e48d3ef6c877f93d07584708e

    SHA512

    a5b7703ac0bc9f44cbb76261298da2b6644cd5c22a3272574d662fc6adc061f7c142dc8c8d3bfdce9b2825b17c8e6054f8788be940b965e7890015179ddb15ae

    Download Submit
  • /data/data/com.ttfw.aimei/files/mobclick_agent_cached_com.ttfw.aimei
    Filesize

    122B

    MD5

    03665a06c82f4d8266d621c10dfab8bb

    SHA1

    fc37d1cad486160f5a55d3ea47192b05c0933bf5

    SHA256

    224415ec06ad239301300006f4ee571e36892b05e846fb8579f36b16baac3acf

    SHA512

    99bf9a6084e47dfae98721bfb83c2eaa4318a7695e71ca8114f19f288b3e3ace9b9a6aacfca996b4be3d7027a26a6e3c7f4795679a41f993d377658b8f8e5ca9

    Download Submit
  • /data/data/com.ttfw.aimei/files/script.atc
    Filesize

    587B

    MD5

    801efdfc104b170f023e0303293f2c11

    SHA1

    8d42f0c50156bbe4dbee0c1482be6e5d7102735d

    SHA256

    5a1d43df4d722a9f316eb84cc55286b8d8b6a3c35edc8a2575789c2fea549460

    SHA512

    386764c1e2bda1f686988db4791f1dfe6fa305a5776f1de0e05e53439fa79f02d4ef8b92c4728fac4bae5ea37187251fd89b22383cbda59c96759753fdc35e2b

    Download Submit
  • /data/data/com.ttfw.aimei/files/script.lc
    Filesize

    26KB

    MD5

    e15343de40f554c15a523687a77de5b4

    SHA1

    5eb3452d301017d81374e3165018954501668ad2

    SHA256

    d9634980694651eecd793a61abe5d7806f7a9f556b3339e7574fafa00ed3373e

    SHA512

    de81c719eb1fe8e81284069348653393ec45b3df69ca31abdf0f8c77042d90289e408981523af9eb7333f34dd40b671917a5d57289f863ed783c5da219dfed89

    Download Submit
  • /data/data/com.ttfw.aimei/files/script.ui
    Filesize

    1KB

    MD5

    8f0d25231411585b4f45dddae8f8ed68

    SHA1

    a932dca0f03f782863243e3a9da5ac1c42ccc859

    SHA256

    0c5abb3653bffccede96f8a14dfa3c6966d0db2bbe96708abc0c580a5c943ed2

    SHA512

    70336cd3176fa30d02e9f9b020b1aff9d581f2ef8ff0ad9fff05b19f18002b40e5ac29201310e70b5b2fd98b7d2f7c1a0f9c090b8d77803729ae0e420e659d9b

    Download Submit
  • /storage/emulated/0/Android/data/com.ttfw.aimei/cache/uil-images/journal.tmp
    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

    Download Submit