00f3ce231cfef30c3779fa27838c8583d94d244e24c55fd81e658af4e4cc8d64

Analysis

max time kernel
35s
max time network
166s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 22:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6c686f16cb857a86473afc26ada5948e_JaffaCakes118.apk
Size

18.1MB
MD5

6c686f16cb857a86473afc26ada5948e
SHA1

abc99ced94d7d680468b8e54383d6d6f5fc006ef
SHA256

00f3ce231cfef30c3779fa27838c8583d94d244e24c55fd81e658af4e4cc8d64
SHA512

3eab1748d679ca6456b362ef056a0b2f87a858acf8f02148fc857caf0b07f6552eea183cd67e2643284b55adb8a20146f402da1ded546d06e5db0ff64fcc7efb
SSDEEP

393216:ScZQO/D1s2RM83uON8GDB62G+BbEAlmLP840dZvt:3vnM83gGEJVaz

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.app.androidtvo

description ioc process

File opened for read /proc/cpuinfo com.app.androidtvo
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.app.androidtvo

description ioc process

File opened for read /proc/meminfo com.app.androidtvo
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.app.androidtvo

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.app.androidtvo
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.app.androidtvo

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.app.androidtvo
Checks the presence of a debugger
evasion

description	ioc	process
File opened for read	/proc/cpuinfo	com.app.androidtvo

description	ioc	process
File opened for read	/proc/meminfo	com.app.androidtvo

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.app.androidtvo

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.app.androidtvo

com.app.androidtvo
1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4273

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.app.androidtvo/databases/google_analytics_v4.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.app.androidtvo/databases/google_analytics_v4.db-journal
Filesize
512B

MD5
f65a49d328de2dfa82bd44ecb8a3f2dd

SHA1
52e2485ec3cdaa714694e152e7a8b1f2aa5b3f6f

SHA256
845c8f36b5144203e981e77c6b0cf9ddb9d3209971b46b612c53ff5b9e74de8c

SHA512
97254d02f87afcf93945e99f57bb9e015590e9ce2aec1717d7ef2cde5549361d1eb752549121e48777e596201aef9e6791d2015fec34c22aaa3bdfdcd37821f9

Download Submit
/data/data/com.app.androidtvo/databases/google_analytics_v4.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.app.androidtvo/databases/google_analytics_v4.db-wal
Filesize
68KB

MD5
eece89984bc970d1cf98b5c8e2610483

SHA1
7ec936cfa7365b66a27c9639c7f114558ae5e14f

SHA256
10da7a4c5c6c4c886efbcc3a47d15b3fe6e5f335984e70c08bfb9be9376f133f

SHA512
24a65a94d6da21afe1ea45b1592b418ea5b06b4fb4b3dd894e1001e739801b943f2a88c6113a6ede198fcc0a930de247d19fb4fc2fca64983a92c581655ec5b3

Download Submit
/data/data/com.app.androidtvo/files/files/manifest.json
Filesize
18KB

MD5
af3fec169e2ecc7768f949563f378ff2

SHA1
7324ff0bb30c16e09a569ce71da547b795d1097e

SHA256
4641fb21e0b5cd23ff593d90a0cf9caf81cd66ed8c293e78e7220406e291ebd0

SHA512
56af395b1e4977f472abd6327131cb5c898a6fa6abcbdb4e3be3378756f76dea0ded183b707fcc69ddfd53d58ad3c1c4d13dadbc19b0e987e8d8e4e14d152aa1

Download Submit
/data/data/com.app.androidtvo/files/files/manifest.json
Filesize
62B

MD5
6f366f71d281600129d0a11cd4e5e0f0

SHA1
12de7625abcaf198364ff2ca1438f0a581ec9eee

SHA256
b24ce8bc08103168cca67106dc948fe60f72de8163587fc57ce6c284683252df

SHA512
db7efd33fdf7865e27dddfda1254a3792ad8695c79b33178c7f3b37225c5bfad00f59bb646f57224366f9b8acca4398fdb2075bb9834e177c9599c86ec0210f1

Download Submit
/data/data/com.app.androidtvo/files/gaClientId
Filesize
36B

MD5
8c0ffcd697f1e715376bff6f52c550de

SHA1
f2013c079868bf7140aec8f0eb3b4e24ce47e6e2

SHA256
54313117243d46047be54069a06283c2cd25db3d043d84ffca5b5555c754499e

SHA512
acb1ce2dd63c37e05e40393800685ec85f490b6c25360e77c4a140b57b6010367bbe13a24c60e0377a05be1654dd3e190e541af22f7e71d4874e8925f30f6db6

Download Submit
/data/data/com.app.androidtvo/files/x86.zip
Filesize
167B

MD5
0104c301c5e02bd6148b8703d19b3a73

SHA1
7436e0b4b1f8c222c38069890b75fa2baf9ca620

SHA256
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

SHA512
84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads