00f3ce231cfef30c3779fa27838c8583d94d244e24c55fd81e658af4e4cc8d64

Analysis

max time kernel
31s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
23-05-2024 22:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6c686f16cb857a86473afc26ada5948e_JaffaCakes118.apk
Size

18.1MB
MD5

6c686f16cb857a86473afc26ada5948e
SHA1

abc99ced94d7d680468b8e54383d6d6f5fc006ef
SHA256

00f3ce231cfef30c3779fa27838c8583d94d244e24c55fd81e658af4e4cc8d64
SHA512

3eab1748d679ca6456b362ef056a0b2f87a858acf8f02148fc857caf0b07f6552eea183cd67e2643284b55adb8a20146f402da1ded546d06e5db0ff64fcc7efb
SSDEEP

393216:ScZQO/D1s2RM83uON8GDB62G+BbEAlmLP840dZvt:3vnM83gGEJVaz

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.app.androidtvo

description ioc process

File opened for read /proc/cpuinfo com.app.androidtvo
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.app.androidtvo

description ioc process

File opened for read /proc/meminfo com.app.androidtvo
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.app.androidtvo

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.app.androidtvo
Checks the presence of a debugger
evasion

description	ioc	process
File opened for read	/proc/cpuinfo	com.app.androidtvo

description	ioc	process
File opened for read	/proc/meminfo	com.app.androidtvo

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.app.androidtvo

com.app.androidtvo
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
PID:4605

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.app.androidtvo/databases/google_analytics_v4.db
Filesize
28KB

MD5
37d99d22df987d2be3f14a6688c05703

SHA1
61f2423ae6f2692c045fdba9d8611d6ea442bb84

SHA256
2debcba6b30e59e70342cb0003cb57ccf29061f95b9aab70e23b890a77acbae8

SHA512
a87c3be13dd1edd294f2199f97d320f7a6aad78917cda47cf25fd2915ef0f921297232d1222b1fe587530f18b0cefe07daf9368721b14f85c474ab6260508bcb

Download Submit
/data/user/0/com.app.androidtvo/databases/google_analytics_v4.db-journal
Filesize
512B

MD5
3991d12a95d57cc01657a787de8f9061

SHA1
8a896d3de0050cab3b04efb43f9e37873be9061a

SHA256
bb23ba0d1073cf3b1fb5e6fe82de90e064dc0937a5ce3bd7d972cc74a787f17b

SHA512
d89f12e422329c16cbdede7d045e38e66075149909e8baa26ee3056c6ab3cbc905bf036aa9fedbdc05363888ae46d1f638df67d77e38f51ba4dfde9c778840fd

Download Submit
/data/user/0/com.app.androidtvo/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
35836c1ccf7dd1474c163614e33e88fe

SHA1
484611245b745154365b71eb92a96ac65ecede9b

SHA256
5e326a0e7c0f2e18cfed728a619bd60d647f37edb21a20b9e5c51f068aac1952

SHA512
893b913fd6edae44e1ebc6536c7526724cb581696f021b3c362217022c83a72c8ea90789e0e41e80d9f82c76e8113814c79fe8cdce5a1bb7fdbaa3366a2eb02c

Download Submit
/data/user/0/com.app.androidtvo/databases/google_analytics_v4.db-journal
Filesize
4KB

MD5
8cca0afc78a49f758d1d5953cfae7b6b

SHA1
f77156c398b78670d49ee2b50537573b92cd9b59

SHA256
7f3563f652b55d8cff84d6b5e3bbdf29fae6a8a697b2a24e2400d2eaf99232ca

SHA512
cdd3c92a16a2196e8e10e64a65d2cbb5043578d2a9dc2fb8cf787dd016673955fb6429f588b7a7b8623d4bf6b4e4d63a8af886a3de70b42cb3c24608e0eadcdb

Download Submit
/data/user/0/com.app.androidtvo/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
35a0a35c8fe937d2fdf2672cec663209

SHA1
1472f862a5e2abfcbedec58a33a594f6c0610b2d

SHA256
610108b44fc43a257f48926386d537a308702b65f7dfe8a9591ec9e3052cc0be

SHA512
fd601fb9dfbdfe5cb546eac25ace2eddabd1716fc8228914243c84711241cb4e89fa8f8a98571f84f50743442f6920ff77b62d2286dbc6b6bf5a6b49c973d4f4

Download Submit
/data/user/0/com.app.androidtvo/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
8c10f687c9a5d799c8a7f5dc7b57170e

SHA1
28103c0247b9377c0d95aef0f8d07ad9dca539a5

SHA256
f3d0139e948e63af55d41d71204ca922364b56d952f6becc08cc6a51945e9b0a

SHA512
051f7fd62a99d47e0576ef8bf7ccc516a6f1d5a528274d27c12f1f6c5f85d896187cd4baa5ebb4bb7959ff97cd482a854e7cd55fe87b9161638b620c95042a75

Download Submit
/data/user/0/com.app.androidtvo/databases/google_analytics_v4.db-journal
Filesize
12KB

MD5
704739fad49e28c9c185cde5e4b75f40

SHA1
9802b04b44a1a9155a19c3d24d8556ba1f6209fb

SHA256
57c6b85eead1e7f17784c89c94c378f050525f7b0b432c2cd79b70a05fedd3c7

SHA512
1c7419b44bf135f1af74ad9a2b3119c5093b93f3ef4e0ed87f8a6b8c9f2e7acecaa5ffcd17d5014225b35527935c6386b188125656399457211ea0668fc9d34e

Download Submit
/data/user/0/com.app.androidtvo/files/gaClientId
Filesize
36B

MD5
949732f3f6d9729dbef41661e84559c9

SHA1
6568c7a0eb14b3dd887342fef4e0a955770e49b0

SHA256
b815d5395056bdeb542a8aed0a92b07dcad110800c74d264d8897a404231bbfa

SHA512
07eb47d350a1e19746b7828deac37a31387084c0c0a0c6670306eaa01fb9373070f80051c35220c6ebbae6da73642a0456896814cdc3a0de74ea204a1416cf8b

Download Submit
/data/user/0/com.app.androidtvo/files/x86.zip
Filesize
167B

MD5
0104c301c5e02bd6148b8703d19b3a73

SHA1
7436e0b4b1f8c222c38069890b75fa2baf9ca620

SHA256
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

SHA512
84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads