Overview

overview

8

Static

static

6

696acdf4d4...18.apk

android-9-x86

8

696acdf4d4...18.apk

android-10-x64

8

696acdf4d4...18.apk

android-11-x64

8

Analysis

  • max time kernel
    179s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    23-05-2024 02:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    696acdf4d4b9d7a79de1f8522a466bed_JaffaCakes118.apk

  • Size

    307KB

  • MD5

    696acdf4d4b9d7a79de1f8522a466bed

  • SHA1

    1202ab7d8a6a4a9f5f74a3e7c992b0d53d1fd72a

  • SHA256

    f7dcea67f15ed1a461dea73515e7ecd467e86901da7b72280aa23396aee76d98

  • SHA512

    bc840a616b288695ff0a05045195bc669cd0c60968c3b632e709d2319f771f98ae5c4773f676112a1c5e04fea2dcb645ea9b550bc478604232732ab6ffb9b00b

  • SSDEEP

    6144:V1UFRQ98qOm76nUgUHuzie9rx4g66zG6uPPJ2Jfo2Cd8IHcDi+NSYIS6tODNafj+:V4Q98zqcUgxr91qUACmcDi+AtoNQI

Score
8/10
discoveryevasionimpactstealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
    stealthtrojanevasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
    discovery
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.mfvbrdnoufqa.sjoknuyhv
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.mfvbrdnoufqa.sjoknuyhv/app_dex/xrvjofqdyznwk.jar
    Filesize

    72KB

    MD5

    1b1683635d89f047d9435216c0e86ac6

    SHA1

    ce3396d69b1f12d90a96856e44af44b39d4457c4

    SHA256

    6d074002cc6881334426a8e6cc0e89eef43e1868c483304e5dedea54a13567d9

    SHA512

    bb76c25dfdbb72aa2760dde982dff7df0ec793b4f92274280c5ea0570b9fc2ef3bdbf9572100e1e7846d5647a7a44b8c8f2190d5d29d7ef7a7a541cf1b473e67

    Download Submit
  • /data/user/0/com.mfvbrdnoufqa.sjoknuyhv/app_dex/xrvjofqdyznwk.jar
    Filesize

    175KB

    MD5

    22f62d2e41de9ce2adb98b137ad0dd36

    SHA1

    eb1e4d87caf423f5700970659c951b652ee47a36

    SHA256

    78711e8c7534b7eabadc7508a2cef300f34b3a604d398ce4335b6552e345f4b0

    SHA512

    423991cb95de329fc98d9a290b3446cb9600cb1c119e351eb42976c60c72fa5387bf39d77558ecfb7d5b41262553b0436b2022ddb8c5065eb23231dac275f5c4

    Download Submit
  • /data/user/0/com.mfvbrdnoufqa.sjoknuyhv/files/ls/lt
    Filesize

    29B

    MD5

    57db2fea5b9201101471c6393a8512c6

    SHA1

    7f2a8fc100ce59d77ff4e19cf66785083501c8b8

    SHA256

    a362969583c82c2adbb3825e82efc189796a3b7d6c16482b6643513f9afb24d7

    SHA512

    32b4093e1ec600a1a3db0c73a65baf2bbc9b92a06ec0b903205a65baaad252f5f93d38d1bb3a6df29752271590cb51755fb2e42082dc78f77cd1367761a8171b

    Download Submit
  • /data/user/0/com.mfvbrdnoufqa.sjoknuyhv/files/ls/lt
    Filesize

    30B

    MD5

    10757c1bb7be6b2cf3bccb445ea1c78d

    SHA1

    4e1c2c2fd46a83e039cfad83c132e6a364833c38

    SHA256

    a84746a18e0d182efaa20ef8ba7c8d8768a0f56bb74c290caae87210220f94e9

    SHA512

    06a559576e2a51f961cfa08087faca78b3949ff79875cc5b4db33c61263871ebb1bfa4f8385ea17272e039d4db6de7455b2c669be1f308e8a4da45f8aad69789

    Download Submit
  • /data/user/0/com.mfvbrdnoufqa.sjoknuyhv/files/ls/lt
    Filesize

    28B

    MD5

    3e1a248f254feba725d92d220c641f2c

    SHA1

    f4290eabcb01c26c73fd60f74b73ac0d5b73c817

    SHA256

    76bcaec03e8d4e253ad77501f1cf5fb32206795256b725319ea9ce4b92216914

    SHA512

    b462d80677991873ee6b72f3a5f96363cff7bb8841832fb3709670c4ab17623a66bc472cff1e62a36743e91c86c47746e99a0d3196b3a92080623435b7719e1c

    Download Submit
  • /data/user/0/com.mfvbrdnoufqa.sjoknuyhv/files/ls/lt
    Filesize

    26B

    MD5

    0b5cd65a0562124440879ea2821b0d71

    SHA1

    86f9afc4d0948e05e307aa9b1592df4b62af064a

    SHA256

    647199d63eeaa9d64b4bbea8fc1213f86b887003c41f355a040581b329309d6c

    SHA512

    8cd047ac3f1ced7c3d717aa9101af0abec9dfb5df850da18da726dd5be164324b8a6b4de8ab9b09c1faffdb74bded75cb5721111c1493cc0165ca16645b3d6fe

    Download Submit
  • /data/user/0/com.mfvbrdnoufqa.sjoknuyhv/files/ls/lt
    Filesize

    28B

    MD5

    9c8705a3fea1d604673869401610e688

    SHA1

    0c4183ab6575e78ccc9448193b042d7958892fd6

    SHA256

    efcae36f89bbbf6930915122814266ea91c7b619ee3d176d5fb296e4fd605c95

    SHA512

    19ac4afaefd0bbf828ca9ad380d7835e6652b8d2aa459b47b2588aafc171e96fb9449037e968be7ff4182073e052e7ed1eabf740dba659c784c5beae3d36a277

    Download Submit
  • /data/user/0/com.mfvbrdnoufqa.sjoknuyhv/files/ls/lt
    Filesize

    125B

    MD5

    0bba5c9f1feef2c996080ade4a941f25

    SHA1

    25935c5a4abb56c72ec5cfea295fbbffe8f80618

    SHA256

    05ea688644193f0bfd5241c74ba091fb833fa6b9014f1c03186c1e11108c9287

    SHA512

    f58bdb9af560a45cb19eee3ccb2c0d45d7fa4cbb178e35459f4e95c4394d536662d41bbf1d050f6fb7340a2862f93c94b2b4dcbdfaf66f5aefd360809872f607

    Download Submit