8ab82ad1eb3c3dfe4d7d24f67193c4909844b52578c74e62d838d3b8c6c4f425

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 09:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6a7537bb73569dcfaae7bc63dce1595f_JaffaCakes118.apk
Size

27.0MB
MD5

6a7537bb73569dcfaae7bc63dce1595f
SHA1

6d61c683371e9a593ecd203c7091a2fe6e4243ca
SHA256

8ab82ad1eb3c3dfe4d7d24f67193c4909844b52578c74e62d838d3b8c6c4f425
SHA512

3e3a4a882f77eeb49f3d8922aa8cd7bf6f6aff59192d555bc438f46e76cf9ee4ebaeb8b8955d9d284ee630dcadd4f2bdbec621ace15c0184c7a68450a8495856
SSDEEP

786432:jfqIkFjx3sUnB4jjvv2vv6/0P/fHswuHRSrDi7T:9gcAgT2a/0XkwaR6+H

Score

8^/10

banker discovery evasion

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.crescentmoongames.deergodads

description ioc process

File opened for read /proc/cpuinfo com.crescentmoongames.deergodads
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.crescentmoongames.deergodads

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.crescentmoongames.deergodads

description	ioc	process
File opened for read	/proc/cpuinfo	com.crescentmoongames.deergodads

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.crescentmoongames.deergodads

com.crescentmoongames.deergodads
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
PID:4259

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads