Overview

overview

8

Static

static

6

6a8b701271...18.apk

android-9-x86

8

Analysis

  • max time kernel
    3s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    23-05-2024 09:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6a8b7012710a7a5a0e24cfb6cb7a5575_JaffaCakes118.apk

  • Size

    3.4MB

  • MD5

    6a8b7012710a7a5a0e24cfb6cb7a5575

  • SHA1

    0a297b0afd2c100a8b6d4d07b202a1f02e727070

  • SHA256

    4147e9ba2836975bd940b2d816f560078776dd794734065678d68f28925fed68

  • SHA512

    5cc0cb8b22747ab54a7d4d22472532361733d9b6f054ff1ac9f5276a2a02d1d1f378eb6d6090bd20eee901b46c2b3d44c49f04ffedfd09dc6ef5b533c7fb6a9e

  • SSDEEP

    98304:RXa6O/YziXd85U3IdvoTAJlvm/XbanhhZhBE:RNqd8y3IyTAJA/rAZrE

Score
8/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion

Processes

  • com.yxxinglin.xzid744589
    1⤵
    • Checks if the Android device is rooted.
    • Checks CPU information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4206
    • ls /
      2⤵
        PID:4272

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /storage/emulated/0/Android/data/com.yxxinglin.xzid744589/files/tbslog/tbslog.txt
      Filesize

      114B

      MD5

      2312f5d74a3f2bdc13116a353aede6e3

      SHA1

      9dd68661f51c9acca6b623846988d6426b56d195

      SHA256

      53a18906335dd29c8916def5fcafdb220590f11a4aa32ee7a688c3dafd1eab3f

      SHA512

      268e72d3596ea26fb68ce7c6c872557f527c0879766547ebfbefe21bac6837220bf9ca8703a75115f756960f21d0a1b4b4c749147b4dc32db3d106a919e27ba0

      Download Submit