Overview

overview

8

Static

static

6

6dd69eeb6c...18.apk

android-9-x86

8

6dd69eeb6c...18.apk

android-10-x64

8

6dd69eeb6c...18.apk

android-11-x64

8

Analysis

  • max time kernel
    179s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    24-05-2024 08:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6dd69eeb6cdcc9229d1ac79e4926b0d6_JaffaCakes118.apk

  • Size

    213KB

  • MD5

    6dd69eeb6cdcc9229d1ac79e4926b0d6

  • SHA1

    dc9932040c4413aed837ba6311c8442eeb7f8715

  • SHA256

    2f7b1171f34fe432f6b53124b09637e1240a05156cc073f526defd0fab923c56

  • SHA512

    5c585ef375c76e941e110b67664c1dc548f6606d86e8abe00bec3cb50ced6b9c6bc9068560c17c1d8b13849b87c65887ed13694c827d20b0572a289b0e8e5d77

  • SSDEEP

    6144:fIb/0szi6yig4a8dHtVIFXhYoBKSTrfI/+NE3Muiw:wz0K99xa8dHb0XioBlTrf0F3MTw

Score
8/10
discoveryevasionimpactpersistencestealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
    stealthtrojanevasion
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.cold.toothbrush
    1⤵
    • Removes its main activity from the application launcher
    • Makes use of the framework's foreground persistence service
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4257

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.cold.toothbrush/files/54bbfbdf-90ae-4093-b1f8-87d0a9ffb147.dat
    Filesize

    404B

    MD5

    0020db2898e8dd8c6b717e0cb269d118

    SHA1

    d7875acf99823bad2602ddfe017fb8fe446270fb

    SHA256

    2107b923fa4e55944085faa8511e635a13d77d208e42005ce25b3ce851575e2f

    SHA512

    e4c2b72974ceb56e96c6c21d866e00e115175348c1c27ef8dfab4d9ce9c120e4f7d66d0cd5989c5aa67a29a9d16692399c89bac7a1f760845db4e0b706b45704

    Download Submit