Overview

overview

8

Static

static

6

6dd69eeb6c...18.apk

android-9-x86

8

6dd69eeb6c...18.apk

android-10-x64

8

6dd69eeb6c...18.apk

android-11-x64

8

Analysis

  • max time kernel
    179s
  • max time network
    160s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    24-05-2024 08:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6dd69eeb6cdcc9229d1ac79e4926b0d6_JaffaCakes118.apk

  • Size

    213KB

  • MD5

    6dd69eeb6cdcc9229d1ac79e4926b0d6

  • SHA1

    dc9932040c4413aed837ba6311c8442eeb7f8715

  • SHA256

    2f7b1171f34fe432f6b53124b09637e1240a05156cc073f526defd0fab923c56

  • SHA512

    5c585ef375c76e941e110b67664c1dc548f6606d86e8abe00bec3cb50ced6b9c6bc9068560c17c1d8b13849b87c65887ed13694c827d20b0572a289b0e8e5d77

  • SSDEEP

    6144:fIb/0szi6yig4a8dHtVIFXhYoBKSTrfI/+NE3Muiw:wz0K99xa8dHb0XioBlTrf0F3MTw

Score
8/10
discoveryevasionimpactpersistencestealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
    stealthtrojanevasion
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.cold.toothbrush
    1⤵
    • Removes its main activity from the application launcher
    • Makes use of the framework's foreground persistence service
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4562

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.cold.toothbrush/files/54bbfbdf-90ae-4093-b1f8-87d0a9ffb147.dat
    Filesize

    404B

    MD5

    7901004f123899c023951b7e34f37e61

    SHA1

    57a0cfab6b091b206388dc5ea7a746e85e350eab

    SHA256

    2a38dfb6158a0d5a04cb3a4fb634917b6e0dbb41de28a677a77074c397251a1b

    SHA512

    2842c96a4f58b5337b4d4b251a5769fec13cd51df5936ba3e92938b58b8d76f41347f5ad9f10e7265766d95fd818bda38d5866031996a8304ddcbe089b63487e

    Download Submit