a5db07ed51eae66000576339c4ddd5dc6c47c2b1cb354dc1d070d52d56603006

Analysis

max time kernel
5s
max time network
131s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
24/05/2024, 12:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6e986557a7a3d99af53844668f8d2894_JaffaCakes118.apk
Size

31.4MB
MD5

6e986557a7a3d99af53844668f8d2894
SHA1

13f84263957eb54e8762d4c87c19ff14c703a3af
SHA256

a5db07ed51eae66000576339c4ddd5dc6c47c2b1cb354dc1d070d52d56603006
SHA512

d5d1bc393642f08545eec12cbe948aa9fb680fd0fe7f590880ef1a99e32e0b425744e1fad120b91865224fdd042dbd8d5d0c807bd83d91f32659e2390f000ac8
SSDEEP

786432:oJEMvs0BPmNE9zBvRfV+UGDmwio915uhoU+gZtGLmWX9EkLY6Vxr2xnB8NJoL:Is0hmW9zYUGKw9KhoUCiWX9EkLY6VV2H

Score

7^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.javgame.ddz

com.javgame.ddz
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5126

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/data/com.skymobi.pay.newsdk/plugins/com.skymobi.pay.plugin.main.apk

Filesize
48KB

MD5
d46532ee0fea6239ad10c592ea0cb4ec

SHA1
04f456ffb2eae23188075998769e687ffafe4bf0

SHA256
97d0356c8517096c447c2fb34c97588e0fb76186341715d9f5897432cc66e3a3

SHA512
f60a7713deb0d4020e675b4e39fe7a2d667f0e4ea88c3da5bf19931e0b3e18a7bf0912bcdaaaa6b9439f313ebbcac53920d6d72d9f2ec006b1db4669d67fd127

Download Submit