f64cfeb0fc942a179f7a9ba0aed293e58d56f5c2f783721170c5d627d2ca9415

Analysis

max time kernel
43s
max time network
175s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
24-05-2024 13:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6eb588b708b81556387977dc88f2d3f4_JaffaCakes118.apk
Size

1.1MB
MD5

6eb588b708b81556387977dc88f2d3f4
SHA1

c1efd8ac135b074891e04be0cb0da519fdfc84fe
SHA256

f64cfeb0fc942a179f7a9ba0aed293e58d56f5c2f783721170c5d627d2ca9415
SHA512

8dcf1c181e5afcf621170f55366e9adb89fa8a3a74568126445f2980e15feb2f968ed028f955e40a1c34d5e205696e0f855a026ab0fb7f84a4953a8f76b116b2
SSDEEP

24576:ZLQox8CBf4QUGnZcSYeUD2/ER3fLEJIuZINrLztqKoHv1WfpNs:ZLQRClA+JNUDV0ZYgKotWzs

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

Download New Code at Runtime
T1407

Processes:

com.appmk.book.AOVNXCPNJHCQJRLN

ioc pid process

/apex/com.android.runtime/javalib/core-oj.jar 5162 com.appmk.book.AOVNXCPNJHCQJRLN
Acquires the wake lock 1 IoCs

Processes:

com.appmk.book.AOVNXCPNJHCQJRLN

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.appmk.book.AOVNXCPNJHCQJRLN

ioc	pid	process
/apex/com.android.runtime/javalib/core-oj.jar	5162	com.appmk.book.AOVNXCPNJHCQJRLN

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.appmk.book.AOVNXCPNJHCQJRLN

com.appmk.book.AOVNXCPNJHCQJRLN
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
PID:5162

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/apex/com.android.runtime/javalib/core-oj.jar

Filesize
4.7MB

MD5
7e343cbc45b618d05182d74bd61826b2

SHA1
02ee96263b3b967e570e8ddb1fa36cb21032b71b

SHA256
324b5af2ec2d78bb57b1552f429af51ac8d65f7fa277217ae8d4371ab14178d1

SHA512
48cbd8a5b246cf9d6ec16558ab12af131439837094c63a64046de384da933593459fb1aec126393bbe3b2b8ca19437f38b68364c9f158023a7b1a35e6901c705

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db

Filesize
20KB

MD5
7d14ac38d6248606f750b99c86ff1e00

SHA1
2003557be23e5629707d489b6de9dc4926c947c7

SHA256
06613399f4fd6f3cf71d8c659205bf3d7ebe87d95888f8ed9adbe3ef79b81afa

SHA512
eb99b1efd13e7760d19cae69fe623d60cca32b015448f0ab75a98ffd9fd326ee468450b3098adeac1bedc8c5b00c155ba14c86d52c471e7ed4922089fd14e900

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db

Filesize
16KB

MD5
eca6fd28958cc03f612d15ea321781ff

SHA1
b632c38a82bd18c8ab2d293699f274e743705c2b

SHA256
39f5781b2b42d91ab9a7f95a054bba443c69cabe86ada8a73455d42a0402138a

SHA512
3770a25e5be2d5bbe8ff597417219e13d73700273b7dcbd7d7909120b5c38b2c2544e790a79ed70e9b97c03b3ad0c34a47e2bde960f804f3d69f5e46c428b087

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db

Filesize
16KB

MD5
60911cdde3348e19041a69515c3660f8

SHA1
03d82494713229ad4f5491b2922bc6d965a65ba4

SHA256
e508fe409784779f7269e231ee95cbb49f961879e8ba6d186d80fbc1456642b4

SHA512
de8039ff8e5ddcc507c38fef774feec766999d087ef90464011c5277cf346f68ae91249cf85b67c6ba7399d80819dd81e6cbb5e840ca72be47a90c6e766cf208

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db

Filesize
20KB

MD5
9b51e801ffe2d31ae51e17082fe19ac8

SHA1
41fc8eff398d4acd7fa745c7e5de8d63a9bf117c

SHA256
918b5240eb640e7399699e474bc1fdbbc92ccaf5e39ecfb81742a90111855224

SHA512
fc2e8008369a46627a03135d082619864d05ff7b899f72d43d9fb182715807f846ff676e66d007b825d3952d4a7dc5a025a46bc93f84d293c3003e0c7d55c3aa

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db-journal

Filesize
8KB

MD5
a7886cdc8a23104cad489a503996463a

SHA1
1628ad267cdda855ef7d4f1736fb01d6d38f9b76

SHA256
fd81ae40b34db0bda1f0b89cb883871c6c8ff1b7f7bcc99c23a19d76ff71a60b

SHA512
2ee7740c043f46e97f893ad7bbcb85da1129c41800bd9daaf51d2f2f50610af97dc87138f4f1b6687cf66ea9af37399f4433a223ab61946718cc56330dc8a554

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db-journal

Filesize
8KB

MD5
7dac40545fedd1de82f7d6f248ed08df

SHA1
0de6bc987f07a9314e8da787ccb304e4f9f44457

SHA256
d93e45d4a1e5a3df223b831eb8bdf9a5500500a26d0683cc8ca2083be9b5638f

SHA512
7d051b7fed55977dbd2b47698db3b56afaa3858d741cf94c9fcb01aa19ada0b1d5a4438b759e441a08bde9916dad57f59819963321cbfa44829138578e4202ca

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db-journal

Filesize
512B

MD5
98f2f8a8afa9cf7e761701aa12cd1037

SHA1
a2f4d7f38d7a65c66d9ae9fc5682d4cd643d7024

SHA256
a1cd490ee1867536f8dfcb24ff4ad64bd31754821b8cbfa60490eb99b0c3fd38

SHA512
a5e2479830ef2fcd753fb07c7e045558821fe834a07ad25a9894ff19f470da94b2c19eb2a11a1b465bc99e4649ad9b06afe711f61ce2d81865bd3a7b9c40ba96

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db-journal

Filesize
8KB

MD5
b5737e56e62959c601e10f577e60351f

SHA1
9361039e5a672d56f69708df2a2bf2ae5631ba27

SHA256
c999732a353d05faf29deea1eb4da938ac49d2b0bc7d82814bcd657a5605bb92

SHA512
8f5d0b75ced3dd7a4a36cc4525811fda82eee75243d8ce516cf2d6f36d89e3e9f37d3b6b4e3cbe820052e47b280e8588890fcd93489db6aed402d71b5a53eb69

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db-journal

Filesize
8KB

MD5
ec4ad4854b929274590f147a21d4bf15

SHA1
d36e2c2bf57af9ea026f7b33a7067c7774ce57a6

SHA256
da4bd1e976d533ef7537e2ab48b0abdfea815ea91c0f5eac98f69c83ee3c2af8

SHA512
231be21a11cdb808bbbccf4da4215838034e255b9782668d3878b78bd63f9416d0c7c58019eea82a7580e147f6408c32a8d5d94e871faaa716d353090c950b0f

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookConfig.db-journal

Filesize
12KB

MD5
83f0c29e0005388779a37d986406e4d3

SHA1
e0da0a88bc087c1d6dcf71de20b9852059f202e8

SHA256
0473c1124efd55f803836bba8dd591dcb5d00e079b827bcabfc194466a563590

SHA512
507d2bfcbc1f409871212b47f93bfc33d8e1334f86c05329dae663163570e7006c53cd9409eb1309bfd753844d28cedcd380ac5ac4e207218ed68440b6509180

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookMark.db

Filesize
20KB

MD5
1ab976bdddad8fe64ca6e2766a3dda7a

SHA1
f7fafdaae4a2e8041f4830c4c36c45bf0291eb0a

SHA256
d434d153cec84dbc770d203b242a75ad7cb14f25aafc2aac2d29ac8ba97fc27f

SHA512
afab5a22fb34fd1fb4770870afa8dbdae1f8c86f1bed347bbb7c1e6fc43f025b5b57d3b466e265daf2ae7edd58c2165b3f1d80404f64ea99a796bf672b827446

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookMark.db-journal

Filesize
512B

MD5
a62b1191b94faa267ff8d1bf8a081048

SHA1
6af1124f0ff9e871764bb842c0aca6ce177e822e

SHA256
c28c6bb92a83f35435c0b38b468662b4b14137e81b1c5cb9d739ed280bbefc68

SHA512
ede6842e76c055633af0944ac1d1e0f5951ee242d907580d0cb90a023f5269057dd6dab0056a4260ed42bc257e9ae734f60d9b1c19ff91a0d9f10be58c9635fb

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookMark.db-journal

Filesize
8KB

MD5
ec57701dcc1ca3b5260431fc1a99180f

SHA1
3d830691696d547848fbf71e0b17aaf0aed420bd

SHA256
43a186b08da8a3f0116620b394f858dcd90bc6ee6c847287a3508b5e21c4732f

SHA512
b111ec1c2a9de4a81ef2ae70d3bf43437ac5642ef6fc156130aa74c24c8d17e1d8f5f89bc6cc23ed5fdcc377ad51f4b6f11f9ff7d981af5839ef453f9251584e

Download Submit
/data/data/com.appmk.book.AOVNXCPNJHCQJRLN/databases/BookMark.db-journal

Filesize
8KB

MD5
a1e05dec0878b76aa914317711cd62b6

SHA1
18787c3414842a7d569738d7a2f6c162574d691f

SHA256
d733abb0ca4c723723e2ea82d4a54537b23af496d0aea77c5d08e35ee72b7238

SHA512
dfbfde5c8b1f0ceaeb47fd6868e5db61f392bb13aee449dc4561ba9814acd4183661d787704bcd44435d6eca74784f3e618a71fcb061db792b690ef81070f816

Download Submit