c6d83f2faa36d71d7319db2f81f63b5c4038e98e607c9d9e24b83d43a77e0552 | Triage

Analysis

max time kernel
178s
max time network
185s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
25/05/2024, 00:56

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

705c247460d398fe442028c06f0a957c_JaffaCakes118.apk
Size

11.5MB
MD5

705c247460d398fe442028c06f0a957c
SHA1

6a572be11654a51ed5a70a10d1f824678dfb3d0b
SHA256

c6d83f2faa36d71d7319db2f81f63b5c4038e98e607c9d9e24b83d43a77e0552
SHA512

9e487a18552cf881be7982cefef1e5bbbabbfe55b824acdf8f921f7e5cc5bfb7c80814863f5851070286620b174429f7e7aa73c709944667889ac0ad88340e57
SSDEEP

196608:lW5R3CEJbWvgo/YlkzMCCtcAjCOMDVcAzVZxb6iOqehH3VQyBubZc:0/tbc/YlkzmiAjjKLZxOiOqezuW

Score

7^/10

discovery impact persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Broadcast Receivers

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.ddtech.dddc

Checks if the internet connection is available 1 TTPs 1 IoCs

System Network Connections Discovery

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ddtech.dddc

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ddtech.dddc

com.ddtech.dddc
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4219

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ddtech.dddc/databases/rep.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ddtech.dddc/databases/rep.db-journal

Filesize
512B

MD5
91dfa34c06fcc3f8760f860c3b594ae5

SHA1
d1c5e23f87e8794796c3798bedab42d37881d141

SHA256
dad8a7541a4a8e5d6543589f7b487a495482dd9d8323ea684a5b445e53c74c78

SHA512
2b0bb093ca4bfeac19f1616a81b5d5f1123d5024c8f91adbdf20e9106e7b63f84dabe417b4f4939242cfc30c86cb8926f24a0587d13df792cc40a23fb60ef927

Download Submit
/data/data/com.ddtech.dddc/databases/rep.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.ddtech.dddc/databases/rep.db-wal

Filesize
36KB

MD5
3ea57bfcf719ce11153b39e718630c48

SHA1
cc9e596d99715b31ed691df4b29d089f6644fa6d

SHA256
b8ac74bcaee9a1a2276e49d75f56e217a344b9aeab00cec8db2aabfeb9f897f2

SHA512
d6732d5c9b1f3d8d30c2c866af023f109e627244d482e94c0ec1d50cf2a0dcd268649d80ee6850bd36f66957fd8cd7dcf3c72bf77e14483d56b0a2241817dc82

Download Submit
/data/data/com.ddtech.dddc/files/jpush_stat_cache.json

Filesize
143B

MD5
fb965c5be558f0d4a2d93021316dff8a

SHA1
6c3fcabfc130b73c31faa3e2fb8fdde17c81394f

SHA256
31ff227baa8502cbb1b97efc10ad0753387887ac347224a6df191d22a5d784aa

SHA512
fdc2354a35ea345dab8bdd12abdeaafb8ffe05d403cacc5d7c0aa0522ee761da3e60270e74eda0211fc8f47e21e08252adb388a4374e91a22b826fe1b01821ef

Download Submit
/storage/emulated/0/Android/data/com.ddtech.dddc/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/cars.db

Filesize
1.0MB

MD5
84671e9b0a90d8ecbb5de047622fb803

SHA1
92288ca99defac4574632ba1022d2199a3766f33

SHA256
19ce9d98b57fed74caf299b1461f18cee00c6487afa921d8ebf30e4d27acef9f

SHA512
a1e91dadc5033a1a2069a72494613c8611ce7eec3e546c41359c08c9787edb988425ff62d107287f58b37c5ea2402cf247f82c0153f4e45f914b160509ca732b

Download Submit
/storage/emulated/0/province_city_district.db

Filesize
178KB

MD5
1a241354b9f547e025cd26f76dbc7f0d

SHA1
c16749e88694e919c8f7393e918091594bacc000

SHA256
a93696a4f35899b1c29ac753da77101c63e106f65f44f7985efb72944b862025

SHA512
fa02c44038d94872b91743bd7b65985f4ebf22c2150d1b272cd7f2c7bd89ab4cc90cea8577862b4865c00a2cd8ba71782c1b0b85644b450747ee9ba2b69b6148

Download Submit