Overview

overview

8

Static

static

6

70e5055b5a...18.apk

android-9-x86

8

70e5055b5a...18.apk

android-10-x64

8

Analysis

  • max time kernel
    9s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    25-05-2024 04:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    70e5055b5ad248d8dbd42042212550c6_JaffaCakes118.apk

  • Size

    17.7MB

  • MD5

    70e5055b5ad248d8dbd42042212550c6

  • SHA1

    4bfc7e9217bfce33381cc2c8200b5d2cc80f9e7f

  • SHA256

    57f05904ecf681f7aa89588d3a3d60cd06476970c251a34a00988d7616e92239

  • SHA512

    92efc58bcf9a13099552d078e898331ce5a78834369c6140cabd9b70f350fbe5beef03a67aeb0cde01b0eb1a2439895b074f60fd53db0ad01f4312001c1ce71a

  • SSDEEP

    393216:7JDS1frDIF4YoMFFd4gCWJh/y/+ylkTh4rUe:7JudoFFmBl6WrUe

Score
8/10
collectiondiscoveryevasionpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Checks known Qemu files. 1 TTPs 1 IoCs

    Checks for known Qemu files that exist on Android virtual device images.

    evasion
  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

    collection
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Reads the contacts stored on the device. 1 TTPs 1 IoCs
    collection
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Checks the presence of a debugger
    evasion

Processes

  • com.whatsapp
    1⤵
    • Checks if the Android device is rooted.
    • Checks known Qemu files.
    • Queries account information for other applications stored on the device
    • Queries information about running processes on the device
    • Reads the contacts stored on the device.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4273

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.whatsapp/files/Logs/whatsapp.log
    Filesize

    9KB

    MD5

    1abae2090fd1cd08c4e5566500f84a49

    SHA1

    1ec98e9600d5928698574432c55249b4712a0d88

    SHA256

    a6ae78167e7aa124792372aa521fedf497b26ea5875a9d2a2582ba8d8f385090

    SHA512

    a009ea6ef574727f7d1ab93f27ce4da22d5058f56873b7796cb7b56af26b720673c1bcce52b12cca31f5bab10d885ddd4b47e18972e3df036a773a90c6b251bc

    Download Submit

  • /data/data/com.whatsapp/files/wastats.dims
    Filesize

    246B

    MD5

    81ba401f0c29a20f472c4e8d74075658

    SHA1

    ce0e38f53bcf31f925c131c002fc63b8007f34ab

    SHA256

    d7b64a7ea1ae90e75713c18a12fcdd007f0a914cbaa508f528e3a5fbd1f453e3

    SHA512

    084b22577f29cde4d1dd05c87269c1b87c3dbd23c7c3ead4d95e371d64e4c6fd59ef9d87126ebc1ac3b966f72ebb4036331be8904a19ba74d6c23ede806a6200

    Download Submit

  • /data/data/com.whatsapp/files/wastats.dims
    Filesize

    753B

    MD5

    0909f13a5ea35ec30f58e7587a4c716a

    SHA1

    717f18ce8e2c2a726464566040f767c75dffbf4a

    SHA256

    795a5a6c9aff729b7009667d2f3569f03e7e6383b36f47b06e955bc0eb50a863

    SHA512

    47cb0f3f5b2734ea0dfb838b3d264ef3c91953dd90fef2469b2c30d3c8a555f7bc0f1b404cd469f0081f666fa25621234cfaacda322527c9ae0c4da21fc15afe

    Download Submit

  • /data/data/com.whatsapp/files/wastats.log
    Filesize

    307B

    MD5

    854d98b302195f4ecd434f49d2365c4f

    SHA1

    024cb679743d67c627e010ab06fd14e57fd8a065

    SHA256

    df41dd2ec20345a6ba467a90f04518e54a4b740e2bc7ebac904d88c78745d8f3

    SHA512

    cbb09ac95e490ff38f4f1fc3b334a3dab9d26771bdecef4822be54650cba457d66b3ae1e9bdd3c35c2aefdc1ae77f742481fa2c70abe52402c5db1b00e250c0b

    Download Submit