a5af19675858b52d26358ced7b5623b752bb958367fa56cda3bbe5fa17605271

Analysis

max time kernel
177s
max time network
187s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
26-05-2024 22:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

76f75c77448bfa00ef915025826ec851_JaffaCakes118.apk
Size

9.7MB
MD5

76f75c77448bfa00ef915025826ec851
SHA1

89d76d924acddcf8437555e7f66436db4e3f2920
SHA256

a5af19675858b52d26358ced7b5623b752bb958367fa56cda3bbe5fa17605271
SHA512

d49f6e5e2f071649c3be14e915dfcab25ccec051164b2ddce26b6becd054a9335f644e489770662c887ea4a2e9b7d4e6a9b25bcdcc73b7ceb029ecb1ac7e3224
SSDEEP

196608:jzfMprYXYBJSYx+LVsnYiI3Z1re2wmI9TyfDSa8fE0FCkd1tgdq5WFbIoXLz3du8:jz7YBIYxWsYiiZEEDSa8lFCiz5WaY

Score

7^/10

discovery persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.po.dm206.id2662
Framework service call	android.app.IActivityManager.registerReceiver	com.po.dm206.id2662:pushcore

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.po.dm206.id2662
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.po.dm206.id2662:pushcore

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.po.dm206.id2662
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4264

com.po.dm206.id2662:pushcore
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4296

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.po.dm206.id2662/cache/image_manager_disk_cache/1e62745a05eef3e10eeb9059d5a39da2dc02e2874e64ce42f1ce261c3a70df7d.0.tmp

Filesize
33KB

MD5
dde58650cd950bd86fec5c41569f6c8a

SHA1
7d93c279f9afc635de9fe49251d8e158dc704428

SHA256
05099ab7820971cbd5dbb907689a712d10a27d51444c240e447c580d5b980147

SHA512
ce3692975588f004d84b877804a4f6fc324e610678fce7d8d3be3bdc8cbd11759cc83765a85db939ef85fb568eb2235c70ed3f2899ff185c601132fa5a343f10

Download Submit
/data/data/com.po.dm206.id2662/cache/image_manager_disk_cache/b96f342ca246719b6279338d6729eef2db6693a12a5f98de92528e00f60d88ec.0.tmp

Filesize
24KB

MD5
b26ff4dfd695990ea55b3c8fcb40ae5c

SHA1
1c1354a880635a30b414f598e3f8a6e709ba6329

SHA256
08ab6c694ebcaa351b3649f26bda70548f55533080daec93c92e739ff16980e4

SHA512
af623591830e50b759695ad39652181bcaafc42b2e84571be224646461c73c583fea3d6467c5c79af6032925a3d122d0c4ec2d5cb4e7101e9d89ecca600d6ed7

Download Submit
/data/data/com.po.dm206.id2662/cache/image_manager_disk_cache/bde66fe3ca31b682aade091322e2ab4be3cef795dbe7c07c96e234a322564952.0.tmp

Filesize
19KB

MD5
a9e8a7e04135fb84ebedaca323ced66f

SHA1
3898619844d4f58d61e85b492d87b257618860f5

SHA256
bcb2f400bafaf91d0050e8a738e3db2bd0445ed8e0fbfb47b175c7975f84cedf

SHA512
26bb0d41457e02fa43c7e2b7ce4c17965035029f437249f4b9b9e68f6bcfc2008d3bdfe27f1a3d53e2a0fc1f73055d78e236d3095965e0b1ca520c1b6a50f8ce

Download Submit
/data/data/com.po.dm206.id2662/cache/image_manager_disk_cache/c0006dd37fbdf7114b17166c037b6f1cbff6ebb6c314098bff4221055aa0a02f.0.tmp

Filesize
17KB

MD5
d408770f774a80e3455a0797a7036c87

SHA1
3f60f81b7081e157078f063341c842c4171853fb

SHA256
dabea41fc4d6afd31d73eff1ce15d09697015091096d84c3bd34261f63b23641

SHA512
03ac94092da03a769d9f9cdb58fe3fab48b2a8a25a3fadc7a8f1be4bb32acc24c5f26694c1dade6d177a982039bbf984e7546e10652eef9c79939fb79a688ee2

Download Submit
/data/data/com.po.dm206.id2662/cache/image_manager_disk_cache/journal

Filesize
623B

MD5
9e29722b6486969c3923eaefe2fec849

SHA1
a784016c45b4f3246440f99767b7225fbafd36e0

SHA256
28b53d31d90895ce02ef6f30e9b26738b53439ef8c340acb8b8345e272fedcda

SHA512
e838331065e02ca0179e47b22dcbe53f4cb0bb0f478521a2cd015c84e37e07b0d7aa743f823090f7bc15b49eef5f47af7b9b6388df840af0fb63c32dc2a83e41

Download Submit
/data/data/com.po.dm206.id2662/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit