08aea0c0e43b6b720379db3f1c36242c9955d9278a601ab0c7ababfee2fb1bbb

Analysis

max time kernel
8s
max time network
151s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
26/05/2024, 05:27 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7475d89ccc96c19b0632260dcf0f7ed4_JaffaCakes118.apk
Size

194KB
MD5

7475d89ccc96c19b0632260dcf0f7ed4
SHA1

0acd273cc65bd895d6ec42af7af543ec13ce4ec0
SHA256

08aea0c0e43b6b720379db3f1c36242c9955d9278a601ab0c7ababfee2fb1bbb
SHA512

b61cedeaf74a97a89a8af2f8267cb8541ecef79115624fdc49f39d6951f26a20b2ce159c876a7be81a2347bff9695fc6e5ade2594aee610a9272ef39a0d01076
SSDEEP

3072:ylGv8Okqa4yubjFrQ9ejSu25k9mi31Jg7u3sw6oJNY3RcB8dFbgmP1zh91r:2qa4Beu2KbvguZymBGLHr

Score

7^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.lololo

com.lololo
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5149

Network

DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

216.58.212.238
DNS

ssl.google-analytics.com

Remote address:

1.1.1.1:53

Request

ssl.google-analytics.com

IN A

Response

ssl.google-analytics.com

IN A

142.250.187.232

216.58.204.74:443

tls, https

1.2kB
40 B
1
1
216.58.212.238:443

android.apis.google.com

tls

3.7kB
8.1kB
12
19
172.217.169.14:443

tls, https

128 B
40 B
2
1
142.250.187.232:443

ssl.google-analytics.com

tls

1.3kB
6.1kB
9
9
142.250.187.238:443

520 B
10
142.250.200.2:443

520 B
10
172.217.16.228:443

tls, https

621 B
40 B
2
1
172.217.16.228:443

www.google.com

tls

8.4kB
10.9kB
25
39

224.0.0.251:5353

3.7kB
11
1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

216.58.212.238
1.1.1.1:53

ssl.google-analytics.com

dns

70 B
86 B
1
1

DNS Request

ssl.google-analytics.com

DNS Response

142.250.187.232

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

DNS Request

DNS Response

DNS Request

DNS Response

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Response

DNS Request

DNS Response

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.