e0c423b7aba9f31b5dac46094c639eb611cccc27a217639733ab30e60dfd33a2

Analysis

max time kernel
115s
max time network
156s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
27/05/2024, 22:29

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7ac38584aa7a70e9be9fe86c8f9ffb7d_JaffaCakes118.apk
Size

10.9MB
MD5

7ac38584aa7a70e9be9fe86c8f9ffb7d
SHA1

84124cca52301bee3068f45505721a9b21f73eba
SHA256

e0c423b7aba9f31b5dac46094c639eb611cccc27a217639733ab30e60dfd33a2
SHA512

3379ae6954168fec8703a72fd9d75daa588812ba7cae03f19fdca7bb1d0db438ad7e19d82b6a0283ccaeab2141daf465d96e4b9625624d2a5c139a1fd2dcc070
SSDEEP

196608:xPB3xMKrWjuCKuUEjQIyUlyEoXS1fvNdlXen28WM:xPvWjuYUE8IyYqX6fVuOM

Score

8^/10

banker discovery impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	org.geekbang

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	org.geekbang

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	org.geekbang

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	org.geekbang

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	org.geekbang

org.geekbang
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4253

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.geekbang/databases/ThrowalbeLog.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/org.geekbang/databases/ThrowalbeLog.db-journal

Filesize
512B

MD5
83b90d4fabd11b2ff95e93920880bc60

SHA1
fc35575bcacebe69bd0759405fdb998e2a097a69

SHA256
e28f0d852ddf565cedee3b79133bf3c4b40c2994ee6a1c8d45bbd1f31790245d

SHA512
0e871e3c6e59de706402e92eccffdb26c797fed9710a6a22203d70e0df08831326471c08c118c96ca6b6f30dae02267fc49aa4459e30024721b6b4cece0daa13

Download Submit
/data/data/org.geekbang/databases/ThrowalbeLog.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/org.geekbang/databases/ThrowalbeLog.db-wal

Filesize
164KB

MD5
089b78febc33332a92d017e754dc5950

SHA1
099c11bf6f97f77d79b2e2219bc3aa9b302bd7c4

SHA256
a9aaad2f7c301719b19636444dfe900e2cd91ccf9c0b6ac56a0b5735ef2a6e8f

SHA512
bfc0cc38810366fcd056f212303269740024cfbd7aff23342ae554bd48e3359a8dfc4a027a62477b30a6c103187898f3cb0fc5744df8b7538d1f42c80201e1b9

Download Submit
/data/data/org.geekbang/databases/sharesdk.db-journal

Filesize
512B

MD5
e1d3e88b16ead32ee05e6885dbf0c500

SHA1
a1e688fcdafd8a30766a803e5305742b7648f1e5

SHA256
2551313e62ff949ad4be19be1b5421e8f42f6446dedc37550c3235a4781cba7a

SHA512
e9fad61f16254e7b3e5bb0adca479c95d1b039e26c65d2ffb7d54339610410615acbb921e0cabcdfb176a59b1c4278a1feba009974bec5c100da6957153bacbb

Download Submit
/data/data/org.geekbang/databases/sharesdk.db-wal

Filesize
32KB

MD5
b8ddea3198a6e6e70787f5114530cc9e

SHA1
efec483e40b217e4c08d0ce2d916a99175fee188

SHA256
53e488dfbd8c11db44b3fd83eba358149790ef6a83e498c175ec155ad0b7c1ad

SHA512
1652f958c042f53cd13978e48fa517bcb16f37a60557041ef7454a57c3c543803bf43cbe18670cc56acc1cd54d91eca132a1ba8903701741ce9ef965937caefc

Download Submit
/storage/emulated/0/InfoQ/logs/log1.txt

Filesize
117B

MD5
01571e99ad370dab2a31b436ee4681e7

SHA1
36c43643e0d989989f7ba31da48ed112e73e29f1

SHA256
47b289f9dcb13c16489ea8613a82255287bc19a93b8d021462fab1e310e6db9a

SHA512
473809e4e2f0349d6bc25e9c3dd8465e57711f9911d89fd2137ab32815609487ff48a71178d978579b7bfc7b0aa7b63e6c5cb6ddd01e943c104ecae8ae325999

Download Submit
/storage/emulated/0/InfoQ/logs/log1.txt

Filesize
82B

MD5
034ca6e45271c691c3062f51267f1297

SHA1
844f39d49c68bd66d73894a99ccb55a3ef8c4648

SHA256
1e05c6a567aa4e940081885b345f3f8e312719485cd8985219f401dc717b1b53

SHA512
f2c480d9ab7504e3f7c597cf88cdcb3629ea001833f3c5f18eadbd0847118448a45b5594f2210409e623ef5d7ac7fa38329d5b926fdf474c3d68477111809932

Download Submit
/storage/emulated/0/InfoQ/logs/log1.txt

Filesize
124B

MD5
1db5f52bdf7260c5ef18432e3db20146

SHA1
4e5a2be41482b3c096551994c0e1a910f8cdeaf1

SHA256
dd0550132824cb8953a72dc78b8e6099131bbc3dd11edae47eb5ae782289a70c

SHA512
93ec37bcc7acae91aa2929566564133457ffcb1a19a1346e8b89f9201ce7d3ddf5771af311d17b1c31b0b103ed6a0643725409b9ac8b94b48f3b8c6a320d19b5

Download Submit
/storage/emulated/0/InfoQ/logs/log1.txt

Filesize
121B

MD5
bb3f57b6ed3ff8f942f19bffc9a6c51d

SHA1
503405f75178affffbf8d17b7ca9fae6c21c8176

SHA256
b517c2987841e74bd1cc3fb16b3c79d88da4509cac7de7c3eff40d121b100b46

SHA512
edbc824b31b738c15b95b0d468eb2645e40c619da002f73dbb91cc439252d2b24f7ec14a324124577b64a218a9ff2a8a3df0d0c224c4a5f56fd8c00588a45893

Download Submit
/storage/emulated/0/ShareSDK/.ba

Filesize
365B

MD5
c68aaf9d61baf3297294eeb604dff714

SHA1
4e5d76ee4edaee334866d570ef8823c7bf20c2c2

SHA256
723ebb449068af5c7fe0fe0a5ab679e72d41f3ef9b358505c7fa8c747f594a6a

SHA512
656366ff66ea73cce32c82ce11f25e7bc88bee3b3634f8722ff0913ad27abb1fe247de34d9f85f68826bccb4311a4acddcdcaf84e016b3b9a530d681f098ef17

Download Submit
/storage/emulated/0/ShareSDK/.ba

Filesize
464B

MD5
1db7c708f1f7f627864eb913435a9f07

SHA1
68a3a7298e8a0ec75b42069c061b2a1b3f620ef5

SHA256
6131b07b02592ddccfce783d662ca53470ea6ccc935b2f8814eb8f09866a9a4c

SHA512
50b53b1d980bf94af0cc21105957bc62bf4b9bce93962b0a704ef2d7aa58190fb20d96c28401d175fadb956798b61f89ace7534a6f7d3c9a425c7079933e51dc

Download Submit
/storage/emulated/0/ShareSDK/.dk

Filesize
107B

MD5
c9383021bd97affc44be4db7018c4d7b

SHA1
7e680409d1c86e35149bebc22f2cf8c484f0d23e

SHA256
b7b7e032170e3190a84359e5c37adede1d58b6bf4c455ef0c01f73335709bb65

SHA512
7303f068da97319891e2d25c1c737035f1cfdc365d75d954102b612000e54d7e2b5dfafe10bdf909563e2b46ec3ff9e546423bff6f0aa9496880eab1c1c36a81

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads