8e3180f2e9f98f92cfffab714ba4d8dff38ec9cbcc97f28b6a6889a4a80faf1c

Analysis

max time kernel
179s
max time network
129s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
27-05-2024 00:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

773ff95a1c6c53bc1d6400d8962125ad_JaffaCakes118.apk
Size

594KB
MD5

773ff95a1c6c53bc1d6400d8962125ad
SHA1

5e9cca3061bb368f38e92bba36372ef625499ce2
SHA256

8e3180f2e9f98f92cfffab714ba4d8dff38ec9cbcc97f28b6a6889a4a80faf1c
SHA512

ad66c3923c4b4ae6ca7517dec7dfb837bfcaaae5a6871080cfc03a8a37b35ccfde5bfd99dfa60f1970b0654030903039db7b459a02e5ac8ca09d792af8c751c8
SSDEEP

12288:+RU7eiS0dWvUMsED6BYlVwptxgTsOO009Tp0XnvAQiEjbj:+RP0IvnsEDXixgA1N8hiWj

Score

8^/10

discovery evasion persistence stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

app.six

pid process

5147 app.six
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

app.six

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses app.six
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

app.six

description ioc process

Framework service call android.app.IActivityManager.registerReceiver app.six
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422

pid	process
5147	app.six

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	app.six

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	app.six

app.six
1⤵
- Removes its main activity from the application launcher
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5147

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.six/databases/a
Filesize
24KB

MD5
c69ef7005c3f91851e4e6fbc49e01083

SHA1
ad90dfc9ee0a554d6698dcd1d5c057c2f585effe

SHA256
fcb8a9d175b007f341481140c4a4ca394656864a3938d8c0e15ccf18888aa776

SHA512
7bf02687ffec137b03b6f646c0db6f9ad5feff73ec5fccfb903a37e0e59c3b9cd1211d8038506fc1abdef6e65eccd1ce6634d3d699f2d0fc636b31648a17716a

Download Submit
/data/data/app.six/databases/a-journal
Filesize
8KB

MD5
d742cf16fe016da6911e682a841bc4ca

SHA1
cdf40ab9eeb5ed1d4956a735b4e34922211084f8

SHA256
35133f6d938e560590844eb7c228f594a3a18e7ef166fc521f3bb4c3ec113431

SHA512
7c83075b20ff12c86b7c5cd906e3cefc54f2cb7db4d2f597819d6a0839ad4dcba988dbc1b2933378b8067b492896cebb32f05d869ad2faae6109fb31da5ac5f6

Download Submit
/data/data/app.six/databases/a-journal
Filesize
512B

MD5
d8e5947dddb537614a643692f74c82a1

SHA1
74ff0c09ebada784a4ae17c8d5a4ee7bcb6bea54

SHA256
80cfe891c29ced120f6ad015c2d8802780f81e0592f7e050e4d44380ce5ae955

SHA512
272516817c9f076399dbb0887aba86d6a7d4ea06b793ee510b2c9d5f9a3e939fedf231dc46f6141ea38227e9282d2f826917d639c59f1ad80a37510fda8e7ee6

Download Submit
/data/data/app.six/databases/a-journal
Filesize
8KB

MD5
e63839dacc6731b7fa10677e5616b5e0

SHA1
8e3bafc16d3537de8ad6727ffdcd4eda739b6446

SHA256
46ef95fdfefdc2531cee00a68f073903619793aae256709a127a6155d2badaec

SHA512
90c49e227929bd8eaa158503de5fa3b195d25d4e1c8d7b6dc60befbfa2a897b31bd08cb8029db66b183d2a0c71ee07af8614e11a8e2369123ea46bc82b5dcde4

Download Submit
/data/data/app.six/databases/fanta.db
Filesize
16KB

MD5
3422be8f89f1aad1b3b93da4d5ae8abf

SHA1
9ead666be2094ae2791bc6e667c7ed5bed49483c

SHA256
aaea518224d0e9332e4979f3442d66ca36253c7d4e8a4117769d08075c2fd021

SHA512
943eb9e0c4cd788fbc8749fc88202cf91545ad2a410c301f558afce2f3d142513f4eaf347b7cd6fcfa4a5fdbf4fed39f45cdabab63c7abf8e8d443fc1a86bff9

Download Submit
/data/data/app.six/databases/fanta.db
Filesize
16KB

MD5
b44cc76d01defbde1315918f10106661

SHA1
ebf532dcb7343bc1318758cd84692c128ba99356

SHA256
9648da79498982fbabfbe10caf5406c8666e38dbeedc1882ebbe5cd14905b22c

SHA512
a0d92da000087b1d77acc8eaa8e4cd362e5038fb1245352e61275b42984d6c1247805275edd5aa661c8e9351b360cf56866d99ced609f2cb088db8de14468d8b

Download Submit
/data/data/app.six/databases/fanta.db
Filesize
16KB

MD5
b1bdc3386e460ef63ea6bf3df60cee15

SHA1
b2eaa14d24ec950aa125c4f0488404e95673d6ae

SHA256
9b3a43296116f4da113abcd18f69b861fdf91cf03b11cfe2891aae5b5ebb0886

SHA512
5315d00e4e085193bd69d8f7e57acf4b59693c0c5063d26453703a79638aa3dbc441723c4f9ee9a53268ada3455a48b9f5400da3651294fb0712040e2aeead39

Download Submit
/data/data/app.six/databases/fanta.db
Filesize
16KB

MD5
1c1a4a5847e9d908775014a3587e1fa2

SHA1
b513497122566cb415e949594e62af9e5660b24d

SHA256
c601850db4ac566ebfe67b14d1ee417b9c42fd153d11796b7e6b25316be6a01a

SHA512
c9b75341f714348b4c850566b2bb762059f322dc801899808a28ea82fd9c1d197abff6f3ebdda1a71f500ed7ab9bc1156b723d3bf45fd6befee7e210cf14afee

Download Submit
/data/data/app.six/databases/fanta.db
Filesize
16KB

MD5
b091021ac61fd8b4fcdc3a60a6784745

SHA1
8751797028cca2f93dae9c373c35ddeb313f3171

SHA256
5518cd557fadfbf9272d23d6e92ce4f65d09f37e2fa90ca7b756a7cad261bc3e

SHA512
ac2c1cb16a8cab2cb6bae64545539ecc1c2ca681bbfc772e4577a1c21993880ea25c6d8b95e4c222f0a6b8efd27ffdd697e78ad1b2d01b7e1d023baae4d3c479

Download Submit
/data/data/app.six/databases/fanta.db
Filesize
16KB

MD5
a982792a28147e7a6498a3f7f0c8525c

SHA1
8e5ee46dd483244186c810e8fe2034acfad6a4e8

SHA256
9af40eb9a39ddfa5a7c1bae9e5a018f4a2a0efc1e5a7e995220a1cbc81ad618f

SHA512
3da4d9a795c6308361d4c0567c3758b80d29239d43c17821b1646f7b72f804934f202d2c1fcf5c5cf367f9cff219eddec830aef033dfcb1fe320af81db85b95b

Download Submit
/data/data/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
1050affe5a46bceca176d1c954363d7e

SHA1
1b02f3190acb35de1b19ba0d2b12291355775b6c

SHA256
d41d95b688003ee752c778aee625c7a50c8523f247f499fae584becd05fa5585

SHA512
f8514c85fdf5e57103428d52bd30cb7357321686aeb6139d3ca869895f2dbaa51b991e8d86b5aee8e66010fcced245a3295ee05ddd28b648d15e48c3a2297fb8

Download Submit
/data/data/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
3509725859b7869ca16438f1ab418128

SHA1
afe97e3ea8550ef614c92f85e998ee5836311720

SHA256
901d0b923681b280b0d190f31769b7e28ce4c8c8f7c7d14ed5d2de10dedd94d6

SHA512
1cd0c83042c8332f2388b05be648903612b096214ad9718261951df5d81c144d447fc68f37850b24665101e22d8ae0136016998caed28555f4291e442d7dbb06

Download Submit
/data/data/app.six/databases/fanta.db-journal
Filesize
512B

MD5
6728a4dd6d7e681cad289da89ac5c963

SHA1
6331b3519e083364a9ad20de50c0dffbd51e7711

SHA256
3194dd984f0c6ce1dc4f9114aed9115255158b61e70bf0b7c6896d39f91c9397

SHA512
1d839fd1ee916a69c0a047b0a5ed559e667b647d3d3532a06142045aa44820e65b49db1e90d99a35fc080e3488a835872031eea6ff239cd4f60e5e3c1fdd0921

Download Submit
/data/data/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
11bd44c0293164358a905c9462315e2e

SHA1
71836202f9eb691b860662029c1149447b26969d

SHA256
266c074ed97729cc3d41ddf796891c6409f8a9c00f2427777152b95a5512b8cc

SHA512
2905408c8324cbbcca773766f439a3f3f795a2df2b8c584dfbaec1cf155698b4181c8e1cb9e8512ae25716c154f847767be40d1223e317edea0750c6d730df10

Download Submit
/data/data/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
49931772c8835431116465d130401536

SHA1
9527d3fd407e3a79f5f3737743e800d567316c2e

SHA256
1b6e93cae5a97c5ce99017fe1cd0bf81d12556a784a4b27ace94534cadcf3383

SHA512
f5dec6e6ad117fd3df294f3188fbe8d1c1456bbb80a45bc33431064fb43e7133e4226b808d616e71512e9bcb9b338f2e0b8711d535ee3fea6c575597ec239c22

Download Submit
/data/data/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
e8e11ec32ec7f2bc395f96acf04238d8

SHA1
4ad508b785926d8650c750d40f75309ff06296d4

SHA256
d1410230adb106bebf03bc4f791ce97e28ad126dc5e0a55a4e435c84e5d30abb

SHA512
084609c3de7eeb693d95b9c0dfa2e84170cf875e22b349e8f0f2080dc189a326aee259ff6469ab97271a5f647a70a2685569b795e223e4decdd95165ee0651b6

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
951881d7512ac340d0e50edccf884c00

SHA1
d5571837178ad1f900e5562ec5b03a4ee5ecca4a

SHA256
8cf49a17e8ef60d3792c720b1ac9475214c7e5d5a50e8931dc9ab1c4129581a8

SHA512
97c5be1de2af2fe1161c9bd588fcb2397b30eb34344e6fa56c694f26619731372332ce33633af7a7d6a641c9ad0de9014f263fc68cbc6ab1390aff5b325c53b6

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
512B

MD5
45891c8633d272e714d313ac211a7d36

SHA1
65ae343d6a4cd854c808f0b698bd1d0a325c0642

SHA256
fa9fe9a51fdac81f4830434006a47fc956dbec1cdbbd203f28ef38abc37a1cc9

SHA512
44d5f1a69029a15c582ecf1a66f8475c42fdbcd9f8b4946382b1885348bb89dd9dfd52b7c1605d677d2b025275a1a89f9a7a1b0df4e00f2b31bc932425a6d04a

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
02294248d7d10e5251703e27a9deb28c

SHA1
1e1d04753ded8e3a468a90e8d94333d41c87cc54

SHA256
7a92fef3d157b9a4f815066e37251dcc9a4a76a6a075fcd4b914c93a2c4b0773

SHA512
dab1a26c762657f9999b9bb7721948fb089a6cb5eaccc3b3f6163967a9ab81fe1ea72f36c88d2102d43c390ea53b31966fd941dfeb6238918a529322f57bac33

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
c86d589847079484decf1335e34ecfb5

SHA1
89696d5c68b42571d014665dd0c1538686cae553

SHA256
c6eea32a0d28a9c0509b0e511ab3215938874ebd714ea3a131adb352836e7a9c

SHA512
69d4e142ca4e34f0411b2370be845438388b7dbff92be5bc58d71ee2918733c2558a6b0142c2deb0f6752648e9f34c2df766ffb5c47137311c67ea221a0de3e5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads