8e3180f2e9f98f92cfffab714ba4d8dff38ec9cbcc97f28b6a6889a4a80faf1c

Analysis

max time kernel
177s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
27-05-2024 00:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

773ff95a1c6c53bc1d6400d8962125ad_JaffaCakes118.apk
Size

594KB
MD5

773ff95a1c6c53bc1d6400d8962125ad
SHA1

5e9cca3061bb368f38e92bba36372ef625499ce2
SHA256

8e3180f2e9f98f92cfffab714ba4d8dff38ec9cbcc97f28b6a6889a4a80faf1c
SHA512

ad66c3923c4b4ae6ca7517dec7dfb837bfcaaae5a6871080cfc03a8a37b35ccfde5bfd99dfa60f1970b0654030903039db7b459a02e5ac8ca09d792af8c751c8
SSDEEP

12288:+RU7eiS0dWvUMsED6BYlVwptxgTsOO009Tp0XnvAQiEjbj:+RP0IvnsEDXixgA1N8hiWj

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

app.six

pid process

4624 app.six
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

app.six

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses app.six
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422

pid	process
4624	app.six

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	app.six

app.six
1⤵
- Removes its main activity from the application launcher
- Queries information about running processes on the device
PID:4624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/app.six/databases/a
Filesize
24KB

MD5
09a1c65be08d5478432c8a2c4c699a06

SHA1
19f8db07639eab80eb0b3d757112bd47076bfb96

SHA256
e4f66f1058ded1727a16c604ec745de9f81950e9b1d79d937ae3f12be2023b2f

SHA512
1703e390f1b373cf02f9ba92cf6e22b7ed4cc4e553e13278e36eb30aae43b28211d1b3c76ae690e8a972dbbf6d7e634c98d8bfc7333258a19950c30d82aec429

Download Submit
/data/user/0/app.six/databases/a-journal
Filesize
512B

MD5
e76da4e26a42c5fc00f62b03bda86919

SHA1
25e4f0a4fa78c6bbcc8e6b4ee516f5c2018bdc6b

SHA256
7cb2fe5bf2cca8eb6c6b34716756788ea35b2751dc096d62e114d466888063e4

SHA512
4e2cd8d52bb35acf5458e8e00cc8dc44cd58bdbde657f622828a91782769c0b8b89d84d4545db3d2c93613433b2d80e1cf558adfdd97ac66e309f7d91a2ab427

Download Submit
/data/user/0/app.six/databases/a-journal
Filesize
8KB

MD5
5eb921e29facfae0abdcb2c413fda5d8

SHA1
b9e3632697465ad14bed1262fa86f08c7b044733

SHA256
b5c444c3e1cd8f696c4a47e1eff9518f5ddaa1d152fab0d2e80a8aad118e3808

SHA512
b6998aedbb69feee81d3954478b0065059d2ef91b39ea52dcc6b8ff4b088bc74f6cfa8361a2355af9573a5dd0147d27710f56693f42e2cf811fd19a7deee3142

Download Submit
/data/user/0/app.six/databases/a-journal
Filesize
8KB

MD5
b99c666295c4a2531b40771289387444

SHA1
0720bec352a6a7a1974713a15bc0140ba698edd2

SHA256
4b0d5f8bca45926884d4e4700bbe1e81fd5d9210f34436c288b0e3a241eba4a4

SHA512
2485a3e40ffd004b15aa1ee667b9d174f3990db675edcc718c2f69338c26bc0eb2e710e5b29055c4c87786da91ad9dc64cc6607ab6c634bfba09e261db710b26

Download Submit
/data/user/0/app.six/databases/fanta.db
Filesize
16KB

MD5
cafbe1eae43bd6c7cbcc2d01bdaa0f5e

SHA1
a407fb84611528d6ede41172aee928036b4fc4d2

SHA256
26384a3f33c7ac08d7588f6c4659491255cf405c70998392f6c5eb972516fc4d

SHA512
990b1706639fcc7a3a2d3d6d7eb8b1ce7d7c5cb54d1e106cf398b6a0d5ed924392ebd13ac563bcf456e8587417272b1b1518eef02c3c58ae9feb2a8bd44382d3

Download Submit
/data/user/0/app.six/databases/fanta.db
Filesize
16KB

MD5
7633c3b11746e65b2369311a12d86a33

SHA1
cb08af2e20f9fef3f39462a16d51eb85448de09c

SHA256
94789223a054041929a9399beaa12ada39a596ec64e6963ad2b7ab945d263114

SHA512
2e1d7982332262a6e82b9e1abe435a32390356c7c060135ee013fef79bdc9a425a782b58d44fc24972842cae1bdd4bab885a80e25831e4408d8476089cf299cc

Download Submit
/data/user/0/app.six/databases/fanta.db
Filesize
16KB

MD5
28412191b77b2ed72d00fd421a04414c

SHA1
313abc893e1c4622cf3e882ccba2eb5d0c788ca8

SHA256
4843412e6e0dc3f9c8c754a27bc0d4b82d39247dfc0c38549548cbe028e840c8

SHA512
e880c71f47630e1b742624954210e3fc0bb6864942291f243cf997f4ff026d731d953889ae610abc20cb0a5694edb19be42472991878d3cb9d9a3f7fd6387ed6

Download Submit
/data/user/0/app.six/databases/fanta.db
Filesize
16KB

MD5
6d63024a2f7279db0eeb7f0dc59eb8ea

SHA1
67082d61e967b4eec57e4a634051774dc5d32900

SHA256
08ec901d0ed813d89495c5c1521613d654fa6cf234ed21cfc75fc9b6defb88c8

SHA512
59645e1178f5f0da453fcf805b5602bce9f3968f007beec51a8bd0d956523f0179494e20cd2a0b26650c793622606891c0b13d74d340f6b6e407899383761b58

Download Submit
/data/user/0/app.six/databases/fanta.db
Filesize
16KB

MD5
8d3fbfb00a9b42c0245fc6b8dbac9f1b

SHA1
0e2797c0be0365cde0db32b0f0af41394cc72090

SHA256
b2e9565443787b32806f717e62a5182f56f4b8eff09142de6bf1198be6901339

SHA512
ba32adbe2cb73d77c45f6834dc1e9588e41205c49d2fc6ff76197043ea92bbed9a0e12c438b6e24d7d1b24425c584bc7479d019dcf251712df44dd721dc723af

Download Submit
/data/user/0/app.six/databases/fanta.db
Filesize
16KB

MD5
cdb158a6fb06bfc5558b6f5a77c63735

SHA1
d6f57c3ef68df370840247736d5ee990d287c13f

SHA256
97ae9c7aaf97288d14f4d498652d3f1efc57512b7f34ba5dff5e48ba89bcf196

SHA512
e7431d2f4a33dba5e832be2bdfe7e8a42c5d19c96c98aa28051605f9822e284d5c6f82d09ee6ba920b89e9dbbdd80caa62a78f79df06b021b572c2993a70268d

Download Submit
/data/user/0/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
4524032d27614e2fc4011565a0daa959

SHA1
b2457243f705dc2e343434fdb677669d78e66b43

SHA256
c372e97de2ee3f57861be9957d0a756d21fd2306e93b24ec7673946658456946

SHA512
4d8c9302fa369acc7418291bced4a8c0bf0e37eaafb20666b1bdda7e1be4fea2ba2af7617d7b555305f49b6d868d0ad37f5b430708ee4a090c691fc9ea17bd6a

Download Submit
/data/user/0/app.six/databases/fanta.db-journal
Filesize
512B

MD5
edf1fc9f5b36b12f0dac93f11d1d1f65

SHA1
cb960292112864ca94e57a6bba237f89afe133fe

SHA256
da3964fb2191242351b5b691b6f0fb4492300d64a99e439ee817589ddb865014

SHA512
c5735dccd51f8dccc7295f46fb0a1710c75f48ebf598de7635f9d15e1f6f47f6711770dd24ff9a9d10a0ad19a9518797e02cdd90c97e2742e9346a2c9d59afbc

Download Submit
/data/user/0/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
fa72ce10ccbe39eb02c87fb8297720d1

SHA1
ae6fbbb70621405f6f46bb4d70478713568f6c3d

SHA256
9c1993f0cff1f8002c9c1d184b4af410b3a1ff39eb0476829468672b69817f1a

SHA512
74579099e266e297f728487e1a9e82725d0b1de62e4fd354496a65919f54814ccdf67c793a4ecccf17643fd0e5a5d98e0bdc01423392d3fb7c0a0d17abc1fcc7

Download Submit
/data/user/0/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
32c2f6053c95730381e5d10508511b58

SHA1
85abd818fdc5f6891b1ad3821c6a904517dde124

SHA256
927c322ac17c7b6bb2f8ba50476bf69f1f1e5bdb8af603d743eeb266d755c4bb

SHA512
d0e57d9ea8d60b808b59800e22f123edc38f58cd9b8fafdd3596e6a7bcba2e9915ccd9763b846766ff46112706909047819fec76f934d3584c52f0299420db4c

Download Submit
/data/user/0/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
544c8bce8995c33035fef28fed5cdfba

SHA1
c887b8cc1c85707393cd652b09201b79db020d40

SHA256
d4c1cdcef1fd43708a02e7dc0ef2c43d525ff6b7fcc3823aee4fc552f68e3f1e

SHA512
23e5fe125c621c5dc30e488213966ef8f1616d6ffef0834b63395490e75c7411cb57af229105d86797fae48a38b78c46e006b1535249c26cd091b784f10536e9

Download Submit
/data/user/0/app.six/databases/fanta.db-journal
Filesize
8KB

MD5
9b669d0268967b34558410751f2fe64b

SHA1
b831174450e673254f6fe3d7213548a519d50076

SHA256
332239bbbcd87e94a878e843ec0af10ac9741de5474b5ef31e4d591dddd563bf

SHA512
22298ab5900e1e2f4c90466b0142b5bf3674fd015ccd1e3dd37efa288662d9248fd0220c619243b00451a87e18564c65b400168f433ec64374755b75de2298e5

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
58b1735add6f81436d7d9d6093589387

SHA1
dd32dc364676f26f3acf1262f8cffacf933b45fc

SHA256
3b5716faedf8ff04082f0b86c8231d53969ece06da48c1489a0549bda2435209

SHA512
a51ba5eb5ae38d273fb4211d26c992499edcbee7ba3b2005227aa2b9af86416423b3c13152db885d0c9a0d4608e7c6dc6cb5c5174e9e711c8a1dc38dec589a37

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
512B

MD5
d5436db2f6ba76e22fbc558843b59fc3

SHA1
c4187ff0e147cf2d4d934dbe49bb1e27f36c0b03

SHA256
496482049e9fa5beda6cbb1ff3238088b34e31f50857b918f6013a8f50afe8df

SHA512
5b6445190391741f9194efe8ac69cda11ceee55f7df2b23f636c1ecd398785aa9d6a4680b2fffbdda184584238bdcbeb3019df37f08683189a26264a74bdee4a

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
778decf8c063f8098434d28943d0ac30

SHA1
873e3fa83b64b1cc7034b1989797c5aee0259940

SHA256
1c4a777d6c46228cea54b0f359243d6e67ac0ea2176bce684b451c9c80521923

SHA512
c2f82c8fd4dc0b9f9a90455200aa87b7b121fe8194845b97687484445ffff95fea178c4ae53b07f27b5ad675c033c701c3a0743c1e1fb891b984ffb805f01ae6

Download Submit
/data/user/0/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
13642fb2cd80325e5f57a6818e611992

SHA1
7e8bfda72cce5d94a27ea466a4c3efd4c2633f94

SHA256
a997f067e2632556fc18c447093793f275814aa58d3188c4202c3636d05c1449

SHA512
e1eb0a404b7540d568a4ffc1c365f2df7db7a6f6febb1e0b5e85d837c86e8af06e1a76cf5cb468c87e3912b39e1982b0e0fa36647c41aaa1b232668b2c1214d8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads