0813f423639b63645104b7c85f20a245d83dd3c61badee2de231da66fe9b4d70

Analysis

max time kernel
28s
max time network
156s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
27-05-2024 09:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

78bd894d527bf6e5e36b87f4436155f5_JaffaCakes118.apk
Size

3.0MB
MD5

78bd894d527bf6e5e36b87f4436155f5
SHA1

d7037f1cecdbfae3b90f95355be4a12bff112c56
SHA256

0813f423639b63645104b7c85f20a245d83dd3c61badee2de231da66fe9b4d70
SHA512

ce13b511007b3534e93aadbe4a0926f8fe8193dea3f36e16b911ac377b628c852374bd89cc2b2715cd0e82ee4d43f407059cd1b45812b0dc9764c7eb2667faa0
SSDEEP

49152:1LUz7Ec4xmnlGFehyQdtBltOh2Y0WmPsG8GOWPnNBG6GzfEJ9tY:1oUJDFbs7ltOh2Y0JPhEWPXtGz2Y

Score

8^/10

banker discovery evasion execution persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

khone.deservashirini

description ioc process

File opened for read /proc/cpuinfo khone.deservashirini
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

khone.deservashirini

description ioc process

File opened for read /proc/meminfo khone.deservashirini
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

khone.deservashirini

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone khone.deservashirini
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

khone.deservashirini

description ioc process

Framework service call android.app.IActivityManager.registerReceiver khone.deservashirini
Acquires the wake lock 1 IoCs

Processes:

khone.deservashirini

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock khone.deservashirini
Reads information about phone network operator. 1 TTPs
discovery

T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

khone.deservashirini

description ioc process

Framework service call android.app.job.IJobScheduler.schedule khone.deservashirini

description	ioc	process
File opened for read	/proc/cpuinfo	khone.deservashirini

description	ioc	process
File opened for read	/proc/meminfo	khone.deservashirini

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	khone.deservashirini

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	khone.deservashirini

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	khone.deservashirini

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	khone.deservashirini

khone.deservashirini
1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Schedules tasks to execute at a specified time
PID:4281

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/khone.deservashirini/databases/__pushe_base_lib_db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/khone.deservashirini/databases/__pushe_base_lib_db-journal
Filesize
512B

MD5
525c6ba42fb647e58a41e4b8b019f3be

SHA1
702fb966246127c2283cf6e214b3d1965ecc4256

SHA256
c72610fc78a6f109ff5e0dcfac8bda21b1252a355b78d2831b746999bb44dac1

SHA512
79324857ee54f5f5c11803e352518bea2e931c11baef02ded6c6163f359f3603176f17ee2ed44ab6afab95a833ee30ab7c27da8856ace9160ccad9652718c1ed

Download Submit
/data/data/khone.deservashirini/databases/__pushe_base_lib_db-wal
Filesize
92KB

MD5
c75e9ea2c2a6700c1d374fb13f51a59c

SHA1
94effb3b3000a3c30bec547f0f9a93154a078815

SHA256
584d4eadc0b070342e921d5a172217c583079f3f0e611b3b422c9d0211a3e1fe

SHA512
2eb1d29bd2fe72cefb924b3b1902713260509cfc0e941ca45d767d73cfc3e5c6c369086c8c933299d6b8af974caac3dc48167b5342f0c8dd12693ce697d32e99

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db
Filesize
16KB

MD5
f8323d60aa312ed3b37c5a326d208a09

SHA1
5ca422772e2e18ca60582b0722e2b140b9d6784a

SHA256
4cad21457cf5e13fa2ce645b8b75da2164a7a0c6039e0caa4d82f6fd23ace64a

SHA512
be4b602b9e09411f8ef7f36fe15464aebe2926a42772001921ba2a8f25d0f7a6c1e024aff2890385a171e22f96dafd111d8ce8fc3d2907a08fe41bf37547ab8b

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db
Filesize
16KB

MD5
40e7ce69872c5ce8b961b25c5ec4117e

SHA1
e77b1a9712313e4c69aaaaa5244360d58d078c6d

SHA256
d97c3c9ddaf4255b157ad541c3b1f1f8ad6ccd8bbdb05edeb2f5682a042daba7

SHA512
3ebf4cac7b20e3985243664fc9169d41655dd15e52a1ae86cbab488fa89591daab66d8fcbe23f8c1fb7208f6e670047459ac3261cce82e703f0f2be2908db62e

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db
Filesize
16KB

MD5
09a8d47f1621806543942bd759c8fe91

SHA1
0104fb12b70a6b4b186e1f1083272f12953091bb

SHA256
6a79188e1a74f45021ecaec8997ab01ab5d581e8b7e8faa0f8655f810ecd58b5

SHA512
03adfcebcdeadd840b2f602039cf8cdc92b63e6a4d9513040e67f25a037be4336b2d70b24a71e0b1c959133ad7a2b68de1139c5e47cda121c7b76fcc7e9cbeec

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db
Filesize
16KB

MD5
60fabb7199883ea2d249873e0082ed4c

SHA1
3687721768290863b44ae6b181481006ba3dcde2

SHA256
eacf2e421ab56d7b64490e7420aa05ba7da45ac5841d8dbadc147cc8e06fa6e9

SHA512
a583d7d108963ef679ad76ca5714e9a1a7764d03733d700d739c1d199bb1745a83ecec80f2eb5a5ab0366aa9cc6efd7924332cef224d39542bc3be44342f4cde

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db
Filesize
16KB

MD5
978fdf85b8448e3a7c9015e51477eb49

SHA1
793bb88398dc9457935a4416638d5ed3974baf19

SHA256
8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92

SHA512
852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db
Filesize
16KB

MD5
79b35fe1b88796e60c7b97a53fc35abc

SHA1
6ab07ac24d58e2d4b44ed11a762e8603721b5cb8

SHA256
34bf26fbbfa3917324678b8cc6259f3e843241cb51928620febf9ba26e210604

SHA512
5b3c093987074bf49ca1bbf9baf39611abb6bd6d8e07d793ecff1c200cf89be88d67a678b2d7d992b5183e3b5f277656d2cb366d16e23ce84eb94097786d7f1d

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db-journal
Filesize
512B

MD5
fa45e8cdadc720e40a830554f95ef8d7

SHA1
a3a85a54fb47cac9d8b71d65c2a074a48b2b98f1

SHA256
141e1174c70d455795a068aa5c55ddeb6360437475d2187ab32a498cd7db794c

SHA512
99790fdce92ab9f04e4831114775d2f629cd0ae98a9458727413b593afd4a5c71b0f9575005802d3b026ceb4405c7c7e22d0861e98370a8fd08340435f088c59

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
7fd503c4865998fcc2262e2081a8f94d

SHA1
06d9a6a74338e3dc57c3ad36f204abd190133a33

SHA256
449ccb52d1f856d05d1831abfc5c623a333d666bc3f91ea4a5e9c04d4d11673f

SHA512
b62118c50b062dc74743d63ed4351399d9d751dcb8e4a63d180e433b32ce50473b487b5454430548a2372c4f596df9b67cf4ad341e0602cea6dc6431058b9d98

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
546f005e57e4a4907e1c612cc637fd50

SHA1
822f74998b413494a047459daf081ecae4c302d2

SHA256
026ffcce2d12e24c1bb0aed0fe591a03a02ec7cb355492973bb71c22b15285f7

SHA512
6944f830d8cbcf49a3526acba7948901e2b14d005c957788cfe11e0471327020a45c1e4816e82f533f5c71caab23b27f606b2da7061e85327629d81c6fd09d3a

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
08815508f25c7bddb49136efe93031f2

SHA1
ba3690068c324a1cfbf1f7e82d447f8d69bbdf2b

SHA256
57d3e663ae31df70d232fb57f55db93f165ac044372aaaed726994961de12d6c

SHA512
0cbd65ca52b530f49f6a62803340c098e424826dc0f2c23be9db2520e933438fa509912d83dc17b0bba78dc6f3fd907bc6c4cabbd19f5cbe71dc995add49dadb

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
323b3ea0bef035781f062d701f1445ea

SHA1
be08830bb1bbd74ce3b6d628cfc0e6372b182a22

SHA256
6afe18d953a57f8da2a6b22ed5056489c0807803b9679db7d234692fe3dda1aa

SHA512
b04ef0054a9bdacbf0c213324083589ef8409dac9bd17149bcd71806c1ae098b0b9d2a24915544458beec170bae8a4ce3bd748cb61400708cf12b7b9582fc09f

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db-wal
Filesize
28KB

MD5
db5129f69f4cd52f1b15f604111bb050

SHA1
77ed01d6e989e21c108f53c7ae5ad47dfcfb488f

SHA256
e3fdee9fc65e5f3c9d435c7ab2a8f6b7d441462c554b75e7fd0770189eabc99e

SHA512
2580098298e78bfad373c7904b9ad2605156bfe6442e8852226beba5c7f2d1e9de4836a1aaff44893e7636e4c4e79c54343196ffa9e9234ec4d75d86c3efdb21

Download Submit
/data/data/khone.deservashirini/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
04cd8175f936ecd11f8d9faadececca2

SHA1
5e31f781453b82028a798d4794ca269b69e0c4d9

SHA256
3f29ed7da8e693aa39ccb3cc92c03cc8c0b23da2934cd2e578b6ad678616ef62

SHA512
619ce013261fb5f92f1e9232c309a21225bf093b49c1348632ad73823126ea45a6f628522b04fc2232f0212c28679d8abaff4473272585fbec4b1b616a024974

Download Submit
/data/data/khone.deservashirini/files/unsent_requests
Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads