2f07e915c1f9e7589346d19854a70eb1b343800a7d141e1c6d7373da8a650088

Analysis

max time kernel
12s
max time network
156s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
28-05-2024 06:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c1244c864160d05f260cdf5b47365db_JaffaCakes118.apk
Size

433KB
MD5

7c1244c864160d05f260cdf5b47365db
SHA1

94ae03af340e00208d5f934a71416b026d298f34
SHA256

2f07e915c1f9e7589346d19854a70eb1b343800a7d141e1c6d7373da8a650088
SHA512

3ef375f3c79d907d7a756b5e35b2e836b3402f44a9392d22d389e336b31950764ebebb889014f9212b96dea01ecf7b95b41cfa9584ec865831e01febbd06e15c
SSDEEP

12288:79y+cjUQ7KCvaXEJwUOEDryP0aqwQ5L3J3stcUV42g:4+qGDEtOEDr4JcxA1U

Score

8^/10

discovery evasion impact privilege_escalation stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

app.six

pid process

4254 app.six
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

T1422
Tries to add a device administrator. 2 TTPs 1 IoCs
privilege_escalation impact

T1626.001

T1640

Processes:

app.six

description ioc process

Intent action android.app.action.ADD_DEVICE_ADMIN app.six
Reads information about phone network operator. 1 TTPs
discovery

T1422

pid	process
4254	app.six

description	ioc	process
Intent action	android.app.action.ADD_DEVICE_ADMIN	app.six

app.six
1⤵
- Removes its main activity from the application launcher
- Tries to add a device administrator.
PID:4254

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.six/databases/a
Filesize
24KB

MD5
d0017d12f9fc771e4752f1f43c3d6284

SHA1
766d2cce53d16e58837f9e874c5d7dd2aada7db6

SHA256
ed79a324c11f732ee0225fbe4f1a0d7cd15771e6fb5907c116aee78a73713844

SHA512
ab9ef3ddca8b3bdd9f6a63d37962b8856032ccc892c8c3613de6628862baa87ff94124728c236be30c2adf392ef80a39b858350511421242ae10a611da941b6c

Download Submit
/data/data/app.six/databases/a-journal
Filesize
512B

MD5
4450be9cfb0cba76fcf2f026e7b13d8d

SHA1
8b5fbd26284ffc618bae44628232adc9af8fa0ff

SHA256
10b628ea5d2847e191d2c3b5013a164965911b25207f86216249f9f8335be9ba

SHA512
171322fc7ffc192360e0f9d141f3dd372cd27a0bd1853da7e1efdf7e243bc25dba80de43d629a38d62029e2f8d5fa6b1ee043eb8c14196c178fdf79a77fdc2b1

Download Submit
/data/data/app.six/databases/a-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.six/databases/a-wal
Filesize
36KB

MD5
38431485e6bf5ba2755eb4963cb43cec

SHA1
3ac03ec843bcb3135c01b9750ced6b20d8b837d1

SHA256
f1f5e61ddf518c31ce72f00fd5e05050900e62a68127381a1703745024bf1a64

SHA512
a60bca08b1beaa81d23131aa1a1c9a78af18c49c1069aa1bdbbc73b107e955b9abe33f2067fe8566cb859e8e849892af225cc5cc3331b388c2a974f7a8683a0f

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
42005fbb6d9d56de7d8b1015fe4c9cbb

SHA1
8010315e7d981b4a08aacc30a351fae6e0ce2f5e

SHA256
14ce15bb6b0861a8cc70061436f14eff05269331a0bf7b46d8a26d84ac31c100

SHA512
e5071ec58a9fd6f103263d034afa1591b6f3e22274d4e2865bb9089cb656742c45bcf4136adf83c2b18a67b8dfd6c1cbe68434ab4b684d75fd885add5b071df6

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
9f54728978b34500c46e071c633832dc

SHA1
0e5642552256ef9d4b317d1e7a2b59aea24c06ca

SHA256
bde732597c3ab3066091049b11950560419df226ac259be323a9e538a137976b

SHA512
fdc6a4c3422a4bfd46ee3ba2f7fd34228bf695996190842c4ca52ed336ef29332e48fcdd4b99849d71c9b524c007f6b0e8a8f9dd37450ceabca2d8827b8cc712

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
512B

MD5
99184380e4d4ecc0d9045e9e45945f7c

SHA1
840ca665ad7352e5bcd4ab396e33218f1798f643

SHA256
e8ad4aa3a8e7da2be7fe99f33ca6bc86c9546a4067f0f8a108929e1658a15745

SHA512
92fb2a7acbec26303cdee50abbb83c7dd5639fecd7974a1a633f9a06e6ca10aaa0af1e4c231d52c6ab16fda619c86a7e51c2ee9d00234aa572a802b158b4fec0

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-wal
Filesize
28KB

MD5
a0c6829740807372f3ef36a3ed992a1a

SHA1
326f8aba5219584768a952105d2f4749a30afff4

SHA256
076ea8cd35dd2788c9b59fae8013d2f5293691218460b9bbe0d8b2e3e199f0a6

SHA512
7e5524eeb2f4551952c0164317bd041d3cdb0c82dab25abe70a62545281ff719e1e13dbaa455992d3e776eb2317c51046eb38852add56903bae4bd1f337d76f7

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-wal
Filesize
4KB

MD5
004dce960f18d04ecb3ad08034e48974

SHA1
9d89f65b031374c8844c41012f639158e5055dd7

SHA256
7c576562a4f5fdebc2b7c51377ebe61628d646e3ecc0e7b87264fdbc0062dba6

SHA512
c5bd74e280c87fc4d1ab093f2c03848ab54fc72ac1c3d7621df114793b713523d3fdf0183f3930838447dba4d56dc558f477b3cd31172c13ccad880dd2056456

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads