2f07e915c1f9e7589346d19854a70eb1b343800a7d141e1c6d7373da8a650088

Analysis

max time kernel
14s
max time network
152s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
28-05-2024 06:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c1244c864160d05f260cdf5b47365db_JaffaCakes118.apk
Size

433KB
MD5

7c1244c864160d05f260cdf5b47365db
SHA1

94ae03af340e00208d5f934a71416b026d298f34
SHA256

2f07e915c1f9e7589346d19854a70eb1b343800a7d141e1c6d7373da8a650088
SHA512

3ef375f3c79d907d7a756b5e35b2e836b3402f44a9392d22d389e336b31950764ebebb889014f9212b96dea01ecf7b95b41cfa9584ec865831e01febbd06e15c
SSDEEP

12288:79y+cjUQ7KCvaXEJwUOEDryP0aqwQ5L3J3stcUV42g:4+qGDEtOEDr4JcxA1U

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

Suppress Application Icon
T1628.001

Processes:

app.six

pid process

5095 app.six
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

pid	process
5095	app.six

app.six
1⤵
- Removes its main activity from the application launcher
PID:5095

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.six/databases/a
Filesize
24KB

MD5
8e5c58d97a70386139008313eb4ba7b5

SHA1
7233908909ef42393c4c5128c70d02d62b0e6186

SHA256
aefa4cbdcca9d7dbeadbba17a57f44a93ab159cb1d6ed33b5c86b119dd6d52fa

SHA512
84d5481a1ee989c00f6564b0b64e092471439ee026099d715f8b622909a442c3b31c5180d2cc5daaae71fee5dd40c02fee015e892caefb7858f89f20320f002b

Download Submit
/data/data/app.six/databases/a-journal
Filesize
512B

MD5
8e48122a85079162c9fd76c795e3a9b4

SHA1
674a6ca60a6b225e3914b0658c798bbf8943fda7

SHA256
c37e4549e227bc1c6e89f5c141c6d74b8d1d2e29e1b403aa0aa37faa690aa2b6

SHA512
f088cf81db0bcd8bf21558281aa3bbc2dcc7ab993c3b5a0d9082babd08c1fac1551548a08131f519d0cfa779c343e7ce735b84b01f9f9799fc380b59ee6e68e3

Download Submit
/data/data/app.six/databases/a-journal
Filesize
8KB

MD5
3820a79972ab7385b1f8b9955a6aca02

SHA1
a733dc59d572110de9a5cc25be05f724e1f390df

SHA256
5579443d4dd4b9a399aadd9fd2e3641f037e01e7f800d3b5efecea279e6f284d

SHA512
962131128ae97849f3656b49b290d1fbf39a84fcbb0764c1cda160812a757b10f696c4cb924fce6b772f1341d47816394e29906a6110579315c3d62e64f2f0ad

Download Submit
/data/data/app.six/databases/a-journal
Filesize
8KB

MD5
98f50729e13999f923286d1006f499d2

SHA1
488c80b7ed2c696cf052236baacd729a0bdccde7

SHA256
63d3e9af07e15bc81ec21dfaffc491d6c0046004b0414821f5ca7ad223498c81

SHA512
941b6dda0d840701355a93edca7f47823e882cabbdeaea047f9b58b189d581f18b09e1f0fdcc36e3d82de6200a7bd53ea43ad6caf9f8c7e5367738a57d6abd66

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
89044fad2654999582f116622ba12917

SHA1
a6fb0cd6295b5d155cd1419ad28b45e4d6599068

SHA256
22761c66c07b6c10ae7df1e4e10bec2f41870391a75ac93f8bc252502e4e3d31

SHA512
74ce814d29897620eb57262bfa04e23d914904ee58c2325fbfdbf7d9f01add4046c28fc2faee1038f1766442798a2da8f8513b26a4772f78e0b628fc77352632

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd
Filesize
16KB

MD5
50c198c9396d252f6ade8d93b26748fe

SHA1
e56153d33595c35705d0f588c52e05f7dcd05fb8

SHA256
b8bc86c2108bc9f2c9f5ddf17b5e461375f817d6b289a2155e1db23adc1a1387

SHA512
4b6dfa01781905c52970e9c737ee4affe1a6e92fb8026d9dcbbdd99e20ecf73c86c1577be7c0780eea253033bf01b5f6434dcfe42f1af193c88c07af27bcf075

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
512B

MD5
14a9fe374eebb7184c1aeae6f67e8930

SHA1
ab4481b4c0216be4dd148ddef0a47627b3c16d3a

SHA256
392ed7592878e632b95c5de66e925a38f4a15f5b6ea9bb2df305bdc215f5ebf8

SHA512
a9e23287bb2c50f8369a15b03d1ad61bc04e0593338450e8fe24a14e9dca3ebe30a7be5392b1a1fd980270d76bcca4bb442282e8f3c051a6327b2a8bdd117625

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
77f7bbff257541e150a7538857384a45

SHA1
c0548cf9e2bd649440667ac387c5dab67d9d4ff1

SHA256
068454111bac3e6cccdcfd06126492a6565faa5b603afd6d0b95b9368cd92256

SHA512
2df2edce85c8fb909bca2e7649b6cc4197802c2a9f17d6fdd6749eb194571a7285ec9e72869fc1e2f8f45883ee0a1b1983ffb8dcb1e9d95eb3270ed30355dd0c

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
a57ea0e736fd332475a0b0331f31c511

SHA1
efbaa271c61b3f333ca4792f06a8c024875e2fd4

SHA256
bdc09489a3265e71c89b82b7a60f890abcff943c56b7e2bdcc6f5abd7cd22e7e

SHA512
0d1d1677675dee34cb03f8d7fac589ea686c2c4d91e4bcb907acbc035e79ee975addcbce7b7075e8bacfae49eeabfbe53850192ca20e3ebc9f5a924c7594297d

Download Submit
/data/data/app.six/databases/sdffsfdsfdsfsd-journal
Filesize
8KB

MD5
6595b8685995641e018eb2b5cca358ed

SHA1
dcc6be5920870e2e3556e0ad3fbc6d668f9831f9

SHA256
6a1df0364f84b7c34986a57a1ba798802d5f8e0bfe9406bbd5a388dfa26aa6c7

SHA512
9dd1707206afb1002459d0d146be1e48b2d914a859bca227733b477e11c4cdfb970b6e2f42ce47544b6633ec8c52d81645d9671f1aab129f1035c0dc98de43de

Download Submit