Overview

overview

8

Static

static

6

8142e957e2...18.apk

android-9-x86

1

8142e957e2...18.apk

android-10-x64

8

8142e957e2...18.apk

android-11-x64

8

Analysis

  • max time kernel
    179s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    29-05-2024 15:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8142e957e23ebfc72f39e604be23c85c_JaffaCakes118.apk

  • Size

    2.0MB

  • MD5

    8142e957e23ebfc72f39e604be23c85c

  • SHA1

    b97ac5b4faf4366d9b565941f49071d585ac0e99

  • SHA256

    eeb66f9a06bf50ac5ee96c7f62b2c1ca35666d4bebcb5fea3428482176188845

  • SHA512

    c590b9d331d265ebe1f46200eda9eb2ee066bb9af756de647456bd2a2ae7e4cba7edfadbd85587b27753798dede48b6ac0ebe8762e6a7a26a2fdca83678ad577

  • SSDEEP

    49152:HEYOTBboDOoPvltt2xcpDVw9v8ElonkLreLHqmMwV6n8AhCoOLBF:qTYOoX92xmDVwlNTXeDABn8AhTOLBF

Score
8/10
bankercollectioncredential_accessdiscoveryevasionimpactpersistencestealthtrojan

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
    stealthtrojanevasion
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.android.application.wallpapers
    1⤵
    • Removes its main activity from the application launcher
    • Checks memory information
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5112

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.android.application.wallpapers/app_ttmp/oat/t.jar.cur.prof
    Filesize

    299B

    MD5

    4c0c2576008c386938e57d5f2d2549b5

    SHA1

    c0d6eef05070117aeea1e6fd018f8d4e5369dc5f

    SHA256

    48727c19c57584b7ad2b30e18ecf8cda9fcbb36deab50a66b7d06c72886b8002

    SHA512

    4a8673daf69c358c79dbc2bcc1248ffac310899ba08b8d4afa1bb2bb1ebc14c1bdffd5f740dba8e013751c874e6f65b7c2037850dbb5bd42905f57fd269f4522

    Download Submit
  • /data/data/com.android.application.wallpapers/app_ttmp/t.jar
    Filesize

    203KB

    MD5

    c3184db83870a63deb45ed578f25fec7

    SHA1

    b1b84184e9e994135fe2dcca1a05fefa0e10ff5f

    SHA256

    a0aff146f7d62f6e680d500a910c746dfbc86a628822606034e89bbd94be87a9

    SHA512

    4484ef58dc4b1adf975d77d92cffcbcf3282b93d4c1871e9b65b749f926d654abccd2efc208e025698c8537fe936b906d58bb68d82360116b8a3796430dff7d9

    Download Submit
  • /data/data/com.android.application.wallpapers/app_ttmp/t.jar
    Filesize

    203KB

    MD5

    aa175c29a495452fd9f867ea8c531bbd

    SHA1

    88f10f671a08a3cc5ddefc9d29abe1638557ef7f

    SHA256

    3c619f2a3f0849ed6cb0b4e1c9b78f5e7f4eaa0fd44f43d9f5fa056451e2c0bc

    SHA512

    e7c77b1586ddcb1911507ba52529c0faef2f987b3379cff41ab0145e6b9bf1f8e649a405c8409bfc4aa0bc7d5293e04168c4582ae09fb65b665da87890e301bf

    Download Submit
  • /data/data/com.android.application.wallpapers/databases/com.android.application.wallpapersb
    Filesize

    72KB

    MD5

    174df6e7fd017a15cc0db8d4ad860c87

    SHA1

    9cb35b596997334d040aaa55e50ae0da058c53aa

    SHA256

    536c660403c295e04888621c0447bd9a06fbe451f1be6081bebfe06451a6f438

    SHA512

    dd2dfc3b54eb54a8dfe4f45601b0b289c4454ca5802813bab62dc440d62895283e5256361513b1ff853674c3ef0e1e8092a61399237d62ef810d5b21a58a1f6b

    Download Submit
  • /data/data/com.android.application.wallpapers/databases/com.android.application.wallpapersb-journal
    Filesize

    512B

    MD5

    c2104276c9fae23c93c7083118232341

    SHA1

    eba93358cfdc76b46a97ffa2346ee1aa4d41b40c

    SHA256

    690b7bdbab3d28615da5d30436d5e25d92fe143f6e500abcf4081b12840f0c22

    SHA512

    c95fba575f339e068852b9e857b5627e2c9219746c6237c62abef01d291e623bea14cdfaaff71e9a247f84c77a67938f95d811f33bd5e2aec1c90dde0388f172

    Download Submit
  • /data/data/com.android.application.wallpapers/databases/com.android.application.wallpapersb-journal
    Filesize

    8KB

    MD5

    0b19fdd0d4f6736a816dc3781db9626a

    SHA1

    dc979fe8ea10c4e31682660600480d9c9bba0b48

    SHA256

    b8d7c7634d71f1d88b1e2073e73b02e7ca0abc5b23f886092c1a72f03f6627b0

    SHA512

    6c261421595b026698805aaac596034511b383f10844d57cbc03b9dbb27db6723df00c9ac8066e4aa649f23912401d2190be67e32206dd91c3df987617c14f91

    Download Submit
  • /data/data/com.android.application.wallpapers/databases/com.android.application.wallpapersb-journal
    Filesize

    8KB

    MD5

    9517706d735caac68f2cd116eec99469

    SHA1

    066ebf458df8979cb63bb00cfc2dcbb1bd413512

    SHA256

    c98d9d7b16dd263ef4bb47b3cdb66c6f5448d9a428f41157f24046b06f64bad6

    SHA512

    641ee4bc32ed18445034253c3c32f8b02f1f5a176c230f95b65474b1521395b8fbe952329e1e6f7c792322e1ac086519b8ac0f4062a7785aaec0f92f52cbdf17

    Download Submit
  • /data/data/com.android.application.wallpapers/databases/com.android.application.wallpapersb-journal
    Filesize

    12KB

    MD5

    61e22df5be42365b25476de79cf5ae4a

    SHA1

    f11672cbaa427694af378fab2fbaf00bae263097

    SHA256

    033d8041a68167bc168521758d4c6586e56f281a7370f04bf8be2cdaf49fd2df

    SHA512

    a0f7db4deaa665e19ba0811994cb8618b27f4320d409d04e93edc9d1b4599f0c554fed7d4a018069c9ae8a57ef74a38d42b0bd3e62df5b6455aad42dd652586a

    Download Submit
  • /data/user/0/com.android.application.wallpapers/app_ttmp/t.jar
    Filesize

    431KB

    MD5

    5383314e449e4568547db17cf9acc7ac

    SHA1

    1fa9f9984c07d8ef6a7727ae93b19cf5c65542c5

    SHA256

    0111cdccccf60eea765d4d3f75e3ac382e48ea7bb7569d24c028e0bbf8c0c842

    SHA512

    a9cce14d74c1e4ec38942a2c102ec62894a0f0feb3ddcb4ec4cc69853379ed5421640a5c77edd59e6e1302af932b88dd6c772a6f4bbe041a04d2b9e4b7283549

    Download Submit