45e9c4e683847109146275de24069e2f8b62e7d87cafa8a84345eff0cfebc482

Analysis

max time kernel
147s
max time network
184s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
30/05/2024, 05:49

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8335bb547dee3905dd7c7d36b8bffe29_JaffaCakes118.apk
Size

11.0MB
MD5

8335bb547dee3905dd7c7d36b8bffe29
SHA1

c5cd707777287ee350cad69b23fe68e7426bdeac
SHA256

45e9c4e683847109146275de24069e2f8b62e7d87cafa8a84345eff0cfebc482
SHA512

c0d01e4dd7ab69c87c663d49d31d4272754fbd0ddc2ce0b564ec40d0004d337b643321be2bd40e9094bb6a64971d46f668370a4852bbfa655960301d98bded01
SSDEEP

196608:ZIg/1Hcv+0Exq6RG8d785gFM9UTpamI54rQ1oCK/amzU+mBVcCWoA:n/W+o6RG8SD9UTp+4rNBzU+mBVtWoA

Score

8^/10

banker discovery evasion persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	tv.dayday.app

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	tv.dayday.app

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	tv.dayday.app

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	tv.dayday.app

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

tv.dayday.app
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4266

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/tv.dayday.app/databases/rep.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/tv.dayday.app/databases/rep.db-journal

Filesize
512B

MD5
66b34240f869d9e7a8e989fc4636bd41

SHA1
92009f6c4006a36d8976d713b286c25c9c3d9bb0

SHA256
a32652b4e6a490e82f78b2ea2b80e72f3390af470a84a52983c4f701cca890a3

SHA512
c13cefa9b28fae8639ea83f2a26102ec0dfa0cf07e0721c4e578f377dcb381f48585d288b06e2fdb2d70f820aea5f17f52739092a655d79525b90c233a310896

Download Submit
/data/data/tv.dayday.app/databases/rep.db-wal

Filesize
36KB

MD5
c88cecae7977430f5b20858f84b462de

SHA1
e40b4dae1d36e1efe310e91099e9eb0ce3687252

SHA256
4e1d8c4bb0bffb7108151e45bc826fc7295eac1205eceee09b1762807123a3f8

SHA512
fc37a10fa00909633eea879596bcf76128326753b048d09f2ca13ab3064162da4a199367bcc8ad33beb447ed6ec3b5207c1bd0bab26426be15b45c3c4247d65e

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db

Filesize
32KB

MD5
f1dd6eeab5ed9d4c90134158359e6bff

SHA1
c46439cd67716f0a1e403168347bdc4da22ae8f1

SHA256
77bea14459b5c1d2b565205d4df198cc77bf5116bf152089183bdb2f738cf172

SHA512
eb248974710cf12ec4573b4ef964348362cba7366eca10838ec038bbab22bdcb57c4724526152977badc8fcdcbe078106a62d118d493fd47f97b6e5f17a2bec2

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db

Filesize
24KB

MD5
127defbd25112db87ef44a8230c85db0

SHA1
fa1d535787c86441d471276a62c968be16754935

SHA256
5cb8d53e483e9733b2301c88dea3cc1d8bcc0f8da0edfc01f9ad61fd25ef09da

SHA512
47976a19463f409ee1213b1fba8626b3d293eb7c75a2db6692b78053804190f27d9ccc0f9815f5a8618afe4091e3c2f02e7d01cc6926304ab47bb9fe2209b06c

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db

Filesize
24KB

MD5
df10c5991ac72910b211db888e57064d

SHA1
f31461c2c4660cdda5629ad438611fd2d3e0d29a

SHA256
d939050e136a3fca45f946fcd1530063c4bb38f59023a60f8434e7febbd9c179

SHA512
e4c11708e33fc3e903ac7e19944d88335448278c1d8249c6aff26ad8241f4c76057f0a9418fbc9b4214647ff709a683bf052fc668b25622ec2a29df08a2cafd9

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db

Filesize
24KB

MD5
c343299d6038aadc5cb26cc59522290d

SHA1
592791d2c33bc91481e85a767a711706b20b5937

SHA256
bc5a1a8e814703d3a7fb89f86525ec20f9ba709462d7f54c2497e757a70289fb

SHA512
3c1509aaf649b9ffef811558f53468cdb7927e9b596d33121a9abe8e1d4ccee01f27e5213f529728801ed7a4d69bbd13157ed2db7bf48ad197a5b74a581c53af

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db

Filesize
24KB

MD5
6cf72adeea050b8403a1a6eb6e20cc0f

SHA1
6f8dfacf4d7ba80eda08403a56a6d5ddc91c1ba9

SHA256
66f1f91261ef90ded1e880fbd237d46fe208320bb140bd7c72c540fc6427e89b

SHA512
f112923865db84db2f0dbfcdac93d4c9170d40902b42d3c01abecd1a671a3db8da60c766c83668cd769bd3167d72b9a21596b077f4d03bc0fb06a71d7199dce9

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db

Filesize
24KB

MD5
cdd2b317270aeeb60a9837a9a8194f36

SHA1
98a7bf9ba7ea024d66fa1743b47ed84784f22127

SHA256
fec0c69f8aacf48ffd4c0f789c0bfe3daa3f051b500de2601221d43545ee05a0

SHA512
09eb44a9417a7a57fd09e4110406dcd997cd0fb8cf51948654b7fff9facaff33c07fa7da94e8352c368d6f5c22ee523acea7ed26845f012e64448d54c0a58128

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db-journal

Filesize
512B

MD5
38908f1f0e986b08f475bb7a988245c9

SHA1
6d233710d22c0e3e894ea730515c20d496bd054b

SHA256
4041fec156badbed7a7fc0ebddcc0308a4bd0358b8fbe5c29be2ff506d3f83e4

SHA512
40ccb14d64fef5a0910dc6e84f9e4e88db8bb764020a2a8edd2cd86b95a82415ddc9d0000cf52e069642e7e5253f049cfb2cc85ffc1389180997da03f7b008a7

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db-wal

Filesize
4KB

MD5
5b66c6366eba1040a6120b09cf885c7f

SHA1
58b9eec8ebf6abf3c282247fa25ad790bd9cea93

SHA256
14fe7a501bb8ee5c81c3453a4d63ae953f3fd397c9dacb3109dc99a7611e197d

SHA512
b183c6a90bc02d1bd58f4d1e34169ee647baec1fd3769f5ea4653e9f43ab0e57039767b8791580558fdf1d9b20f468a55670e7b1d568c8031e939e5b481a80a2

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db-wal

Filesize
8KB

MD5
19d981139849838e46985cbf7bfbc71f

SHA1
5f46d805bd087da33b3b72d202e1c543875239bd

SHA256
02524132b1a6a652038d667753055a120c2842948fa821fbc5d433f19d218533

SHA512
401a2ffb8b96b3fe3f102d442ffc8669fe30cf00000c50554c5100dbd5fd6562805f3aad1f392eddc2106535ec124398f4e656ac5d6cc1f281500fdab37f3bda

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db-wal

Filesize
8KB

MD5
f894b26e716101001e72499b597a175e

SHA1
5bc09a17af2751a69a1df6b96961d0318a10e4be

SHA256
0c003a6a6f9b73d5f86cc612f8bcd0d89ccb828527198798d69671e5d8075e31

SHA512
0988675b4b3cd977dd1ba8d4939f13f66d3a04a5aa8a5834cc86d44b17736bb03478f28929a7697a06f3ad596e2a208528d84d18bf222a30224074c1dd56b2b5

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db-wal

Filesize
8KB

MD5
a6bdaee0945d2fd8efb1104e03462f86

SHA1
85c4a8ee5f47b657aadc6783870177255bc50b36

SHA256
31af53a8cf49807cd7832b2eb0a553319aa365a11f930052a64833d1bacec23a

SHA512
b290a2b0bec89c6db22e27d491caca0e8bb95fc664a1990ce52b1dfa55fdb9c9300d3006f2a6b138d438fa5938fc2884a4f8709a6b30f022a2d6f04c5c946c10

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db-wal

Filesize
80KB

MD5
1c914e523db2ba238df69d14a263dc82

SHA1
ea3d73c7467095adef2a76f00422959752c98a2b

SHA256
a2bcead4639dc8c500cb1d0635f30a9142237cf35e2bec381a046214d3b5a2c7

SHA512
b48d33a74bcde922537c6ec4d05112fbd2a4a59251474d85bd682f14bd846bb3d5b49aef3b0143e18faf57409451524fe013f6a2a1284c86c926eadff8a4f1b9

Download Submit
/data/data/tv.dayday.app/files/TDtcagent.db-wal

Filesize
8KB

MD5
81e472f7cc11de20d9e999673228d04f

SHA1
c40ea678ed06ea47a173441970fc37a973bb57b8

SHA256
f4fcaca107b95e2907aaea6c4c2770f19a09aaae785d602142fa0d97e39edefd

SHA512
a8c946ad211982688f23ba478ecd4b24ff5f6dc6d46f845044ab6d6684fc8768b1ae9dbe3045ccbec085f86e296ce6e1e1f6e4f04315b2276337539c745b8e83

Download Submit
/data/data/tv.dayday.app/files/blurred_image.png

Filesize
10KB

MD5
e8603e101ed372c89a9629a08b108f12

SHA1
82622bfac2e2db4e0973f06a5162e8cb4587cff4

SHA256
aa00b216903aa3bf112ae8bebe92f22792cc72ace7f0574c5a4365542c4afe8f

SHA512
d04b68952180e0897d50fae991ca6d64027b77f0cea2be65e6ce8a29c292aecd3f15b35c756fbee4efa58759d8e4cff118457041b67ea30b7a76762330c4859e

Download Submit