5b15ba0db3706287a729a0cf464bd88e3cc01af55a1ac185c480f4f2ccde9785

Analysis

max time kernel
133s
max time network
171s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
31/05/2024, 10:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

86a37b6f88b734111611c9623fd7db98_JaffaCakes118.apk
Size

2.0MB
MD5

86a37b6f88b734111611c9623fd7db98
SHA1

ff633b09439c0492e884e747ddb1f13bcdc45c75
SHA256

5b15ba0db3706287a729a0cf464bd88e3cc01af55a1ac185c480f4f2ccde9785
SHA512

570ab788f2ca2bbbf83cc1b39f3fd9a3e64731c745c297d12839c9053d41214a1c58a8afbc9f6deb8c2509e5407a22d250f2f24b83b1c747f4b4f90911959c10
SSDEEP

49152:Ji/FKWVCknhVAdx3677Cab4DumCWRXtW5IFVZFX:k9TC2sxoqShWnAmB

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.ull.mukqid/files/fu/QFyJOE.jar	4357	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.ull.mukqid/files/fu/QFyJOE.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.ull.mukqid/files/fu/oat/x86/QFyJOE.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.ull.mukqid/files/fu/QFyJOE.jar	4332	com.ull.mukqid

com.ull.mukqid
1⤵
- Loads dropped Dex/Jar
PID:4332
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.ull.mukqid/files/fu/QFyJOE.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.ull.mukqid/files/fu/oat/x86/QFyJOE.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4357

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ull.mukqid/files/fu/QFyJOE.jar

Filesize
962KB

MD5
3437e1633e1a0ede1cfb88e1d8f36160

SHA1
0c7a79157ac3887ed966eacef81a6f1e35b333f7

SHA256
f5ed9e7c4606da0fc3497f57109bce43a5ebc801f27d24c5c32efbd81c6aa54a

SHA512
a45501e5d556665ad671ae13c7835f39355c794972d1fdd882dcbe552d30cc2740ab0e4abd0c4b3c6d881c8b3a83adaefd7d4d72283f355f8d933f462f4775a1

Download Submit
/data/user/0/com.ull.mukqid/files/fu/QFyJOE.jar

Filesize
2.3MB

MD5
e2306c9e10e5eb9acaa0afab1720b5de

SHA1
d3951d194b2f5b258511194248ef3aa5922af72d

SHA256
d2b139a74763cb5c014c536548eea305b082c830177ac3c2b9aded656518bf4f

SHA512
820346808ab55733888949a113bbedc8204c8304bf13a128b4116aad0a8e518d8ba34aa495d4b09d8783c666938cefed066db79f17686f0a05daa2c36a53a9e4

Download Submit
/data/user/0/com.ull.mukqid/files/fu/QFyJOE.jar

Filesize
2.3MB

MD5
ee735559a3063161a9d28162913c62ec

SHA1
3bb484986359584d91f9ebd6d3d72bca6e478fe2

SHA256
919a48ad95edf42cedc8d1b8b14bfb5719a8d3b557828370693e6aeae3b9ce67

SHA512
9bc9d44d28a085f3f61ff96b4943f4b5e4f659c2970a7f6dc22249e0a2a94a0a3b7b6da2c0e2d4637389cdd6d5de97a71268231c264c0415f928047bb2e4af22

Download Submit