4890b52450983e19062b8fbec7143d431a4d2ee99cbfbe3e1d9081cbb9a186ad

Analysis

max time kernel
98s
max time network
144s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
31-05-2024 13:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

87225f3911ee5a5613c30154d216cf11_JaffaCakes118.apk
Size

3.0MB
MD5

87225f3911ee5a5613c30154d216cf11
SHA1

06a9721ee5ef9257354e8bb896b0ef6da8686cdc
SHA256

4890b52450983e19062b8fbec7143d431a4d2ee99cbfbe3e1d9081cbb9a186ad
SHA512

852cfd614ba04568226ab968c2d84cd452fdada69ff71d2ca9df98b2124e8ebc95a6ca271d3d26147b41a734141ff78193abc636f2ba25fb80695e1bbf562484
SSDEEP

98304:rHbC9fplocxZD1b+XysTR7eWdJj7uyuiu6gUUuCn:XClocxT0y+PuyuiuyUuS

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.spideyman

description ioc process

File opened for read /proc/cpuinfo com.spideyman
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.spideyman

description ioc process

File opened for read /proc/meminfo com.spideyman
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.spideyman

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.spideyman
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.spideyman

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.spideyman
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.spideyman

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.spideyman
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.spideyman

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.spideyman
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422

description	ioc	process
File opened for read	/proc/cpuinfo	com.spideyman

description	ioc	process
File opened for read	/proc/meminfo	com.spideyman

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.spideyman

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.spideyman

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.spideyman

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.spideyman

com.spideyman
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5133

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.spideyman/databases/dAT5YFV
Filesize
28KB

MD5
b31a8ba8c6b618aed34e5cb435a252ff

SHA1
ac980e2fd3c787af2be988d4a5b8bdc9abb84d85

SHA256
482a841047d25dd026ed97fa4a98451704a5b34e36dcfebf699e7e6db6b45c20

SHA512
27ae04b65024eae09e4d57eaa7e7b34b201d25da128af66a88604bc6aecd301f1deb52da73a38ac33311d6ba049230112db77b24abb4ac770cda896cb2beb213

Download Submit
/data/data/com.spideyman/databases/dAT5YFV-journal
Filesize
512B

MD5
5fdff701f92f2de23545ce994f2b5001

SHA1
6d129cbf3b04040df708ef9c8c34d99bce200276

SHA256
f31ef2f43d05d2262fe1c3644c75e3159f3b68af2e1ee4dc928fedd745c0cb3b

SHA512
b6552dbb9cafacb9144e7b559236505925681af9f5dba4e18339acb1b2bbd418c47c9f6864e465d72ca3a2a5c5e658b3bc55828c4c1b37340c321f29cfa529ef

Download Submit
/data/data/com.spideyman/databases/dAT5YFV-journal
Filesize
8KB

MD5
a2dafee7dfc961e659fdd4919515a100

SHA1
797a52da20c034cdf1012b764fdc5f7db2359d66

SHA256
571a84114072fdd5e9e1fe640d979884371a84d4dc493ee1d1d882d842a11d90

SHA512
7bb0724d140fd2f581aa1374333f57d4af571000dcaa53903dddf803221abd771a21c9287204170bd334586046e5be01cdf544a3644bd817860b227360a410c6

Download Submit
/data/data/com.spideyman/databases/dAT5YFV-journal
Filesize
8KB

MD5
1d09dd007a08b9a1564aa6d5ff4171d7

SHA1
284a4fa93b576d2e15399f83e2884e8245264557

SHA256
249286181f3a008466775b0d8a087af50f1c6df3955f52777ae9f2701dfb30fa

SHA512
800a4f720750eaa42557bfc582fb9fbb5b1cf7f35e02e8bd9c92d758f02cf666c1a57f74c839048fc404b01c8d7e715af2392fe3651946a8fc4990aec1870d72

Download Submit
/data/data/com.spideyman/databases/dAT5YFV-journal
Filesize
12KB

MD5
1daa6ec63d2a970e931c3d506a10f34a

SHA1
9e82c2ec17522fcd8139e74cb718cba5518b80fb

SHA256
0e625852c4bbae630c6464a366d3ab64fd94ea59f6830fd71893ec40886326fe

SHA512
344f9ba2b2dc8f6c2aa0dc32a870f2aa08d2cc36328b1acd42bfd87b56c66bb067a4b48bf1cbbbbef6105c9a5434ec4bf1f9047462d3a8aad5c716077ab344ec

Download Submit
/data/data/com.spideyman/databases/dAT5YFV-journal
Filesize
12KB

MD5
ad0cb36aa06b8c634744236d7462bff7

SHA1
117901d1df742d0d25393129b32381f1dd05fffb

SHA256
11bee8059e3279a93497b17eaa9a3acf1c2994bf7c598a7bb1af44728575e09e

SHA512
7a6a45f2d9704294417fa5ddefa7e69f89183bf8fa453e694ca554399535b16b1e6f16a9db4927f40c4c5a7d1d7779308b1659cfff73ff47fbba3d3963dc174f

Download Submit
/data/data/com.spideyman/databases/dAT5YFV-journal
Filesize
12KB

MD5
a449742fc094d1e2f59f6082da6544fd

SHA1
635c3c28f3c5098193d898a12e780dfc987bbdd6

SHA256
ab10ee01288048a2147a7bb8bc46538203fbb1c7ff98fb01b78b4ec74d3eb493

SHA512
557bf1f37001581ad860d915a703660af16a1b86593a88af48b97492d375880d700f23b21558a5c2b4564ac7392f352d97225f75d4f4f7c61a23bed0acd91548

Download Submit
/data/data/com.spideyman/files/.YFlurrySenderIndex.info.AnalyticsData_5TG4JGVTYX3S34VZQT7N_216
Filesize
88B

MD5
a33bd7fca7025020ac40bcc29bea8a1a

SHA1
cd685ea67493e1fc5f06d90598b81001665be31f

SHA256
862c475be412bde55971e9be7941b7a9a09fe9ce01c2a0026dd3130c704b7644

SHA512
92970a5f2953f1ea8ae26817219704938ed47be083c781e1642e2d15c44fdd84a06093b04fc7c4985d884dab7add1d2824e62468bdcaf7758c34895aff51ca61

Download Submit
/data/data/com.spideyman/files/.YFlurrySenderIndex.info.AnalyticsData_5TG4JGVTYX3S34VZQT7N_216
Filesize
88B

MD5
4efb5f8d4571f185da08eda6169a1ec5

SHA1
7681df6e03b0934dd775ed0de281ea04bd87ee32

SHA256
b7561bfdec356f18924982f127bb6b512ad6e2f5ed57676489b1df2978eebbea

SHA512
b8200f7022e01873adddfbb220d16f2e90f7ce493fb668f367e28076e5a52bb1fb30f5766c78ca3c8bdbfedbf64caae2b042076cbf25ab5b4be8c9313320dcdb

Download Submit
/data/data/com.spideyman/files/.YFlurrySenderIndex.info.AnalyticsMain
Filesize
72B

MD5
b93c096c4a4256a76a35955acf75f98d

SHA1
4c915d8ff701ee2d9e24fdda0ebc87cb37bde37f

SHA256
801ee8f13155406b640b4d7b630d0473100fcbb82eb727bff03585da4343ebe8

SHA512
a557418d61d18a00116c2c8de7c45e14b071fb933b45ac05c1b322952957594d6288abd2f95d20d0f724ac5acce18b14aef00009288206eb7c43ab60c5de6f79

Download Submit
/data/data/com.spideyman/files/.yflurrydatasenderblock.5e1e2faa-a87e-4dd5-9ea7-52abba7c2810
Filesize
297B

MD5
9d9c247445659623fcaef3d7906c5d6c

SHA1
6e87c44a57318b591660b2cdc491bc55cdfd4658

SHA256
ccc9b3891c958fb0507aa843dec2229e0f476bb2fc8839c45d2e4db9bb56f68e

SHA512
23a5e5935682ea36c1ec8fa9d4fcaae5f5c703e15c6347dfa5df7ddb2a1275c1c3a7c5aff683ceeb106fb3e68758382a3dafa3142d1f7a15e2abc6892d2626af

Download Submit
/data/data/com.spideyman/files/.yflurrydatasenderblock.d47b9f65-d37c-4fa3-94bd-c932220eeec2
Filesize
589B

MD5
4b76045cfe04bb6f40375c1eff882f95

SHA1
88dd6853a30c800b4a3058c177b283692c7534a3

SHA256
47df5cfc0b8ff743b50399d3a3caa9e178cb23df11fa0dc230d46e61ed6ac82c

SHA512
ac5871b5afe130381bee2214c17595ffc2e4a6a09e73b6a39172ef80ecce0eecf8872db509af1fbc9e23bfcd12386d935ed63792359619b5c95b909dcb2aca86

Download Submit
/data/data/com.spideyman/files/.yflurryreport.-26d308d518909af6
Filesize
372B

MD5
a3b8d5dfaa64b1d89f9d668467473a65

SHA1
52073c615ff474a878c6bf907c76e96fa7645f72

SHA256
9e6988a04a4712c39c4778983e2e5c4d0dc943af0b894fd3ad7f4c97ae5fa22b

SHA512
1df3d06351602c2503c3e38d5756de32d65582454df4af5ca496ba580a637b40fb6881144b9283d696076355a655cc4f8001c2ae412678f635bc157de7707b47

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads