af3a56a931a304947106f0e475a2f4ac454b24e10ad8523e47a57ca0f91a6e6a

Analysis

max time kernel
179s
max time network
136s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
31-05-2024 20:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8833b5c53ab3d220cfcb5a723ef0e1c0_JaffaCakes118.apk
Size

1.8MB
MD5

8833b5c53ab3d220cfcb5a723ef0e1c0
SHA1

2a2b117ba9789e05c7eb8a431110cba980c4f588
SHA256

af3a56a931a304947106f0e475a2f4ac454b24e10ad8523e47a57ca0f91a6e6a
SHA512

9b378d86d8f87e5c8a835ac55a5b3f5d070cb1711a7237e18876679fff04c66aaf5fb914341709d0a1046b9ba940786aa3fa94acd1bcf09eebf5c3e6ae234f62
SSDEEP

49152:mEMVVh4WtHS2QQko/BaWbyGpPw0I8l6uB31LQBF7Vl:mNZd3lej

Score

8^/10

banker discovery evasion impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

T1407

Processes:

com.plexnor.gravityscreenofffree

ioc	pid	process
/data/data/com.plexnor.gravityscreenofffree/.樼져匼	5162	com.plexnor.gravityscreenofffree
/data/data/com.plexnor.gravityscreenofffree/.樼져匼	5162	com.plexnor.gravityscreenofffree

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
evasion persistence

T1541

Processes:

com.plexnor.gravityscreenofffree

description ioc process

Framework service call android.app.IActivityManager.setServiceForeground com.plexnor.gravityscreenofffree
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.plexnor.gravityscreenofffree

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.plexnor.gravityscreenofffree
Acquires the wake lock 1 IoCs

Processes:

com.plexnor.gravityscreenofffree

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.plexnor.gravityscreenofffree
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
evasion

T1628.002

Processes:

com.plexnor.gravityscreenofffree

description ioc process

Framework API call android.hardware.SensorManager.registerListener com.plexnor.gravityscreenofffree
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.plexnor.gravityscreenofffree

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.plexnor.gravityscreenofffree

description	ioc	process
Framework service call	android.app.IActivityManager.setServiceForeground	com.plexnor.gravityscreenofffree

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.plexnor.gravityscreenofffree

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.plexnor.gravityscreenofffree

description	ioc	process
Framework API call	android.hardware.SensorManager.registerListener	com.plexnor.gravityscreenofffree

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.plexnor.gravityscreenofffree

com.plexnor.gravityscreenofffree
1⤵
- Loads dropped Dex/Jar
- Makes use of the framework's foreground persistence service
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:5162

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.plexnor.gravityscreenofffree/.樼져匼
Filesize
2KB

MD5
254158aa405538310a2c7f0d2975ae82

SHA1
86ec39317aa612876d5b885079433d79de96e50a

SHA256
fa3e87d9779f860ac034182c5d70060697fdb68262fb7d345bed97d1db7ec48c

SHA512
07b17a4e93c62c365703227e9a8c0606aa922a505cc36c76ba8d4f5ef3365524bbd69eef688a6425c755841ae116cfcf0081cc6806de73a43eb498a414ee5868

Download Submit
/data/data/com.plexnor.gravityscreenofffree/.樼져匼
Filesize
3KB

MD5
a07b3c15a2b5d6ed706fd2bb32188f30

SHA1
4af8f54f63d8bb9bb42c6887f3bc1a56c756b539

SHA256
5ad6825ac105be18ba1a6d3e85297c300b12eb225ff73d29b72b9188d7a3ab4f

SHA512
4083c9cdd9a5a1e76112c52259e97f4ac49742f368635c1a717fe4d1eaf511a37e2b74a553bd8c359340b3d8316b0cb198ba47f1406f6061140025939a80c951

Download Submit
/data/data/com.plexnor.gravityscreenofffree/.樼져匼
Filesize
3KB

MD5
f56179025ae7eae2d729accc44f67a72

SHA1
f957cf417cee1d44b0d4d173e346bc7d83c9e815

SHA256
07c43fe3e41590bc1f31d56d943641d0c5b9ac7062b686e844a471d52b9a57c7

SHA512
86241d1f0efff602251f6bec1c5d0834fb88a62c12eab4da0b03c26438ce84d03a47fe921a83350ea9674035775c6360debb1e6bbc0b964cd192008427b56f0a

Download Submit
/data/data/com.plexnor.gravityscreenofffree/.樼져匼
Filesize
8KB

MD5
4a6638940a09a510f37028ad22f5c078

SHA1
73586c7f70fae7486b4d7d4d97bfc75ce29b4feb

SHA256
6ec306de221298a2de39650c4970431bc34e82e8b3e7fcadf4998c9cb82dd06d

SHA512
ec83d9faa8996b2dbb57d290984bbad99dc3b9cee24452d38479d9d02105ea1dbaad3dc61aaefff72abcdab554d559d4afd8b703e2529c105fd7fb2daf73aa93

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics
Filesize
16KB

MD5
8e5c84cf189ecc94188f3a5091734f75

SHA1
5dd938be01dce9a00513d17babe4890bc2ebf065

SHA256
a040593f039501ae46492e76bda574ebe16ea0257f00f82a0b9008b2a7658f2d

SHA512
88827e1773e8fcdb98302688149f35f272215b91295a71449d50f096600a75758fe926f2f1f803501d82c7338af38055b3599d8f4940436d97790eddf98b4772

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics
Filesize
24KB

MD5
212c12be4dae5b267598afd309b3cc95

SHA1
5a07201b6b1a213779ebba4ea937a38cf60dd71e

SHA256
19590c6ef6dc9971441c48d230ddd5682e35235df262ae10a6a4ec15fdd90ae8

SHA512
ca4a5bce1c45816b3969f09c1a03e72d3fc2c8e365297a7300981688655959c420756c32a9509ac7b8a8f6ad2c52e2fa8da26bdc19727c002345ef230785675c

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics
Filesize
16KB

MD5
bf9c0b45437127ab5aa7b782a8cf3db6

SHA1
2b370214297e23185c9f5592370af321824c7d38

SHA256
51c193a7b912dea83cfaa44cfb827d7470bfe2bc453eb52dd8bd4b5de86f4f61

SHA512
e00b025fe42f4917db692d6ad774cc0ea57f801bec376bca5069e771f5fb3186abd8a58eb466c9a1e80d968a93f83e8503b4f25a179c0166bd59cb484ea834c1

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics
Filesize
16KB

MD5
22903966ca9d8c4ede92dec2bd89d195

SHA1
96d688d64661f607205817da32c853049eb63a82

SHA256
f5c0952b62023df10aeb66e55c2e42a92a79908d66c542dba83fa2dc5d189174

SHA512
2382a357e6f75f8913e097563a5d2b69f3a3772aa7eb4c534258d1e669458d153b3ea2d01f9af6effc33c11a0fc682064a4897643fafdcb0495b0c27c581b7e7

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics
Filesize
20KB

MD5
4578ac9e04c183c65d81a2dbdb258e38

SHA1
7c3aff9ab6e46f185b6f1289e0ffe35f8eabcd45

SHA256
250558979ffa002d0c8fb387f82ef00db83086938499e67e69565a8acaec620b

SHA512
2f218d1f498a7f8691bca8d65201d53a8d8d4210ef40e33d575b60dac2a01fe8893552073c9accaedf3de44ce3fedfcf847fc9270a213f0a1799ecb46031ef55

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics-journal
Filesize
12KB

MD5
a9527278428c0578a2471d43d8d4ed88

SHA1
042df1975aaf2564534b9fb16be305d8ca34caea

SHA256
2142cb907b145f918a0008cf8f591182da46c9592a46bc977a344bf0ed372876

SHA512
8193c97b26e2a04c88f84a702fef10284cd83d9a17ec0b7396cd1a2ed4986a35aac0e43b61138047927abd8bf1e2b3a0aa9d0043656cdf62a6f925fe8590da43

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics-journal
Filesize
512B

MD5
c935cb573594be6982785f7901259f09

SHA1
644a17c998207feed89d191a0ecfbf7d7ac8f213

SHA256
86e4cb89944a20c280f927ac97bdce74bc63792e49deaacf2e7778d8568a637f

SHA512
b6b7baccf31d0b851eba5731629dc263cbc8b7e746b16ebe662e0c9e446e76ad759c619d07b6a0edf508ccd6c0f9db8b5558ea8dd11211c71abcfdbcc1f8f5a0

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics-journal
Filesize
8KB

MD5
07265c2506513e7ad2a0af39efe73ebe

SHA1
3cd40a3572ba464a4ef4175b60b5000b6399d89b

SHA256
bf1715216e41e6a1627cc367d2689ddac8794fc8cff64f8a8193bf010f3c5933

SHA512
fc7bc39a9ead84685d0bb3c1ea7c1f3b5a0093a7e65a527425213db994e1d4150f627dd8825ec002ace94df755886fe5c2d583a2002ec52e5c8c3c4267dbceb4

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics-journal
Filesize
8KB

MD5
8ea110296ad4877184a52741fe5fcabf

SHA1
8a1914efe149d7830246c271e23f26a9d8d6f6b0

SHA256
b71ccc28c5a384c5174a96761ff1087d6cce1638cdfb809f23d774353c9803f7

SHA512
ba474d3721067a129ebe8b62a7ea3c1ab046b1d434814773b2707cc7cdfad58e3f3c49a04fde35ecf3a006adf979da6148bec0941f51fe5f647b254ccc3d26d7

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics-journal
Filesize
8KB

MD5
a7ebece6e980428fbad89be210983bb6

SHA1
bc3432b3b6fa44b4d6c3bc947990396d5623b765

SHA256
29550dc69d246305e45412e29597da58a3f724e7e212f20282a57ba1ec041992

SHA512
14bae385a9305a2713bedc2db1d428717e3b15e4cfcf000584afe8661aa3cb8ddd2b12dd5517754046891fb2eb96aba8a32155dc5a367c7e3955674dc8920eaa

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/analytics-journal
Filesize
8KB

MD5
329dc66246bb8abe2bfc25bfdcdca8ff

SHA1
3a3bf5c46e16942039b72a281dec3193569b7c7c

SHA256
d3f37dbdaf395e118710a60f0edae5f0bdf05676537481ac7437db8d7bfc30d0

SHA512
b9589b4082c11d034523130907725bb52990777a52f74832a39ae5e779696fdd6bf91b0065c66b382a246659430dae2043a969e2f812ff9edb8e97fcab945e22

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/gravityScreen
Filesize
20KB

MD5
8ee220970d2dd5c8a780f5e0a08e101d

SHA1
d3f22388f68842633a9a054c4b2e15768d79dae1

SHA256
ac46855a742a02f8a668240ead35dbde60b932b931792f8cbd135d394e213ee0

SHA512
62357cd9bf534fb710dbac90834b088bc8d7434393788e92274251fc0750b6b7daa3c38ce1c7a883509e82e63ba7992a6a3385ccf31892589caf66f765c91a73

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/gravityScreen-journal
Filesize
512B

MD5
ebc45ac16730c2ce044eb8fa43cbc83b

SHA1
5f9e3aef7ea3298113c1bf4b309622a8e71718c3

SHA256
d7da478245e374eaf490c65f8601caac6dd307607683475676812ec7556d65a9

SHA512
da42c2757527d61b770710fa16ffa9f0d2cd1713fd692882a5332329330bc650dd351aae6514dc37aaedaa0a819e952c8027f8e91fb3677fa5ede26b6cff5aa0

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/gravityScreen-journal
Filesize
8KB

MD5
f986f7fefe9e8ce693fc0a96d746108c

SHA1
7e9c620a394c09efb37d2b1111ea53642f33dfe8

SHA256
732a3eea1a0d34c1c4645b55f000fd4a6c7985cdc89f809b6ab19e873ede4bc1

SHA512
95ef960874e7dca3bce82f8817e7ee25d6e08a77efe0f58ab2de6a51194698158f87f43e2b0978542367e044234c20e0147958faf1d2c3808e2ab817e862e1e9

Download Submit
/data/data/com.plexnor.gravityscreenofffree/databases/gravityScreen-journal
Filesize
8KB

MD5
ab1e5827720cb006a27467e0edd6e630

SHA1
a6e9776737874ce405bf60c154e67398f2769c1b

SHA256
627505ab2668fe50233f12300972c2d33ce089a1fe8dc81e97676b60a6cdf4ed

SHA512
f0948767c65d63e3afa43c5c23c9d3d2659535e997a9ab49920173799d99049dba3e63f2d0f4001a7335168af58fa6e36e05535a364180812e0563524da0e822

Download Submit
/data/data/com.plexnor.gravityscreenofffree/files/gaClientId
Filesize
36B

MD5
ada5e0d5d0cddecd0b0967ed5d0d235e

SHA1
cc815e632ab867df0f7030f257e832d1db859271

SHA256
0312ebf00b8ce7dfc1bb77cb01fa0ad62d59342d3da1c2e4077524be75e03963

SHA512
30ccb3eb8a01c15e10a779b666ae3796588d844ebc8e7d127949bda5be2c2f9ba75af1014012d2c80ec4f03c84f1c5c08a1eb6a3580e46effe775086826f83d8

Download Submit