Analysis

  • max time kernel
    54s
  • max time network
    148s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    02-06-2024 03:01

General

  • Target

    8cb02cc88900d4cdda6132271654ab0b_JaffaCakes118.apk

  • Size

    3.4MB

  • MD5

    8cb02cc88900d4cdda6132271654ab0b

  • SHA1

    15cac822a292a4c05b61488e4b36145406ae6656

  • SHA256

    15bb8fc49800058ea89906733fd6f80c9fba9c9cdd2062fcecfe6c327c1ab16b

  • SHA512

    465fa1fa54653642cf8d782ad5d53247eada5f489a88d9ef40b63ff3f27abb99256a8a43fd5064d92f7829dd0f20358d30917f32c3ee1a0fb58a0d48757256c1

  • SSDEEP

    49152:DiIeSfUwAF8z/ekrkEPCjYlpPyA2oS0GBckyZMMykUtxHj2RIwlGXoYOp3:5e/FnbMlpP24QcDKkU/HjulGXoZ1

Malware Config

Signatures

Processes

  • com.tx.app
    1⤵
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    PID:5164

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tx.app/databases/domob_ads.db

    Filesize

    32KB

    MD5

    b077dd96b3679f0575f8787e0b82e4dc

    SHA1

    217afea1693bae53e1b3902a72cd6f21e84913cf

    SHA256

    d7978bdf5692852bec720bce0b23efd9cc7296240a412432b3af3d2c0130b3db

    SHA512

    f9f0dbc74bd00e46a7e37c8b458efc9c6f8b3fe051cc4b6867bad07fee45e1fca2c0076bedbcdd22cb29a5238cd1438729888693022bceabfcdce70fa0dc4ec6

  • /data/data/com.tx.app/databases/domob_ads.db-journal

    Filesize

    512B

    MD5

    d917871f1b15cdc1c98f1eea3f8a139a

    SHA1

    c34ea9a07247f0cb021350dd5052c4e3e95892fb

    SHA256

    8dc1070721e847c7ac04ff841eb461d48a82faece8b7fb61f1bb6c4ef0ffa39a

    SHA512

    009fc3baf43941cbbf8b6254d6fcbfb3ad6a8c4de7cb54f7a32cf5af54aabfb5945bf979b28c33033effc408a9d52d33503893673c92c8261ff1b8253c0e401a

  • /data/data/com.tx.app/databases/domob_ads.db-journal

    Filesize

    8KB

    MD5

    4dc6dd8a3745ab909f337008b6516cb8

    SHA1

    2897fe4433b1c3b313fb4de1f91bc3c0678a8c9d

    SHA256

    adbc4bcafe06283bca6183a83cda0a3b7cb79780d04c64ecacc638348e4a176b

    SHA512

    cdfb8870912c0f3433a5be1c4a3479fc15e3c64d84f5667d9d72040e1035abb65a29e41496d518956dda1ae3d64d683a262663db2de2e3e11f0cc62d13f2e843

  • /data/data/com.tx.app/databases/domob_ads.db-journal

    Filesize

    8KB

    MD5

    81242cfd72229a61c1ef8a08dd7ebdb8

    SHA1

    b57f9966d82f0b58ec32d77017537bd6da3c0e15

    SHA256

    0cec7b9d0d74016c1ccad6a943308a144aa787216a792952a08dced595cebf7b

    SHA512

    a572309ea6c49880148df13581752ad4553222ec470b03770eb747c46956ed54f6c4fcbc6b5ccd8c82e0d2c4097b81eae8592cf9af69f49ca28cae94905b0dba

  • /data/data/com.tx.app/databases/domob_ads.db-journal

    Filesize

    8KB

    MD5

    9977cbf1ddef8048d14e110a8f9e4054

    SHA1

    21c63b4efddbe8c2d5608b4a31f168e2da9a02d2

    SHA256

    278d9af57ddbc163d996fa9a3fb1cc824c751b78e81df41b39833e4061dd415f

    SHA512

    850225e7ffeae441560d28e8b549a205a5da5c6942ae613e393982915974ef4317de5c3e702c14881c3de9607ce0ed8d5613410caf320ac540d6049c7e6480de

  • /data/data/com.tx.app/databases/domob_ads.db-journal

    Filesize

    12KB

    MD5

    0975aee54e2339f682a93e03d8d74616

    SHA1

    e314137c35c4de82a0b49a497a0e15078cb92c50

    SHA256

    ebf68feb2f15722adb0f87d0ec212ef1d5a54ab5a9f6bf4177b77ab41dc77c75

    SHA512

    5f6af5f68cdb1e64fde5927b7299fdacd0aaf3dc31bd22964b775f2a99a58b3e07825775ba3a492b8d63d05449204f9d854623f7c6ace3cd96622fc46009eca8

  • /data/data/com.tx.app/databases/domob_ads.db-journal

    Filesize

    8KB

    MD5

    02eae979f3aec57483f09a32ad2d7166

    SHA1

    f7f6a7a0eb2d48fabbaa16ec5cc268b29a46ec78

    SHA256

    1dd25ee7b5f7a8579d43ad83a9d61537b07ad174e0f9449fbd8dd14416252603

    SHA512

    96304ae35d577a14e08e87850f03a7631e9ea3a7351d8e9461f32a0fa50fb4b96093dd38c4086bbb26d5f8f794ed328bb3b274f9127a346b4259591520d70cd6