497b8c8e05e89e0bc538d395e2336627791b43a4c04c625072e17b47aa3dc37d

Analysis

max time kernel
152s
max time network
168s
platform
android_x64
resource
android-x64-arm64-20240603-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system
submitted
03-06-2024 16:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9276de9e07d8cf442b7d4d5ee5f4d3c1_JaffaCakes118.apk
Size

8.2MB
MD5

9276de9e07d8cf442b7d4d5ee5f4d3c1
SHA1

fe38fb6e27bf2e6b317e061b8acd84bdec95439d
SHA256

497b8c8e05e89e0bc538d395e2336627791b43a4c04c625072e17b47aa3dc37d
SHA512

b027c307b2e7d9308ac10f81e014ef870f6d55dae58a89e86cd40bc4b562817ad26f5b167b920c80ebed294c05f83c7a6bd9cec6e500a97bd3e98dacf1d83ba4
SSDEEP

196608:JI0KWSMhDJxCbUPzp6beG9hvI1DNujhvI0BUXlVc2lA:JBKenJzpMeGvQ98tQ5XrcQA

Score

7^/10

collection discovery evasion

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.hrbl.mobile.android.order

Queries account information for other applications stored on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect account information stored on the device.

collection

Stored Application Data

T1409

description	ioc	Process
Framework service call	android.accounts.IAccountManager.getAccountsAsUser	com.hrbl.mobile.android.order

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.hrbl.mobile.android.order

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.hrbl.mobile.android.order

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.hrbl.mobile.android.order

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.hrbl.mobile.android.order
1⤵
- Checks memory information
- Queries account information for other applications stored on the device
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:4530

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Stored Application Data

T1409

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.hrbl.mobile.android.order/app_TLFCache/cache_1717432555434

Filesize
10KB

MD5
ff43720f51666be101b8f964b5738b7c

SHA1
62b322c10e0cd6dba562288596c90d95483547e2

SHA256
80f38c681d2d5762bff1c6d0ecd6186ff5cce26053f0d876e6d5ae8d970f5c6b

SHA512
fa9f119f624b177d6e1ff1cb415a95c568909d9ed5adb30310346c748f7ec269fb8603b4dcb583234552e86a3148658aaed012488f5d940f1a20487a0d3dea13

Download Submit
/data/user/0/com.hrbl.mobile.android.order/databases/google_analytics_v4.db

Filesize
28KB

MD5
f7a76f4e1d75ec30236dac19159a240c

SHA1
30e99a7ceb1fd8f5709df0ff9d8bac510bab1083

SHA256
be2290733af3dc92305e348cd52310ed5e3a8697999b9bd967543065ba57e06e

SHA512
0ad7da3d2837717ee30eca01c1e4a6074eb944e76f12859cb8368a9e1d58fe3248dc175620f3c063c8ae28f3698a10473407a4519910629dee393955f3014fef

Download Submit
/data/user/0/com.hrbl.mobile.android.order/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
bdc040ad876f3490c9a10f511d56824e

SHA1
f3c9ba27f124c788771596a4edd0eea4f4085eed

SHA256
97121c37ba40f9ab305b992a4d7c538e1bd22d8723166fa80a45eb4236dd23c1

SHA512
ae320c5c09dfac9767cd644eff0b6b9b328d60839a733b61c63ac20366a10c010dc954d80375cb2eb0aacd813ef6401d216fab3522c0ac75cfb8bc72a9788572

Download Submit
/data/user/0/com.hrbl.mobile.android.order/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
fe166c9b4571f0228ed9114da5060d18

SHA1
63bfc545cca7f8273a3d010d2af8313efa7de408

SHA256
4cfffbf123223b4a7cf5a4cafbe0460bcac59cbcdc034f5d59ede3fd6bdfd4c5

SHA512
8cfadf9027eca6098a8390fa2f7e38fa1f3ed6686ce5a7a1b8df26e9193bb7432c3900aa2afceec5dc31da8b80bd01098cc0e8c04c512c47c94d0ccece06492c

Download Submit
/data/user/0/com.hrbl.mobile.android.order/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
d76862d53492f05ea539aae699920fbf

SHA1
23a49e90d49ac258c86452e9619a2983a2c770a0

SHA256
ba6ee239bfc1e46d2b7684eaa2da908b71cccd4a46abaa9fa16a0ab378cf3d9c

SHA512
4a1d0cf523db1d4d05a63d6c9f1cfaffb04f890f791af2e959be05dc3cd19615ade57836235e576427a29af3a0acce673ff79439eace243826ed4ba5735ba942

Download Submit
/data/user/0/com.hrbl.mobile.android.order/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
517e89c03e065a7badaf748b2f99f540

SHA1
49e1ca69e0715db0d27f06f971de3e2caced182c

SHA256
ce2d311303452753abe986de132f297855bd90db02f119f37e6b795acff55ea3

SHA512
fe51381e3b36db3dc75d0c19f0311640317f5c7b3729d94ac40a8b93e69d96bd18308907f083b5ca3dab021dba35c4180074bcf8489aa1379dfd0b9e520e96cb

Download Submit
/data/user/0/com.hrbl.mobile.android.order/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
f0c3b17a85b189e372f19e043deeeed5

SHA1
8c0ec1b5f186788934ba796ea97106dba8888737

SHA256
26a911d24fd17d2305cf2757d66b09fb99987a98379d35919ef52a4873345d19

SHA512
7281c7b7c1826dc8d168dcf889246a49607e6e1f89306029ff492c10b1d301b9fae5fb28c444431cfafc2bcfb45036a6a5aa05ae57d3c566a57d122b372f4734

Download Submit
/data/user/0/com.hrbl.mobile.android.order/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
9424229e2ab5b46ca566c20c53975425

SHA1
6b7ccebe079b379ad4f65cdc28d49ac1801faa1b

SHA256
e56c595e0913e7df7604f11cffe2a5ce41c056e0a41c1dde0d729719330bcf74

SHA512
e9320fd2e4268e2f35bbb596ddcff3bcad6b2d53349b9b7b3a63796b40a213f6876497289dd1eac233245e4b43e11d98f839703ad557786229bed944dcec367a

Download Submit
/data/user/0/com.hrbl.mobile.android.order/files/gaClientId

Filesize
36B

MD5
b5676b3ed12dacec0f13f3e8f2cf29f7

SHA1
7b51306e468ce916fae90cf26163174f8ea4cf27

SHA256
4822a525a4ccc5fba95b1de69365048f49ac1a3e871dd7c592587a096af8c118

SHA512
b64e56ad7d989da3653e19913d81dee21ef5fc0bf76c9a765504c684381115337f61b4c68d36442f7d0f2091f76d290ea7c46a34565c35a7cbc4ad2813a3eb02

Download Submit
/data/user/0/com.hrbl.mobile.android.order/files/gaClientIdData

Filesize
32B

MD5
f70316c7cf714e70a8b81b2bdee23e93

SHA1
8be4aea584528ec50003619d909bfe62c7cf071a

SHA256
b03108b019fcf6b34d497b46fa5cd1c2b705b252dc48938e853d60342ae2aa9e

SHA512
957a76d6f87e9e94f96a627c7ee4c3397f72bb7d60050b5d247e3c304c671e9d26881067db3c3e63f8448d02f99bceed66be2f3c2fe444a39302be19a8d49f2c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads