Analysis

  • max time kernel
    32s
  • max time network
    134s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    04-06-2024 01:42

General

  • Target

    93502131eb88c4093df220e25a4e54ca_JaffaCakes118.apk

  • Size

    12.4MB

  • MD5

    93502131eb88c4093df220e25a4e54ca

  • SHA1

    4a28f993b540e9ca253da486d48ac948697901c9

  • SHA256

    aeed6b73622dbafa0afcdd711ea7584f1743b3fe5a504cfb85c1207ce17f4227

  • SHA512

    f1fae5479d4e444c1029cc36f8016e7e7f8bd26ceb86b875c4daf490cd3e2123922c8857c68e78c9193ec1749e093d2de77ce4171d910c4c388fc0e1bfb693dd

  • SSDEEP

    196608:7PSBMNY2dZxPuWGWt7QGjA0MGL6sWWEUz/WjwhWlyFNBRxoIhSJHO7rnJ5OduO4O:7qBGYYXuE7tAG6sZWjYWuvNuw3O4O

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

Processes

  • com.mobiletool.appstore
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    PID:4285
    • chmod 777 /data/user/0/com.mobiletool.appstore/cache
      2⤵
        PID:4316

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.mobiletool.appstore/.00000000000/39285EFA.dex

      Filesize

      69KB

      MD5

      75a8168e7080b90fc2956592c268371f

      SHA1

      3702da56d31f381525473364f031dc884e37076d

      SHA256

      0b9c032080788add7f5989d0ce145e66a4686ff3a43b0e48dec60bf18bf75701

      SHA512

      33536573c834fffab7236dd96c22cbc3d075ab70b622ff7787381e5c7c262ab62e0252f0d07313c9227ccc8308cd93cd96373e57fa55a066691d5b5cfb55f5d3

    • /data/data/com.mobiletool.appstore/.00000000000/39285EFA.dex

      Filesize

      69KB

      MD5

      02f69eb4fe05ebc6c9f736d83e5f7e26

      SHA1

      777d75e14a73f5721fc4ae34f49a9a4b82311373

      SHA256

      13502356b7d3f910107aeff131e9c4a2b892744a125a2d1a2a206b219dc36042

      SHA512

      7c1f5d68d40bf37aef2e59aa9a4f96d1ef642a8db7e53295953b0b5fa3a63cd7546c5cf8ad3fc17f6b84a795a08e13024d8dcb3db828ca3fad634964cba69bcc

    • /data/data/com.mobiletool.appstore/databases/MessageStore.db

      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    • /data/data/com.mobiletool.appstore/databases/MessageStore.db-journal

      Filesize

      512B

      MD5

      98e4e7b0ba211ee30650c948b4196ca8

      SHA1

      28eaf2ac7141884bc86e9e6d2e21aa5b41be749e

      SHA256

      df0fa725d03bb39e3c002beb29a362c7aec1529f7b853900e67b9d622492fdcb

      SHA512

      8581ee24a5e1b261cad39c058e2138977aa8a40b426af00e0db1e9b4c87691f1009d1ad3a9c66fe29827fb65a21bbc8eca3c7cfc143a33ed0122af0a1ea2585f

    • /data/data/com.mobiletool.appstore/databases/MessageStore.db-shm

      Filesize

      32KB

      MD5

      bb7df04e1b0a2570657527a7e108ae23

      SHA1

      5188431849b4613152fd7bdba6a3ff0a4fd6424b

      SHA256

      c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

      SHA512

      768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    • /data/data/com.mobiletool.appstore/databases/MessageStore.db-wal

      Filesize

      48KB

      MD5

      0353655b8da997877073ac783bb6e102

      SHA1

      84cfa6f71befb4c7123feb38f343a061c2ec9efe

      SHA256

      f57b655d1c7a17a233c7676a78263af82b979b5d22b6772c573e256879f5116f

      SHA512

      2e59c924c85b136a33185eec7b7b744729a4e1150d3f1b2108de6cd2ca9e2f3977d179cb18683b798c2007137ae1f84273689fb9a212871a0ee7b8494940d19d

    • /data/data/com.mobiletool.appstore/databases/MsgLogStore.db-journal

      Filesize

      512B

      MD5

      af8f4132255ffcf220ec795aaadce3d0

      SHA1

      83e731e63729ca6228ed6668a9c1e0335c905d8e

      SHA256

      e75dd836e282d076d4d20e0a71f7c2741b973e517fec2c884a145c7d4d86cdfd

      SHA512

      0e30f7639361610f7cd6bffa7bf5a49632673581ffebc6aaf27ec401851732d2d9132db51084786c86ed1f0410db74f8a5a07228429f3cc51c8634876d4aec4a

    • /data/data/com.mobiletool.appstore/databases/MsgLogStore.db-wal

      Filesize

      68KB

      MD5

      b8fead1d8b14686e674a3c8d3c963444

      SHA1

      78ef42309e6c4f1e36b68ce2dfffdbeb700b2979

      SHA256

      ae9d35d0b8e343cf7572a3f52f068c6f79430e65670ecbb170650a1724438152

      SHA512

      ff017d3e762cc032bc7da61fd210e6a65318ac197410ddb4cfa4bc312de7d8b5706d2897242b8134aad19adc86e702300bb8f63cc9990c4e64978af4445d1cb2

    • /data/data/com.mobiletool.appstore/databases/downloads_classic.db-journal

      Filesize

      512B

      MD5

      28177a16366ff6069c313109c42121d2

      SHA1

      6752cdbff2d7b4f0394d6ec4adb2615b72c6d81a

      SHA256

      377220aba8847914c5346fde87ec3b4c0c884b8899b702a29c6bb718e6b2270f

      SHA512

      aa1b9e368600b2e4e8e57f537a73eaf6a1002c2429a52cfbda950e0413e5dd917be7630dec9d0cd437d2f62e31b2b4d1290b9f69728b1a9792268d451f4b6fa6

    • /data/data/com.mobiletool.appstore/databases/downloads_classic.db-wal

      Filesize

      40KB

      MD5

      0a21068340d1fe93d8d312e240e929b8

      SHA1

      c2e0e9df024da5544551823efe10b3a5f7a568a7

      SHA256

      ba75e1d359de1fc7499e3d92ed35bd54ea70a17a16986f8474b9273b966287ac

      SHA512

      df4628d3cbc159efc4c107ceb24b1af928101ddc5b999e2cbe0d63dc0a0978db2f6abac808733b2b6475a489d823a63ed5604fe8e7f043065e7c2c3a11fe88f1