Overview

overview

8

Static

static

6

960d98ca62...18.apk

android-9-x86

8

960d98ca62...18.apk

android-13-x64

Analysis

  • max time kernel
    178s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    04/06/2024, 19:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    960d98ca625e22b7ad297dc804bde282_JaffaCakes118.apk

  • Size

    30.8MB

  • MD5

    960d98ca625e22b7ad297dc804bde282

  • SHA1

    22e49e3c24aeb56dc3b9b34a69b85a6353a3611f

  • SHA256

    31a7056bf18af86e5862b17ec2cc8fc96fdeb5a2e776dfb9f7afa6cd61be105c

  • SHA512

    b1da6faaab02b96a1bf50e3f132587b9b2a2227576e0223be3ffccd233c57f0ff48dc42a42d0d13e7143a884f5846f8d87322877d16ba2b59e8b9f9952a20410

  • SSDEEP

    786432:xPYNYbuuy5V4nA49zW0dWzU9Thj/vVHCEfHI9X0:tYN5JGdW6HLfYX0

Score
8/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 6 IoCs
    evasion
  • Checks Android system properties for emulator presence. 1 TTPs 4 IoCs
    evasion
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about active data network 1 TTPs 2 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.huawei.pad.tm
    1⤵
    • Checks if the Android device is rooted.
    • Checks Android system properties for emulator presence.
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4262
  • com.huawei.pad.tm:player
    1⤵
    • Checks if the Android device is rooted.
    • Checks Android system properties for emulator presence.
    • Queries information about running processes on the device
    • Queries information about active data network
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4304

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.huawei.pad.tm/crash_20240604_195009.log
    Filesize

    7KB

    MD5

    8cb0d103564055794692b7e6cd41adc9

    SHA1

    26287c47e80be08165bf854f97b8e98a6f415dae

    SHA256

    50b8c07792d543df5216a3b2dd92d8437064d84c160d4add04f40d273451f424

    SHA512

    604a05d6b9e4ba12aaf624a492ba05c63eb393073a23bc63872c8620ce5fe13fcd9365c3efd6c3fd63e2c4f86eb6f935a1c7257b01ad2bc7c7a1f7d6a80a9182

    Download Submit

  • /data/data/com.huawei.pad.tm/crash_20240604_195019.log
    Filesize

    6KB

    MD5

    a04489aa8eb7fadcf38b8d250a3ed189

    SHA1

    fbf18724e362fc2cbc7f65ac57809c00f96e2f6b

    SHA256

    e78c3901ad20479b3b839d057e1b9b6d62665ee74e7b15ba01facb5521955f5a

    SHA512

    8f1b09442482442305e7969cb69eb0161b1b09d6602dcf6c4d16d4d9e9a6a1d9d00db2e77f81fd400b362d5c1c3a3b5f3891babfffb9afe75e97f498ca867aae

    Download Submit

  • /data/data/com.huawei.pad.tm/sbox.tmp
    Filesize

    4KB

    MD5

    65413785770ec32417d5b99085efa638

    SHA1

    9f921810ac3ae3562743ae99a72300031bd27e0e

    SHA256

    dec60f5b51735db03a1d245ee458fc25b83c04a6d7962ed31a333e650737d666

    SHA512

    dd356bbae5ea54828a3417dd86d29e4db0650a302613c810b50aba6ee207cce966be5e685fda11778ac09d7988452057b8e83b1761863138cb7cf24622f8948e

    Download Submit

  • /storage/emulated/0/HyppTV/LOG/Crash_2024_06_04-19_50_09.txt
    Filesize

    1KB

    MD5

    0e6569676108665b8152d5f5472d4ba2

    SHA1

    dd35ef1931a07d4fd54872b42ae58c76a53e8b31

    SHA256

    7cf08c921fd06f2f50586151cfd25ff2f525ca372b308e3138a74181f9033951

    SHA512

    7b33e74c1750c51276f7fff17471872ff8c4e0b4f52adfc47646ec4df251305d5347305f7fed165ad121656d5e4803618606753da846dd2eb9ba92a0846d3351

    Download Submit