Overview

overview

7

Static

static

6

9934dc376f...18.apk

android-9-x86

7

Analysis

  • max time kernel
    6s
  • max time network
    145s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    05-06-2024 20:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9934dc376fc449bd85ac11dbcc36a8dc_JaffaCakes118.apk

  • Size

    4.6MB

  • MD5

    9934dc376fc449bd85ac11dbcc36a8dc

  • SHA1

    00c1a58358be130921281f81bb7721c2e95a07f1

  • SHA256

    7137a9ab38b9b3df3b8ea320329209b268063095c9a2803e557b5e75ac2f8f01

  • SHA512

    e4909ef413fa2db8a5f359a6aeb637438a2aa9d8a5ec9564b8151a23ccd940ea3cc6c81226757434cb6498a3df90f1e04dbc0ee51efba2cf713e6261326ba936

  • SSDEEP

    98304:V49HDGSDuTgd0Z79rcX1RJlahhddDi1WNC6USzOLQdDs3o7xi:V4dKG0Z79r2rehri1ue8syi

Score
7/10
bankerdiscoveryevasion

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Checks CPU information 2 TTPs 1 IoCs

Processes

  • com.android.chami
    1⤵
    • Loads dropped Dex/Jar
    • Checks CPU information
    PID:4288
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/mi/ci.zip --output-vdex-fd=44 --oat-fd=45 --oat-location=/storage/emulated/0/Android/data/mi/oat/x86/ci.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4318

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Android/data/mi/ci.zip
    Filesize

    4.4MB

    MD5

    3e5b4031f251fae0ff87531cbf07269d

    SHA1

    74d043005062b96ec31609c8a6d47e8ee2b661d7

    SHA256

    70c4290b1f2aaeb7361ac726d64104fca5c5c2c7b111ef44e1b454209b5bde53

    SHA512

    95c1b61423bb0cc9519d9bebef4211e4d0e2d761f8eb5863b5e8e095d0264834399242e24a7ee822d2159a9e1cd53e4148c3b79b146f71c83d6e723bd472bbd2

    Download Submit

  • /storage/emulated/0/Android/data/mi/ci.zip
    Filesize

    2.1MB

    MD5

    ecbdadd355806d1b17704fab8165653d

    SHA1

    128bec8d5e5a724cafe70f50fa344a23654d1b55

    SHA256

    5fef29bc79d941c707336e107b07b28e0404aaecf1d01c98c7184c1803c0ce82

    SHA512

    826ba5c4626f2f0d272a889205e359f0d4115e8fcdd2a4da0f9b0b83330df4d0ce463d7bf3d3cd3b85fe60d425225f632149a8139e7b75e712af7e5539cf2eac

    Download Submit