a81233ada65412d9800f95c21b2ffaadb8d51781c8dea9e63c7a4d8413003985

Analysis

max time kernel
5s
max time network
133s
platform
android_x64
resource
android-x64-20240611-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611-enlocale:en-usos:android-10-x64system
submitted
11-06-2024 16:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9ed620e2c9c7eff79a4cd0682e66c000_JaffaCakes118.apk
Size

6.8MB
MD5

9ed620e2c9c7eff79a4cd0682e66c000
SHA1

9664d1083dd5bc5e7d22e2811f61e4357c7a3a91
SHA256

a81233ada65412d9800f95c21b2ffaadb8d51781c8dea9e63c7a4d8413003985
SHA512

309040ad454c0e7040580c6643e51fb5b761a6dd0976a2b9e65a3e3176a4d993f9e34ab64c7499f100ee42ea686c5d44cac9cd38f268f032a8c1b3e221e49070
SSDEEP

98304:RTJxbcOsJbue0+/gknVmbOMZHzi8gsBwOYdts+D2M0/7t1y:RdxbPsgkdx8g3FDHIt1y

Score

8^/10

banker discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.android.vending.billing.InAppBillingService.COIN

ioc process

/system/bin/su com.android.vending.billing.InAppBillingService.COIN
/system/xbin/su com.android.vending.billing.InAppBillingService.COIN
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001

ioc	process
/system/bin/su	com.android.vending.billing.InAppBillingService.COIN
/system/xbin/su	com.android.vending.billing.InAppBillingService.COIN

com.android.vending.billing.InAppBillingService.COIN
1⤵
- Checks if the Android device is rooted.
PID:5053

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.android.vending.billing.InAppBillingService.COIN/databases/PackagesDB
Filesize
104KB

MD5
6f28d6f6ad39d268e51eece911221efd

SHA1
f1b12348425c55d3b2745d8d5b4999a80a87b176

SHA256
edf5927a66ca3c1a69b1f06ac09bfad2d0992923f5c75cd783f575d18c72db9a

SHA512
c289e57f5455fbe108bf65c5a09f4a369ea74e129b951e23f9d61b2d70c017b6dd5c8679169d6d0b488d2211e7bd21f8e8e0d162184cf139ddc2d69d40759472

Download Submit
/data/data/com.android.vending.billing.InAppBillingService.COIN/databases/PackagesDB-journal
Filesize
12KB

MD5
ff3178f185a37287caa669899d2b5dad

SHA1
08fcbec41c63282b70e211276fce03354e9c13ee

SHA256
668d1641f2395a860d9455554397379cfd808c9704f59cb07677271687ccb7a5

SHA512
53a6b41f5a0e31ee7384ef9b8a0e49d35439114d5ce1bec47affc1835aae5b4cfdfc0ab016e6f6351fadd48e01f796706f3b33f944192c2cdb58b0407b52d508

Download Submit
/data/data/com.android.vending.billing.InAppBillingService.COIN/databases/PackagesDB-journal
Filesize
16KB

MD5
5a927d350d41ad1cbe2f4eafd4772292

SHA1
e0a7cb14f5917c9666e86cdec0775090f4d766ce

SHA256
48fe939da6355d48385fd3b0265f03eddd6d569ee2e6258d72da38b425982cd5

SHA512
12897ff00509b6c64d3bcbb5da953ceb37dd77d1c90a156fe85f9b89c84c2f57673782aedb68cee2e8175385f4e8c0dd63e01175f5a6648baf207d0aa7111f14

Download Submit
/data/data/com.android.vending.billing.InAppBillingService.COIN/databases/PackagesDB-journal
Filesize
512B

MD5
1d2449e99c44f3904e5536a5fba35d3e

SHA1
91b1b8bb47f87d3f1722dee5efb7b83978651106

SHA256
85c63b1f5ec998911ee05b99754cd6866bc3bba414963089cae71457ccdba55c

SHA512
06372a50f0b3a2651ebc748f036bc24389771daca8b173cc501f1c1598653873d5a256d0b9cea000948b42ca7f2c606b7181c1dde3fc9b6dc0dec1d190cd6467

Download Submit
/data/data/com.android.vending.billing.InAppBillingService.COIN/databases/PackagesDB-journal
Filesize
8KB

MD5
5d55f52d0e251d474a068c3aa36c7022

SHA1
4b562141f133bf0f2dd45003f9bcedfe8063252b

SHA256
9704b67f342d65ab2c96f7ce5d967888f3b6875b83ccfed8a3a6f2ec9f2c9a50

SHA512
d1eef2a3dfd6525070214b0339e27b91e412d62e4946dc9ffba1d59933ba4ad728c9004dd47fa9c64b6e98bd8d51608a02647f9b17ff1d10303dc2bb388828bd

Download Submit
/data/data/com.android.vending.billing.InAppBillingService.COIN/databases/PackagesDB-journal
Filesize
8KB

MD5
c598fa6eec442aee273c07cb86aa3d2d

SHA1
07add93b257793520e13b211c53d4c4014fe3f6c

SHA256
5c0ac061f8ef2b6ca12c23aa5ea6a4bd83a7a570c0c59d6d645786f66f4a4c88

SHA512
2112e959ef750dea98b52f1e0a2724f38d5da0097139bc385054e2b4d301193c995f4129e6a158160b7d35a2b2355c375bdc84d9c32a11662f892e935030884a

Download Submit
/data/data/com.android.vending.billing.InAppBillingService.COIN/databases/PackagesDB-journal
Filesize
12KB

MD5
ec714004f869f1184ae66a12b28bc030

SHA1
b9a7c3adf6d6451a75caecb8c87e4e1e102ec1dd

SHA256
243f96d4e7f01c92cb464f46b0c38334320e43ba0920a15e39f38ded0916039f

SHA512
d8d6ceaf2324f4d4901bdfdec63ac43a01fc99f7b34d5e27feaf2788bbdf5de5e93f146ff9f2c40d5e2cf43c1dac9928af6a56843b104c1792c337cfe8adab27

Download Submit
/storage/emulated/0/Android/data/com.android.vending.billing.InAppBillingService.COIN/files/LuckyPatcher/AdsBlockList.txt
Filesize
1KB

MD5
50dcd85ef074fb8121f155bc19b3c7f6

SHA1
c45c2b45cf49fabbeb7d3f12328e57d531a75f37

SHA256
02d3782e856f4d3bbacc764cfcd1fd4b9d50492b5ef93f24e8811a6a494df48d

SHA512
118c0f05b6342b52c0671cc1ba52f6df977a39835cd03f5e6d2a015a572a11c3f7eebd23a9c0a209497631296d07250416c28b9b21f91448d2970efc010a4dee

Download Submit
/storage/emulated/0/Android/data/com.android.vending.billing.InAppBillingService.COIN/files/LuckyPatcher/AdsBlockList_user_edit.txt
Filesize
29B

MD5
302f7b6d9a4ffeccdda9ef94184c8326

SHA1
d4038ca0629f57b7e5c4056e74a395e5598aa16a

SHA256
5b36134b695f0a9a32f570b08cc3ef74e0687a0d2aa228853bc0346f77bffebe

SHA512
299fda4936acf6479e22f9166d545976d5d99ba6fe7a5b7298cb336cf730eb7790524e4569fe64bc03c598c7e4117f163ddffc2e2889439f709c4d80ff665039

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads