Analysis

  • max time kernel
    47s
  • max time network
    188s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611-enlocale:en-usos:android-9-x86system
  • submitted
    11-06-2024 18:00

General

  • Target

    9f11c5649cf938ff1c16a55d465a284b_JaffaCakes118.apk

  • Size

    9.8MB

  • MD5

    9f11c5649cf938ff1c16a55d465a284b

  • SHA1

    6454ca1e654b4cea1c862c55594eb0cd3b2fb7b0

  • SHA256

    eb438a21ac42a810adb16902c2b4d7069799f6667fb73e8910c8c625471a0b1c

  • SHA512

    41fb59b3f522f50324ac631ec1a977dae65d6d0ad6bfc11997669b003635763c10d986ab67d70dfd932ea652c6f37dba212c004ba4cbe12982b3ba81e4edea64

  • SSDEEP

    196608:pdH+2Gx2gd3uLprPG10VWZ38Lex1xlboRFQf01ndfB7YbcxkbnTLsr:n+2Bw+ZO1ouPbkv9B0bcxkbnvsr

Malware Config

Signatures

  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

Processes

  • idm.internet.download.manager.plus
    1⤵
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4265
  • idm.internet.download.manager.plus:DownloadService
    1⤵
    • Makes use of the framework's foreground persistence service
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4388

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/idm.internet.download.manager.plus/databases/download.db

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/idm.internet.download.manager.plus/databases/download.db-journal

    Filesize

    84KB

    MD5

    efb24b05e27efa50a3fa755fae9cf35b

    SHA1

    038822df0b3df96382a577958c0b41cea2bbbed5

    SHA256

    e2296dc7a640a050407c9dc16e7e7cf72bbad3a26283da2ebc29e632c192adc2

    SHA512

    ff15038fc258c75d6745153ed15426ec82857649f87ba8dab0484945b1d78cd294cf89d414dd8a925b89aba0afd64e4d071592d78ef197e4587ac4e1a891b6dd

  • /data/data/idm.internet.download.manager.plus/databases/download.db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/idm.internet.download.manager.plus/databases/download.db-wal

    Filesize

    72KB

    MD5

    7f385606e062e61cae64c86f28767bd7

    SHA1

    8309b17dc25f7f207fc525e4c304d0e30072ca0b

    SHA256

    c295a6b10dc2decc5c1fed1a09695213d369f0410b837daafd97f12408a77c31

    SHA512

    85fa9168008fd2bc4e2b78cef90cb2d80cda36466629c2b0cca56e3102330850a11356e84ef93f74b0e75ab8155c96f4d5f7c11f4d298dedcbaacdde0012a2ac

  • /data/data/idm.internet.download.manager.plus/databases/tray.db-journal

    Filesize

    512B

    MD5

    50f5ca1020fd70a5bf0ba9d3dfe2e5d7

    SHA1

    ff9d7bef08b7c85858972623c5c68f68b23b2b18

    SHA256

    d9f28c32c2cf84ea7cf1fea282a64c618382eed430c7eab1ac09c39fac4cc82b

    SHA512

    6db91d83b294d55828eb1c25c540413ae8b1e0e1ae3860f2d641a0807767c485b280eb9172320d0141c361e06059a16d09f3b5988b258606dd6ac4f1939349bc

  • /data/data/idm.internet.download.manager.plus/databases/tray.db-wal

    Filesize

    48KB

    MD5

    bab85c5439df046b6ad21ac19447ebf5

    SHA1

    75392c2a032d2a1a93ce73bf4f14e8de52a48538

    SHA256

    a0749cf6819c3b2ee68d44b1a53eec4ca56886c03a7492cf183a3876f21b1d0b

    SHA512

    e8f666166ce72b207c72bdfb120053704179574010ab2cb6c0d56fb619fb4bd7e1ad7273487cdf55db4c680447f8270e5a2f28a5abe432143aba3f29334074e4