c79ead4a50f27223b0c9c2a9572441b47ad60ba8ecbe274c0c81f66016286abb

Analysis

max time kernel
26s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240611-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611-enlocale:en-usos:android-9-x86system
submitted
11-06-2024 18:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9f1815615536aa19180ad550b677342d_JaffaCakes118.apk
Size

24.5MB
MD5

9f1815615536aa19180ad550b677342d
SHA1

565309a2589dba647c144db8af4889de8b12b85f
SHA256

c79ead4a50f27223b0c9c2a9572441b47ad60ba8ecbe274c0c81f66016286abb
SHA512

fdea474b077aeef493648502a7ea06e4b16d94429061a800b635bc0526d6f796d2a7bea53f8f544bb7982094563524e3ddb9e7ddacd96c72a372b54cc6c8cdfd
SSDEEP

393216:JuxkFZzcWeCqCeRhy+0oSqo56muY9uAx8gNT5t0eyyFqJTe7gRBfKH7gIB1k4:A0zPeCq9y+0f9uY98gjt77d7StCxz

Score

7^/10

discovery persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.zhsz.zhsq

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.zhsz.zhsq
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.zhsz.zhsq

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.zhsz.zhsq
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.zhsz.zhsq

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.zhsz.zhsq
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.zhsz.zhsq

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.zhsz.zhsq
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.zhsz.zhsq

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.zhsz.zhsq
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.zhsz.zhsq

description ioc process

File opened for read /proc/cpuinfo com.zhsz.zhsq
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.zhsz.zhsq

description ioc process

File opened for read /proc/meminfo com.zhsz.zhsq

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.zhsz.zhsq

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.zhsz.zhsq

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.zhsz.zhsq

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.zhsz.zhsq

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.zhsz.zhsq

description	ioc	process
File opened for read	/proc/cpuinfo	com.zhsz.zhsq

description	ioc	process
File opened for read	/proc/meminfo	com.zhsz.zhsq

com.zhsz.zhsq
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4329

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads