04150eefbd5b2d68c618041749190ae062e552086b982b0436b4d72d631dd26c

Analysis

max time kernel
14s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240611-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611-enlocale:en-usos:android-9-x86system
submitted
11/06/2024, 19:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9f466970000c1fc326a4fe8b2d388df8_JaffaCakes118.apk
Size

17.0MB
MD5

9f466970000c1fc326a4fe8b2d388df8
SHA1

b7fa1c23f7cb981be371f7badc51474e28a9b9c7
SHA256

04150eefbd5b2d68c618041749190ae062e552086b982b0436b4d72d631dd26c
SHA512

ee749961160fea5bc0cfacc027ffa0ddc8a96a7c0343cbb8c6625d27cf537fe812d653a797f8277f209acc697d88d99a4b4d982a920eff106db7ceb1a668fdcd
SSDEEP

393216:xWGlmFkuCqpd+GYiFCFLv9NNi7omu3Zr7DFrXdh4s:kGlBmyiF89NNi7oP5rXdh4s

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.bedtime.backtobed

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.bedtime.backtobed

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.bedtime.backtobed

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.bedtime.backtobed

com.bedtime.backtobed
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
PID:4276

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.bedtime.backtobed/files/.FlurrySenderIndex.info.AnalyticsData_6JYZHZ22J7YFM3NHJQ7N_158

Filesize
42B

MD5
8ac3298a1aaf2f1f9e86eb03ff2a06c2

SHA1
ed61f5af0f7c0548d497e8dc3de1037cb01b3a43

SHA256
e7e14122daa124f901dfe1eacc32733513251ab18d6b6e8eac56c3ad02916a60

SHA512
5cf4b3053a2fa3593533fa73a4a0b5b6616e5640e55e80e27fad8d6dc7f4ac1b862e2e0c0ad392d9d53df2c069d1ec92fb034ff33f61f9a900d25d09de1c5722

Download Submit
/data/data/com.bedtime.backtobed/files/.FlurrySenderIndex.info.AnalyticsData_6JYZHZ22J7YFM3NHJQ7N_158

Filesize
42B

MD5
46f9f9856d386d5b1454528ce1c54f2f

SHA1
b5791771f7e7c860a5dcbc0c0fdd99ffc2152c51

SHA256
19e80c06afbdbc48ebc7c276e2c01eb87c580949045cc144cb70cdf36b0ed41a

SHA512
efcf89d48b8adc1fbf12aca568aad1eef5283accf1f6145838671886006621f018d3a063282baf8b6c43a8d2bc05ad17475e3eb8bc5b4bd98b328de6e8ed86e0

Download Submit
/data/data/com.bedtime.backtobed/files/.FlurrySenderIndex.info.AnalyticsMain

Filesize
44B

MD5
ca02982365c238f445ab68172fa350c7

SHA1
1d3f356ca8e34d9efa05ffe8a3c531fa63b737c9

SHA256
4dfd535a2f8b22c4e589d1ec40a7e6f1b100fc9c19cfff65ae6e7c252295d9de

SHA512
1878baaace3d7fe8c183f9c08ec90a60277f904c20d3c5110fd6e6235512497c20d492a8c1152b8bb66a29b7a0637cac99e1319c57dfcabbc5fe556875ac9ff4

Download Submit
/data/data/com.bedtime.backtobed/files/.flurryagent.-4293ce01

Filesize
58B

MD5
d4d7e9e968616854757b76af93a2e6a4

SHA1
87daf08914f21b97c5df527138cdbdf184d8ad38

SHA256
98e933053052e1202db408eaac97b74c00d3bc72929b0be546d4ea4eff2c90bc

SHA512
b2c906619faade1de49b1414bb5de13418382e099cb4ed18874b36dc1d6362c329b7ee73fc10c42cd3c3bfb9baf12d5552401047ad11fe2e67e8d6cebc4f4686

Download Submit
/data/data/com.bedtime.backtobed/files/.flurryagent.-4293ce01

Filesize
524B

MD5
177699468c8149ba0df3783d35beed80

SHA1
38374cc53b47d823697e7a894616096c0b3284f5

SHA256
4c166b7a3caeb3dd04991843292fc1c7a2d0aba958b3f9f19925b668977c4d7b

SHA512
465c63f588a984c3f18c5d654102082e0a5b1bd825be8089342a9cf8bb7e1efe72b4f20fce7b1f2db0c8508b53aa8590f821e8c28f036f7e2f7d105ae2107bc5

Download Submit
/data/data/com.bedtime.backtobed/files/.flurryagent.-4293ce01

Filesize
58B

MD5
46f3287d2933f5a9ae60d9c74c45dd11

SHA1
5bc31e02da91294b41ea51adfbb7eaa6889cf4d0

SHA256
d066de05d836bf3eb795e4f38d5c4c24a9ac8223b53e979e3d9c2765f1af09fb

SHA512
9a911a461c1da430d1f6bf5bc59a908896a66cd67a951677e9302a4a378fb4f725d3150d3122dd08d67152125f54762201050a69a2f50410024414f10b9b249f

Download Submit
/data/data/com.bedtime.backtobed/files/.flurrydatasenderblock.63d0088c-84be-4278-b70d-2e9f3baf9825

Filesize
277B

MD5
a8246ca206d4bd0710b9f9e430e2a637

SHA1
bc3946d9a0a4dd251d24588720d87d2fdcf7efd7

SHA256
893dff58ad467c6c864d35778779e8df0d44a88afef878ac93aa91117a5c0f6d

SHA512
5420b84a989aba0dd81b371c311cbbe2c51f0f7e79b44d8abc7ec8d001b12b573f4599188cf8c935cf388f357c624a8001e5907a54703450310b14df67f3b81f

Download Submit
/data/data/com.bedtime.backtobed/files/.flurrydatasenderblock.a89db294-4f43-4611-b4b2-8099a7ec27e0

Filesize
741B

MD5
56f252074499bd1fea42a846797c68f7

SHA1
d91a56a43c6979913bc21bf1b80ff4b2276fcd59

SHA256
9ba1ff956fa43f92e59600cc5007aa0efca70b81a8fea2bd7d13425cb4c5b27c

SHA512
8cc519d6d0c0fc06de024efbe1ee8e8f97f7159d3c83831326f770e3b85e8fbd337cd50851cd0a27703492c6d79cdf6a57b3d38951c576b149abb75401ac0115

Download Submit