Overview

overview

8

Static

static

6

a020523ae4...18.apk

android-9-x86

8

a020523ae4...18.apk

android-11-x64

8

Analysis

  • max time kernel
    24s
  • max time network
    158s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    12-06-2024 09:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a020523ae458c0c098016f13eb4faaa1_JaffaCakes118.apk

  • Size

    14.4MB

  • MD5

    a020523ae458c0c098016f13eb4faaa1

  • SHA1

    3fa7fd81982444a8c139b5e927c22e0b05861af8

  • SHA256

    368087f68c00f498702217b0b45f8c33515eac375aec671f7a1e54b658308f8b

  • SHA512

    6c40dae943620028bcd8cc70575f710335637b7805112d9abfa5a5c30fc72ae73bb63a1e282628059ed6c5fec1f2a2c6f0ada5b8fa24bbfcdb69515171c7eb0e

  • SSDEEP

    393216:2GqcVaXLDOtKaClkuIpiw3x2KcFFMsUz+yF6:0SaPSKaCVIp7l0FP

Score
8/10
bankerdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.msapps.ftdgdx
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4186

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.msapps.ftdgdx/databases/vungle
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit
  • /data/data/com.msapps.ftdgdx/databases/vungle-journal
    Filesize

    512B

    MD5

    8162aa3ab4eb84383b50d5be5910a058

    SHA1

    d7b02b720c3c6b0495a7f92e4dbfc4d74eb282e9

    SHA256

    7b6a4e9abe7b7677b9c44e92f0747156f990c1c51512ae54874c523dcd28c3bd

    SHA512

    f0be1df40786ee866bbbc58c7c9129f20101bde75b630542253764291c75ddaea34fc0a0695a4673c76f3c3fad5da885fc54a370964091f0fe62849d657c3d8a

    Download Submit
  • /data/data/com.msapps.ftdgdx/databases/vungle-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit
  • /data/data/com.msapps.ftdgdx/databases/vungle-wal
    Filesize

    88KB

    MD5

    8921e8d327bd75956d670da0b4aab86b

    SHA1

    64f0fd35be0957e2d8b90ccde9f02e9ceb30c45f

    SHA256

    b0d819e07c8d4c7555142daff9d56236ac4159171c14b27e282ffdcf3dd92513

    SHA512

    dc8457f18b30343c104ef7640595d131a6579e79c5c30f5db196457c642d997175d210946532108900d934ac598e5c622fcdad69eee47fcf3809728874f8ae56

    Download Submit
  • /data/data/com.msapps.ftdgdx/files/.YFlurrySenderIndex.info.AnalyticsData_62GSSXFVDSWXMBV73XWK_182
    Filesize

    88B

    MD5

    da03c3f9ead787312030ad005ab27887

    SHA1

    ee11f8a6765af071a03b1a62a756e672b56bf5bd

    SHA256

    0dddbd269109311c4977a9d766cfd225cf2b25c7810e668996e6a9131b950540

    SHA512

    6544a1d79fe024938f36f5b29a55cee936f2b94ff7ce1cacceb1a182f5c02857bdca31e62cb00a021478e3847f3bfd096fb11a5667d5d643d38df8b431bf81d0

    Download Submit
  • /data/data/com.msapps.ftdgdx/files/.YFlurrySenderIndex.info.AnalyticsMain
    Filesize

    72B

    MD5

    dd1a8e84a33f52267be5afba0225272f

    SHA1

    422a6cb5aa8e5205d776d502d6b71376cceec2e7

    SHA256

    3674c1ebb896af3fc00aa5392bd76d66c6e31b5c942acf4e84f8ca72dc4f271a

    SHA512

    0192f79c9b3730700f84cce0d0579e1d15d1a640eacc3b5b93f95833a86c3cdaa736fb70d42f41a7aa05018579975ca8b8f45779205abff67a9eed3a35d89879

    Download Submit
  • /data/data/com.msapps.ftdgdx/files/.flurryagent.611b5edc
    Filesize

    58B

    MD5

    0d7588f9a18854ea316558b837ab0a39

    SHA1

    5f852e5e1e5bfa787a6ae7003ed48c3e21d762d0

    SHA256

    7ef05ed980894405f01725163d2aaedb6bc94030496060361f65fb7ed65ce816

    SHA512

    8d415d7a33c13dfd27382e8b30cd54051f66618932d8bbf7108e2c27fc680f5f94dd9c7c1b88c6e94c9d12623ae63e604f6ac07185ef7e41c616d4f1c6693137

    Download Submit
  • /data/data/com.msapps.ftdgdx/files/.yflurrydatasenderblock.dadceba9-ea3a-417f-a67b-c133738bd8a6
    Filesize

    334B

    MD5

    5e543af1daadfd4880f7e6a9c9236fc7

    SHA1

    2420bf5b6e79c1f8d2bdb06a705f6b7f0a199e3c

    SHA256

    be84ae13cb17e1a72449707d255da1ae408f52b337217e2460939234b07740e3

    SHA512

    556d279b48c2dd21dfbb9f7d7382e9db5252ae744a56f1456aceab009e9ddd469af20f20240465e5b33bb41384bb9057f78106110c2b3264bc789edd2bc2c499

    Download Submit
  • /storage/emulated/0/.chartboost/.adId
    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

    Download Submit