Overview

overview

7

Static

static

6

a10cd0db7f...18.apk

android-9-x86

7

a10cd0db7f...18.apk

android-10-x64

7

Analysis

  • max time kernel
    74s
  • max time network
    184s
  • platform
    android_x64
  • resource
    android-x64-20240611.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
  • submitted
    12-06-2024 14:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a10cd0db7f6946f719c8f70001e3ab5e_JaffaCakes118.apk

  • Size

    6.3MB

  • MD5

    a10cd0db7f6946f719c8f70001e3ab5e

  • SHA1

    29faa503ad09d2ef5c95ac1982e138f082035869

  • SHA256

    741c972323eef28570a40adf6e36dc57a1aab08e20e340a2606c81a8bab1670a

  • SHA512

    863674902e5e128e5de47036b4885ce20e272397c2ec2f59726e0a24c5507f6f7cfcf95764abadcfd40f27ec0d9575c1b44ed310c9a02110693ceb80189b0140

  • SSDEEP

    196608:zXA6EtVEaT2f1fO2G9DCbpv6EGIn8WF7m8g1:zwtVEaStfO2G9Gbpln8WF77s

Score
7/10
bankercollectioncredential_accessdiscoveryimpactpersistence

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.chaozhuo.gameassistant
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:5198
  • com.chaozhuo.crashhandler
    1⤵
      PID:5308

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /storage/emulated/0/Android/data/com.chaozhuo.gameassistant/cache/com.chaozhuo.gameassistant.inject.dex
      Filesize

      13KB

      MD5

      58cf455334d5cbe2a6d269e400473103

      SHA1

      97eda20a303ec21b49ebf87fec14eeaf59fa4498

      SHA256

      1bd3dfd8e39dcf08f74f217f7dea76a089e27d3860e81af1f4f39c58c4165130

      SHA512

      a88c791ea0ccc9521edc917fd3c98c5ca6620d3be60a27795df50be5c2232ee5a92280fa731b6f7232f0dd0d421cc21a7ee56eff6bfb8223c656e9d87916138d

      Download Submit
    • /storage/emulated/0/Android/data/com.chaozhuo.gameassistant/cache/inject.sh
      Filesize

      1KB

      MD5

      956d006a6ad3b7859fc1d6a5a62cbf29

      SHA1

      0c04bbfab373c6dfd057e55b6bed0e49d702fb0e

      SHA256

      4d689453741dc287592030a4a9aa24abdb469e52cf740db6b06ecd51efa8d84b

      SHA512

      068a066be803552906dd239d23b907abd4a44cfc6f07b7279c0e83fa92105cc9dc5b43e582c54831d004a72a8c8f9a8aeed23721d32d154b3d4945606f56286a

      Download Submit
    • /storage/emulated/0/Android/data/com.chaozhuo.gameassistant/cache/libinject.so
      Filesize

      177KB

      MD5

      d46e8f2c2bfcd7b1d8e65e6834f94d02

      SHA1

      c9f92e0ccfdd2d2cb30b2744c4b8564a837233f2

      SHA256

      50a9b6addebb7027fb4aa2460b5e74d7ef059b8398de4acde48560c7c73897c8

      SHA512

      12db65e80cfa181f3385ed45853d37bacf84bff8ddce2acdb776b392af166706cdb8aff26aaac738db0a39ed6932e7cc458398a96c966eea2dc908d922f2f836

      Download Submit
    • /storage/emulated/0/Android/data/com.chaozhuo.gameassistant/files/stats.dat
      Filesize

      90B

      MD5

      ffde0bd0c73740fcad4b047a96b5c55d

      SHA1

      185a66be098795f1080cf9ad7bdd76de40f0d202

      SHA256

      1b6b26886264bf9cad007b34eb2ba942ebdf86a0e82fc0071e513a9e73ce225b

      SHA512

      4b2bce9eeb56f7eb64002ed9aa57357fc1e442a19a5efe280746853abec1f8768fc9dec48b12e3e7eebac2aebbabc39895b5d9acb61f75830474443e2d54723c

      Download Submit
    • /storage/emulated/0/Android/data/com.chaozhuo.gameassistant/files/stats.dat
      Filesize

      86B

      MD5

      9dc9979c7bf06481a3694b9c93f4e1a0

      SHA1

      6390f1338b50816526822b5b4008877623f1ab22

      SHA256

      0abadb6be294d9da83a434d2d87fe945a52512443939e319ecbf2d77c2b70c7a

      SHA512

      1be6b18c60b61a560530588623dd345aab0121446c4c8a82360be50a6dc29ed329618c759f725cfbfe6ef0b7ec8aae02bff7d280b50b138f0b9ac1507398d124

      Download Submit