fcc6b076755961263afb035ff608ddf7c55463383d865ef1035d1e36dc190330

Analysis

max time kernel
8s
max time network
194s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
12-06-2024 17:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a1701e48a36eb9fc1bb5061cc95c4e44_JaffaCakes118.apk
Size

29.5MB
MD5

a1701e48a36eb9fc1bb5061cc95c4e44
SHA1

7daedc01d746c3339b4e802d679425c4afe69839
SHA256

fcc6b076755961263afb035ff608ddf7c55463383d865ef1035d1e36dc190330
SHA512

bdf56811763a3334958b04f59df04dfc380133dc3b83c6cdafbb92043af5df35c47def060bd8e4b6407ed8718645de175c6a7146d93fdac5568eca2a4152f71a
SSDEEP

393216:U36/0VirWVETIaxiHP20dRpD6WIq6pEA/xgPlRUB7PBdasv25z9eRZ3nyUDex:JHrwSSxdRVqpr/ydRsasOxARhC

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jh.APP483314.news

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.jh.APP483314.news

com.jh.APP483314.news
1⤵
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4200

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jh.APP483314.news/databases/BBStory.db-journal

Filesize
512B

MD5
a5d2ad3344a895c201f45f66d38a2cae

SHA1
6cfb9361736542cf746acb949e9c6569d973591a

SHA256
090bcb0a09d3df47e1d7b5091f4326395e2a96ec301586b8f0cd983e85689a78

SHA512
e2ea27cbb20a7f071330e9dfcd6f0a76aac16a4de911a84d67d54a57b3b5fc72c1b7f0739b0a756e355952f0d2725a0deed8c4e54d4ed0c653c3ee22e128eaa1

Download Submit
/data/data/com.jh.APP483314.news/databases/BBStory.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.jh.APP483314.news/databases/BBStory.db-wal

Filesize
16KB

MD5
7a0c8e0431a0573388b10b8016228830

SHA1
bdcf26b224075c80f918d721208887130e054eb8

SHA256
5ae7397468651ec1c2c86541036d37ea6c6cef8b3e4015ab2b9c66ea4518e4a7

SHA512
52e74e122f99e92d0a539567e1e1a90e0a530af486bf88efa4d42084a8bdde3329c67f72877f412926effb0d5c9e37066040d65ff6c03b8ee3b3af81b6beab85

Download Submit
/data/data/com.jh.APP483314.news/databases/ccp.db-journal

Filesize
512B

MD5
cb7889b1457ae1e8584087b8fde8ca84

SHA1
29e1a962941428013f49581eb7fbe917a80b5785

SHA256
06a4703677d351bdd00e870f7be6812a3f179b10cea583c4fe9678498d2f2867

SHA512
00beddeb957247c7e46caa5d6a08e3e7ab516f46c335d62c6c4484e9f0f0e59992deca678ebdd6fd5c2dd1a50832f40acb78a3945b555f009d6d2ab3f062fe02

Download Submit
/data/data/com.jh.APP483314.news/databases/ccp.db-wal

Filesize
84KB

MD5
ff4bc5932f4723f04ea68ded5c3f6e5b

SHA1
dcc3fba284bc4df238098e9e40cc047e4b9b288a

SHA256
dcf8c097fb791fef65e0e38b408aaeb49fc6cf52d57ab800f46d8ba27e1e3fda

SHA512
c88981d98ff60a6622af546bc427c9cbd532fbd1e972cf2b7fca7774072618c6989229bd1590e15da0fc834c91d9e5557db9fe4bc6d4d9913d4296e1a0e165b7

Download Submit
/data/data/com.jh.APP483314.news/databases/public_contact.db-journal

Filesize
512B

MD5
8b34bbdd0292147545bc2d387e24197f

SHA1
9e9999d92fd5d12b1fb71e4b668c5289209052eb

SHA256
dd40cc0d8e5e8c58984124af6dc94b5a71a1315ff7390c0459e1b1a6234d10e5

SHA512
e350ef8e973f0ba181abdd45c12df4e4dcab5e19add28f9dde33c003548437dd1f601dc49e3eac09039e7f99112f8bdf6320f66af8c03816ce0da44822111de4

Download Submit
/data/data/com.jh.APP483314.news/databases/public_contact.db-wal

Filesize
48KB

MD5
f0e3234272d8823bcfdf57a62f95d776

SHA1
f652aadb8d4fdc5806c42980182cc6a4fe629c0c

SHA256
ce2dca035352e58ade9a18e40a095436f907859f4557a9ccf18f779a08c8baf6

SHA512
4bf6ac024755355f8fe13520738595429e3d9d7c8ab728eea35c81808b5669c1fc330b8114ec03ac27fd1122be54655de51c50932e21f019716cc33ea62d59c9

Download Submit
/data/data/com.jh.APP483314.news/databases/switchip.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.jh.APP483314.news/databases/switchip.db-journal

Filesize
512B

MD5
148db6886796b5ff5d9a10bf9c41ca4e

SHA1
d941c1fbd7e39712e826eac03b8d98e84ebd2eeb

SHA256
aa8134d2bc5b1ec22285dae0ff1498414c45fa08da2397f0e306b0a1479ed4f2

SHA512
0144c4d84db0e41de4cdf6c9a168ee1859e951a4b868873f54ed5fee2119c793aefbddc2d397c403a4737c729fce7fefb34fe08e229e0b914b0bba53e4aa0a36

Download Submit
/data/data/com.jh.APP483314.news/databases/switchip.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.jh.APP483314.news/databases/switchip.db-wal

Filesize
32KB

MD5
27d53c184fcf0ce69a579a167f3200fd

SHA1
238c929a508696ded35e6a33e32b48def8199778

SHA256
090c20c457304fc9dcc004c0cfa5b852c7bc16df71a3ba9847298a7460cbb667

SHA512
4655fc92305e5bdfb855a57bbab2f5ca22c95c2edf884b04ff0f63bfd30f89f19678274d1c5df958ca327ae88e7f13dc4376665c32bdd792be901c435cddac24

Download Submit