46268321029bb2115ed5677146c0c547a2d6d2af95e15d93aee301e3a37188fb

Analysis

max time kernel
178s
max time network
167s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
13-06-2024 22:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a6ee2d21715d12fafb70253cc29c2080_JaffaCakes118.apk
Size

15.9MB
MD5

a6ee2d21715d12fafb70253cc29c2080
SHA1

a7e8fbc98afcdd3d0d113f40b00c6edf47ad0f0e
SHA256

46268321029bb2115ed5677146c0c547a2d6d2af95e15d93aee301e3a37188fb
SHA512

49ae76837e212f986f25a7ac2498766d80cb1fc826fd07e8a694dec3f7415ae3bf53b950c9342b97781b3a8bb0c05ba39f0839f8221a74ecbfe0764b7cd212b1
SSDEEP

196608:s+Z4qGnXF1AWZSOcNGNclSqgyGL/Xll0PFJM+BcTkq2zkuLt9m8nyyzjiZV6/7xs:sqGnV1LzOGiSqgxzll0PKmeARkc/7x01

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.weixin.ring

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.weixin.ring
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
evasion persistence

T1541

Processes:

com.weixin.ring

description ioc process

Framework service call android.app.IActivityManager.setServiceForeground com.weixin.ring
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.weixin.ring

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.weixin.ring
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.weixin.ring

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.weixin.ring
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.weixin.ring

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.weixin.ring

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.weixin.ring

description	ioc	process
Framework service call	android.app.IActivityManager.setServiceForeground	com.weixin.ring

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.weixin.ring

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.weixin.ring

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.weixin.ring

com.weixin.ring
1⤵
- Queries information about running processes on the device
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4169

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/data/com.weixin.ring/cache/Image/journal.tmp
Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads