eb4c7fc0878b786a53e0123c3dacb485610fa4dbf64fac4a5faf14d542dfa625

Analysis

max time kernel
3s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
13-06-2024 05:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a3eba782bd45b94b8a40d5c388ed1310_JaffaCakes118.apk
Size

3.7MB
MD5

a3eba782bd45b94b8a40d5c388ed1310
SHA1

8b2961221d3a7b4d499c03c666c67dc7ce43e78b
SHA256

eb4c7fc0878b786a53e0123c3dacb485610fa4dbf64fac4a5faf14d542dfa625
SHA512

f6d9a45f04e7f90fc3f0c8b3f29f32c87e472df8be64ac62c1d1febe33121fe977ca9b623f23004e18f8852c5d78261a2e284c3a5d944a07d42fcad1cf1dc56c
SSDEEP

98304:6nE9J4zExr2DHHRFDqp4lgtp7Jwz2iW48uahG3K9FyLONjEL/L+mPCvAl1oVyk:6nEj992DHH1Gz4rkYONwL6

Score

7^/10

collection discovery persistence

Malware Config

Signatures

Reads the content of the call log. 1 TTPs 1 IoCs
collection

T1636.002

Processes:

info.tikusoft.l8

description ioc process

URI accessed for read content://call_log/calls info.tikusoft.l8
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

info.tikusoft.l8

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo info.tikusoft.l8
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

info.tikusoft.l8

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone info.tikusoft.l8
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

info.tikusoft.l8

description ioc process

Framework service call android.app.IActivityManager.registerReceiver info.tikusoft.l8
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

info.tikusoft.l8

description ioc process

File opened for read /proc/meminfo info.tikusoft.l8

description	ioc	process
URI accessed for read	content://call_log/calls	info.tikusoft.l8

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	info.tikusoft.l8

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	info.tikusoft.l8

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	info.tikusoft.l8

description	ioc	process
File opened for read	/proc/meminfo	info.tikusoft.l8

info.tikusoft.l8
1⤵
- Reads the content of the call log.
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4295

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/info.tikusoft.l8/cache/fonts/font_0x7f070003
Filesize
158KB

MD5
d5c46b134c17b2138dcd1bb0efa67049

SHA1
7d0421de4e1398fb9087378a9ccc9297bdbc84b9

SHA256
94df4e4976db8ddaec27f8e8c33eef912e744fb200ca09051794b38e5a502fc0

SHA512
439ee91745e269e0b61af6d8d15616f69113cc3342fc68bf37a10fe329b1ce6894532fffe809a3ba2cc02c5864c5ecb51792759a5807615e7fe94ad765bbf6f1

Download Submit
/data/data/info.tikusoft.l8/cache/fonts/font_0x7f070004
Filesize
154KB

MD5
5673da52c98bb6cb33ada5aaf649703e

SHA1
a18dcbf99c8d2325c2fbf22a64e8cc28a0cf4d3b

SHA256
16466ef65064e6f3885a6d2806b8949ac1ac38b524dd0cf8fc96565eb4cc28e8

SHA512
9728536f1e67069b4c44effc3245d81f61fb79c811a4bd2d3879f57eb220e475dfee0639dbecbe03f411aa8f1e2e84fc38a966ba38982b0b35e2b2a98549583a

Download Submit
/data/data/info.tikusoft.l8/databases/DownloadsDB
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/info.tikusoft.l8/databases/DownloadsDB-journal
Filesize
512B

MD5
823a36db5297cd5c70628a31a6cdd4c7

SHA1
1b9d80e651ec5e296342972985878c6fb04d2b27

SHA256
0094014b71d18be805d7d371d2c328be71074d8118f700189ee6e44a83a35cd2

SHA512
331bbf04cd6edfc73f3ef5b20eb408be0b8028e3bd3891f887765f5b9011fe1dd11d39408c1b07e55f049ad3a0dd718a0d77b9dc7dae7d91e95bf485734c1865

Download Submit
/data/data/info.tikusoft.l8/databases/DownloadsDB-shm
Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/info.tikusoft.l8/databases/DownloadsDB-wal
Filesize
40KB

MD5
3e6c15a077e9a8ac2abab186b4acc4d3

SHA1
1db5f5f5b8754e7093e1d364652ead139d75176b

SHA256
a2ef7932fd72706789280a1568876108e0a12274058766a4cd1b525f370aa18a

SHA512
bdb2c1d5f059996ee3aee21afa35cbb05f9d06c40c6650e77c33f2d13b8482fc8034176dfd98a6b2ce8694b92d7e0170ea833f0dd513dd4cea55d057c9185221

Download Submit
/data/data/info.tikusoft.l8/files/drawables.db
Filesize
222B

MD5
db5fc5d312b7a060a86ef1e4fa508ffd

SHA1
c108fd1042d4f4be9873fe2eabf92ef77cc5cf1a

SHA256
baf87052a1aa099973907dfcaee80cc80d909e6fb959ddbe9d79f31903a09f4b

SHA512
8eaffffba6c684bc7d032b131d1c241254cf386fc1308207fcb28945c1df33c3beab18eaed496629ec6b40f72de337157d395d6780271cf2b1a7ef7433200855

Download Submit
/data/data/info.tikusoft.l8/files/drawables.db
Filesize
423B

MD5
b5afdad270cf425697146980b72323be

SHA1
25a355f8a9d1edcb8e36a0047d27807b554b5ffe

SHA256
74b5f622f6bf24214bce769d30eda536f07bb9d53ec9e61283d2b0c03c9a8b5c

SHA512
17c515a91a6342ecaea4fa7c50d5ca4261719d97b4494fb6b59eeb5b3f005b656f5b6a737506e049f311e0d64f5329589b990c79c6ab5dad08f94b6508041e3c

Download Submit
/data/data/info.tikusoft.l8/files/drawables.db
Filesize
632B

MD5
5580fe2c60f41019d84220b5d4b62826

SHA1
d33f4c52846b7ca44953e3d3bc6c0435e4251248

SHA256
ddd2da2e8d9924db0da85e55cab58be76d211e2759eb1676b8fab5fd332d304c

SHA512
8d5d061e05a6b595662959ccc3cbdc5ed64ae512c56a25f1577673c87b8f9165eb29e727ad82725f824510809974df0f0b6348ef4044a08b6029c5d502bf906a

Download Submit
/data/data/info.tikusoft.l8/files/drawables.db
Filesize
818B

MD5
4931337391475849eccc96d4de496b94

SHA1
6c71dfaed5c1b1df0f1cda797e051003fa4d0dbf

SHA256
58ffa3cb56821c9d90ab8f3f2a83db31df52f28e080cbae3f528e3a5aeeb5db2

SHA512
bd9af86070848aa503ae2ccbfba20a4e11f6bb062e1181e3468452f881e18ac21246ade6a6668539a54be3834631599fbadebc997533803930327f05b84bc29d

Download Submit
/data/data/info.tikusoft.l8/files/drawables.db
Filesize
1012B

MD5
fa9a470c6be1dad1d30d2aa7bf538903

SHA1
01a0ecf8f9d0c3734437fe0f2465cf9fd8dc89ee

SHA256
ae4f2379aad5e0f86c495b148fa0224b59fc2940ccbaec4b7facaa22f040db29

SHA512
8746f317ca862aba0bc5e20735f67a77dbff761e9fff5981f6f23b7f1568593742f5a0305378004c58e7990dbe62cd7c8161627c324596a0e15f8bddc18f6868

Download Submit
/data/data/info.tikusoft.l8/files/drawables.db
Filesize
2KB

MD5
87757d8a52749d0c930bc5be8d6fc263

SHA1
57cdf06557d8592adabc2f24e448a975fea8adee

SHA256
16b958534b40524a1ae8aef983be54286d0efe56298a59b44dbdfbb8f35fdca4

SHA512
b1b49d0c59a15e9ffa723fdecd74077dd8779c111f11bd15b11691e0db2145af8445868cb9faa66b141ca39f82e0d3d1b397b0932e523c0d6acf294d59ff3b6c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads