0ba8251ee5e8efec6c78aa03653b3a681785192fa0725e327559b90b9b78f8b4

Analysis

max time kernel
14s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
13-06-2024 07:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a485a78f4a94835683378609d6cb2298_JaffaCakes118.apk
Size

2.5MB
MD5

a485a78f4a94835683378609d6cb2298
SHA1

a588c29778e9d94dd31a17b7b6f4d76856f12f40
SHA256

0ba8251ee5e8efec6c78aa03653b3a681785192fa0725e327559b90b9b78f8b4
SHA512

6fcf78538758de8872b45d150140ca58d61d3342ec9a8da9e0baf9eed118c6b4a484c23ad3c4dd60d7ffe3a08b9b4ce0059f0b0d3678786ca394c1b0a1b6bf59
SSDEEP

49152:CQrtONquBE2/KoxNATj0uYCR3sdKpoINyOIcegEriYHTzuvcfSbE:MN9ijrl8dKpnEOIc4rt/uKL

Score

7^/10

banker discovery impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	org153.geometerplus.zlibrary.ui.android

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	org153.geometerplus.zlibrary.ui.android

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	org153.geometerplus.zlibrary.ui.android

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	org153.geometerplus.zlibrary.ui.android

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	org153.geometerplus.zlibrary.ui.android

org153.geometerplus.zlibrary.ui.android
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4272

org153.geometerplus.zlibrary.ui.android:library
1⤵
PID:4311

org153.geometerplus.zlibrary.ui.android:crash
1⤵
PID:4360

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org153.geometerplus.zlibrary.ui.android/databases/books.db-journal

Filesize
512B

MD5
f11cfdcfca02c4396cfe37224dcad93d

SHA1
5e9fcf919a39aa1a0df60e49d5545c10e9d09ef2

SHA256
33972d2f3f173bfe6a7a820040ff4900dddeb7b2198976bfd481354e57619ed1

SHA512
ddcd7140554304a0b2d6ae03c006073201abce4160523eb0fcd34aeb1bfcdd74bba0561e361331c39e6a4f2ea3cd63b9c8d640d97c9495c6cfefcae81508dd0b

Download Submit
/data/data/org153.geometerplus.zlibrary.ui.android/databases/books.db-wal

Filesize
309KB

MD5
b69380a8aeb990621d58c8cdb2b27bc9

SHA1
751bee4761c8cfaa2e3fa8fdb5d51774d97ef138

SHA256
12a73d1db148f2d5fcdb36e650c54912035eb2998ce3a54f23b6bb3262686b0f

SHA512
bf700d8527d5783e686aa8546d932e2d66cb9005a3cf636090373d2f436b230fd5b212df6d394ffa9adfd7a55cb20bf7309d3a400e6fd736b10a9687202b7dc9

Download Submit
/data/data/org153.geometerplus.zlibrary.ui.android/databases/config.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/org153.geometerplus.zlibrary.ui.android/databases/config.db-journal

Filesize
44KB

MD5
71aaa2633401d5f0a2a17d77c33d7e4c

SHA1
2eacf95905d3aeb8897763182e08ef095c727f6b

SHA256
316960987509b222c37666ccf29392a5a8662d45ddf79e1803c0dcc8b351c0c9

SHA512
d4f401f02b6986fd38db0c730fa38efc484f982824751c945b0e638891a096d163d54c113fec5c73d6afe808ffe077466fce546cf905e7d07972b223e31d5aa3

Download Submit
/data/data/org153.geometerplus.zlibrary.ui.android/databases/config.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/org153.geometerplus.zlibrary.ui.android/databases/config.db-wal

Filesize
36KB

MD5
b7e16998d78cbd9e603e8ff3d15bf068

SHA1
2dd7db69aed48f6ece0138ea498b85fecf2d09fa

SHA256
a90e51dd18d6fa5131b657adbf4ee3ce0f958cc2cbf49785d0619b970b25447e

SHA512
d531148bd2628ba61628dd134d50e23ebe3c44dee24a8dfcbb921d46f7cb2c435c6bd31b01ba6181cd6ae3a3b37063b02fdafd8d4d778d9a4bc7ee97f4dbd592

Download Submit
/data/data/org153.geometerplus.zlibrary.ui.android/files/abf3531c1a6d5f50849b3b4d000098bf

Filesize
16KB

MD5
77ed0b4e11ab1de85e99a654750e17f5

SHA1
3b926a62333fc90771e1069a5624f2c552e27e54

SHA256
0e2922ca6593a8f733373472435a2754fc1cf6368e1f91b392e8968fdedd61c8

SHA512
1ba48541f11ffb15c5c564a56d9a0f988b66c04ce2ee9404dbc6fcc607456f6dcb4be4c5aa64f3055465b366bf302d1009cdf8d07af4f5ac3fd85cf2ff2ffecb

Download Submit
/data/data/org153.geometerplus.zlibrary.ui.android/files/abf3531c1a6d5f50849b3b4d000098bf-journal

Filesize
512B

MD5
86741103e1b4d4f2348c5d676534327b

SHA1
8ae2ce915782ce42bb426fd57e1761d8dfb0f5fc

SHA256
a039cfe0d8691daa168c7fbd318ae26261bca29cc6033140f2a6a83206b985f7

SHA512
be2c55deded4ef2d26e66b6709d8aa9ba580fefe11752b3d85863e94140d3be9fa38e4204a394ea631fd226f378f682cc30f72c4ed7efb38bd2ca616f2bc20b9

Download Submit
/data/data/org153.geometerplus.zlibrary.ui.android/files/abf3531c1a6d5f50849b3b4d000098bf-wal

Filesize
28KB

MD5
9c5c7afeb036f91889f590d040db6b01

SHA1
6152dd026a9db22d63bde01745f0fbe1531e5947

SHA256
b5f40dcff70d632389743cc46fcad0a2630c6a2ca87fdc8e6e3d0507ba67c7b1

SHA512
c19504ab5307082eb5daffb603f52c0a6ccdf53e57181616ec7ba90b104217433317d05829e387a65ab0348b2ddaca89df4d6387720d5c283bd821e8703ba07b

Download Submit
/storage/emulated/0/LaBooks/mishuzhanga.epub

Filesize
981KB

MD5
68623762f54e3244b2b418b5f1729ae8

SHA1
24d985f37106412d567b1ead39ebca592cb21f53

SHA256
77338496f9fcd7628e6f95558d5d31088c5964ee8e2392afb1cce046ebdd1389

SHA512
47b218976aaa8757301cf5439ce5e7466f53fba3d13866f61fa78d2f5a94fb6e46370dd8e95f65617f8993c4b1aacbc0ddd66eb415650095a6b0a4209247b47f

Download Submit
/storage/emulated/0/youmicache/CCA9582BC81E888EA674F157E5540CF8/abf3531c1a6d5f50849b3b4d000098bf-journal

Filesize
512B

MD5
a96d8878ec6caade3dde6516895c559e

SHA1
5bca3724d7b140221c1d46644152b39daa18ca7c

SHA256
bf04c0d4271beef05ead6d59e3cc4099264bf776926564aeb063eaf1db0caa75

SHA512
87729af33882ab3eb1817fe37ffd1614ad068b07f86c1c2b0ca0d8eb7131aacdae348c171e59930a4dd1077b4152facd4a299890e7227a30d65be4389b5d6f6f

Download Submit
/storage/emulated/0/youmicache/CCA9582BC81E888EA674F157E5540CF8/abf3531c1a6d5f50849b3b4d000098bf-wal

Filesize
28KB

MD5
564b9afe4c39b9467887f48612a9d60b

SHA1
453d9fdbf7960c6bb67ed079744a23eef51d712f

SHA256
c6d1123aef936ee84f28fd5f5411975719abb194373d3615c9396f93bc013115

SHA512
f36e6d0d512cd04f4eafff925914de156523c681190cac384c4914eaf00245a6b4e216de0b0bb8f30d0ce693bd75253ee6b4ba4a941bfe74f3cbb60015ac7f03

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads