Overview

overview

7

Static

static

6

a4c99efe99...18.apk

android-9-x86

7

a4c99efe99...18.apk

android-10-x64

7

VqsPhone.apk

android-9-x86

1

__pasys_re...er.apk

android-9-x86

__pasys_re...er.apk

android-10-x64

__pasys_re...er.apk

android-11-x64

__pasys_re...er.apk

android-9-x86

__pasys_re...er.apk

android-10-x64

__pasys_re...er.apk

android-11-x64

Analysis

  • max time kernel
    19s
  • max time network
    151s
  • platform
    android_x64
  • resource
    android-x64-20240611.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
  • submitted
    13-06-2024 09:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a4c99efe99a7db4e7659b53300b8cb45_JaffaCakes118.apk

  • Size

    26.2MB

  • MD5

    a4c99efe99a7db4e7659b53300b8cb45

  • SHA1

    96cf421e73a26e35887f7c854495f331de1aff5c

  • SHA256

    8b4cc2e507907a5c718dc13bdaafa73ae02979bd50371503d8654a36cb9f9b1f

  • SHA512

    a9a37656239d1009d853486a46c67f5dbde51f20abae0f6d0198039ed2ee0cc1154e89a47b39e4ab2b8d12451a3b0ce477d8938955de6d6d8e6472d5525484a3

  • SSDEEP

    393216:zB2E7QbdTsYsLCWvsiaapYJtRwRVVzr2GrpV2yt4Av1o5jHYvDxgu0rOI6GbLpeR:zuhfWU+Ko3PVhtP1ol9ag/puYiQA

Score
7/10
bankerdiscovery

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery

Processes

  • com.dws.armyantz.vqs
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    PID:5053

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.dws.armyantz.vqs/files/AF_INSTALLATION
    Filesize

    33B

    MD5

    d90c10a0adb420592d05e73b2670f0eb

    SHA1

    0a3de7321a62b90f9fa11240cd41ab86e1b3ab12

    SHA256

    5112bff7bf7df67ff6d52fab7b41c83c9286efed0325ccf6c8bd6777cb233886

    SHA512

    3e659f6b4339c4e8348e0b4fda8d2bcf84e64d0c462e09073def2956c7e1eb6c3b90f1c96ac0eb4355d96b14b49a3c98820817593f35447b4969d412edbbd720

    Download Submit