Overview

overview

7

Static

static

6

a4e83f9d44...18.apk

android-9-x86

7

Analysis

  • max time kernel
    4s
  • max time network
    170s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    13-06-2024 09:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a4e83f9d44c58012e30d791cb3637bb6_JaffaCakes118.apk

  • Size

    3.0MB

  • MD5

    a4e83f9d44c58012e30d791cb3637bb6

  • SHA1

    f5e644b84795729e367c02978db3a86737657e25

  • SHA256

    2b07707f123933f8cd592c0d28bd12006c88d2732f6419f115126e5f3461986e

  • SHA512

    1b82ca3889c59ad430436aa34f05e8fd1ddee4044a3e5fec0d375b289c7fe44043bdabd20de4339630a0ccd0254ef1aeba223565a90d7436611adbf38250a993

  • SSDEEP

    49152:peme23GGJXsPpNcy7/R4S2cXs/dPGsRxTFcFlUzUPcYJDh/5WSyYS:xe231soKR4S5XAVtRxTFcTmKh8SLS

Score
7/10
bankerdiscoverypersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.shengdianxia.pushmya
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4231
    • /system/bin/top -n 1
      2⤵
        PID:4300

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.shengdianxia.pushmya/files/event.txt
      Filesize

      216B

      MD5

      a39a7a18c0029f354f7741f74fcd80ad

      SHA1

      19f5e46f48e32d760a91af0caff5b5b91f4c8733

      SHA256

      12fb0e1bd004b409764d40c43fb4e8d54fe98403679bc2f7d98299477f7038f6

      SHA512

      8d77845cfb6dba39463ff6810930072b134a162aa20be06658010cb6e200cd0792f2d5c7eed281569d20395fcf0dab05c51b559515e4b4bf9bc0bfc6ecec1583

      Download Submit
    • /data/data/com.shengdianxia.pushmya/files/event.txt
      Filesize

      146B

      MD5

      ea2a07ae03abfe8251b21cced3b6db02

      SHA1

      b275636b7e271aa40951119df82cdd66a3b386a4

      SHA256

      d88fb0eddd8ac9a259defe9b34376851ffc0a617c3175c1e61625a39e3b2db25

      SHA512

      037737efcd659db8b35dc261759e862fc2df1afbeeed99ac48900358021feefbcd50e90f26fd1b6c3a6439b2126a3f39ba25f36d2efe2734a876fe0d68344150

      Download Submit