2b181bf34acb7aade05be2f249b0cb4b01bc836249ff4cb8661d4092bf769162

Analysis

max time kernel
124s
max time network
175s
platform
android_x64
resource
android-x64-20240611.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
submitted
13/06/2024, 13:00

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a5a8fe4ab3ea966a5fdb5c7e4768b5d9_JaffaCakes118.apk
Size

1.2MB
MD5

a5a8fe4ab3ea966a5fdb5c7e4768b5d9
SHA1

ce4f2552e831931f610e25dec361d1c55e89eb2b
SHA256

2b181bf34acb7aade05be2f249b0cb4b01bc836249ff4cb8661d4092bf769162
SHA512

cfedfcad40dcc6cbfc54f00bbc7f1af2f25aea7d0587d060d30fb037f959eaf6e7e6e68a7bb548c830092e4489eb7deaaae320bc4db4886c3d22619e7f2db19b
SSDEEP

24576:88BT6R5lSzUtSzqrFvAs/z8g4QRC6tw7j52xRfODW31JZS:NWOq2Oz8g4Uw8zAgS

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.guo.musicplayer

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.guo.musicplayer

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.guo.musicplayer

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.guo.musicplayer

com.guo.musicplayer
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
PID:5036

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.guo.musicplayer/files/mobclick_agent_cached_com.guo.musicplayer

Filesize
105B

MD5
faea56a88e948e290d1a326b4a19d59e

SHA1
fd22276d829f17d211eede6d7d8cdfe723c2813f

SHA256
9a566ac4e38f255f20d9a3a64c12c8600c891f20bd2df81deedc25a8569a8513

SHA512
66f1b491bcbbc86e59fa855efed16a8313636d9f5297648294c999bafd9991a2521e42c00e8d197764d2c3b1d2686aef95d6d34c9b0c40893f78dda4da3e04a6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads