Analysis
-
max time kernel
179s -
max time network
140s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
-
submitted
14-06-2024 22:13
General
-
Target
abb4664a347eed8ba0a8d051a540a063_JaffaCakes118.apk
-
Size
998KB
-
MD5
abb4664a347eed8ba0a8d051a540a063
-
SHA1
117788d138e1675cd9fc73eedbb1f9c89d0d973c
-
SHA256
5caf1616a82b7fb0a907747073cba88b62c0b383d5ff9ed905b8a717c6ce5944
-
SHA512
5293731dea1daa115e39f98790574ab81b8a6a5db3c9a8b32b740278a28928db4fdaf8b73ed470e4f1c4fcda00621cfcf8ce7882f8966f7ec58fcf690c126ea5
-
SSDEEP
12288:oBddzgJNSC44em2VoBglEUJuzoRJrvOUMm1sYAOXPPZw6ua0:qddzgJX1GVo05JuUvT11ZAOJw6ua0
Score
8/10
Malware Config
Signatures
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings. 1 IoCs
-
Tries to add a device administrator. 2 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes
-
com.mobihk.v1⤵
- Removes its main activity from the application launcher
- Makes use of the framework's foreground persistence service
- Requests enabling of the accessibility settings.
- Tries to add a device administrator.
- Registers a broadcast receiver at runtime (usually for listening for system events)