228b9e1879420687660cc13a16f131749ed122c6b767af6469dca96fabdd4fb4

Analysis

max time kernel
3s
max time network
140s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
14-06-2024 01:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a774b8fff8d5b16c120efa57ab4c3761_JaffaCakes118.apk
Size

1.2MB
MD5

a774b8fff8d5b16c120efa57ab4c3761
SHA1

8cdb7f4baa34b82aa06dc44747b800d26e390e38
SHA256

228b9e1879420687660cc13a16f131749ed122c6b767af6469dca96fabdd4fb4
SHA512

90c03760ca1161883a5a3edb1d848aec6d4ecf606987b4f23aa6622812ed7f4d075665d3916c58a7591ba8f38002226fa93ee0dd8d8a52b59e373b39eb1dbe72
SSDEEP

24576:dOgoaux43vWMTL9E1pOnG71vbhblA4O1I2aPXryGZV:gzadvzL9E1r5vbhbQIpV

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.fly.onscreen.as

ioc pid process

/storage/emulated/0/Android/data/as/cs.zip 4214 com.fly.onscreen.as
/storage/emulated/0/Android/data/as/n.zip 4214 com.fly.onscreen.as
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.fly.onscreen.as

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.fly.onscreen.as
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.fly.onscreen.as

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.fly.onscreen.as
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.fly.onscreen.as

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.fly.onscreen.as

ioc	pid	process
/storage/emulated/0/Android/data/as/cs.zip	4214	com.fly.onscreen.as
/storage/emulated/0/Android/data/as/n.zip	4214	com.fly.onscreen.as

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.fly.onscreen.as

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.fly.onscreen.as

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.fly.onscreen.as

com.fly.onscreen.as
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4214

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fly.onscreen.as/files/e.zip
Filesize
28B

MD5
307999dee49da263227fbd45b6fd5aef

SHA1
05334f381bf966f7c58874e6601d17db367886e7

SHA256
e0f81c86deb313991f302e508cddc7608bd81fd3a923e72bd4a3432f1de9cd91

SHA512
5cc49b3a01c8f7b45043bc79404ad96e0f3e38ad46329801f756824dff7f73ac0e9f19a20706fc09d7aa2c60821d8232d8550448743bc37099b1a85c7e8f6a0e

Download Submit
/storage/emulated/0/Android/data/as/cs.zip
Filesize
149KB

MD5
43574e7f3b6762ca22d4d12e7b2b9bce

SHA1
6d79ed04b419c2fdcf4d194b52da46f8b5ec9703

SHA256
e88726fbfaac997b2b87405aa0ffee05d51dce72534d3301a1f8836b355cac7f

SHA512
caf4933468003e8f89073a3dac1607474aae973c3eb8b4e043c1c33efd490bcccda009edcfb0c6816688db72d840421f113469dda0ff51c5e696144276edc3d8

Download Submit
/storage/emulated/0/Android/data/as/cs.zip
Filesize
25KB

MD5
c0971bb934ab0954928d937820611585

SHA1
7b2c660c2c50d6389ff1072025f533e22e533b61

SHA256
b3ee5d9ac13622f53e441f2b112b00ba5dbc9b931d6d2e7641c0f4073c1a87b0

SHA512
606e55e8961d25a7dd5b9d1a8c7d64b58ebf607114c45bcb08df20b49c67742ebba30dd74cc5635c8042ea333f53c1068eeee55f18dd8097547a51a32b6e5a6d

Download Submit
/storage/emulated/0/Android/data/as/d.txt
Filesize
12B

MD5
fe66a38e012da03515ff1853ad49d383

SHA1
5e2b761fd4eea89b9e14670f537822af139ceccd

SHA256
93468f2b91a2dc84feddcb360fe84559b5f4cc0f92d353cc7bf204b1b3c7ddb7

SHA512
4882f06552e5a935a6937b46562c9b0170a47d9af7eb41d7eceb7415f1e4e88b82f160817406305615d39cb2db57c1278c791ceb6271f379c3e3f6bf45d0f74b

Download Submit
/storage/emulated/0/Android/data/as/n.zip
Filesize
137KB

MD5
7c901bc4a8b2c68b51d0860f7202ca29

SHA1
81c0bc5c527163cca3926247a29504ff15c85335

SHA256
d389df960a4e9f13566e99889b5426c7c12f5d56eef01b4feaa728946f4c8b79

SHA512
8c327a3eae55ff3ec2236d3b7f906e1a2a2e78e6500926d88676e218449afd2a9a58aff9bf7fec2eab4a8d0df217cef35ebf32052492bd5ca9625a531079ddad

Download Submit
/storage/emulated/0/Android/data/as/n.zip
Filesize
286KB

MD5
cfa478b0c6a6866addc98a912d1e116b

SHA1
b7fedc7abbd570bcbdd734bc95001f8eaab1ea68

SHA256
791310bc82441d77313f03acf08d9c03801c04a203cc1138e222fd0fdb698a16

SHA512
636f3105248150c19c9b4ea535e3af8d35b5b7f566a6adba741e0b4caeb825cebea06a9b06b4771ad0e2c525b9c684954bbe882c92f2791b8fc4a681819eae28

Download Submit
/storage/emulated/0/Android/data/as/tn.zip
Filesize
33KB

MD5
ac0378f7e84b280af6da9d79beafa82f

SHA1
fe2fa79c29fc7e2ffb81404f7d6ef992c800bc8e

SHA256
37f4b9addf8995174e9184d1f99e7daba1e6fff7fa9b8c37308938b381dc845a

SHA512
ac28deb7dc3aa0a037d67d4c4d16ed9af63a1f530013d3668b05b887e49f6c5aa891c1c614c1982914ee70dc03bcaea28786d14bfc846e0f92e1296a22a2f30c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads