8ca74dd641e225165e5cfe400c5556a6037e4f8c3a4b9a6681100703d0bde23a

Analysis

max time kernel
179s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
14-06-2024 02:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a7c83d22ac36f99f3902303ab4620704_JaffaCakes118.apk
Size

1.4MB
MD5

a7c83d22ac36f99f3902303ab4620704
SHA1

77f040683043c9f399ebd012e50a3bfb34fa9fd9
SHA256

8ca74dd641e225165e5cfe400c5556a6037e4f8c3a4b9a6681100703d0bde23a
SHA512

bd85aa47be388f708d704e5d7dfba910940340b4537689991a7818db582f69878d01a44f3c188569d3567a109d87e0c58de78db341b2954528e71b97229d46b1
SSDEEP

24576:mPEaFmFN9v46flH0UIbxMeh+CYIgHBxsoMHuvDm8P0JORSAireJP:mEaFmL9AcaJYJH/pMOvDicS0JP

Score

8^/10

banker collection credential_access discovery evasion impact stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

com.bjin.gamemaster_main

pid process

4488 com.bjin.gamemaster_main
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.bjin.gamemaster_main

ioc pid process

/data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar 4488 com.bjin.gamemaster_main
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.bjin.gamemaster_main

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.bjin.gamemaster_main
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.bjin.gamemaster_main

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.bjin.gamemaster_main
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.bjin.gamemaster_main

description ioc process

File opened for read /proc/meminfo com.bjin.gamemaster_main

pid	process
4488	com.bjin.gamemaster_main

ioc	pid	process
/data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar	4488	com.bjin.gamemaster_main

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.bjin.gamemaster_main

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.bjin.gamemaster_main

description	ioc	process
File opened for read	/proc/meminfo	com.bjin.gamemaster_main

com.bjin.gamemaster_main
1⤵
- Removes its main activity from the application launcher
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar
Filesize
276KB

MD5
9aaea567e0c93e51718ba7eade0e83df

SHA1
0005116aad1779361b70093db00fed5ac090ae23

SHA256
b30a95dff6f65f444472971c8aaf895ffc8e66e0117ce242ec4cb8a8a519a5ec

SHA512
2aef1034335d8752f4e25ce6c5823ce03019536cc6e51ee61b5291c77a0f356a2517e0cbe7f2c4cc2d897115dc856449a342cfdc247c9d34d313187d15b2f890

Download Submit
/data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar
Filesize
587KB

MD5
f72c3d07507c3e26d317e9117ba757d1

SHA1
cdede4739e9dd9fd95243aab5e44c24f93f825c3

SHA256
1c65834d9ca018c6496a8b9957589d0e94657911b6635dc21a448d78f9238887

SHA512
3420714252e7503abc13c99274d767b0bc08671d769460dc61823ab9470e145fb75c5dfaadc617d3a05cf251ed5ecf38ea7e8c1d7b343bca4d7e8296f1b805d4

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb
Filesize
72KB

MD5
feb39705b1b862f34e987fd763dfac61

SHA1
4bdc437a1df9b1c4f133737e8ca6af6256bf71af

SHA256
a6fa8979ccfdb51db2d076c90a8df87c26504b4b1be274a4b2bbafe7e04959ca

SHA512
512a230dd3327cb0e04585a09dda368516464cc4e69a63b6cf13221efefbf198501e243df2fd4a134beda0df555baeb4e962fa2163922a14a87c9523625c39a8

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
Filesize
512B

MD5
87b5f2e4a791cf6911fab6f7ed904385

SHA1
b0b61208fd1678ff3a7a22e8d9a89a975e0fd237

SHA256
841433cef654824b347f0cec530185959172fd1524260f59b0ee915ad9c77580

SHA512
37813aae53143f2fb543ae037ecba29f9f840b2d4acbaa937f4bb375f905af0a291d7c0d00e58a4fdb9981d1fbe227da9c46faab07ab80e87d9dbd94a76a7e04

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
Filesize
8KB

MD5
eab7cdfa74e775bf13af81c1ee40342a

SHA1
603ffe918b92aaeca3b39b334ce1339c0cfb01bc

SHA256
07c37f4386ca7e6c0003d249b8f9c973537b01e8e12d2328ac06af638e2772c9

SHA512
693a4c0c3e71bbad9957934fc891c4c5c2752fae4c51a02e36af122f6774401da0c3ee6e188a81826c28d086246de34e617cae5d8dc4fa25244082bbcc27738c

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
Filesize
8KB

MD5
68528093078c719be22387b33ee31ddc

SHA1
ed9fe8737f2baec8af260368f5c1f829d33e8266

SHA256
40aa6d88671b9c01607d4959c218e185571380398fd0df9ad3a80be50e3fe01a

SHA512
6b1a18f640d2978769aef25f390e61c786d279e49fc8a7ea5727a98c5cf04ce2e41f44a8b086eed1c92c255b51c74982de9ab10cd62a16684b3147cfc437363b

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
Filesize
12KB

MD5
a254d128d9a064bc4de1736579adf62c

SHA1
17b512882fce21e4d0988b16cd906228ba224777

SHA256
ae6d165b34e7bb2fc4b2f8706880589fcc1fe5d2f496d0256efddb8d2512a107

SHA512
af3a7cab4efa3581bf1fc240e5f7abc0a1d723f1590580e11cdba6a53cd2208b496c86c366f8387c6c783c3904e85d07286c66cc5836ceef9b1c4d87aff7f72b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads