Analysis Overview
SHA256
5c1d7b64d2c26359741cc62bf4efa16afc4a570cb94e10ec899db20dcd00bd02
Threat Level: Shows suspicious behavior
The file a880085c6ce4248eea62271ca992d159_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Requests dangerous framework permissions
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-14 07:22
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 07:22
Reported
2024-06-14 07:25
Platform
android-x86-arm-20240611.1-en
Max time kernel
2s
Max time network
138s
Command Line
Signatures
Processes
com.rainstudio.shoppinggirl
getprop ro.product.cpu.abi
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.206:443 | android.apis.google.com | tcp |
Files
/data/data/com.rainstudio.shoppinggirl/.lib/libexec.so
| MD5 | d0c028c8b10466973910416c1988ebb0 |
| SHA1 | 23b3c587b839869ab559d20f6d41f7f3775311d3 |
| SHA256 | 794ee8866f2d4954eed59dbdab5cb7275fea98ea1ffe57919cc2fb42c114ae40 |
| SHA512 | 98014abb0d5dc615c65e9027b58080623385bb3330d8423e21412eb606a7efb25447b72404460eac76c4607a1aeb7df6384ace8c17cdbf4afc4be3f89f6452d6 |
/data/data/com.rainstudio.shoppinggirl/.lib/libexecmain.so
| MD5 | 5b66d236f06f88fd83811a5445bd97c5 |
| SHA1 | fd05685354bb87724db9c469d578d5a0766540ff |
| SHA256 | 62876ec0f5e24f220d291751b3ad99fa1090fe8066a1ffc4dd3c38669dde24b8 |
| SHA512 | 2bb097f4040312d63700a3312d88c2d515867e4fa533b21b9b9ed20efb23f8beac6101b31fb842411ce34563567aeb8bfaeeb79b6afc9d965ea40b25b6bf063a |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-14 07:22
Reported
2024-06-14 07:22
Platform
android-x86-arm-20240611.1-en
Max time network
4s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-14 07:22
Reported
2024-06-14 07:22
Platform
android-x64-20240611.1-en
Max time network
5s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-14 07:22
Reported
2024-06-14 07:22
Platform
android-x64-arm64-20240611.1-en
Max time network
6s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |