Overview

overview

7

Static

static

6

a9a7e3b9f6...18.apk

android-9-x86

7

Analysis

  • max time kernel
    170s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    14/06/2024, 12:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a9a7e3b9f6c2531356bb7acd3a303334_JaffaCakes118.apk

  • Size

    23.8MB

  • MD5

    a9a7e3b9f6c2531356bb7acd3a303334

  • SHA1

    8488619c47d3cad214a8926885ee22cb19371341

  • SHA256

    e866e8573dda8b82e07f43f5d10e81725b1248c6db494659dc5b396221a7e75b

  • SHA512

    6bd77369a2d251e92bf7024ec91bb57c273fbf77b306e68abf3c3cf3a055549a720a8bc3fbc7835bc446567b1bdd0865d805662e9816a43c3426fd3a749adc72

  • SSDEEP

    393216:peED23xn1mWvzokfDoUzYPuUlJMDLYNf127IWUAy3PXjv6ODOcLGFCkLpBrs47zR:EEq3pvzrf8UcDMQh1kNI7C5cCBpBrvzR

Score
7/10
bankerdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 5 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs

Processes

  • com.Mammoth.KuiBa
    1⤵
    • Loads dropped Dex/Jar
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    PID:4269
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.Mammoth.KuiBa/app_skong/kong.jar --output-vdex-fd=59 --oat-fd=64 --oat-location=/data/user/0/com.Mammoth.KuiBa/app_skong/oat/x86/kong.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4321
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.Mammoth.KuiBa/files/egame_temp.jar --output-vdex-fd=61 --oat-fd=62 --oat-location=/data/user/0/com.Mammoth.KuiBa/files/oat/x86/egame_temp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4335

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.Mammoth.KuiBa/app_skong/kong.jar
    Filesize

    35KB

    MD5

    505f9cdb7cbf287e42ded4cff8eef05a

    SHA1

    1c676255faf9658fbb033aea90a0134e43f16a73

    SHA256

    a953ad542a352b39c47b25ec7613c8f60d89ce61e7253e7507d5e96bad3bb859

    SHA512

    591d7f8f909c31ee17eb4d13921c52d4f3c683b06e934e97983c82e82fdbf50a599ed83c97141996fabc1fcf9fe9816e3af3d171d8a8430727bded088ac1378a

    Download Submit

  • /data/data/com.Mammoth.KuiBa/app_skong/kong.jar
    Filesize

    35KB

    MD5

    90d60b7c2b9b425831daff43e726170d

    SHA1

    9a0609fa471483527a397a0e83b7741d327bdccd

    SHA256

    f44e2fa0069dc9411864010e8442de3a3678e8ced708ba2e387db69a75f42e2e

    SHA512

    b58e6b31ddedb90154a4ab48a931d4f591ea00169260544b0a045f330c03ec2f6f87a71595fd48ecda06f87e326ef78db7196e777e8837d824bfe75c02204b18

    Download Submit

  • /data/data/com.Mammoth.KuiBa/app_skong/kong.jar
    Filesize

    35KB

    MD5

    bacd75ce7372c2a05d9f4c2a051575f4

    SHA1

    c1afe602debe34fb6e1d38b13dff924ec81a00d6

    SHA256

    c6f8279cda7d8b4f04b045846c9af5f97fbbc14d0e204c04f6357e3ff5262339

    SHA512

    08c48f123ed0964c000692c23b6c44601495a9ed22874876eb4fd277bec84143f477c69d0d3cb9e99995535d08d294493dca568d2cdebe3dd5e86ab4e8b3f2b0

    Download Submit

  • /data/data/com.Mammoth.KuiBa/databases/dbkong_data
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.Mammoth.KuiBa/databases/dbkong_data-journal
    Filesize

    512B

    MD5

    29913cdf40ece4867acc09f50f8e0c96

    SHA1

    a72eb003a7b9845cce57907c1c4546429ea2c2ff

    SHA256

    cdd5609a23bb39bbe134eb0b6976c20712bb99b2d8f74d6936448420fcd1c6ab

    SHA512

    db2043c2b384eb10cf336ab2c5bc779ffec15f050b1aa164e3bbb1034e145de8d00f114532aa8c567d2996afac6af01de347fca0c1404d0579d498d8809b9111

    Download Submit

  • /data/data/com.Mammoth.KuiBa/databases/dbkong_data-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.Mammoth.KuiBa/databases/dbkong_data-wal
    Filesize

    92KB

    MD5

    b907c87fbc513a5fd63b7eca41a7ebc2

    SHA1

    582c8f0b0595f3b47c68cd61c7a6f83e66c2f61e

    SHA256

    6655c11de88ae3ca98735e7d51f29e5d0f9b21e547ef8cf4b30c57bad9724310

    SHA512

    81add5e68ac906bf429ab882384c077df16c29dfe284d1639f0a7f9f63efb8720b46e0656ab203438fc5e2d319db8542f3b19c23981f24b740305a9ccfe8c514

    Download Submit

  • /data/data/com.Mammoth.KuiBa/files/egame_temp.jar
    Filesize

    93KB

    MD5

    6bb1a12917e2778f7e6a627924fc64ef

    SHA1

    acd393b4a825e2f02170c546fa95e235bca13622

    SHA256

    f58d285141ac16cf410f1a34fd8abdb2db9bf6d69830557a3fd633a35b3420eb

    SHA512

    8020bce2a35b3182890e407b3a2719915446d1b5601ff7106a0775a76e2a63fe2703eb477551d902debad1105a97032acac8288976025126f4f7599bdd97f892

    Download Submit

  • /data/data/com.Mammoth.KuiBa/files/egame_temp_.jar
    Filesize

    93KB

    MD5

    dac8e67611e23df9ae8d9f167ff9de22

    SHA1

    25f1684722211c80d978f6ca99b4482098ae96d4

    SHA256

    b654dbc9f152de856b11c6d619c8b6b8128235b010977d74e79d973a8b0295d4

    SHA512

    e267488e3f169eda196cd090481d22130fab5f876cc361c217742659b9e139e48b8aeb291554e3f03177dc0f4462af43ae9c0bb6716d504bcd363910c2185a5b

    Download Submit

  • /data/user/0/com.Mammoth.KuiBa/app_skong/kong.jar
    Filesize

    83KB

    MD5

    02115b472c6cbfb051f0a1228f959a6b

    SHA1

    e7a0e74d18d621173285b13e518e0ad2a94f9364

    SHA256

    013654f61e3f8448da266638475acee57ddbba83953999044c79eff12d5040c3

    SHA512

    d706ccc5a225aee0b71622081ee91b2753e961d5e2c9102406b7dbbaade1dc723fb018e0c0304ac567f164eee1d40d03e8ad9072b73f8c4819b49946eeea8be2

    Download Submit

  • /data/user/0/com.Mammoth.KuiBa/app_skong/kong.jar
    Filesize

    83KB

    MD5

    4b04e798837e0c71649e8240abef7aee

    SHA1

    66c92aee23b9d2b9d43ad0570fccf42887662edb

    SHA256

    31a95514567b0613d1578eee7e3b61e08778aaf1f0b5064f492659720e02a0aa

    SHA512

    5513a988d3c69b17927f7990a659afe8836e7222030b3a5448e06364ea3404e2d588f15ad1a9c34965f093f7705b0eb66bd14aec4bbdd17c43e1fa88c8cc31dc

    Download Submit

  • /data/user/0/com.Mammoth.KuiBa/files/egame_temp.jar
    Filesize

    228KB

    MD5

    01dcc8c7c3adaae6570e2d3bc3d8c91a

    SHA1

    ec519298776de5e99dffd2b510c8dca81f398840

    SHA256

    afe34ba2eed879dfa332b6172935f1ee43ba440e40f9876d3ebd5914eac6bb61

    SHA512

    955f633610942e65521a9096185172ff5c44c3469fc07a480a83f1067bbb5f8fe700afda5c2c66ad90dd5c3afb4c4fc0bfd5570d5689e3bd3ec11b50efdec2d1

    Download Submit

  • /data/user/0/com.Mammoth.KuiBa/files/egame_temp.jar
    Filesize

    228KB

    MD5

    ae26f783c39221f377c8a66e9876727a

    SHA1

    7517e64c3b6818278a5d9c85ac670e600d935fec

    SHA256

    1efce63abaea299b8192d84ea5ecdbdf6005ae3b627554dab2005e0a2bba354d

    SHA512

    b60b36e3f81ccf6c7de4156aae952144ec44cd0286bdfe7579a6e440c0622b46c0c04d6407ef10856f3f5fa7931326574a38464ae82c527adc5c00b6c901d8ae

    Download Submit