acce79c512b53374aa7064ae39286a90d76a21e86cbad795dc62c84383cd34f2

Analysis

max time kernel
12s
max time network
159s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
14-06-2024 15:40

Target

aa7a8645635f78469808f5552c07c854_JaffaCakes118.apk
Size

32KB
MD5

aa7a8645635f78469808f5552c07c854
SHA1

abb4dff0031654b3b0c9c1fc49abd729c21ca9cd
SHA256

acce79c512b53374aa7064ae39286a90d76a21e86cbad795dc62c84383cd34f2
SHA512

26e08d03428ee60c59eba03de72837d4fd09d593994136674d0d366e2db1311422bd0990453bc971e9af0d14a11fbcecc53b4388b675a9b8dc1cff2383fc5623
SSDEEP

768:HfWT03PlhUcMZ+FJBopM+ZpOV+ylUKz1H:/WT03dacMZ+FnoBIDRH

Score

8^/10

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

tuddrv.gtqtfd.view

pid process

4174 tuddrv.gtqtfd.view
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422
Tries to add a device administrator. 2 TTPs 1 IoCs
privilege_escalation impact

T1626.001

T1640

Processes:

tuddrv.gtqtfd.view

description ioc process

Intent action android.app.action.ADD_DEVICE_ADMIN tuddrv.gtqtfd.view

pid	process
4174	tuddrv.gtqtfd.view

description	ioc	process
Intent action	android.app.action.ADD_DEVICE_ADMIN	tuddrv.gtqtfd.view

tuddrv.gtqtfd.view
1⤵
- Removes its main activity from the application launcher
- Tries to add a device administrator.
PID:4174