Analysis

  • max time kernel
    179s
  • max time network
    173s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    15-06-2024 02:50

General

  • Target

    aca48d63a70d9665f5bf87a2eeae9a40_JaffaCakes118.apk

  • Size

    821KB

  • MD5

    aca48d63a70d9665f5bf87a2eeae9a40

  • SHA1

    e429099d9aadb96f3743d0a8e0f49485945709ec

  • SHA256

    786b31df3335677fc5eee17e8c9c661ddb4555dc1f8da2e902daed6a60d98541

  • SHA512

    c10246e32f56f6d6a0fa56d35f3eba4bc1ff36fc431c6d43bfa3dc1fb1a498fa374888b8653fb069c0e066bbc3fbef36e3683da6a3619e00afc1dd7ac8bbefbd

  • SSDEEP

    24576:13QgMzZjmUhp1LEVURUDTO+RYRwihakEnjIR+sf:CgMFCUKTGzhakEnkRJf

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Reads the content of the browser bookmarks. 1 TTPs 2 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • com.terrynow.easyfonts
    1⤵
    • Reads the content of the browser bookmarks.
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4202

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.terrynow.easyfonts/databases/fonts

    Filesize

    28KB

    MD5

    5f92189f38ca61b95d8e042ce19602a7

    SHA1

    28a4e3c6596a27515116359a54e793a0c886c27c

    SHA256

    48d718ec464df31798df8ce4df87825e676f04ee3925dde783eccab7948e8916

    SHA512

    a08177e89515b6257709097f99c3c3b25e018c806ceed17ce8782e91937d5eb0d6622539ed961a31909c13d540a51b61c78297611951ff8792579f2c4fc36289

  • /data/data/com.terrynow.easyfonts/databases/fonts-journal

    Filesize

    512B

    MD5

    6143d1af99b3e272a288459b8459dcf7

    SHA1

    146178c62075b8c4fdd757f93314acac5392d4ce

    SHA256

    bfe7256a34daa9b1eec0489cea462bf581d2d8329a87f1f0965fd813c0f4fb87

    SHA512

    1be4d553b4f71d819829f59a3fcf3806a79d54e6e016d23828547f04d74613a408982726d77e420dd8a1b0609f22496d8814d9f909ac738b1815fb106cee2c89

  • /data/data/com.terrynow.easyfonts/databases/fonts-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.terrynow.easyfonts/databases/fonts-wal

    Filesize

    40KB

    MD5

    fbc433a87279747497ca953f3668124f

    SHA1

    b82f4315ae39f9d909142fc673956183fa1f2876

    SHA256

    2930e386173ddfed1fd8da80c2a38ca6175adbe475a221b84b64dddc928266d6

    SHA512

    cb87d1301033fad88b7be5718f6e36fb9aa60684fbefdae4782df6962d4b02251d961ab9a1453750cd57dabe279c3b753434265464b0ed3effb2636ec75680d2

  • /storage/emulated/0/easyfonts/Roboto-Regular.ttf_tmp

    Filesize

    298KB

    MD5

    86da78cb59576328483a11c6ef74bc2b

    SHA1

    00d62fbdc8d5dec4c659005e116d0ba2ee63b547

    SHA256

    797e35f7f5d6020a5c6ea13b42ecd668bcfb3bbc4baa0e74773527e5b6cb3174

    SHA512

    451f76349240540616007e02deffe5eb6c112846b1896f70ea6dfdbda24057da8af55febc98ae189db86b4c9dc6b14d8357a29a82a5de46a2154887d6dedc381