Analysis

  • max time kernel
    153s
  • max time network
    172s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    15-06-2024 04:09

General

  • Target

    acd5e3a943d00709b9d6678d5b000bbf_JaffaCakes118.apk

  • Size

    27.7MB

  • MD5

    acd5e3a943d00709b9d6678d5b000bbf

  • SHA1

    07d33b9918c057c746f9c606ca7343744d466902

  • SHA256

    444a2634df68d083b1e1d7004ec1d4d52d25d2ff7f62d9275bfa71937a7bb554

  • SHA512

    1949736edb93908971302be396bd518b568cadd84d65d9701453b516bc24780ce2706ae530ccd98d2c247a66a34edc498dc48a626f5b35225079ea9bda8b6d54

  • SSDEEP

    393216:qCm2Fl/9LWP/HCCQToVmlBjFBNUlVauSFFxck/H5fNyB:H7PoPqEYNfUlVvInZf8B

Malware Config

Signatures

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Checks the presence of a debugger
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.lng168.yxtapp
    1⤵
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4269

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lng168.yxtapp/databases/_ionicstorage
    Filesize

    3KB

    MD5

    61143da4a088455681eb3f4dff524952

    SHA1

    0750021af8aa346caff662acfe66600310a645e7

    SHA256

    0af141959bf6e4b7dfe7471ae7993c2416375bfb29a78fa724762a918f0c27b5

    SHA512

    1f3e48c582338afc10b0eafb13da5a8508949359d28f10083f981fc8d516d2fc3a81bdbb6eeaafb262f78d6bebe8ad1025a99a0db0a2f0f39a071b77b4191b1a

  • /data/data/com.lng168.yxtapp/databases/_ionicstorage-journal
    Filesize

    512B

    MD5

    735dbbe6015b1ff90cc821c0f88b96a3

    SHA1

    e4efbc5549ed1fa04ebe80c7dcf9921c8a53236c

    SHA256

    3e0a393b8882d3a6a82b14ed5389f8a88be7186d08920fd663aa1cfe80ba76fc

    SHA512

    ca684d8835c069cdf7bb0c45595bc8046e59b94a9652284a4e2b3d938fb7758a8e6cf1ac0605a881c98a99c71239f001ce153aa79794fcf352fc46bdd57bf1d2