789905027d315f35c9a9daf166f98ccf51cdd8f9065bc338f57fa693e95d9043

Analysis

max time kernel
15s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
15/06/2024, 04:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

acf5088f5f15e95d480e6cce2b42737f_JaffaCakes118.apk
Size

2.3MB
MD5

acf5088f5f15e95d480e6cce2b42737f
SHA1

a4b57b5e4497b0e56076b26bd24d236b418cce2c
SHA256

789905027d315f35c9a9daf166f98ccf51cdd8f9065bc338f57fa693e95d9043
SHA512

eadb9e28386268a3d3d3e2aefa1398374b2a57e9d143076516a0091060fc2d6f2536be9125de0a4695541801f0e3f4a8cfa9a639faa114696557f5082774cb62
SSDEEP

49152:81lIc+AJrJ81ViernOkoRW/73NxPDEu99M26vOH/PtZ4iwaRxaOvrDgjMbh:8zIcABF0WDNREu9WVOH/SyaOhh

Score

7^/10

collection evasion

Malware Config

Signatures

Reads the content of the SMS messages. 1 TTPs 1 IoCs

collection

SMS Messages

T1636.004

description	ioc	Process
URI accessed for read	content://sms/	net.someapp1.somecorp2

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	net.someapp1.somecorp2

net.someapp1.somecorp2
1⤵
- Reads the content of the SMS messages.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4468

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

Lateral Movement

Collection

Protected User Data

T1636

SMS Messages

T1636.004

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...