4b21f82f5c8f9b64de099faa770863ee3ad42592a388d0c6a395a30de1ee85c6

Analysis

max time kernel
179s
max time network
180s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
15/06/2024, 05:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ad0f597b399d63386605b15541cc6d93_JaffaCakes118.apk
Size

7.9MB
MD5

ad0f597b399d63386605b15541cc6d93
SHA1

5a46d9ab08d322053897654a91cd3964ecb363c1
SHA256

4b21f82f5c8f9b64de099faa770863ee3ad42592a388d0c6a395a30de1ee85c6
SHA512

f0d7a60fa8b5ca0ea65c60826bf3c68614340ad47aa90f8315bc684dff9620726cd7838e4290d6d15bcf844b463aaadc191dcca85f56142f2d08736dbc6f8261
SSDEEP

196608:eKxmBIJ5Myd3ZcDZHs5YNqJzDCj75gv0QX3:RIo5MEcDZHuYNqt2j7U0QX3

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	net.kairosoft.android.horse_ja

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.kairosoft.android.horse_ja

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	net.kairosoft.android.horse_ja

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	net.kairosoft.android.horse_ja

net.kairosoft.android.horse_ja
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks memory information
PID:4572

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/net.kairosoft.android.horse_ja/databases/google_analytics.db

Filesize
64KB

MD5
ba12f53b6f1d877f6082e3720645451f

SHA1
b3e8238a1d4fcee6b8df05ddac0bf35ad11c3842

SHA256
a582148fa6713d72361f1c890ff91beca3d559c4a4378ba868318e3ccbc4f53d

SHA512
d60e4f448883c14fc7de6c7c0a418ff515458c75f9ce524c528797cf7aea951d60b01b66595b8a65207afcbfd5983ae508f56d1835d04758bba4e779d882baa8

Download Submit
/data/user/0/net.kairosoft.android.horse_ja/databases/google_analytics.db-journal

Filesize
512B

MD5
f3fd1b27217ae1accb37742bed7b8454

SHA1
4b04d14ea626d306171a079f66b12f3abd49224e

SHA256
e6ab4bf1f99037790307c705511714a7974bab6357ea408910a7981116ecc572

SHA512
3f838e2d0f30c0a954188f0f8dac03251b77d61fcd80403b6771166a449855c84275ee669905e4369446f85c193d5e84b81b0f3c685a689a5bc1caa41d1db002

Download Submit
/data/user/0/net.kairosoft.android.horse_ja/databases/google_analytics.db-journal

Filesize
8KB

MD5
de56e414bdb778874fc443627ff14800

SHA1
cdcffb68c53e4af2490af250c89dd50b9e3ba0a3

SHA256
153105ba468a94de230adf624f3e7eb7d8f353504e2c11481e2d8b6a335e2c3e

SHA512
03314279338121d51b7470fb255a86254a1f62e61aa32150c861516ea232333579a015c3f1cc42dc357929a54d6260dd0a2b2ad671444597d9cc7e6ef63e0e13

Download Submit
/data/user/0/net.kairosoft.android.horse_ja/databases/google_analytics.db-journal

Filesize
8KB

MD5
f34211997b2421b1112085dc81446036

SHA1
2e0c2487a7f26bedc9c1ac40695d51fc4c8cea39

SHA256
1fbb904dc4824e365ce8f6f07dcdb30d280771294e97d3c577591954705d5a04

SHA512
7531a4c46cd1eeb9451eddcc7580219ecdf79415435c9e6f418b7fc5d51f9b66cf802755b10598b62199803aa3d25662cb60caa86bfdb31079cb1d35e1acc1e1

Download Submit
/data/user/0/net.kairosoft.android.horse_ja/databases/google_analytics.db-journal

Filesize
8KB

MD5
ca1e522df127540ab12c412615e71189

SHA1
b8c0b56d8d79f233c96144c78b4ee6373e0df933

SHA256
a72886962a6dfeaafdb5bba9b3c0234cf70ed8c42f85d200c53a91b65ceff3f3

SHA512
a9ba6445525c0fd13d38d3d7790ad9a0bc15ecf4341c9e35329e5b4bf50f3aec4c3b996bef11b0426fae13fe3eb5e2d023f619b823dd6953201106e41ac2f284

Download Submit
/data/user/0/net.kairosoft.android.horse_ja/databases/reqinfo.db

Filesize
16KB

MD5
2eb6ccd15bd045758b754a1c9591cbe8

SHA1
3f44b74ac7923d5050b1d1d7ff4dbe332c60673b

SHA256
57c26b757ea53ba399d2835333d76c80fda9f88921cc482edf1e6d2efa7d6a67

SHA512
975c99e9a8f677b5f40efccb0255636bc05c93118b60f18d881b4445a76fc921d0f9499adcf6e4a786d27c360d029fe3c1aaadce096be5621c215b81ce4a9037

Download Submit
/data/user/0/net.kairosoft.android.horse_ja/databases/reqinfo.db-journal

Filesize
512B

MD5
0ce797ee1c717675467aca6b166d8b00

SHA1
e2c2d28b339b6c95ce3d6b4b20e1d0d2c7b98624

SHA256
9ebfad6a66239acb2406be982939816a39d6a4f761442b895199ab17ae458257

SHA512
24f3486c78e97e7e86bbe558b22f5619b39d21bc52a8aea95281bbb7b6893a76cfe24d6eb46bf01c6a764effa36a61a5616589b1eeb4086b34e7e30524083eef

Download Submit
/data/user/0/net.kairosoft.android.horse_ja/databases/reqinfo.db-journal

Filesize
8KB

MD5
b7972caa501b9adaa458d14bd958df34

SHA1
4b35d0d28ddd07c9e8f3a38fc4c54b09bdb5bade

SHA256
96318bab2fe5973adf418a2e543c6e7e8dbe64f946510ac622bb5817ba0bf9a1

SHA512
2148b84bb13bda177ae1c865d39c51ce1f379099d61f2e8a9212df90cc1067311133683e10cde54bf303182f3997a1387543bf55c5e29c05efd5108266f5baf4

Download Submit
/data/user/0/net.kairosoft.android.horse_ja/databases/reqinfo.db-journal

Filesize
8KB

MD5
98adff97859d8310f368291e4895e68f

SHA1
d9dd362c30ff0597df30b88fc3074462c8e9bc43

SHA256
fd6edae06b9ebd3ee4c13dd805b4371d870437cfa1a18d6f04e36d237b2ad5a1

SHA512
3114453e095e9c7e7c22b7a45b9af566ce13a063a3c3e3e31464c0cb655c0087872b633108a7f71373b6290e0497afdf6c3e25b3d827615b54ebfb47ff2bfbf7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads