998a08e2b3ec687d37630742e3efa899efaa5541700d06969644a2a98c9dd499

Analysis

max time kernel
13s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
16/06/2024, 22:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b59f88d7ddf265693b43b486825ddd70_JaffaCakes118.apk
Size

3.8MB
MD5

b59f88d7ddf265693b43b486825ddd70
SHA1

417de4b89fa966106803dcd66505ed8bc1a158ea
SHA256

998a08e2b3ec687d37630742e3efa899efaa5541700d06969644a2a98c9dd499
SHA512

c62c0820e9f66787729479cee94309fbc4811192ef2aa4e390ecd43ffbef5d7cf59b1d9d42b5d895723f176e22251c2166aa645d7875a5971e6bfdb26ae076e0
SSDEEP

98304:P+cjxLDH5AqByjpX7McsFo9asvUs8e99y9V9hiRcQ2pyoW:P+cZDH5AOgUYasl8e/s3Tpy/

Score

8^/10

discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/bin/su	com.tencent.benchmark
/system/xbin/su	com.tencent.benchmark

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.tencent.benchmark

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.tencent.benchmark

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.tencent.benchmark

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.tencent.benchmark

com.tencent.benchmark
1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4237

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tencent.benchmark/databases/eup_db

Filesize
16KB

MD5
b929ce20d05c03068219f6cbe3cdc60b

SHA1
cd8691488bf2f330ebcb09eb45ab4fadca98f366

SHA256
75267befb37a79ea25ba871fc160ea618402e5ca03fb8ed129c1e2aacc4fa579

SHA512
b70a166f9c1d63624f75273582762eb8bbd64c502da67b972e6a7429d4cef14f533671c422e630204a23985d46a43c35df851f5809ca6f6f5e0e87d4056dc842

Download Submit
/data/data/com.tencent.benchmark/databases/eup_db-journal

Filesize
512B

MD5
240eb848da9241180591a8f809e1b420

SHA1
c341d443f3b2bbca4660f528d0190cf1524b47aa

SHA256
de9da9b0fe5e1f93b35e7cc2983cb187b7bc210162e3e6853032f1ba72296b62

SHA512
f198b5f2f1ccd2b8b9424fe41d1865f2322560f37b5464e7a35a3773b4842fb582eeb00370b616fac31b8aeae3790ba550dca38df0bcc0cc38bb761744fe900a

Download Submit
/data/data/com.tencent.benchmark/databases/eup_db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.tencent.benchmark/databases/eup_db-wal

Filesize
28KB

MD5
254aea862e008af75c2c9316906e6fd0

SHA1
9a278873381103137dc16a5a8a1d434815a50a44

SHA256
a2f52ca1f85f81a713fafa420fb4f9954f26b8802bb22e0b730b786ffedba17f

SHA512
c3a34d4cadb402708bca96dd88d54db81bb839a5058a938b07adc00679b19ffb134fdba25acbfed68c9680dbba0cd12267d20d6299bdc94c4434641b0b563285

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads