8a51b2cd48efbca5c7e8f65f11d6f84bfa34f4e8eea36c22c3f4d74241dc4f35

Analysis

max time kernel
179s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
16-06-2024 01:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b1271030869cf7389c70be547ff48432_JaffaCakes118.apk
Size

1.4MB
MD5

b1271030869cf7389c70be547ff48432
SHA1

1c0d05b31ceddeab58eab8e8d3dbbafb7e871336
SHA256

8a51b2cd48efbca5c7e8f65f11d6f84bfa34f4e8eea36c22c3f4d74241dc4f35
SHA512

c5c8bc8afdfb3d29bd83eb29e1a6dd8bc0edd2bf6f98a5ca37be5c0c32847c742119b9262fe2db41ff1acf10ad11d565de2fe5e6800e537aa7a1b1e1f8a1d4e9
SSDEEP

24576:zEaFmFN9v46flH2UIbxMeh+CYIgHBxsoMHuvDm8P0JORSAireJc:zEaFmL9AcMJYJH/pMOvDicS0Jc

Score

8^/10

banker collection credential_access discovery evasion impact stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

com.bjin.gamemaster_main

pid process

4484 com.bjin.gamemaster_main
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.bjin.gamemaster_main

ioc pid process

/data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar 4484 com.bjin.gamemaster_main
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.bjin.gamemaster_main

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.bjin.gamemaster_main
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.bjin.gamemaster_main

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.bjin.gamemaster_main
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.bjin.gamemaster_main

description ioc process

File opened for read /proc/meminfo com.bjin.gamemaster_main

pid	process
4484	com.bjin.gamemaster_main

ioc	pid	process
/data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar	4484	com.bjin.gamemaster_main

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.bjin.gamemaster_main

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.bjin.gamemaster_main

description	ioc	process
File opened for read	/proc/meminfo	com.bjin.gamemaster_main

com.bjin.gamemaster_main
1⤵
- Removes its main activity from the application launcher
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar
Filesize
276KB

MD5
9aaea567e0c93e51718ba7eade0e83df

SHA1
0005116aad1779361b70093db00fed5ac090ae23

SHA256
b30a95dff6f65f444472971c8aaf895ffc8e66e0117ce242ec4cb8a8a519a5ec

SHA512
2aef1034335d8752f4e25ce6c5823ce03019536cc6e51ee61b5291c77a0f356a2517e0cbe7f2c4cc2d897115dc856449a342cfdc247c9d34d313187d15b2f890

Download Submit
/data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar
Filesize
587KB

MD5
f72c3d07507c3e26d317e9117ba757d1

SHA1
cdede4739e9dd9fd95243aab5e44c24f93f825c3

SHA256
1c65834d9ca018c6496a8b9957589d0e94657911b6635dc21a448d78f9238887

SHA512
3420714252e7503abc13c99274d767b0bc08671d769460dc61823ab9470e145fb75c5dfaadc617d3a05cf251ed5ecf38ea7e8c1d7b343bca4d7e8296f1b805d4

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb
Filesize
72KB

MD5
ab6f2ba2f7a6102969052f59ff07650d

SHA1
891c3fdf9f8db185ff71a121b15b4b2d82f50ba7

SHA256
63b0695fa76acbbac9a0f7f2d9cd2fb901230500fc385febeb9902c2402d7aa5

SHA512
3758d4a3038438208c42510ae06c2d3446805f8ea9ae58693078298b7b148c8abe396ab664c09847d8509e7fb2178a14ad60ff02b78827b0d52f7fe9da43079a

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
Filesize
512B

MD5
0b38c3dd2302fe9cf4115373494adf47

SHA1
30f787a1572c2f2fa94f681c89362bcdbf89a2a7

SHA256
a640987e44dde66bda7b4a127494de8c70342de61e885dcbb5ada3c673270080

SHA512
d524aeb66fa26124b4962510866f6b70656d04b4aa70e49653f73b40d128879fa45436ec94f292084a80038b9561965a1b6fadd9ee37fb5122a2e717eea65a4d

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
Filesize
8KB

MD5
285c8aaad3927434d3f0f578851c37f0

SHA1
53cf49e1a046d7a8c10137d3503ba62aecc67d8b

SHA256
5846762241974d3f29dec2e736170c127e9df15312c4cbf477ba4445735d6688

SHA512
c67231b4b4621029d3ed7b36d2e4e40b345c876a726d9c6117f98058fd3e2ce63759f3645c7cd1ee371c9fd5f12ad4aef0fcef1bfdcf81988bb8c21f9117e5bd

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
Filesize
8KB

MD5
034b7b80d549d114a1b7305e2d4f10b9

SHA1
d5c0ee4b3744e248e8a39da746675f19bdccf0f2

SHA256
0b8b0c2544cefe493536b23b494a6354a539cd2f1205c2a6054dd4d82d3d4f6b

SHA512
2c2257abff69072d2a61ce83cbdd563212c077e660d4995d0536d2e882b0ba7c285cf6d222acee7efc8a3d6b5e9d0852e9c258be37f2a65e8c2275586b9302b2

Download Submit
/data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
Filesize
12KB

MD5
ba5dec9260c1d3f20084581f4e8aaa63

SHA1
b23d4c54d8306173bee909884ab23f7448fcb3ac

SHA256
75b7905d5d707fd99d0978840773de7d1440761bff31032f82404771b9f358e9

SHA512
c5f13a2906562e67e7f38ba3c971c47dd7bfce4de0c57ae887478a36a9efbfc3baccb03dbf5471914cf272b9e260dd205f7fb7d7ff57a5cbee262644d10a79d5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads