Analysis

  • max time kernel
    8s
  • max time network
    139s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    18-06-2024 09:05

General

  • Target

    baec21961cb9615b546498b6ae9a8acd_JaffaCakes118.apk

  • Size

    17.7MB

  • MD5

    baec21961cb9615b546498b6ae9a8acd

  • SHA1

    b677fb3c6d117c697a337359a9d06035ba6837dc

  • SHA256

    b7aeb85b33e3977256829f7b7ffb180b758ac7a50051b210a862f3b7ffbbf2d1

  • SHA512

    20d2d9a4144f10aae450ae6dd74a9156590c14c53828ae5b3e33aa97a363af60dd2ceaa77445ce54dad0d4446e5a37a294b5c79d078202adc65dd75a89288db4

  • SSDEEP

    393216:z7Rp8Z5Wwe9gSXyHOgEM7gZZ9RyDP14U55jjMN5Ad9zWvl7/bq7Aha6LOb:ztSZ5WwjIwOgliop3vMNGnMbbqshagOb

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Reads the contacts stored on the device. 1 TTPs 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 2 IoCs

Processes

  • com.listencp.client
    1⤵
    • Queries information about running processes on the device
    • Reads the contacts stored on the device.
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    PID:4261
    • cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4323

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.listencp.client/framework.dat

    Filesize

    517KB

    MD5

    9bc3a84c2e2e9ba0a37d7737a5abd0b2

    SHA1

    ecd83d5788c86487da2bdb8eaef1de080a164cc8

    SHA256

    8237992a1cb1d1f02965a8d57d361f31850d2ec1e591698a12db0305f6c4d837

    SHA512

    cbecebd1fd7c107e56fcd712815683b7ab252e6e3eb970b35177e3618ac29b60f902748c0a0f35cde76363584703ec085ba792169df87eb0547ba2e591ba9409

  • /data/data/com.listencp.client/lib2/libapi.so

    Filesize

    403KB

    MD5

    658690917f8b717b917793de30a34f43

    SHA1

    56019eac6c739f2415ae0668e6510d6a5d3870b6

    SHA256

    18c928cfcf60a4e422ec292974170d63ee2d2abd425c02366ea01653476ced51

    SHA512

    d85e2a8dfa525690b57ea22ee69ace99a4ce42b5b94703c7c7d36eede5688c9e2ed49bc31d0e426fe0a1561c8b0cfb7e0926982464410b56a7646b99b267c75b

  • /data/data/com.listencp.client/module/cid_L0040007

    Filesize

    11B

    MD5

    f33b9044fdf2fe7a34981300d37c3d0f

    SHA1

    ffe705fed7b3b824b7bf8a615349065a580a012b

    SHA256

    f3a56692cb633777c8a1ead1ba00759c9964358b32795f73194b65c4d7dec737

    SHA512

    6df6b312980a9bd2dcfd80ab3c6a4fd65e1f65351bb2922ddf4f472912c40729b6b0a1e6ee2ff17f36481f8e8e8e930ca14303f7a2782259eae5fb4b3c1c985c

  • /data/data/com.listencp.client/module/com_listencp_client.zip

    Filesize

    10.1MB

    MD5

    0caff2f1e2489e8149094288d6c24219

    SHA1

    923e8ad3bafdc7bdd42a48d59c4e8dbffc1890ad

    SHA256

    3c4099ae484d63ac8359bdc937c46eaca65cc687614ab735744a4a6e98b436de

    SHA512

    de9241a97c3dfd3ddeb4ba93ce3105b5d4e638a6819b224f9176a5e5b9caaa7a9dc882f766b3f1b1beb041e329610511ae0e5113fe4fccd16226e3412ff8f03a

  • /data/data/com.listencp.client/module/comrepository.xml

    Filesize

    1KB

    MD5

    093603dc3e09d097f223c47b4606cd6a

    SHA1

    be1e852cf09e66516d8ca3161e31caf225ec3cc8

    SHA256

    c2a550b239550896b800991af55a68bf5eee4bf4f2c6a5706063fb8e6c2105b2

    SHA512

    c8e479e420dee79a30f90efe6a7755df3bd464b497b6b173c1745cec27e0e29185babbc7120b37147d8960dd21347f8f7939e85395fd5d733502f4995f343e9e

  • /data/data/com.listencp.client/module/icon.png

    Filesize

    7KB

    MD5

    2045246c78360bbe4cc69aaa7d4c7bcc

    SHA1

    80ee7b42d694016ffd494c2273540df1c1767422

    SHA256

    92989a926a3161b835c5fd7379fb3c40a264258bff8a46189c6698c42cc31af7

    SHA512

    a62f75e220fdb843d22c3e9d71443bebe5703af61dee08b143bfa92f847351df1a55bbb6ab5cd77cbfd3875a4479fcfdceee30e3d135ba7b67644834cf662232

  • /data/data/com.listencp.client/msc/res/ifp/common.jet

    Filesize

    267B

    MD5

    fc242b05ff6ac02f341e9dc2f04030b2

    SHA1

    ae602293be8e5e9a3ba716383f3b4c62b995f8dd

    SHA256

    f2a484ff039d7b932f24687d036d11b4c2d02aca742104a1f83afd6a9a7bf7e1

    SHA512

    83dcd85ca6f27515f5d18c308cc643514b3941b65778df916766cc5c86a164e2bf1be0d61c01bebcddf9da5feaaaa730e58d385e35f5771b331c9ef3be37a905