Analysis

  • max time kernel
    12s
  • max time network
    176s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    18-06-2024 13:38

General

  • Target

    bc38728dcc6afc342019a6fce082f60d_JaffaCakes118.apk

  • Size

    39KB

  • MD5

    bc38728dcc6afc342019a6fce082f60d

  • SHA1

    539dc619ec0368634524a00e6c9ea16ccb7cf2a1

  • SHA256

    7cbb9fb85d64542cdfcd9c4df0ea7e0ea1e94ec28fea0db035f5c5933c8f6c36

  • SHA512

    2b20ba45a5dd60385e50b3bf31be470f6313458d7edd3f9f886fbfd3442e1e4307361cec9616dd288c0f914e8884e63db74d3dc6adcebedb86f6ca7758c6938c

  • SSDEEP

    768:iNqu8BpQfomNawN4N5N3NCRHXXmCo2Q21+5Xpu3lZIOp:2OzdY3XprQ2uM0Q

Malware Config

Signatures

  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
  • Reads the content of the SMS messages. 1 TTPs 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Reads information about phone network operator. 1 TTPs
  • Tries to add a device administrator. 2 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • android.phone.com
    1⤵
    • Reads the content of the SMS messages.
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Tries to add a device administrator.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/android.phone.com/files/phone.xml
    Filesize

    178B

    MD5

    1c8625124cd521964daad4005294ab36

    SHA1

    537d1bac0616ff7707ccef80b210943abadb47a4

    SHA256

    f1c13bf49bba0acc5ac866597bd582a679cdecbe362868a8e5cab94710b19e95

    SHA512

    aa5990babd77b00c065aeb304100efb59a72b1e14ee68cfd4652aed0a7503c9f07f74683abeb6e05a95f833bec76471e2b69beb371b3fa241224e36591335047