7e6ab790b8da31b27291be53d6c31134d61a6993cf01a22b10aba4ca8cff47bd

Analysis

max time kernel
87s
max time network
127s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
22/08/2024, 15:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b83298d37f2f02fafdc06ea5f9be268f_JaffaCakes118.apk
Size

13.1MB
MD5

b83298d37f2f02fafdc06ea5f9be268f
SHA1

429179cd333ecee56cf16709eaba82e94348c42f
SHA256

7e6ab790b8da31b27291be53d6c31134d61a6993cf01a22b10aba4ca8cff47bd
SHA512

b3dab5658d20d5b8d543d38671c023ab379b9dd5d9e27f2d7093a8663c59216cd79b8b8d2b4e3c5c4f8a3efb8140e28fc36bfb1fb731b81dcd676b3c2d880a62
SSDEEP

393216:wedoWr3In6qwbNVzuN0Gm0KysKR1urPNZ+ArGZRCC:weJgq5VzuN0Gcysc1iFGXCC

Score

6^/10

discovery

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	sr.daiv.sls.en

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	sr.daiv.sls.en

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	sr.daiv.sls.en

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	/system/bin/cat /proc/cpuinfo

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	/system/bin/cat /proc/meminfo

sr.daiv.sls.en
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
PID:4252
- /system/bin/cat /proc/cpuinfo
  2⤵
  - Checks CPU information
  PID:4375
- /system/bin/cat /proc/meminfo
  2⤵
  - Checks memory information
  PID:4395

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/sr.daiv.sls.en/databases/en.db

Filesize
87KB

MD5
affc3f317bce359a76e46cc00eeb173d

SHA1
ff0a9cb209954507c0ba6381152a80715d179e99

SHA256
40b16ed73d20fce5319b78d1d84d7ed6ff34a895a4192843c1b6bc867d0c2c8a

SHA512
9bd65a5b214920b6115b5f7b5f6a5642a2049cee22cdf37bfd18bdef517b1593acbbd1e00b127104cf4581aadd63b5533ef509c3f26ec532aaf1c42e4f192c3c

Download Submit
/data/data/sr.daiv.sls.en/databases/en.db

Filesize
1024B

MD5
c9c580772065c4a83cba97777dd628b4

SHA1
ad4377c3fd80d8db0251161bb1173f587f8af1d2

SHA256
45845c76920a17a7c4f5e3973864d87e109fab8aaff203197151b5ba9c014d26

SHA512
208314be087918cffa69e7355490f88508a67c3f2e9a8395662fe85fff1d0eb8a2b31d8f6b00dafb21e2835e6b3dd73e7e987c74bd0e4ae8d6180e9f8862b307

Download Submit
/data/data/sr.daiv.sls.en/databases/en.db-journal

Filesize
1KB

MD5
858dd267d43acbe9e90aa88a9be4d785

SHA1
885e8d8be440c251d6fd62f3d96b80f15d61a528

SHA256
1592eb4bc9dc24ee949ac661bbd02f362543beca7395e9cf96011416f8c45849

SHA512
f79597837f64c11e6a52346f137509b30d2c645fffe96bddf02292d7cd7db3b3c6441edfe0f52f658feeffc6c885afb758a1f438bccbc16309af8874619962ca

Download Submit
/data/data/sr.daiv.sls.en/databases/en.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/sr.daiv.sls.en/databases/en.db-wal

Filesize
79KB

MD5
8e496e4ba4b526cd2cdb85b953870b2c

SHA1
8df6939c386ac4affc5e9c3b391ede388e6a2cd8

SHA256
f3b21657ae557c016ba56fb3cdab9bc536cd448729789c7bd7802ac95eef415d

SHA512
ab3309dfde349335d9828b57d8c44e81707ad93d9f011cdd79a7ab361fb100eaed2db71b393788f433b142a7d3eea70a602cf1e97db50f448be443a9f30c84e6

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
2b6f697da7a32565d21998da739d32e6

SHA1
077ef747526ce4a635daab37f40f7dfb58cea4c2

SHA256
16aa258cca1d00adf6c944db1794feaf808747d210298e4b170810e3e1b1d3ef

SHA512
3ddafc21941c43718bc9370745702b3b14bda3f4bd322dca7a4febf1c82a3c93d022c66101990b917294dfbf0a23715069f668eb1ad1c544d11339af2bc4c569

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
f487698a3160600c2129fbb42159909f

SHA1
a80860ee9eec7fdd85b076e2509563a08b89dae4

SHA256
53f2709fd7df27e2f1b593f6b417d5959b2003f354a995b5f9ec49797bf06c19

SHA512
f60d02babe8332f369895b9ec584a962e83789a14fb704d51ca624d342eed0c53d92a08cecbdda1916d1cc30ec15b574fc953fd9a377b1228bf898698edee27c

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
32045cd4e0c7320c620c08c743844316

SHA1
91d2d81b99df72267d0b38abe821df37832de1b0

SHA256
4478d4670b81c2d42803ce75c5a1e65fc169d102ccf228df6476667f5516389c

SHA512
93e4ab7e67597b35252ef421f46c7947eb6cc2afa0c8413293c6ab70ff01fad45e5fe4b2eb1bb7be4fb3a03f9982dc38e8112ce4b2f7b8e40111b1e538edf668

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads