0b163474f640c05ca4e06c4f723036266b066144de533b06f9c4197ebd16d25e

Analysis

max time kernel
3s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
24/08/2024, 17:13

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bf1387a1901e5cb9b97ea48e1583e865_JaffaCakes118.apk
Size

12.9MB
MD5

bf1387a1901e5cb9b97ea48e1583e865
SHA1

8f2bb2f1274070cdceae02b3b3c93bc1955e1f24
SHA256

0b163474f640c05ca4e06c4f723036266b066144de533b06f9c4197ebd16d25e
SHA512

f34419aa22e67b620f78781431b3cb6d1bbcbbf292bfca3313def390b48d14868e59cd13d1b86cc7a35d2d408f5c68e03cf9ed59c3a21927223650f660c39033
SSDEEP

393216:Z3avL8RiIljGpcCI8GiH2jlsJM6Rms/uR:ZqiiESKCU7srz/uR

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.ileadsoft.nd91.wzws

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.ileadsoft.nd91.wzws

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ileadsoft.nd91.wzws

com.ileadsoft.nd91.wzws
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4255

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads