e19d079fa7623080889eb078fc1048f82b6facaf3a0e9416c750f65037b8d334

Analysis

max time kernel
56s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
25/08/2024, 16:25

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

c1215c9c7e6b0aabb1b634a303387bca_JaffaCakes118.apk
Size

14.5MB
MD5

c1215c9c7e6b0aabb1b634a303387bca
SHA1

46286c63fd1bedb52b723c4a67c94fe07f4adc73
SHA256

e19d079fa7623080889eb078fc1048f82b6facaf3a0e9416c750f65037b8d334
SHA512

f4280d32c0e669767f7819052d196a03bd2a35dbcdab91282a40bb6a2982710847630a152b2b48079668fc1820e4ad5eec02d924a03d9e9ee638f911fe42c211
SSDEEP

196608:Cajys6RQ/9+qJoV/2YGuoaWoJwlM/ghUjFP2OaMNgv59W0LzUr4WCpr/Gbk4fLh:CBs1eV/BeOJaKgBpL2hbkeLh

Score

8^/10

evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	me.pou.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	me.pou.app

me.pou.app
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
PID:4251

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/data/me.pou.app/cache/bubbles/13

Filesize
4KB

MD5
09552efcd92cf3c0bf85e1744962f6ca

SHA1
f04faa6b858d5664e67fa27bfcb7c0d6c3589e8f

SHA256
0d566ca2440c3f1eaec8ed4a75d8d36ebe21c3692dbceb3dde8bae100d4f7cc9

SHA512
3c7de582572c8edb2893733bbdb2d35c2d3531c504d45ce60319dc21ec6a9c0e729542afd9d841faf5615dd1769bd61d15b5c72c82125b4d6df8c610b5ccdea3

Download Submit
/storage/emulated/0/Android/data/me.pou.app/cache/lamps/112_base

Filesize
1KB

MD5
ef2535f0370c12aecdb74614c08f309e

SHA1
dd3a6bfacbda3b3ac8262c0f1748bcbdf7f5edcd

SHA256
0e5ef7bcb7edad4a31395183cc1c7eb94906ea26225b7899687b6cef09f21721

SHA512
9372ebccc49569d41554a571b805450a5ff116ff3f62861e8d7ebfbc5263401b7c58eb1019ef391a14be6766d108943117683d9c97a8f64f6bdc12ae71d606a5

Download Submit
/storage/emulated/0/Android/data/me.pou.app/cache/lamps/112_off

Filesize
2KB

MD5
7e1d9c647d3e56ebce10037d2449b21a

SHA1
95e8f3ad9e583e9242f7d7ee77c100a2232aa912

SHA256
a34b6df506528508cc360db26b5eb480a12c485a3f9aa22d83b1856e2a5f4117

SHA512
2e1858d98585322b23ecf3e4d0533f814ba33b297c4a894826404c353b61404b18cc0b466f75a4fd0800c5a9941cbaa1f0144197906cf4341f289951975e6fb2

Download Submit
/storage/emulated/0/Android/data/me.pou.app/cache/lamps/112_on

Filesize
3KB

MD5
fc5ec0643ebd6a01119af518698d7755

SHA1
0ae7a3a3aad5c332c1894e9c576d678af700b9d9

SHA256
fc7a424acde9bfc9fa70e5713710f1f7ff2505f0620598b2487cc22493c20615

SHA512
99a2b3914e2302709d7cbeb19fa5fb4eae4a2ce735ea20ccdf74107b20ea5ca4db96ef5d7dfc9c6eb8f1f114544d35f4b64bc164a410af9c92307375695a4539

Download Submit
/storage/emulated/0/Android/data/me.pou.app/cache/soaps/113

Filesize
5KB

MD5
57e276a2e018eb866c4e10601fca0a88

SHA1
1cfc0d161544976d842810f4cbcb772de3f69889

SHA256
16af2eded4f16563b91cc4bca1db90dd7a7a904afec3f9af88dead72cdd2d2fa

SHA512
51ce4da83ee6ac731223fb63c822aede84f85ad0dde6ef537333408ba3fab3663d22b146aae7793aa2db06dfea7e3a1e1c280ee742b564a40a2f59c9fd217523

Download Submit