63a474d2b0d66177989b7e460ff20cf610bbd2e48f197fef540be86d9a29b796

Analysis

max time kernel
152s
max time network
169s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
28/08/2024, 20:10

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

c790bffd58c4134c0b61c210101efb5d_JaffaCakes118.apk
Size

253KB
MD5

c790bffd58c4134c0b61c210101efb5d
SHA1

9fcad054c3a21a04bafdb34136b6d4e2bb26ae6b
SHA256

63a474d2b0d66177989b7e460ff20cf610bbd2e48f197fef540be86d9a29b796
SHA512

6732c88da7ba2f8b2c518633f394674d197a8b38a0c5106d868ac4636d32b0fdc3d4ae880e3eb0eaa65cda0356cd23f1c472df59f75ab1885d4ca0afa4c35aed
SSDEEP

6144:obUsv7CJ7Sxi+QkDkI41ZhkAQDPIuIGcCsMlB5EqGoOd:S3TCF81D81jktAubvhtid

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.yzscq

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.yzscq

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.yzscq

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.yzscq

com.yzscq
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4247

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/data/com.android.yzscq/yzscq.ini

Filesize
140B

MD5
fa341947709ee7bf42763cb5757cdb4e

SHA1
90087da1cde436a0d4bc777063f4b7830fd4e6e6

SHA256
2e7a2b3c8d76c555ccb071ff4a534a824c6a8115d9ea0631380de3b2a45d8a2e

SHA512
c09b7657020583617964db8117eb11c79e460ed8d8a62a6f852a2c9adb484097d5e3cf6b6641330cb833b1e3a06b1b8d9081615caeb419bb1e2b1e310e7fc4dd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads