e435ba6ea573e5909881b222d479f2c2729aafbccbfec78a6f667e069e5b5aed

Analysis

max time kernel
144s
max time network
149s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
06/09/2024, 04:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cea75ace42e9b21294919d3ba6bbca3a_JaffaCakes118.apk
Size

9.3MB
MD5

cea75ace42e9b21294919d3ba6bbca3a
SHA1

7ec4f4ede83ba164ba7a8166cf79204afad33bf0
SHA256

e435ba6ea573e5909881b222d479f2c2729aafbccbfec78a6f667e069e5b5aed
SHA512

5e2cfdafc0dab676a3a861f428e505e414a9ecb3ecf6c8b0fe388d50017833250f887fd8fa25b4567d10c8f89996dd942f276300a759d27cc73eb0c2b65a5b43
SSDEEP

196608:fru+76JC1xh0HuNR/2xYY7YguiodD9+YbWpxQbVIXiYbJryY:fa+7cC1xCHuT2xPkLiocpmyXdWY

Score

6^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	pfaefb599.p281ad2a2.pa45f0ad1

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	pfaefb599.p281ad2a2.pa45f0ad1

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	pfaefb599.p281ad2a2.pa45f0ad1

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	pfaefb599.p281ad2a2.pa45f0ad1

pfaefb599.p281ad2a2.pa45f0ad1
1⤵
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5199

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/pfaefb599.p281ad2a2.pa45f0ad1/databases/evernote_jobs.db

Filesize
16KB

MD5
f40fed6e1e5f7bf702ba6a9b15734137

SHA1
6e9abc17523701d26dded86423f35d5a87d64329

SHA256
be4121e246c1ed14952560fce10cec65fd864e3da0dae1f6f6e1526247dfb457

SHA512
2ec6ea42b1b134868927e1fa5e436b6c078e945abd0cd1cf567363bae59d1a6fee5ee1c72c852c894876a80a1a2fa5f368600b969b1593d2c2908b7e73c1c08f

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/databases/evernote_jobs.db-journal

Filesize
512B

MD5
d18397b066ac5f59606142a36e6909ba

SHA1
2f8a11725d07a09618bee0ed02b2d2654c93a6de

SHA256
97ede9eabd882bee53b8ff55ee80735a25df2ffa45e1089083249fb081ad1295

SHA512
6955297d59addc760442139cb1e4e08f29ee9b90923cb7b1eeddf3c3a09a89d1be2f62036ac3051647834dffa8c80925c3a2b5c106c8f48c98e3311d6dfccfa1

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
6d7037113dbc738469e0c6d67670126b

SHA1
f4d19a72c417d5887b14b16817cc8ab1fc291559

SHA256
c8ad742df4a53cd50fe21d7550730e2bf7de92fcafca2b6eda7991d148b8f105

SHA512
130e46462eb746be04eacaa91a2b39e0f2f1955aeff1725872b19973048c93e5ec42d88e2c4e649683b1bb7fe7d573edace317b11bda5326d6c7091952aa2cdb

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
237750cb754a97eead2e2bcdc44dae78

SHA1
c882fb5ce72aa32d451fa321f5103975db4f0cf4

SHA256
36bd2153555643c5bca9a192d4c1035f764cf87b229acf5bf0597724503b477b

SHA512
8c431eaa188cef369f9698a0dac09984558c47e4983169a15eb8f2f49bc6b2825283f57d01ccb23c4209405cd620bfcd41210330c4cbfd323630626a8ceb3398

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
9eccf9edcf98ab9a2b04f499a0906ff2

SHA1
8c43f79fae8e7ce412a79cfc8877532df2fbb8fe

SHA256
d0feee18bfb7bb02eda4d958d597836069d485ff3778b04a8cdea516da89fe1b

SHA512
37a45af37eda0dcdce36a458ba0e076fb0278e08a6a2186d4b740fe6211cd9c670ab55b5236455d04609391e0a23a2ce16049076f58e4c15aa41af1d2552b706

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
a46195b50638e0421e49db2cc67886fc

SHA1
07bd5e7dda0fbf747cd005d619d75b62ec6ec5f8

SHA256
f8bf1c0a70485b96e662a9c860239eba5230500c7275eb197ca834ee3b7f50df

SHA512
6c8224e9fd164d2cbea102a8da6a68a5f7f2abefc9bf13e0dbe7c09fc7f8419fd29807ca362e2fa0a8b8d5179f55b413ca3a6a5bf17dca0f0928f8925dd0de6e

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
2c5342ac1ddfbacaf3c12dc6ad722c52

SHA1
f5116f10821c3692b0d6dd349c0862fc586e0054

SHA256
c15843dfee98701a21d548cab7e2dceaac99499d7be05d47b721a06c4e3b0a8c

SHA512
1673cc1b74d8ea3ef656e03188d98942648e9c59ffa824c8fcef172004457e5bd811c64f57ccc47793bc4a81700d1f6dd084cf0fe65ad37e34e539c56b79ad3f

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/files/.YFlurrySenderIndex.info.AnalyticsData_5SHGNQ87VK8M5GWGY62J_281

Filesize
88B

MD5
4807f8e0c4330e661d35468605180723

SHA1
b8a27ee8128697ae12ff935c44c3076ce205e6f3

SHA256
cb9772d6939f1fdeef72c62d07bb267af9a375858a0f8fe854671d53380c1154

SHA512
5ecea5452180085f7062ea007159f268ae0db8d2b80a9d409ac149da85b3a008c30ab7e86cfbf41c7d318122c0599a0e03dfb79ccb59d772a22fddb48381ed66

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/files/.YFlurrySenderIndex.info.AnalyticsMain

Filesize
72B

MD5
ed52dc0110c188dd16a7dd8e78d1681b

SHA1
edc262d2dd91db5fab9cec68861fba6a2fd7619f

SHA256
ab172d3880c9ab1ae65ca0937156edc16d9b8e0265df98ddaabde1e81e8b473c

SHA512
f40b343b7b0e24374d0e9aeb2c3747267a5ff9e7bb9e783d1c08dde81b1490a4cc9baa1fce3c101827ca7ee2e3c9228f33ec68b017221284c1538062ae5febfd

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/files/.yflurrydatasenderblock.e4311391-61d1-410f-b2a9-bf0d4f394282

Filesize
365B

MD5
7f0b074b98d7e9d6fcc3aa8b52f5c088

SHA1
6851300a1d171641bb0615706a1e0a6ad1399e5c

SHA256
9632fb372a835ad1c4fcd205124dfc3d77539cc8929207e418ef06049bd23fe9

SHA512
a146ec7a16078b91152cd8baf98799f320e5a1207dffef2f6ca0671d52e75e8a8bd1e9e40f31185b5e2f1c17206929d3ba310f51c28c5125cdaa54d810e5a705

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/files/.yflurryreport.19c7d87ac99e4345

Filesize
336B

MD5
ff3184d3890606929f3a3fe3ded571c3

SHA1
858f088a239e102f26f819315e0b01402f1fa064

SHA256
fd23ddd8c6818a4a284a9d1a72d33674598c12ffa2bad9dc284b0875f18bc76b

SHA512
7b6f3fd9ff0ecc4f3ff717dfb0b7ef9561ac0277d5aa7a2ba619a8e399ac5a3bd4f80118d2b30a5381df4dfca924b40a67db6e2c10f1319a953cce9a51fc7619

Download Submit
/data/data/pfaefb599.p281ad2a2.pa45f0ad1/no_backup/.flurryNoBackup/installationNum

Filesize
100B

MD5
e45f780270d0c3024bab305ca2e2a75d

SHA1
adfeee57f95353f29677cf5671badde33c7ee5e5

SHA256
0025461fd4086bdafa1c65086ed4d4213400d12521df1a9455652fe0ea0010c6

SHA512
3c79ad9fe41aa9da17cdc527b67abf485c90b1ba5a142f50f8634b56f553e75aad747a7a500ca533a9b84e142ad3ba2e8f42243044f0001848022e9d7c4b45e5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads