8969a70e7ed5224b8dcfca9b420a19549e1c9acfc80996fd33062b41f060c216

Analysis

max time kernel
6s
max time network
151s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
11-09-2024 17:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dadac7f164c8c4d5c9104fee3434a5db_JaffaCakes118.apk
Size

7.6MB
MD5

dadac7f164c8c4d5c9104fee3434a5db
SHA1

a3dcc52853e33db7b7d633bdd86adb265c46a248
SHA256

8969a70e7ed5224b8dcfca9b420a19549e1c9acfc80996fd33062b41f060c216
SHA512

891084bd2d91a6f4aec1a56a509d4541ee177190cf1441308c0aa2d4e6eb9fcc37bb25bc7e528f6b60efba7fca9cbd340978c567138f7710fbd3bff037d32da0
SSDEEP

98304:J6W0n2xutepKOKgsqnPkjkaFpL7ElGo4NN8TvaTuZ92ajH:h0n2xFugsSPkjkyMQjH8TvaTuZoyH

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	net.dinglisch.android.taskerm

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	net.dinglisch.android.taskerm

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.dinglisch.android.taskerm

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	net.dinglisch.android.taskerm

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	net.dinglisch.android.taskerm

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	net.dinglisch.android.taskerm

net.dinglisch.android.taskerm
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4972