03f87a00b9f5ba9d70adc3b5c5cb3f581f5bbdb5111cfefbae678cc3c3112fe8

Analysis

max time kernel
7s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
12-09-2024 23:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dd363a17e193df2cc296730189ce006a_JaffaCakes118.apk
Size

31.0MB
MD5

dd363a17e193df2cc296730189ce006a
SHA1

9d4a4866a85b66cb79378f8c27bee9c324320d38
SHA256

03f87a00b9f5ba9d70adc3b5c5cb3f581f5bbdb5111cfefbae678cc3c3112fe8
SHA512

dd2ba2076db4ea11dc70c20fa41f4d3137d07c3b46515f6b8ec64fc278595e74b2edbf8acf0a6dc7866243155c499e011105407be1603253bd8913058935c8ba
SSDEEP

786432:lymeOEVJEaf0JvN7OHbljSeHyCPg51+oLHhtGxQbF1sv:EmeOOKvN7ittPgTfPGOF1C

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.fangyuanbaili.flowerfun

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.fangyuanbaili.flowerfun

com.fangyuanbaili.flowerfun
1⤵
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5063

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fangyuanbaili.flowerfun/databases/bugly_db_

Filesize
32KB

MD5
be36968971c43d03bd89fedb233ad343

SHA1
897edb3df56cbf417d2e7cd17fcdb390ff6dc6b6

SHA256
bd70dc0a2445e8184d67bf115d416959c3134cf6ef371f37edaf51b939f9d631

SHA512
2f3cb9fdf86efa5e6cdbe915500573df59e68621a09e05f9972ba150ba319cc6982ed795d65a45855826418b5630413562372eefb15cd852f9a6874ce1ea2136

Download Submit
/data/data/com.fangyuanbaili.flowerfun/databases/bugly_db_-journal

Filesize
512B

MD5
354ffbe100ae2f0af2a0e353ba72b8a4

SHA1
dd4c5a060af7fc7a3aff9b85bd79e941cc55c65c

SHA256
bac2bf88c978862f0619cf773542e22c3206f0b4838224df9c7febffeb5a1221

SHA512
64d4bbd962df2d898225303f18fa78c1d48b6caf5773fbe1b301edc50071fdc5d5a008d0e91de8f806de8e2d6c19c190321718798a2db99fdf28d6f90ea8a4a2

Download Submit
/data/data/com.fangyuanbaili.flowerfun/databases/bugly_db_-journal

Filesize
8KB

MD5
71c1175863031698144f4d2350a2c234

SHA1
59fce993bcef8d1c96689f4b89bf171ee6fae55e

SHA256
7348d1b2cc0eb964d63c5f5c1187556b98767f1ac80ebdd39c6c2c0bb1f285a9

SHA512
f1466639de03c4c8d25e8759cb2dcf3da4f9e1c63eb7288f8d9f92044f9d74572c2e32d93fb0c795f1452957e915ac67e16b981f8053179c07bef9df48ed6e11

Download Submit
/data/data/com.fangyuanbaili.flowerfun/databases/bugly_db_-journal

Filesize
8KB

MD5
062b43bbb13e1c64e3402cc0609e959c

SHA1
78fba6e7c3f13983cb558ad8872269ab5fc499f2

SHA256
3e6a2df72de984b568125c8f358de36b99c0e252b19ba01f7e62552a4107523a

SHA512
ca76fefbea3311f5298fc456d6fc6fc9af078433fab26b5629736b3adc9cac8234c6542b752196342525f817d08b58e7c29f39ec0b832cc63fadf678bf1b0398

Download Submit
/data/data/com.fangyuanbaili.flowerfun/databases/bugly_db_-journal

Filesize
8KB

MD5
c203472a377927378b75beb59dffe22e

SHA1
570e95ab088fb002db645ad76cdbb9ad76c4134a

SHA256
d3055089afc1187fc1f69d686f463607227596b91fc03b3e7d2b38114ceb9758

SHA512
442be823350eb55ecdb5859b279a841be769ce2b2ca93d93d400f711f186da96798a836b5964336a60d15f7584525184d46de056c3c2f68ab9493665e29a9e40

Download Submit
/data/data/com.fangyuanbaili.flowerfun/databases/bugly_db_-journal

Filesize
8KB

MD5
9559eda6603b07ebffc69d53644b1193

SHA1
2d639907f65623da6e2eb4d2ca3b722fab78f7ae

SHA256
17fe3dcd6eaa9ccf67f2988ebb00e9d8a572b45545d3f88575fa8598f034cffb

SHA512
7fad54c6af99c315aa522429759e1bb412c6b095d37882acdd940d48b8424aecb021a1edba8a6796805ca256dda31782f9ef962a055c98c4af8349fd7ed92dde

Download Submit