Overview

overview

8

Static

static

6

dd0db0ce75...18.apk

android-9-x86

8

Analysis

  • max time kernel
    132s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    12/09/2024, 21:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    dd0db0ce75403252027a639ae598b680_JaffaCakes118.apk

  • Size

    11.1MB

  • MD5

    dd0db0ce75403252027a639ae598b680

  • SHA1

    b2575a4207f4a7136e4dfa6a7240034c7e691a31

  • SHA256

    c269aa40a08fca6cb7ce037019a96c286dfa0bd681171c31dd5e9334b2a74cdc

  • SHA512

    f3f8b821e71d4b44b63da9c0e520f9730c45c663165b55394a8ad57c450afeee72a145e92e8c3ba4ce914526cf6aaf1a6c3a18546c999672bc8a7465182092d5

  • SSDEEP

    196608:PHuX8PDhocnSUbRsKdz7hdz7nKDnDy8JEHGhIJEHGhMywk4SOnQmn8QEcJ3ba56w:vuXyFEQjzP8JWnJWnrfyXrMH4

Score
8/10
discoveryevasionimpactpersistence

Malware Config

Signatures

Processes

  • com.mlzj.and
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4249
    • /system/bin/sh -c getprop
      2⤵
        PID:4285
      • getprop
        2⤵
          PID:4285
        • /system/bin/sh -c type su
          2⤵
          • Checks if the Android device is rooted.
          PID:4311

      Network

            MITRE ATT&CK Mobile v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.mlzj.and/app_crashrecord/1004
              Filesize

              226B

              MD5

              474a6ec20b000b61ab3d4f5b0751d406

              SHA1

              0d6898dc2ce90ac9cde592ad07d39a61afc6e6c2

              SHA256

              a0844959d41d8225248033de9bfcea752ca157a7925023b7773ba819b0469273

              SHA512

              1d2647409f8c39976ca3c430a69a60a0989b3825615721b66a6cb0bf69fbf97ab51b7db9c467490d6937d76f3823e8846beb3913b70de59f78f069d719e9b857

              Download Submit

            • /data/data/com.mlzj.and/app_crashrecord/1004
              Filesize

              58B

              MD5

              0d210bfb2a0e1f1b4c082a6a0f79de07

              SHA1

              bb8ed9e364db79d1d9f2fcde3f15091893222faa

              SHA256

              988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

              SHA512

              536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

              Download Submit

            • /data/data/com.mlzj.and/databases/bugly_db_
              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              Download Submit

            • /data/data/com.mlzj.and/databases/bugly_db_-journal
              Filesize

              512B

              MD5

              b7e9718ec00567269d4a29c939699396

              SHA1

              4db212a5dbba3f64578b3516e901943253e80a66

              SHA256

              10a731a73537bc33da889eb16d30d783e50c6c9b1bdb7549e8e4afc019c1a397

              SHA512

              9474c3afda2329f44fc0d89707b7accceda79e1b7bf7e7aafdcc354df01237f92630cf5c3b693278820b452ce9323f350777a739682f18e5c4f317f886165a8a

              Download Submit

            • /data/data/com.mlzj.and/databases/bugly_db_-shm
              Filesize

              32KB

              MD5

              bb7df04e1b0a2570657527a7e108ae23

              SHA1

              5188431849b4613152fd7bdba6a3ff0a4fd6424b

              SHA256

              c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

              SHA512

              768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

              Download Submit

            • /data/data/com.mlzj.and/databases/bugly_db_-wal
              Filesize

              76KB

              MD5

              b90982b8f5b4d9b5ec93c749b6e1d512

              SHA1

              cb4217be17b973ff25d4d0cb8a69e489ae44501c

              SHA256

              adfb7daa7edea82e0062941d6039259db39670fbcb41f2fc78fa44699c0a4a2e

              SHA512

              00b4bb10c97ab70fe63985b78948735e95aed11f419e331217e1df54830ac009bf6d6d765e80598f88f1933203d0e588e79250363ec072c0c302bb3c14d4fb81

              Download Submit