98f5f6cf8498a2a8cccab357737b72ea27718c60d1cc39a8f6069a5c842b05a6

Analysis

max time kernel
148s
max time network
127s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
13/09/2024, 08:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

de040c4c88e07bde90250452b112298e_JaffaCakes118.apk
Size

13.4MB
MD5

de040c4c88e07bde90250452b112298e
SHA1

f22cde8b6083efae184d9e0670627c5869fb488c
SHA256

98f5f6cf8498a2a8cccab357737b72ea27718c60d1cc39a8f6069a5c842b05a6
SHA512

9f1fda79030613c523b70179a46639727a2e56bc924b468bae271cd783f3d144768e7933d40b7e183c091604b46ac4c9d82c6d7cad5b4e39c78cf62d166cf6fc
SSDEEP

393216:2YTJaLdxoGM5Ogihl8KoZC7XlDMWhDT9qPS3IhVDpZr:2YkBx+DelzoZC71oAIq3Ifr

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.smys.smhy

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.smys.smhy

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.smys.smhy

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.smys.smhy

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.smys.smhy

com.smys.smhy
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4239

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.smys.smhy/databases/xUtils.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.smys.smhy/databases/xUtils.db-journal

Filesize
512B

MD5
43c875dfc0b52f71fccb8940b7533c2c

SHA1
9b836585259e3c560f428c710103b0fe7d90ee42

SHA256
0f45e1de2f72ee6167e69ea1195607c56c23d19d9c5297de6398715ee4c3edbd

SHA512
8eb0c316c9df5362f9c113bcd5e5b934edcfb2b27c5349c0d51ba8ad696d334853054a71a27c21098d253b8cd421ffd8254a372c18b53125657b996915835bdf

Download Submit
/data/data/com.smys.smhy/databases/xUtils.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.smys.smhy/databases/xUtils.db-wal

Filesize
20KB

MD5
79a9ffb8e75815712240a437c7d371b4

SHA1
aef9783ff79238163e659e84a4d598cdee7846ff

SHA256
5cc688120654bb51aa1060a2ba0dbcce0b96b45eaeabf12ec0224cab8d845178

SHA512
4d2f3405ea9bf899ce76f360a8a9586a4ec2bf46bdb64903d3e762024dd78589f650dce4d5bca9a2f51d0f6aa248781b58f131aa7610cd981286ba694e05ff17

Download Submit
/data/data/com.smys.smhy/files/com.tencent.open.config.json.1101116004

Filesize
1KB

MD5
f526172de1566b34fdcea744710d9559

SHA1
000cb54d9a008a807a1c5a3fd2b2e7cb41e7939d

SHA256
8572be02b59f4d514000939ec04a9b4e2380c55265256b724a617d8d0f4c6940

SHA512
dc81f0fe345b18c96b1638c67b9ef4c5e60059dfc4a02f3c30a23645d4847abeef46cf467d044c42597115c48052ce0e8ea24328382114a544c5dfd039a95e7d

Download Submit
/storage/emulated/0/Android/data/com.smys.smhy/files/tbslog/tbslog.txt

Filesize
1KB

MD5
0336039838b08aff14c8ad14505553af

SHA1
a35c6cceceaf33fe271688681e9e599492f2e1df

SHA256
bb9e88c6af19fa3679302903cc77963a231a573669ebac774f64f6c6bbf837b6

SHA512
c7ca20094055d0efd2865d96c011727c78e5c434b1a4f9e49b3b1dc36ab4e364678cbfaf7407c439816dd4c793e6cf1b401e97b6f50c331cb340bcec2d1fabbc

Download Submit
/storage/emulated/0/smys/mydata.db-journal

Filesize
512B

MD5
aefea5c0111d8a9dd7af732de10b08c7

SHA1
2d7b0e40ead3163be6fbff72ea71b48383f20823

SHA256
8c35a04b3d2d47044dc410fe85731f42c196033f15986a24083ce6255d228539

SHA512
5741d063152f515cc6df9294cb62052df3800a0e3c3e73d20ae6a269c192374ad92667bb8bac5c1e697f378477f52aee1aafbfbf06a91f7ee2cdeadc2cb34e7a

Download Submit
/storage/emulated/0/smys/mydata.db-wal

Filesize
56KB

MD5
3f7f3e5a6c94bc6e558132683495c91d

SHA1
3185bc64bdd54f54ebf0ad7b562da2075720bb4a

SHA256
e53180fc764ed55f251197aee3aea6044d7483de4d5697fe32957006b5304b57

SHA512
5076bacefdcf5ac5fb77f9e22d52cd94296cf1b49deae44ec66caa4cc11abb97ce3fc2ee49519521e2f8cb5f4fa5f044106220436d1716b379e0e8df612bfa97

Download Submit