627f244c75a3d2c30d9dc9c8d698599774d213ba3aa37ae95f63f5669825dbb8

Analysis

max time kernel
27s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
19/09/2024, 12:44

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

eb5c2afa3039fdbd7d70be81dd9718d8_JaffaCakes118.apk
Size

1.5MB
MD5

eb5c2afa3039fdbd7d70be81dd9718d8
SHA1

e3684ff809e0b7ef3984220b48306c39f87b41b9
SHA256

627f244c75a3d2c30d9dc9c8d698599774d213ba3aa37ae95f63f5669825dbb8
SHA512

43551b8b2050a25387ce22a9be09b4489d2fbf1d31807a667d1c2014eb5d62dc1add1d86a14c5f7b21a7ed02d525d23206be4f705648d4e5de25375166a6d9e9
SSDEEP

49152:41g1MgKmW0O0UYcBHMZ9QwizQf4xGanpq6f8RR28:6ZZmWP0UYcBHMD+z04I6EH

Score

7^/10

collection discovery persistence

Malware Config

Signatures

Queries account information for other applications stored on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect account information stored on the device.

collection

Stored Application Data

T1409

description	ioc	Process
Framework service call	android.accounts.IAccountManager.getAccounts	com.bc.battery.saver

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.bc.battery.saver

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.bc.battery.saver

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.bc.battery.saver

com.bc.battery.saver
1⤵
- Queries account information for other applications stored on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4251

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Stored Application Data

T1409

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.bc.battery.saver/app_Parse/CommandCache/CachedCommand_000001920a4fccbf_00000000_8062438457630834157

Filesize
323B

MD5
490893b9363f3ca4b039b90a22afc163

SHA1
11de97535cb7d83f17e5b61d775c619ca0830592

SHA256
d23a9bd6c1d49a40866cfca797ad731875c8daaddb0923ae000450ece47de7bf

SHA512
cb896fa8cb047daf379d01112ae77e5da386ff3d7cb31b0471124ba2bf8fcc46ab9e93068b74408d59b7e6faf9573578fd307794638c2488ab43d37dc0f8f813

Download Submit
/data/data/com.bc.battery.saver/app_Parse/LocalId/local_a3d71c1140153b27

Filesize
17B

MD5
9b42aab1d2522e937abf53dd3a9e74f1

SHA1
cfeebf2c70fde3ed33ddfbb7b482b543a8cc6a55

SHA256
3150a415ac4b4b49679268b99f43132f9e46be879659d0bc493e4a3e93bd2da4

SHA512
0d41a49e803826d135e33c8cd3773d9f21031f62aaaff6ffcf809c73cad899cc1a03ed7c419d5b308d4ac6d27d679f1d081c899afc5c756ee83125b3993b3e64

Download Submit
/data/data/com.bc.battery.saver/app_Parse/applicationId

Filesize
40B

MD5
833f476143643b09551c6ce54005280f

SHA1
4e8e20b59e4019c74f42bd1e0b0a13853c7d0141

SHA256
02d5363ea3d55b4c182a8f26654b45e272ee4fd5ee9e7f52d3996bd8aee84365

SHA512
3aba2792615c35862f26657d19023a473165a54d8197ab51e4d44aac49fca70c63dbcb5d6fda2e728e900406bd132116c4e69d6eabbe048ed6b9c7d071eb7b89

Download Submit
/data/data/com.bc.battery.saver/app_Parse/installationId

Filesize
36B

MD5
e5567b6cf664f938b20bd453cf30e937

SHA1
98859c013a56a7e9a849e580640d1f56a40fc919

SHA256
b8a31ddbe26fb43c9fe0a368f775ef120799903719064e93ca20ea20905af69e

SHA512
1d6d9f9a9d7105030a4173c80a489562eaa8358e216bbf86b7ac982bc8e88ae294a0b66a533e9f89a9cb1353d11620923549eada36f22a8f1ce2da0a666a6c79

Download Submit
/data/data/com.bc.battery.saver/app_Parse/oauth

Filesize
50B

MD5
8daf7023966ed4e7ea9bc6e30c20f8c3

SHA1
080c901515b122955212869a04ff67b50e01e323

SHA256
5ed99fdd587200736bbe63ec60538b7c3b039aa89194cc6472b44811518ef6a1

SHA512
5492c1a8f52aa6917d0c3af3d3a6d48b80569bb5b1ab8e24516efb72af5b1ad7a010bc585ab77031bfab76b4a2ccd8349fc79b13f8f6bce64a7b3b485b96dcb0

Download Submit
/data/data/com.bc.battery.saver/app_Parse/pushState

Filesize
449B

MD5
efb4ae152545320a82d8529cc7823aad

SHA1
ca3145c5fcfaf05a7d169b7f75f5d46964a58ef4

SHA256
8e78ae53a4f76e21f6c1e5f11ec06ca2dba066f00d9b1d0b53885d6e0ae9818b

SHA512
72532e0c0baf6869fd0c1f316bf35c433bc37492b520fd23dd355b0e38354ee703e4b2e7d68c56dce83a074b7c958c616fccfe985d8a8ca934c1cde0d0404fc9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads