627f244c75a3d2c30d9dc9c8d698599774d213ba3aa37ae95f63f5669825dbb8

Analysis

max time kernel
112s
max time network
155s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
19-09-2024 12:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eb5c2afa3039fdbd7d70be81dd9718d8_JaffaCakes118.apk
Size

1.5MB
MD5

eb5c2afa3039fdbd7d70be81dd9718d8
SHA1

e3684ff809e0b7ef3984220b48306c39f87b41b9
SHA256

627f244c75a3d2c30d9dc9c8d698599774d213ba3aa37ae95f63f5669825dbb8
SHA512

43551b8b2050a25387ce22a9be09b4489d2fbf1d31807a667d1c2014eb5d62dc1add1d86a14c5f7b21a7ed02d525d23206be4f705648d4e5de25375166a6d9e9
SSDEEP

49152:41g1MgKmW0O0UYcBHMZ9QwizQf4xGanpq6f8RR28:6ZZmWP0UYcBHMD+z04I6EH

Score

7^/10

collection discovery persistence

Malware Config

Signatures

Queries account information for other applications stored on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect account information stored on the device.

collection

Stored Application Data

T1409

description	ioc	Process
Framework service call	android.accounts.IAccountManager.getAccounts	com.bc.battery.saver

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.bc.battery.saver

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.bc.battery.saver

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.bc.battery.saver

com.bc.battery.saver
1⤵
- Queries account information for other applications stored on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4990

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Stored Application Data

T1409

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.bc.battery.saver/app_Parse/CommandCache/CachedCommand_000001920a4fd05b_00000000_3568473393333454332

Filesize
323B

MD5
1c57e35d98698f034e174406a776b9d4

SHA1
1b67c83b6156bbe4e1e4414860e169c66506fa8a

SHA256
7238bcdf13d87370ac2f334bbfcf130617325399a41e17514e40fdac6d96d75c

SHA512
f0fd5faff9537f2ee0551af936de6e2a60122d177f9ef2f38db3904eeb6f5fc0f0ad2c60083b5b742d07d18114833570c8b92631b450f986205acce7191c71be

Download Submit
/data/data/com.bc.battery.saver/app_Parse/LocalId/local_75c9773828edebc9

Filesize
17B

MD5
9b42aab1d2522e937abf53dd3a9e74f1

SHA1
cfeebf2c70fde3ed33ddfbb7b482b543a8cc6a55

SHA256
3150a415ac4b4b49679268b99f43132f9e46be879659d0bc493e4a3e93bd2da4

SHA512
0d41a49e803826d135e33c8cd3773d9f21031f62aaaff6ffcf809c73cad899cc1a03ed7c419d5b308d4ac6d27d679f1d081c899afc5c756ee83125b3993b3e64

Download Submit
/data/data/com.bc.battery.saver/app_Parse/applicationId

Filesize
40B

MD5
833f476143643b09551c6ce54005280f

SHA1
4e8e20b59e4019c74f42bd1e0b0a13853c7d0141

SHA256
02d5363ea3d55b4c182a8f26654b45e272ee4fd5ee9e7f52d3996bd8aee84365

SHA512
3aba2792615c35862f26657d19023a473165a54d8197ab51e4d44aac49fca70c63dbcb5d6fda2e728e900406bd132116c4e69d6eabbe048ed6b9c7d071eb7b89

Download Submit
/data/data/com.bc.battery.saver/app_Parse/installationId

Filesize
36B

MD5
1100cf2539dd7c3c54c0f784e4f1f9c4

SHA1
a03edc7437c295a6f08598cf8151a3924a166c07

SHA256
d891c8b123064d926930cf0b0ac047f59c4807688e763d42e25649ed238b2aa3

SHA512
5cb73a5f0c956f07e53969519421770cc3fd0116a0f208d2271f593fd0d6b6c3bf52ce91fabfc6ed56c2cd861847a92509ece775e7ce26eb8b71e6226446935e

Download Submit
/data/data/com.bc.battery.saver/app_Parse/oauth

Filesize
50B

MD5
8daf7023966ed4e7ea9bc6e30c20f8c3

SHA1
080c901515b122955212869a04ff67b50e01e323

SHA256
5ed99fdd587200736bbe63ec60538b7c3b039aa89194cc6472b44811518ef6a1

SHA512
5492c1a8f52aa6917d0c3af3d3a6d48b80569bb5b1ab8e24516efb72af5b1ad7a010bc585ab77031bfab76b4a2ccd8349fc79b13f8f6bce64a7b3b485b96dcb0

Download Submit
/data/data/com.bc.battery.saver/app_Parse/pushState

Filesize
449B

MD5
efb4ae152545320a82d8529cc7823aad

SHA1
ca3145c5fcfaf05a7d169b7f75f5d46964a58ef4

SHA256
8e78ae53a4f76e21f6c1e5f11ec06ca2dba066f00d9b1d0b53885d6e0ae9818b

SHA512
72532e0c0baf6869fd0c1f316bf35c433bc37492b520fd23dd355b0e38354ee703e4b2e7d68c56dce83a074b7c958c616fccfe985d8a8ca934c1cde0d0404fc9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads