e2de72782e08f156bdb34bf313a2b4ee5bd6ebe79db3779eb19972c95c14333f

Resubmissions

20-09-2024 11:07

240920-m8ec4stckp 10

Analysis

max time kernel
147s
max time network
158s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
20-09-2024 11:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ed738d7d020745c3fae12c73af78062b_JaffaCakes118.apk
Size

2.4MB
MD5

ed738d7d020745c3fae12c73af78062b
SHA1

ef3930277875a7e4a84b591ce31972f92c81e64d
SHA256

e2de72782e08f156bdb34bf313a2b4ee5bd6ebe79db3779eb19972c95c14333f
SHA512

0ecc341c7d4e1eeb61c6b7b8887d0e23fc99f60d10782b6d24ecb6fd54b6c32b080c97588231d8b73afafcd384aaece27cef30a81f9d138fe1315c12b3b18d8f
SSDEEP

49152:R2oZCbUQ4igLXowZrV5rfQPScZWkKwWaPt7+eoZT6rkOEgbZXOI:R2oop4vVZrbL3cZWJct74Tqz

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.pchat.pchat

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.pchat.pchat

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.pchat.pchat

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.pchat.pchat

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.pchat.pchat

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.pchat.pchat

com.pchat.pchat
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4931

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.pchat.pchat/databases/google_app_measurement.db

Filesize
40KB

MD5
b320408f10590b30afabc56f070b96bf

SHA1
aaba052ef95cf54cfb4140069efcf31c57032873

SHA256
5a25e56b66b5cbb164ea421197eafb0bf9c18177eae90ecc707c352500f1f14e

SHA512
ce2967ca944c101aefaa3bf8e25771244c8e42ccff0fbb7927409f9da1dd10ebfe46982d7c508f9adf7f645f6cd975f594a5c7c97dd61f0a5a8d95ca9acfd197

Download Submit
/data/data/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
512B

MD5
d1c095ef7c811be3a424e1d983ba913a

SHA1
178b3c784c8feae8d598ba98c186b6ae87fe3578

SHA256
286615b4879790f59148ea978804a93b0b948a5b91fce08ee0882696f650d7d7

SHA512
50b39d5f774116e79fb8f43954dd86426a43805f29ce72046e203cd6fc57d183f93b30532bdfb5409e89d071f06b1390f5f254b4b833a22921cc868e17716bd4

Download Submit
/data/data/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
bfb6cccc98d71cb384ef23ac3146fc25

SHA1
56ecdbcda6530444a4c6764bdb114c2e2acc25ec

SHA256
1ef0197e16c22e6707cd110029056cebf28d388efddcf077ea463ce60cb175d0

SHA512
8a1a83816261285b11eb2421c46ba189ac90489cb6388082f169d8f8b7e8fd608dc637b5d5b832fe434785f7e9caa82b97ef4b11414da114fcb6e9bb29be0254

Download Submit
/data/data/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
4KB

MD5
9f9ba71d2c0262ea31cff8a0e79fb714

SHA1
dcbfdda3aab8e9fb2849a090f4b3a17c5db4af9c

SHA256
ccd04f4ad89cc97982419166dce0927075ae56885d235c5e77e39855e05647a4

SHA512
6590a5750fc5c1b9681949ec597f483afc4a5eba87789b21f2e6618ceea3c527e7a1937c9dc482878671e574ea9090000c2e31ef3a92526456a2d7b23e48b7c7

Download Submit
/data/data/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
d5f7924bc3dee2af0babed3c2e47f6cf

SHA1
749faa8a7e31675c2d2f13bc377bce1ee2e45e19

SHA256
2ad14383ef7cbd882e827860e9af099ac278184c3141df2a901acf376f42d87b

SHA512
f5af3a43adcc19652254e64504a34006bd6d87c6d7f4455a082ae66b8fbe3a3076b00c9e9b7e9c4b4999ac7dddb3e112fa9c8325aed3124165f31e1995393412

Download Submit
/data/data/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
35ff9a3d9a1ecbf6f9a1789f136653d4

SHA1
83cc2c1e3bcc5109276077e3409c0e679fcd3b0b

SHA256
cdba680bdaae987756ce4064798f3a77dae6ddf7f72ffeb40cbdde931ae87c1d

SHA512
951c6a39718a3c8bfb3b64bd0208ab0768582c40dcac1213f67637460d23b3b2e2f966f7cebea3342f1a9f815ee36a0d5cc8532db5a6815a7adb910db3fd121c

Download Submit
/data/data/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
ebb53397784a0feb51ed9afb2f891526

SHA1
8be2aa8ec30baf54f75de768162ddef9b600d238

SHA256
596d82abcd08deb1ceabe8c1b2e518132f519e929548499309226dcb8d942a58

SHA512
41ac9746997b5e39947b035be389c9c8cb7e14063d1127d22b2ce6fd792e0d1d431464a715178033052c48e4b2f893b2710e79f86cd7c60811cb551d4a3f4019

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads