e2de72782e08f156bdb34bf313a2b4ee5bd6ebe79db3779eb19972c95c14333f

Resubmissions

20-09-2024 11:07

240920-m8ec4stckp 10

Analysis

max time kernel
140s
max time network
157s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
20-09-2024 11:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ed738d7d020745c3fae12c73af78062b_JaffaCakes118.apk
Size

2.4MB
MD5

ed738d7d020745c3fae12c73af78062b
SHA1

ef3930277875a7e4a84b591ce31972f92c81e64d
SHA256

e2de72782e08f156bdb34bf313a2b4ee5bd6ebe79db3779eb19972c95c14333f
SHA512

0ecc341c7d4e1eeb61c6b7b8887d0e23fc99f60d10782b6d24ecb6fd54b6c32b080c97588231d8b73afafcd384aaece27cef30a81f9d138fe1315c12b3b18d8f
SSDEEP

49152:R2oZCbUQ4igLXowZrV5rfQPScZWkKwWaPt7+eoZT6rkOEgbZXOI:R2oop4vVZrbL3cZWJct74Tqz

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.pchat.pchat

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.pchat.pchat

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.pchat.pchat

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.pchat.pchat

com.pchat.pchat
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Checks CPU information
- Checks memory information
PID:4619

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.pchat.pchat/databases/google_app_measurement.db

Filesize
40KB

MD5
1bf13917264b6e68b2af9cfbcfe091b4

SHA1
f70f28219e488440e286d0ed5643e626935d278a

SHA256
2a2f245122946a34b94705745dbde198778edc4d2a965195ee7424a1906060d6

SHA512
1e0c2603bf954bc2aaaea5cab099c8b8a2b9ddb3b065b2fa42fb62a2d9ca999c0974fd4fbd6cd3563b10be2aad61cf52729cdf17764a57b7217ec7f4bcb483ca

Download Submit
/data/user/0/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
512B

MD5
ec89c4b54d36229f6fd64cbad882a297

SHA1
341a511acae1b711d517bd3d7d4d747e39a5be7e

SHA256
b1c3a02c3fa6c37db03a32201028ca0b2ed875fb34abe12eb4e523d9046c995b

SHA512
dc12fb6a16e604789fb91bd43c12e511a387cee288f05d5be83eef93a6dc8d260e68953ad22dc9611e8a7a492b5a7645fea7745e0e7c6e8c4c468b8559decdf1

Download Submit
/data/user/0/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
d40af34e442564f972a9868b33c303ee

SHA1
87459f4e4f9cf0db4a9075bd8e43bc6d8e117872

SHA256
5142125598bf3ff9b2c7f7f9414ee3beafabba317102a39264afbe582ae841b2

SHA512
50c07049da8295f7f0983032c37c1c91bf00488e2fc47ed85ec969be63c5cd5de3e4d1f77120e3ea9c5e1b7822b1b3c9248a98d27d78602a467c914225bc88c3

Download Submit
/data/user/0/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
4KB

MD5
174e394cbc417dfbbd2351c3f69e5e1c

SHA1
6adae95cb636d1b160f7e81ecc1ed8d4c309cdbe

SHA256
e1d673b05a49b7a571923a39adc4832bb9bb9d43869d761276afafc22ede8cad

SHA512
81c86e7b2a3812a5b3fe2dcab11e92d38243b9d424a3b8a33955ad0a1201a2ed616160904cd4f6408e5072eac0336fba71a6cea33a0a3c3cf314d61889c1ea0d

Download Submit
/data/user/0/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
f6cba09a17c4525cf4922e6f0bb8c8db

SHA1
dbe350252bbc1ac1d2a3af6ff27a93d027944b90

SHA256
2796dfe9849774a1d467f27a41fd60763e728ca74802b3fb650766e187634aea

SHA512
8e009edca72f3a9d51f658e95a30b7898f752989ec91111344a312aae1b6f72b8f1348bb42cc7250004608c5d955f63263e8d3c25e8e7e12373e6f1a2e32ff32

Download Submit
/data/user/0/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
8398233fc23795fc3b3ff73c6fd53bdf

SHA1
9f4145a3b58ab95900bcbcc2f6e77cb47c5b0372

SHA256
29ef1375449ad40d34d4f547e5d687ae744a595fa8c0b5166864b879f2ab4b4f

SHA512
fb583fa3260ecfbaaf989b620d612aa0b2b33eca3c181962c5dc388c81f06634a622e391cc594cc535570f0d237932a11bbdb60ca5cb76a930314e280c806214

Download Submit
/data/user/0/com.pchat.pchat/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
08fbe09080a768b9d1b8170438df846f

SHA1
faf7d153405958c34e5759b12bb2c197c755b44e

SHA256
5dcee8f417e42dd1c6069fb4601a2f78639f4eb7dc1a400dea911368f2a1fb65

SHA512
79d6bf596ad647776210ddc6df14586e87b91591002334d4668bb3f4985bc2859553dfb94b26b70444d57440cab34bf344fce568a4a8fc5441a5f08fb71da434

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads