85fae8dc4ae6eacd15a74be0368a1ee552381d5af80df9a7bbf83b568df937b9

Analysis

max time kernel
3s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
25/09/2024, 06:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f56e520991ee2459029ed08bfe6e66a7_JaffaCakes118.apk
Size

26.2MB
MD5

f56e520991ee2459029ed08bfe6e66a7
SHA1

da91a139ed54ba54d4a70f158930b84829013ad6
SHA256

85fae8dc4ae6eacd15a74be0368a1ee552381d5af80df9a7bbf83b568df937b9
SHA512

4c88264f438339057ecce39c7357c0ab5c76b6f4e1f74d5d0692815e028fb135ef184d8e5f27b41c915fddebf18b78355c7d5245ff712b6bcf8bd79fbae447e8
SSDEEP

786432:6s24Ukip6pARqIwYEE+mYh6me/bZtzEGY7Oue:A/epIwy+mMJezZtZY6X

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.gamevil.punchhero.sktfree

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.gamevil.punchhero.sktfree

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.gamevil.punchhero.sktfree

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.gamevil.punchhero.sktfree

com.gamevil.punchhero.sktfree
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4310

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads