0feeb5e96d476f4188b1443688aaf1257ed441b4eb02f167a0fc5914156201ad

Analysis

max time kernel
2s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
25/09/2024, 15:44

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

f655bffc4f9b25fb0e093ac69cca3b6b_JaffaCakes118.apk
Size

21.0MB
MD5

f655bffc4f9b25fb0e093ac69cca3b6b
SHA1

9fde7b9106978b8c5d72decbeaf3cc79fd785ae0
SHA256

0feeb5e96d476f4188b1443688aaf1257ed441b4eb02f167a0fc5914156201ad
SHA512

9d1d7d1ff7496fe5100a8946c7138c8d2f78af189432c88713fc1f8bbbaea46d614796542393ca5120122a28a74c1ed7f70a50724ebb65571a3937de135c02ad
SSDEEP

393216:h++tz3CgeFUd8FJOfNqBtqYW3LRtESQQWBSNMlpm76kHiGqp/x1lk9S:k+NDEK8v0NqBgYWdtESQQWlALi3/x1iY

Score

7^/10

discovery persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.tencent.mobileqq

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.tencent.mobileqq

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.tencent.mobileqq

com.tencent.mobileqq
1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4244

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tencent.mobileqq/files/suicide_count

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit