5bcfe660724f1db583a659fed4056ea57df0f588c5222294d0ce5f0d6d673ca7

Analysis

max time kernel
3s
max time network
136s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
27-09-2024 02:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f993446b83ea9026a958d40ebd03609d_JaffaCakes118.apk
Size

12.6MB
MD5

f993446b83ea9026a958d40ebd03609d
SHA1

6490fd23fcabc3bbb0b52cc655ec8ceca3fcf1ef
SHA256

5bcfe660724f1db583a659fed4056ea57df0f588c5222294d0ce5f0d6d673ca7
SHA512

85c2ae04858ce80b23749598010afe0661a6bc526829a13e56e91ef7fe227f64989fa22af0c3d33e7b5fa0edabe34b1231da1a8463eb40fa09194a5f8fa23618
SSDEEP

196608:c6ZKPcWjN8H3ctqPyk9Y6j/HDJzwSfZ3VN2V0cEkFHiGpwRUCrGum6M6fbDzye:cKNINqn+M/HDJ7V2VeZGpwfHm6XfF

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/xbin/su	com.videowallpaper.live
/system/bin/su	com.videowallpaper.live

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.videowallpaper.live

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.videowallpaper.live

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.videowallpaper.live

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.videowallpaper.live

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.videowallpaper.live

com.videowallpaper.live
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.videowallpaper.live/databases/bytedance_downloader.db-journal

Filesize
512B

MD5
aea0e1372998e17562d79c2f2dac7f69

SHA1
6fb61d9a221058fb7dddbd79190bd7841baaa3cd

SHA256
033dbe1007bebf865cdfde4e716819b4ee0ab556cd7dc1c76e3e1461dfc452d9

SHA512
e7369f7097256cb0c9943148cffcaf2b3cada28d288e8bb353e4cb3f1043f99f7cdf9db226f606d77486928b6ec7ba2dfb68065f64c78b215680c65563b6f83a

Download Submit
/data/data/com.videowallpaper.live/databases/ttopensdk.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.videowallpaper.live/databases/ttopensdk.db-journal

Filesize
512B

MD5
534fa71f92f39045ed0484e6cb88eac9

SHA1
73c6de419b62b3683ea85bdb1400a4a523aef9f9

SHA256
8a3d8e8f87e8edfacd8ccc079ac5dc9c473748e59bc4232cd081e90d9cb3b9a7

SHA512
717ac61bb0ed876644a51b71c2d4d91f265deae0ddbebe18b5a5065f77a49356f191bb9e017c25b0dabc280eab3cc3553f160a3168dbf88117667e2a8bac6195

Download Submit
/storage/emulated/0/Android/data/com.snssdk.api/cache/clientudid.dat

Filesize
36B

MD5
be26c72ccbf136c39bdb6a92018d5a08

SHA1
77b022b52304032b7f47ab79747830c52c3b2ea2

SHA256
ce388097b557d9d165db2a450be89a3148e8d20701a9cb6c7fc30befb5004596

SHA512
c038e5027b5d09f22bec306de0cb6ec1ef84a9f583c66e4f21f74dd2edb8330a3180dd8ed8431b89cbe2fa1fe86a28b0c41bb4ae806cfbc0cb15032040c61c6b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads