92d1d914cb2b4b8cfcd5f4087351d84489971d71d65891f5395c813bdd97c5a5

Analysis

max time kernel
4s
max time network
145s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
27/09/2024, 07:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f9f94d38d05a2ecb87e71eff05835b95_JaffaCakes118.apk
Size

15.3MB
MD5

f9f94d38d05a2ecb87e71eff05835b95
SHA1

80c709c0ce1e0122bc62d1c4c8c381bf0ae95d1c
SHA256

92d1d914cb2b4b8cfcd5f4087351d84489971d71d65891f5395c813bdd97c5a5
SHA512

9c4c84a37b685e0a7b99b7b300ec0814920a16b25f9cd7a981a077e4b87af191572cd9c2db2b9d4da20ee0038d97758163adf9f07fcd1527f80da5a584834223
SSDEEP

196608:WH1Kmq6/Q0t3Pyr9/uC3ly5Bbc/w529RSN8RPf+WHPj8cWjb5vl8+zuKwunMTzMW:E1C0t3PMocE7cgo8BjbwluMThHhrtN

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/bin/su	com.cibn.tv
/system/xbin/su	com.cibn.tv

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cibn.tv

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cibn.tv

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.cibn.tv

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.cibn.tv

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.cibn.tv

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.cibn.tv

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.cibn.tv

com.cibn.tv
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4264

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.cibn.tv/app_SGLib/SG_INNER_DATA

Filesize
59B

MD5
c8b982a9c4e13ce8c243734002584940

SHA1
f403aa8a3fc9118f6b19832953e1f13ea1abc144

SHA256
94da7259eb299d8003bc5ad6e954ee66d09b2c51ac93b9a27bbe8226be0849be

SHA512
872217f223359ce60bfa72a71790b5e30c8da68cb935a95567c8d0e927e568c8c790b57cb00e1a4188e9c760f4d7c800fff66c8e460ff43dbd613ac4662099e7

Download Submit
/data/data/com.cibn.tv/app_SGLib/app_1727421677/main/main_312768000.pkgInfo.tmp

Filesize
307B

MD5
4cb5c6d7ce435dd7aa318f4da8c1812a

SHA1
7454dbbf29a461f120eb698e87ca2c4765208755

SHA256
37e087438f93e6227b5f94a85bf52b373bca0521708ede35f0d600daaf02d1de

SHA512
dd99acb2773aeb3d410da0aa66242ef922f3c46a16add9a74a61e0a42fce61b39a185c6ec7d1377edbff0ee1afadc335dc195c728cd734e3b534c79568554a7b

Download Submit
/data/data/com.cibn.tv/app_tombstone/com.cibn.tv/STARTUP_MONITOR

Filesize
102B

MD5
08f1970568f5e6f2da561c102fa24a6a

SHA1
7cdba8d84c58df155302aff30a9cc6560f3f3d48

SHA256
f64d29fd2fe8c9309a557f04db8a7447c2d848c2b95a663a41214a31f82ce9e5

SHA512
c6fc838f9e6a2e81b19628e8d3e159da994c613a02cda6621c68d5751e472ff3782941b0cb16961064d54e5e1042fcdf8bdee8b51019bb9230888eacf4415b8d

Download Submit
/data/data/com.cibn.tv/files/Q0VSVC5SU0EK.txt10a8

Filesize
926B

MD5
0db661f7a8de3685033932b41e9bbd8c

SHA1
4cd1dc69c8eacc79324046d09001b75278904cb6

SHA256
c9b810c74865af122d372be4b38cff7be898078a6778a046f4572677c40f3e35

SHA512
26a3cc8bfb70bbfbdd8d99ef6c7639cdd7f9fe3d896a3033ab40f126a988dfe0e974a5f8e1f6344469a0545a64205848aa6373a11d764bf7f9d8dd2ed02abeea

Download Submit
/data/data/com.cibn.tv/files/SGMANAGER_DATA2.tmp

Filesize
45B

MD5
b0a3a076f095de451bb516647aea32d6

SHA1
21c9e4a674a324e3e6b71d68d9ea0bd0d978584e

SHA256
47ee34650101258063c3ff66e7b8355241bdeaeffcc1550fbc5d55630e4673f8

SHA512
642bf8c987d41cee6d8f9079d64a0f9dd3354535ced77ebecfb60bb363d4943ec2315fc4282108cf301f43524e281a4f88d0ccb8bd085a3c5651f70724876662

Download Submit
/data/data/com.cibn.tv/files/SGMANAGER_DATA2.tmp

Filesize
89B

MD5
8bedd412cc757e10fbb04d96c60ec2eb

SHA1
73530eab7da5235fbf73a43e0d2a9ce6ae7049b8

SHA256
0b6120009f68ba59d62b31c0fd148b598e927cc9b9e6a5409e4d432cc675be89

SHA512
3215a8589c29ce73fa933dc9e9a1de5ecc0ab2fcf3b42fea9d8ad54e0583288ada6fe5494a3b59772b8726af15a1590ead93c634eaae18d8b768d3e67757fbe1

Download Submit
/data/data/com.cibn.tv/files/fonts/e7ad8c763e39c5cfdc44f38b2d0dbae6

Filesize
83KB

MD5
e48aba54fdad6880f653d1009bd858ee

SHA1
2c753c11cd26b59bc1008f642d7f5734fa5d9fa7

SHA256
63ff55d3a45cf577ed6da6bd5549aa1d059fdf6d0f89a0838609b1f8c508ad15

SHA512
a74c15c25de212c65a42e396c04c236f2311b58492c75847f85d1e80e2d3b4a66240ba0a03ea8397f9359046e0110da6912454a71edfbe0b74bf2f2a20a1d813

Download Submit
/data/data/com.cibn.tv/files/onlinemonitorversion

Filesize
7B

MD5
5bc9dd02fb26595ec3f65ddeee81427c

SHA1
7ba5566501907b1d4a83f46f9ebfccd8a26941fb

SHA256
d686b70bde9964e0cbcd961ec4eafedb42c130548b2c0ef4c0b7bf73d257b511

SHA512
f394abebbcec695bf1ddaa454923682e9d4b1f2d667c2e9a0b2ab900b7e1426b876f0441f1894f8497c08643e947ba257e46af2c22043bdb34184a13a71a27f7

Download Submit
/data/data/com.cibn.tv/files/storage/version_meta

Filesize
152B

MD5
42e4f985819d2fa0397e99c7b2d7fae9

SHA1
649e191daa370560e7ac5eb7f9d798abdb487dbd

SHA256
603c5d592f57552f4e281ab48cb67d7d79fc3f0a53cc1352e1cb3621a31c1c21

SHA512
6bdccf87a40cb4096080409f21bb81cb4f58950914a0e452d79ee52612f95c586b6773325e8914180bddc2133cee7d79bb8f1023ab9c3418d6c4abd7cc98128a

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
3d1da258a5e6dff6f58723db6a9e6e33

SHA1
d3d937d132e5e8205bef83619532673dabdc3baf

SHA256
240767b90b934bce3277456b6cb6202f04477b5ce1d841654af40c3b3b1dcf0b

SHA512
329ecc67c0994e49b0dfa44524d070a438109fc75821b47c40950081094e878a6cec2869d59bedec479e2a1362f924ccc7d54557b606321640b90bfde607e12e

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
d0c1140e84e5906f3b43a5183731dacb

SHA1
983c2b113a24558ef07cc7051df794a95ee2224c

SHA256
5d306c1ffe9d6a76e523949d9a8e8e13aca2af02c2b3ebf6b2eaff5e7985c787

SHA512
156dcfe004009d4b3deeee2055e06f34a77fa5f4b925793da69ead866b169e3f7babca2eaf1bc4b41d11c6504542ae0dcf0543c204b596846dbf6edaefcb3d9b

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
69a096abced7700d4e7dd7e261f44b2e

SHA1
4584207557737982bcc66a8d2f4ad69fe25cbd73

SHA256
84c63f42978a583b6da174176ab4ec39bf8344b7418731d161570a987a5cdaed

SHA512
9693885e141ab76357c1bab870483e0c745c144649fc439c4d19118c1b2881d864fa5ada262d24aef4ff838c566d4d0b9b1cb03a3e5de2592521cd3ac1c5ffd4

Download Submit
/storage/emulated/0/Android/data/com.cibn.tv/cache/detail_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads