d25c188f4a07ee3e3f2cc3d1f0809c2be170554f127d7aa15c5dba77779807a1

Analysis

max time kernel
8s
max time network
134s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
27/09/2024, 10:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fa46a05c91784392865041643a5fc35e_JaffaCakes118.apk
Size

6.7MB
MD5

fa46a05c91784392865041643a5fc35e
SHA1

70ac45e8db0c5cfb3fa3e2a6450de80608ae4567
SHA256

d25c188f4a07ee3e3f2cc3d1f0809c2be170554f127d7aa15c5dba77779807a1
SHA512

f7af0137420eb8371691f4e972ae11339429705f770696940d2cc23c1c60acb134b7904cac298d059ea3ed4feca891f8beec5558a9f23b5e90d2931693a17507
SSDEEP

196608:ihj75VDy0QyiHgk9Tfx6Ypft0k4tq9+oauW:25Vj2fcln6+o5W

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.lblm.store:pollingService
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.lblm.store

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.lblm.store
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.lblm.store:pollingService

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.lblm.store
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
PID:4968

com.lblm.store:pollingService
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
PID:5018

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lblm.store/databases/lblm_database.db

Filesize
12KB

MD5
ea628e04765adaf4238a5dcdff4bbd51

SHA1
a801947619ea8c368efe9c006a324dc6339ac60b

SHA256
885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

SHA512
c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

Download Submit
/data/data/com.lblm.store/databases/lblm_database.db-journal

Filesize
512B

MD5
997c7843842bfdb8c369d65cf4048417

SHA1
61dfbac12d8d525e26d982f076107ac68183a037

SHA256
53bd27c65e5d40d7da3e38ff40999752c77d3af601ccf4b2b0bff812dca00bac

SHA512
e31b4398ff437c644bff6c966d4477fe2e189949ad1f237998289ac2f10a029dd0e5182e9017e0b610a408443c05c27d0e956dcd86f221836ae77fe00fc83726

Download Submit
/data/data/com.lblm.store/databases/lblm_database.db-journal

Filesize
8KB

MD5
86d868705d5d1a2f0a4dc56f1725f6ff

SHA1
21b804c8cc79b59a0ac95a10cc43f746f3af971c

SHA256
9ebe5fad976f9ba97f16a33763dafa7028663c01e54240c7a313ec92f1a890be

SHA512
0faa50e176fb216709d94985f7bef059f15db1f4457dbdc3e7f7f2a47efb0928b1ad829540b8f61f359461b73a0d85c62bebf9751aed2ba44747c887a1aec027

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
359KB

MD5
4be6dd83423f03759170bf2650a198de

SHA1
855aee51ca35fd4100fa56f6a33849073f14a344

SHA256
52f82dd6d5ef578f4a292fc310eada5760e216b1dca66dd4b97147a4e64a601d

SHA512
eef73e320773dd236ac7faafbc76a4ffbab6be1ce55ead8467ac7d4956badce1a7d06ef161118af4234676ddee677a2ef0bdb88f39f9a0f3028318db799c82e0

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
408B

MD5
308e44edd14d14bb36d141c73bc667d8

SHA1
5f04287e074d672f268a774cf255afb796ed088b

SHA256
399b8885e49977154ab8fec4ee40de51a7551989fdb4f28a999121493f93b8da

SHA512
9a63ad27f8b26010a487cb619ad50fbdc670856d04bac03ee7dd543ea261df81f64b26533c4ba89ac38c8c8f389babab6d0759759641660293c0a99611c130cd

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
2e0a599b8311bb5d269453647b0d9cbc

SHA1
f4e6f6ab32feaf5cfef40ed98f47e0c808d142f6

SHA256
aecc7c70b603d5a49e835f3637f5696d6f75d7dd304fdf70b8bd0f2596a18107

SHA512
96fce36d96ea7af409b0f09b8ca3ee6d9c9cb7fc425065390704af2f2c2ade5dbcc3570ab3bc4d6457c6db0066fcffe61faf8ca7ab4ca87c3eccff2bb56121c6

Download Submit
/storage/emulated/0/Android/data/com.lblm.store/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/com.lblm.store/asdklog_s

Filesize
135B

MD5
10ff13985eea1559aba49a4e1ab8809e

SHA1
4da0adfb9af4ac48c4f545afc36bb8085c38ec24

SHA256
d62f5ad15c379db0dfd36b9aae06768acddf779ba4695acf2a358a65c46eb526

SHA512
4847ce8e2d7a0cf603346b720127f8418691bbb0bbb39ece0a64e0875bb56eff4c325b668c692c30e310df19646b0c6bd8b5aa865b58779ffdf4162818af0b5f

Download Submit
/storage/emulated/0/data/.systemid

Filesize
36B

MD5
427eb495b0e2b9f028b78566dee1eb0b

SHA1
8ffb2bb835d6603b58abb081a3260d3ba2763627

SHA256
cbcd39dab06ba5a7c83c5919099b5deddd439e69bf34a5f5c3e1abee980a2a5c

SHA512
3a2f383422edb7d49340e1ddf79c9e454c913f29bc77df18873bfbb64cb041aaf005e597c28945ff7088f372d2b197482d1d09ba36fcec2540e4f4b35123bc2d

Download Submit
/storage/emulated/0/lanbalanma/database/lblm_database.db

Filesize
12KB

MD5
022702becfb995e87bbe2758d6ce549b

SHA1
e793134d0c8b55cae395a2dba4d53b4d782a7a09

SHA256
1f10cab1b2ee5e9c75d63466bed56bf6e6eeefd9a31f6597cbdd73e6185eb794

SHA512
1e66b940d780ec82db5151667558c83b431a9ef28ae483440b55ce3f5fc944267125e3aa047dadf17d0e6a1113de236c44e8b64aaae9bba5dafe8de3387f4123

Download Submit
/storage/emulated/0/lanbalanma/database/lblm_database.db-journal

Filesize
512B

MD5
de95f05d4832c2d3bc1b504dd3185fc4

SHA1
afb2e2c1d500444bb9acd4ead1bce4f82918cf0a

SHA256
28ee9fcb02cff0c64effcc9c0bb214a52479be1260a33d9194b6cce37841a490

SHA512
c7b185533c3475e56880907a7a3c029b4b66128151094738b144a327458eb8d6c18741ac98e50a091b4e70dc73b6cea0e0ed2b7a8b78fd5a054983abc781dd58

Download Submit
/storage/emulated/0/lanbalanma/database/lblm_database.db-journal

Filesize
8KB

MD5
04e4c78206b9041d5a2ab1d4e983998b

SHA1
a8a903d49863f4d6b4f86cc2e166f4f777d1a221

SHA256
045e218d1d03cef4cf3048b08e430206bbd35687aed6362328dd707c51985b0e

SHA512
635a15e1cd72d9c9bf90ba3f4ae61e82184cdd4b24480b56080a167d1bc83cb676955616039647ad49ef8bcfcf5362b6373e41efead3531b7d76009d44103081

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads