b2bbae152af3e34b5dabd716cf49715774d2fac9e2848b7d98c1a7f97cc12624

Analysis

max time kernel
128s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
28/09/2024, 08:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fbee7c1047658878603901d96d1dd3d7_JaffaCakes118.apk
Size

2.2MB
MD5

fbee7c1047658878603901d96d1dd3d7
SHA1

509e04c0bf1f44ed10a0878554539b0c9561e62a
SHA256

b2bbae152af3e34b5dabd716cf49715774d2fac9e2848b7d98c1a7f97cc12624
SHA512

d9ac2d02bb3151267190b84e19717427aa800d8901d95bfb0f88d75df219ecc4188eb0c038aa9a74e0c9175957c162cba5fcf4813832e1fbebd14424423e3565
SSDEEP

49152:K3DMdvKn8XOXH0pTIdvvqT3dbn3GvWbpvtvsj0bVlIid5:KzRnsO3SSqTh9bXvsjIeid5

Score

7^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	osb.xsgj

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	osb.xsgj

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	osb.xsgj

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	osb.xsgj

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	osb.xsgj

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	osb.xsgj

osb.xsgj
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4247

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/osb.xsgj/databases/StudentManager

Filesize
32KB

MD5
4fe0698f884705ba517ce653bd1e2536

SHA1
31d0850c2d2d0d38f347a930d3d4c3fe8f6fd8bf

SHA256
59f1b7ddf7830613bd015d56f119dba05875af1061a5cd78a3f4a74ce70ac35e

SHA512
19feaa4d56a2eaa77d466f9004db2c9cebecdc7269815f6e2ff64b844516705e1be30d335ab53873c7b7474c01dbd1b3b403447467ff083e88db00b780954333

Download Submit
/data/data/osb.xsgj/databases/StudentManager-journal

Filesize
512B

MD5
899ac02624b103680ffa729ee5161c6e

SHA1
8d5490550322f51c4b82a4d058a13f4880ea20b4

SHA256
2a18e7e0cf6555a5a6b675711c31a7f3bd61b07431cb4025b86cefac3b48f987

SHA512
e44696bf58a161875af08fd5f3ccf68b17ebbe7237c86fe98f24cf8e809886d0bff8426e133b742f2264fd1530f8bfebdb780104d2f82d0b774ab216e57eee58

Download Submit
/data/data/osb.xsgj/databases/StudentManager-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/osb.xsgj/databases/StudentManager-wal

Filesize
44KB

MD5
faa0a1c9653365076ec5d5139b2b1602

SHA1
8377169201617a406810e161225c45fb6bb3b25f

SHA256
158ea1d1795accd78a86e4a9e489232aa1df3961cca42c4c0fdf190974508ce9

SHA512
054fd147b3cdeb0a87157ede74bc895725c6db2e3998e9d61f9884f6b666d964f32933765985046158773f8038398348dcdaaf2a08a3c9279134ae0a35396560

Download Submit
/storage/emulated/0/Android/custom.dat

Filesize
32B

MD5
31dd6ded430430d6368067d7558458cd

SHA1
f566512dbc79b0234b69186cb0901a2d2ee615d7

SHA256
34ac80053ad091f19b87884f781056b402187326e37667f29dd606afe74698ab

SHA512
7cb354a9a81a312387e2955a19cbad6a8b5d73421d0d725490355e3911ff160bc98248fad7958cedce8460ff344c0e1e39f1acd21360c198371019eb6039ccb6

Download Submit
/storage/emulated/0/Android/data/cache/AppPackage.dat

Filesize
9B

MD5
878bbfdc843316d2d96701030b735881

SHA1
b19850af36982a320266c18a9ab31e2a19d7f1e6

SHA256
5c04113292666bcdf35f44341100ef2966b80c95562887b853946c41587cdcbe

SHA512
fea8cb84c6266000f0741a552363aa90ea7209dbc2ce2c8d760ee1341a50b72e806b030ce72348374e3aa767ef0514f4052027be57169eda087624ae00fc10fa

Download Submit
/storage/emulated/0/Android/data/cache/CacheTime.dat

Filesize
13B

MD5
27287328ebf39e0723fa782d8f69be99

SHA1
df259387e9ed848287475858f5136d96b34168b9

SHA256
8eddd7b46a6b8a8b5fd328ce81e0c8d989af1ba1f4d73806d1433657d3ea4502

SHA512
a7b1ab7a612f7fb49aee433123cc60edbf95aa156bc4444022e02e4cb2fb21c61daff734c3cb06f9e915c76ccd5e5337537ddecab8e81d48352d867b93e84c49

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads