1311df37f52e910c636c35283d05f210b6ad8737be348797d8a8efeca9459c14

Analysis

max time kernel
128s
max time network
154s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
30/09/2024, 14:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

01bc99535dd633ddc5fc7bb21f6c30f4_JaffaCakes118.apk
Size

10.6MB
MD5

01bc99535dd633ddc5fc7bb21f6c30f4
SHA1

5e6292943de5dd113e2754b6469aeb8fa00ee1e5
SHA256

1311df37f52e910c636c35283d05f210b6ad8737be348797d8a8efeca9459c14
SHA512

1b7355c40d158ecf2fca8fffcb6e11657b14d578879add0e5f1ab0268375631fd118a84918708d8d8222f1a0c899858340cbe2a463dbcc6d6464a6a7015200fc
SSDEEP

196608:OgwJksx8Gz+oaBpyp/lri45c4gUVPy/g0p01y5OCk2lBDESYCE/rf9A3kj:OgwJP6M+oaBA/lh5OUVq/zpSim0BDZYf

Score

7^/10

banker discovery

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.babyface

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.babyface

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.babyface

com.babyface
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
PID:4250
- logcat -d -v raw -s AndroidRuntime:E -p com.babyface
  2⤵
  PID:4310
- logcat -c
  2⤵
  PID:4329

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/Package.dat

Filesize
10B

MD5
2a925ac720fde130ee883263d07687ee

SHA1
f5635c68d3847176207db3461f792f2e13f652f3

SHA256
054f7fbabd10be81ef6c640f598850447e15d87f7771efbcb5aafde963395b07

SHA512
71c080dbfc7fe735c47022d0515d0a131c8b5e6ae303d8c316b6e651a913a6fc90c9bb64c049ce13a71c9e38dbd6a8660408ef8a62889cca487e9ab7de941326

Download Submit
/storage/emulated/0/Android/data/cache/CacheTime.dat

Filesize
13B

MD5
c7fe35c135c8b1c19971cc8237975862

SHA1
b65d299e9475306715db41ef7d2f23efc195f8a8

SHA256
af2373ba719338adc8fe360220f34100d6eaa731585265514b1dd4be2eb35601

SHA512
934700c89a9ab6aa45112efbaec28b3853b6703b27d895ba98b60b9e976057dac9986b668e6a10ea38de970097d9fba00a3a841d69f7645523c4c6e16ca4de32

Download Submit
/storage/emulated/0/Android/data/cache/UnPackage.dat

Filesize
13B

MD5
9b7b1b0d31d3ed057b345b38a2f04e75

SHA1
cb69ca401a37771ee30dfe6d2574004e35565569

SHA256
c6f14435406fff76ef76cf761f74bd47ad5fa134d66aa6c9267d90d826508076

SHA512
9684c9c33faec0bd22b2a45a6374987778eb54f9fb1b380fe1a4487953171d876104c86f188233ccb64323c22995bcb26692be1d9895c1769b4742f0a985ee4b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads