4d78103aa7d197d93b569b76a59b3ad74c659ea9ea6918109728c0d67eb84291

Analysis

max time kernel
18s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
02/10/2024, 01:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

08513f0cb7b4cea7a4eb264294e55e78_JaffaCakes118.apk
Size

1.1MB
MD5

08513f0cb7b4cea7a4eb264294e55e78
SHA1

d013089c93bd619519bce96efb58d35dc6280872
SHA256

4d78103aa7d197d93b569b76a59b3ad74c659ea9ea6918109728c0d67eb84291
SHA512

269086ed491bd6bfca6c653502491d1de0eb160eb88628edce8ff0c8a5f7dbfbf5c801600f452b71cc8891cf187171fd4e693fdd208989c4860d2b283be72d86
SSDEEP

24576:vWOoW/NV30s+bJP0Fjr2ofm3oWp7zzA4nQJjh4sVtPkFo:3oW/tQJiKoNe7zzAiQ8KPL

Score

7^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.fuwenpan.number

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.fuwenpan.number

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.fuwenpan.number

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.fuwenpan.number

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.fuwenpan.number

com.fuwenpan.number
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4250

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/Package.dat

Filesize
17B

MD5
b8cd4da45a910d7260b855d85649458c

SHA1
77a34c40c48688f5d43567453772dc15d36051d1

SHA256
d23a6e5b5a85d36babe7498959ceec15fbcf70eeb9d2c7720ab849313a50e8cb

SHA512
aa9623d58cf27f269bde0fc8a246637cfef40221925ed7bc1f1fe2a61d995cc1b22c921d0383204254bd5dec4531e3736ae5fd33bac610067969bea42a9e1457

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads