16107a40d23d7ef9b8fa2761462d20d4b1406c533f5c735d96ceebbdeafb3d7d

Analysis

max time kernel
3s
max time network
136s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
03/10/2024, 03:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0db5648159af3a84541ba5b2f6ddb300_JaffaCakes118.apk
Size

27.2MB
MD5

0db5648159af3a84541ba5b2f6ddb300
SHA1

05d3ba6f7e9f8644c4f994b97ffa8d1901ac8376
SHA256

16107a40d23d7ef9b8fa2761462d20d4b1406c533f5c735d96ceebbdeafb3d7d
SHA512

62b78a4bdd27123482fcc53c253e5356c6a2c9b105231da86050c40fc48324eeb275efd56f59ec80445f6dcbffb6f95925932f1ba56ced9cf3a24af106b077c0
SSDEEP

786432:mX1oMXp+Psd+qgwZr1oMXp+Psd+/gx51oMXp+Psd+Og8mjwSynDH8:mHXpobwZjXpoIx1Xpon8mklc

Score

4^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.pizus.pizustv

com.pizus.pizustv
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4260
- /system/bin/sh -c getprop ro.board.platform
  2⤵
  PID:4290

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.pizus.pizustv/databases/bugly_db_legu

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.pizus.pizustv/databases/bugly_db_legu-journal

Filesize
512B

MD5
7591e6f78ac066273283c4ce89f27e86

SHA1
f338588b7783a3dcd9028a51ff4d93177edf4644

SHA256
9936fff7d41fe3ddac5d2b08f3635b7ecda0e770f028c0ce791d606419777089

SHA512
86f3840a45bb186a0ed02827796bb2f01fed0ff4b141b3329796b5a2a491139509b879a1c026e9f843b12a5895418105ddfd9495e9f554c1b4b2bcc39d0ac1d4

Download Submit
/data/data/com.pizus.pizustv/databases/bugly_db_legu-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.pizus.pizustv/databases/bugly_db_legu-wal

Filesize
92KB

MD5
17fc93697498e8f14fc440edd40141f3

SHA1
da1ebe6debae2ed7af5892f75f92d82d08abbfef

SHA256
f267edd842154df915c494113e178f74c06d53f19323912aa7a3f25a70ecad11

SHA512
cf0f8d6bd7267d36a48ed227e1a1c49f1f3892c2c6100dc3c8b88e11e9cb1de6dfa08acd42026c3550d93d547c91f9102b6d1ec9cb807070ec4be42717400f26

Download Submit