35c19b880290fa57d92b29c9fc820d851296fd5b919d27c771c5bbafd597ee69

Analysis

max time kernel
22s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
04-10-2024 06:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

124c6e85089454852023000159036198_JaffaCakes118.apk
Size

987KB
MD5

124c6e85089454852023000159036198
SHA1

06e5f9fd935b5f70c7405bb531fccc05cba7e614
SHA256

35c19b880290fa57d92b29c9fc820d851296fd5b919d27c771c5bbafd597ee69
SHA512

f654e85831133156ccc71a4a31abf294a4beca4cf24b37e6177013b9bba73f612a2e74a9fe39c81e8bd30ceec90da9693e1a6e3da99ca7f2df9835da94bfe49a
SSDEEP

12288:AS2WSS4LYziB/j87GQLIylZc2ynvc9V6Hkx/X4v0hjw3U02XWnD6Z+5xR9QYAR:9tRg/wVZtYvXSg8huD6ZUR/AR

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4470	com.elfswipe

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.elfswipe

com.elfswipe
1⤵
- Removes its main activity from the application launcher
- Queries information about active data network
PID:4470

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.elfswipe/databases/du_ad_ts.db

Filesize
20KB

MD5
39975abd829e3dd5027a548b67f429d1

SHA1
aac3fda0702d6955ab753299e71186c96ec9795e

SHA256
b302a9e3ce49de29552baecbcc48b16896d5942bd0feaacedbb9b4add360609e

SHA512
76956adfdd78806aa3d31f3442c1915e5107c9350cb35d49e776534cfb79459101a2d4cd970220e60e0f10426484d51de66dbe01cef7cb2fad1c887aba54ac81

Download Submit
/data/user/0/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
512B

MD5
da38731553b1787b021f45663084dfb1

SHA1
0826206186a445beb20a1bff6e397d9856610e16

SHA256
f5ea9feec0a8d0f75d8092b093d61301734a98e711d1e764813cd2b3384d38e1

SHA512
6b7220c2f090118af412c27e4d498b3e6facd1d9f2b9293ffd36c6ab01b5600ed8d26badbae69bde86cfbbac26fe1050d9844c8de9d9d66bb2682d920896d729

Download Submit
/data/user/0/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
8KB

MD5
90288255524a7155433fdea80fc1f3c7

SHA1
431955d43cefa1ab62849c85aef5627b82f7c68d

SHA256
72b56c944b5308795a72e09702bd775641d7a8c3d2a83e39576cdd3442c662aa

SHA512
706d8607c5c64cbeb2932fbb3b78598d37c0a3fef68b6aba0dfdffc331f297b409fddc6ddd32da55c8295379c716e6a59e244addd2e179225af001d89ef0ded2

Download Submit
/data/user/0/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
8KB

MD5
65d5a6697355ff77935d9022cee4a1ac

SHA1
02b3a837541eeb8cb81b5d2f7f751540dd7c04c4

SHA256
50f6bfd42f43f2378bb329b888f41cb08d8a46b8c6f31f7087d315634cda65e8

SHA512
c3ca9da692b106b369dbb345fad0261e575b896a2fd8439393a54873a2519ea8b05bdb4461f186394ce60c8a285758eecddd7443d4cf09e989460a88f95b7bef

Download Submit
/data/user/0/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
12KB

MD5
ed95c087c92cf3d0bd48ecb04def3abf

SHA1
b3f687fb3dc109758407145831f1b98c9f0a2bd6

SHA256
44f293e32ced2d8c86edc61cb901fd014b7400e9754cc42d8e7be3ec33870dcd

SHA512
53e4040499df27b15d1f41fccf054e711960a0ed1b3f8ab92ab8da604383ddd0378a3ab422d17edb69f71e566de22964950060a9219dd003cb03833b891750be

Download Submit