21ae5b6a8730955799eaa8d52b67f55574f0b96e5a99d8885ff0745a058fd424

Analysis

max time kernel
5s
max time network
145s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
05/10/2024, 09:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

170f385db48d8b3b3a5be1817dab80b5_JaffaCakes118.apk
Size

1.9MB
MD5

170f385db48d8b3b3a5be1817dab80b5
SHA1

ae865638ce0a64db91a762626409b33fd3bee768
SHA256

21ae5b6a8730955799eaa8d52b67f55574f0b96e5a99d8885ff0745a058fd424
SHA512

42f9bea47e9afceefa2cdd527fb5239f38793e10c98b0fd4048980b3e6a7799b656ea25bb42d9004a215abd004176c2061cf761e7e7230578d3eacc044ef98a8
SSDEEP

24576:+WZij88tD1w3QIkDwnnDkbOKT7dX7DHWnnuwHYPHk1D1G/Yno6+wm4c1lOc94MHg:+WpsajJ/KFXH8vYPHe1iD/b4J6lsRj

Score

6^/10

discovery ransomware

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	android.process.dhome

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	android.process.dhome

Changes the wallpaper (common with ransomware activity) 1 IoCs

ransomware

description	ioc	Process
Framework service call	android.app.IWallpaperManager.setWallpaper	android.process.dhome

android.process.dhome
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Changes the wallpaper (common with ransomware activity)
PID:4586

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/system/users/0/wallpaper_orig

Filesize
93KB

MD5
1700fc73c93f1e0ae41f1fb55a5d8bb0

SHA1
28011f05229be5ef13feadb266310486f4315a1e

SHA256
381e4b6ee30671bfc014f3474ce141a986ce1511f4706a7d9026196707b090fa

SHA512
b00774e6083134a54dc2007cc8eb7bfa8438e1efeaa48194e41fdcaa5c574afbbda90e7117cc084a9154008404c54140d1418c4b5b9e0256942160fe6538adf4

Download Submit
/data/user/0/com.guiji.launcher/databases/Ddesktop.db

Filesize
20KB

MD5
6d0296e24abcee196ab51915064c7443

SHA1
3d6da377e1446c34f449b0591d37241378615c45

SHA256
2932e61a21acf8d1a87fc23185e5be10b1f9604cf949b556886b82f0917c3106

SHA512
6c0fd714dacb19e8e5df22ce9c06ca604758301e4aae49d04e38fffb0a30760935c673ad278dbcc46e1fdc8937c9bfc6cd8059d953210528bf37560027d867cc

Download Submit
/data/user/0/com.guiji.launcher/databases/Ddesktop.db-journal

Filesize
512B

MD5
376fff79e4abbbda6edbd092910cf766

SHA1
aa1032a452dcbd9ca43ac3f205fcfdb95b06e003

SHA256
c910c7b48669b65cd623aa92b548bb47bf505f5cde38318b2f7929a83593d782

SHA512
4da453f350144adad2de088b4a4d432a64005c4e0cb850c65209e5b238810fe13342f0704c8e3e2b9f389a7f3ff8be5f84c49a26d18207fed18c856195a73f21

Download Submit
/data/user/0/com.guiji.launcher/databases/Ddesktop.db-journal

Filesize
8KB

MD5
35762350a3f80625a47902dff0766f35

SHA1
3972a996cb8b623254d708e41db4098338c74321

SHA256
3e54453a7486f14a83450494426e6a2bb6118ff77fa0632a2a92ac90c76f99f2

SHA512
22940d14ee58f926c5fa2b0b7b75bd065bc29485c9d0857a5e168910c0b352d5b9bfc5abe4a916772318acc7e14b12eb96de15b2248875e81147f99921971af6

Download Submit
/data/user/0/com.guiji.launcher/databases/Ddesktop.db-journal

Filesize
8KB

MD5
6c5859a5a9c299279f10d75b4728e069

SHA1
4bcdfd4b1d7c0730662a81066aabd2355628f7ba

SHA256
0d2fc506180da8275a4e1ec4599f2b38565690ed5bafdc7ddae027e767e8d5f1

SHA512
b8875678da7d3129714c6f48307d9a8fbc3fe5696e3bed5e8ee94d35e3447efdd326ce3b53acf9389dd33495c835d3d7a1691660832eb1f37380609d18091337

Download Submit
/data/user/0/com.guiji.launcher/databases/launcher.db

Filesize
20KB

MD5
8df9cae10e4633289da2c842e883fc10

SHA1
25860c3f87441f9dbb16cac3ffb97eab0dd73d0a

SHA256
413d08e67da9e52e20317519e53e989821c4a3199b39752f1ec3d4b7660c7382

SHA512
8a12dab7651bd77b80e0ff6185018f870eb5c81d356a5a3599735275598754763129c610d7c0df38221732ed87d62d1c007f4d4e9063c7dcff4406c03da2f501

Download Submit
/data/user/0/com.guiji.launcher/databases/launcher.db-journal

Filesize
512B

MD5
22e83695244d038ae56ece17a2667ebe

SHA1
8fa132058aaac6be500eb272efd01f91888e205a

SHA256
04cfe44e10fb106b809dea0cdac31b294bdee417da34c2f5d669aa6a6cb307ad

SHA512
715bb080543823b16874d5e4c6d2e293348661bdd01bad9ff6a03cf345fe1d2a1d3e4701787e24b654b9f83fcc2383263fa1f06d93c86b2a2260e37192244659

Download Submit
/data/user/0/com.guiji.launcher/databases/launcher.db-journal

Filesize
8KB

MD5
d82116d43b0beddc65e0e1c6fc1acdf7

SHA1
0881cd97bc7b7b6e08887f458ecafc149b742354

SHA256
432df3b56df5e53009e1f72d3112efdab904e1093dfa66256f06f5c1ebf733b7

SHA512
593d8ce7a80818a399cc1c6abad14692b30f60a9927f1f0931d842f8ddcfb75b611e0ed5ec863fffc453479e53809d8fcb525724387361192611ef28a51ebbf2

Download Submit
/data/user/0/com.guiji.launcher/databases/launcher.db-journal

Filesize
8KB

MD5
fc9a775ae4ff74d042af6888cbd311d6

SHA1
2e226e6aafcb962b1e8638331e2d8f68a717dc4e

SHA256
1e83bc8eb418854034a046ed14b89138143663583929751dbaccb32a9ddf0a75

SHA512
081f691fe92d1a48bcb57875abdae6cce818fef4ac575fd6989e1dcc20c6b29c7f71205ad7036ee1f35d0232306eef2b30b156a19c94ac42ce8db7459edc0dcc

Download Submit
/data/user/0/com.guiji.launcher/files/launcher.preferences

Filesize
15B

MD5
8045cecd3d5a4c893e3a75d47b17121e

SHA1
61f08d6c53ae857cfd4be1bf607a6c80e5e78b23

SHA256
9bd54ce2fe34faa03d173df22621b5c747e544ed354e521889b692c031ba99b3

SHA512
70d34c24ccb3f90cdf930f0e24d67441e2aafc5baa5ae95c5e288b788cf25df394254f9bf55d45a5893b78457873b6169b8868a4fd45364c2b485f90bd4c0099

Download Submit
/storage/emulated/0/Ddesktop/assets/08080747555353874553.dd

Filesize
518KB

MD5
803e7dd4f259ef126d3cf0ee650c5a53

SHA1
67afbf9272d26540726d257ea1e95559f3f48fec

SHA256
749a0feb7a95954f788435d8822af317e84200f975ce94d265e788b4c9784269

SHA512
0e9b29d9294b6a1b6c1d9cc75ae95a00603f6b47c9164984f2f314036ce3b25c6c25c9e588333188da03c28870984dbcef7d60acde3b10dd20de7a9b0e182975

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads