09c1ad140e4565fe8b97b33a28cdfe9f2ea7b56f38ce804e95308fb8c121a747 | Triage

Analysis

max time kernel
14s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
09-10-2024 03:53

Sharing

Report Analysis Logs

General

Target

2a5b91dc392f84ff59a39acb3a4f0248_JaffaCakes118.apk
Size

42KB
MD5

2a5b91dc392f84ff59a39acb3a4f0248
SHA1

7b921df77d7a5927682cfb65cfc193d1569e0788
SHA256

09c1ad140e4565fe8b97b33a28cdfe9f2ea7b56f38ce804e95308fb8c121a747
SHA512

07ac23a73d28c303112e85a911423587cf3f1275c881deecf1e761c19316e440e3ed10ee0cd70fcac64b3e51385e7d32c68fbef278a51ee3a06679685ebe94ba
SSDEEP

768:iuBjRESIGsWGCvgyGJFI8P+CMz3bFkgzYfz4BEm71:is8GsWFv4XI8mCqLKfMBEm71

Score

8^/10

discovery evasion impact privilege_escalation stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

pid	Process
4476	GFJHJLJK.HGJGHJ7G.view

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Tries to add a device administrator. 2 TTPs 1 IoCs

privilege_escalation impact

Device Administrator Permissions

Account Access Removal

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	GFJHJLJK.HGJGHJ7G.view

GFJHJLJK.HGJGHJ7G.view
1⤵
- Removes its main activity from the application launcher
- Tries to add a device administrator.
PID:4476

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Device Administrator Permissions

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Account Access Removal

Replay Monitor

Loading Replay Monitor...

Downloads