2cbfcb55aa370e5d641abe028a17dc106076dc470e3639f15ccecd09d08a52ec

Analysis

max time kernel
22s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
09/10/2024, 07:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2ce8fb3ad3f647d8768cd20ee9b9e798_JaffaCakes118.apk
Size

1.1MB
MD5

2ce8fb3ad3f647d8768cd20ee9b9e798
SHA1

25d2dbec005fbe09bd36969ff726988f152414bd
SHA256

2cbfcb55aa370e5d641abe028a17dc106076dc470e3639f15ccecd09d08a52ec
SHA512

341783c683991b8234cb1d74465b5e8d477a7cec41d73c95b6835fdffe3c50bfa0289ab6c1ba770efd2438c025f860c771cf3033c2e0d3da002b47404c4f37ac
SSDEEP

24576:M3Bjg/aRMG12yKjKJ7nKRrbX2+Ay0wo9KdwOeB1T:eeG8y5WXBcDKdNeB1T

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4927	com.voiceplusfree

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.voiceplusfree

com.voiceplusfree
1⤵
- Removes its main activity from the application launcher
- Queries information about active data network
PID:4927

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.voiceplusfree/databases/du_ad_ts.db

Filesize
20KB

MD5
9e090fa326a8d04734bebeff1862f2f7

SHA1
ee626fe677cd459f86693d96df06c122c6646ae2

SHA256
839cf4ee31d64bb18300cb8a4e6971edee03955b45d05cf35b22e2bf6536dbca

SHA512
007f3edac1a34375df6fca9dce0b7674e95c2cc8beb3ebcd889c2d4bfe882d8df0e9698ca9711425ed7f44cf95b7200dbfee517e6f812dbd81f949700f38706e

Download Submit
/data/data/com.voiceplusfree/databases/du_ad_ts.db-journal

Filesize
512B

MD5
024c34f94f766c36885b52bb90ddf31b

SHA1
15d091e3edbdd4745169cc148308f1c9c06b47cd

SHA256
6aede526ebed26b7da145c8b2ea6b2aa9e65f7fb5356c4cc53c7557b50fbe421

SHA512
1bb0c4ef7cc8c04a5224768f12e0f5e56dc88343721ebf122e0bbb590dbffdba415267c2c16583f9b7af1547e5b6ab9d8c434db2de3292c0f669f7c7bf7a8d62

Download Submit
/data/data/com.voiceplusfree/databases/du_ad_ts.db-journal

Filesize
8KB

MD5
7883d398606a097917fcd7d2e5020b74

SHA1
154660b8020ae0be9422d3f28d94e786907f8fac

SHA256
59a50866bd6cd00d4541797f3e7c370152422318ac2a75eb8d1d512f1dd2fb2d

SHA512
1f4463c45ec1cb53a467f39fc814e4da110fbecb80b1f75edb917c4db64bf992185eb018e51b095a924f3b66db3f139ce11f554c66ca3ec0118a1d613e5aa294

Download Submit
/data/data/com.voiceplusfree/databases/du_ad_ts.db-journal

Filesize
8KB

MD5
58bfab7e162a58450b20c93f6f1cfbbf

SHA1
6eca4654baf90010b57d30e125aac4d754948509

SHA256
e69162858e074f0bcdbf9b1f84359db358b000f355c1639b0b4f380dfaeb9280

SHA512
2dd36398089f5622cbed4b362fbc53d3a5d15cb87afc31f10ea2637b55745941a1b0635171d5a48eaf2605ea767297698924634886f93fa75af37bada703cc3e

Download Submit
/data/data/com.voiceplusfree/databases/du_ad_ts.db-journal

Filesize
12KB

MD5
5039d3ccd15f5601b3da8f372283f1b5

SHA1
70734f0b0bfe04de70d68750f5cfc487f53dda39

SHA256
bc12a1bce46a6155e06b57ca8904fbc2e0b382b6daae8e8dafa241a11edfb43a

SHA512
f1cf296ea530d0d0ec4127f0290b70abdb4fb17743e7425327e8b97b7a2b82e59bc9e0d47ca12a51cbf39544dca99f041c451379cd1762cb98ea0c54beeb676c

Download Submit