Overview

overview

7

Static

static

6

2dee1d37ce...18.apk

android-9-x86

7

2dee1d37ce...18.apk

android-10-x64

7

2dee1d37ce...18.apk

android-11-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    130s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    09-10-2024 08:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2dee1d37cef288fc6a65769eb2f42df0_JaffaCakes118.apk

  • Size

    2.8MB

  • MD5

    2dee1d37cef288fc6a65769eb2f42df0

  • SHA1

    c19fd641ad5cc8c6f5d4cb75a4889878697b7ba1

  • SHA256

    cc4c3f179f4171ad5d3532602b03fe99ba06726efe544c60e3168c75d3e1f244

  • SHA512

    fc72cfff3bb18419c67dc3c1a692204f73d7dc5db8caf077bd8fe202b65ea1277fe93aefc13d892cc795467bff7e8b607ea85f8773a8179aaec8d8d17c5f1ec1

  • SSDEEP

    49152:dXpsBnPFA2bKW9GbYUGDH7dhJlth7NcuRphXF6AKv5igsK3rAbcNQVi3jFf62NZn:dXpMtAZmEPGD7xl1cqhXF6AKv33rAQN5

Score
7/10
bankercollectioncredential_accessdiscoveryimpact

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about active data network 1 TTPs 2 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Checks memory information 2 TTPs 2 IoCs

Processes

  • com.ezzebd.androidassistant
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Checks memory information
    PID:4487
  • com.ezzebd.androidassistant:beyondAppMonitor
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Queries information about active data network
    • Checks memory information
    PID:4545

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.ezzebd.androidassistant/cache/volley/-970305320681133063
    Filesize

    20KB

    MD5

    894e53f613d3bbf376b5e5a580dace0f

    SHA1

    5beb341d7501ae9151d4455f32b48b67b47a82db

    SHA256

    3fe1a6f6e57b864c66fc687fad13d9c8255999a13fefa2c1c7102d0d2d5c962d

    SHA512

    74e251a74fc8002bc4afe4319d555477d8b2e8114d097208ea1b9448568ce8060d48ea7282ed9aa21c71140ec8fe4286d97db2e488c7cc59e9671a8058b188e1

    Download Submit

  • /data/user/0/com.ezzebd.androidassistant/databases/beyondAppSDK.db-journal
    Filesize

    2KB

    MD5

    7395cd17c7f4a497a7dd2bfc4eabbf6b

    SHA1

    b42df078bb47c68e0dc39a53477f040aa457eda8

    SHA256

    d08a9d70e80357ef4d408a52024b5616c25d8fa91e989b4cb18fa592474e58e7

    SHA512

    9533e35a89c6551918edc00c8dc57d29338d3550481324461fd3b358f6d5fd32ecee25425cad375627b5c3b6491980599d81668479453f2e7ed947f25994e02e

    Download Submit

  • /data/user/0/com.ezzebd.androidassistant/databases/beyondAppSDK.db-journal
    Filesize

    8KB

    MD5

    63b39f077e8d373706e8617569166b84

    SHA1

    9186c5c7843033c1fe41fb3c0c392881a246065f

    SHA256

    03f3877ceb90a9568151138e9d7456f034c9b9570ebdf5dffec17aaf37c37258

    SHA512

    46a34454e0d41fb305258c4aa11b3a2bb1a357300befd62712b5a4ab69687c99a725305fa74131ff97eac565dbaa01606f60cf79a41d10dd21e1a445ac0cec60

    Download Submit

  • /data/user/0/com.ezzebd.androidassistant/databases/beyondAppSDK.db-journal
    Filesize

    8KB

    MD5

    07be8ef3eb2a39c90ff50498186c7032

    SHA1

    c773bcbc4fa387cdb5acf997e02cc120c708953e

    SHA256

    19fdf986dd42aa292e7057056b6909ecb60f05b254ecd727a5c97b1018873764

    SHA512

    4eea8f20ed129b30e24d0d632b37ec0a9f3a0e7facb720a71024db4c307359b4eed9572d464ff684d877d7ea57a70ebe526e8515d52975a5be693104aa354f57

    Download Submit