Overview

overview

7

Static

static

6

302a823ee2...18.apk

android-9-x86

7

Analysis

  • max time kernel
    149s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    10-10-2024 13:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    302a823ee25ae8495dd7ffb33bdcf23f_JaffaCakes118.apk

  • Size

    6.1MB

  • MD5

    302a823ee25ae8495dd7ffb33bdcf23f

  • SHA1

    0f012a7bc5e99c5267d567ad2155a37b9ba92e67

  • SHA256

    013b65e72203de580946544988fcb40d5459a86b28ef9071c777c9aeb5c68cf5

  • SHA512

    381db8b3e3435188f90de419e6721d7ae8368fb7c1a35c8397ef28bcecb5667120564ed84ae1cdfc2ed9ac32dfc139fe318dba655d2ef9b82fb1d3a46e2fd1d9

  • SSDEEP

    98304:pwcZtoFVky1M5WPAvkh2Ni/FZWzINbt9rCe96jkExYWjJNLU8Y:+M+FXWWYvDNi/KINJNH4CWDg

Score
7/10
bankercollectioncredential_accessdiscoveryevasionpersistence

Malware Config

Signatures

Processes

  • com.atools.box
    1⤵
    • Makes use of the framework's Accessibility service
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4250
  • com.atools.box:remote
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4304

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

1
T1624

Broadcast Receivers

1
T1624.001

Privilege Escalation

Defense Evasion

Execution Guardrails

1
T1627

Geofencing

1
T1627.001

Input Injection

1
T1516

Virtualization/Sandbox Evasion

2
T1633

System Checks

2
T1633.001

Credential Access

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

Location Tracking

1
T1430

Process Discovery

1
T1424

Software Discovery

1
T1418

Security Software Discovery

1
T1418.001

System Information Discovery

2
T1426

System Network Configuration Discovery

2
T1422

System Network Connections Discovery

3
T1421

Lateral Movement

Collection

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Location Tracking

1
T1430

Screen Capture

1
T1513

Command and Control

Exfiltration

Impact

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.atools.box/databases/download.db
    Filesize

    52KB

    MD5

    63c7f2f654c220351976c642be894c1a

    SHA1

    a929a4b81135e6e56a95e80413dce7e843d17842

    SHA256

    42a19c1b660737f3a123dd28191ba62bde00861e078ee120afa5e482bfd2d9f5

    SHA512

    2eebe8fd08988ff02934347abe9a14db558f64793719ae426d371192206d4d5fc12e1ae6076b8191f2a205602dd3c66d7f6f25fa41055b12d9bc65bb587efee0

    Download Submit

  • /data/data/com.atools.box/databases/download.db-journal
    Filesize

    512B

    MD5

    893076cc93f518bb92eb5ab91443d0b8

    SHA1

    4270b65e6a90862db7ecfc9514fec2681233c83b

    SHA256

    3ad4a6aaa01cf782d07e027475048ba94b40b44e7412ed4bfa332a145f510774

    SHA512

    f8b02dfde00de9118d0132cade39fbb0b4d9b32999a0d271cc6f848de518db5a6f888e9eef1dad9cf619a2cb493ac768f3a4c36c6a787adb8c241dafc3ebd44d

    Download Submit

  • /data/data/com.atools.box/databases/download.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.atools.box/databases/download.db-wal
    Filesize

    64KB

    MD5

    cc69135c9dbe9b2b4c4702f709bd1321

    SHA1

    7763eb72790a45e8feffafc509dcad030e5fb080

    SHA256

    3d10c511e66e082a7a393f4adb47994ca36384f3ec780062105334df5289cd58

    SHA512

    8444401005a3a7642812c3ede188d1f177f5b786c5b847ab071864babbc52f6076e2ce2d11c3a91d75caf5cc8687b1577958207c0eca1015c046e6bc5a2389bd

    Download Submit

  • /data/data/com.atools.box/databases/startapp.db
    Filesize

    20KB

    MD5

    5b975635f69975d1904d8d44d85086ab

    SHA1

    d5ee4b1f9d29be432c957f5cd337b426bba9c2a3

    SHA256

    6238a8e27fb373ed57b096c5edea60fe191f133cdfa8f00a42937992fc73343f

    SHA512

    01a4b193bf1a64c2388f5fb396b441ab96e81cbec5d1eec1e6c90164675287cc57c85b57d77732083355400047358e5f2bc673017714e6a8788698b4c0bbb693

    Download Submit

  • /data/data/com.atools.box/databases/startapp.db-journal
    Filesize

    512B

    MD5

    467cd3818cd9b55d3b0d305fa39dd6f3

    SHA1

    306fa0744d4c4542c83c941621f41239b62460c8

    SHA256

    602f39db6eee4513397db1c7638c8af8df81170303531b0470885145ff9bd228

    SHA512

    197f856cec43d8a032e5eae3bb93b0a5000c5636325286f5e257055c0f601a2abd5e9e904a4b484730e76fb7b3082c30cda3426eb7bfffe69fbc2738fb77f7c9

    Download Submit

  • /data/data/com.atools.box/databases/startapp.db-wal
    Filesize

    32KB

    MD5

    cac5be2682271351391ea78937c4e2c8

    SHA1

    f7eb8151a83b55623506174f91e8c0b37c66adaf

    SHA256

    7b0552725bb35f703a659776e80fccc49227fdbfcf2eb32a541f3dd9ffda8cd7

    SHA512

    3b23c057f2a8dfd759259c3ccb21bac7d05fc8573ceb075ee420c6793fee1bc38474c6c801fe3859e8442af5ba2eeca9283df4bf02e89ff834a2549f6f39aaf4

    Download Submit

  • /data/data/com.atools.box/files/.YFlurrySenderIndex.info.AnalyticsData_7JN79D8D7H898RY5Z3XV_211
    Filesize

    88B

    MD5

    aee743032cb8514897b5d10016cc24c2

    SHA1

    bb70b07e41eedcae3e5d390bec3ef2b0b3a105fd

    SHA256

    f9f33935b2083258716e372f1825efea4c952209b9ee8eec48e4e433324e596b

    SHA512

    d1a0723741c903221c2325fbe4163262c415ecd0f59b9a38667250c8dd322d310021cfed16322924600fe7c12d528fbfcb2fdd556a2719620db6acc9681211d0

    Download Submit

  • /data/data/com.atools.box/files/.YFlurrySenderIndex.info.AnalyticsMain
    Filesize

    72B

    MD5

    ca7f2bd1af24408c9036d88b46f6990f

    SHA1

    049d3277ba1dd4884510dd1527627fc0787ae960

    SHA256

    44c144b6e3aca866accd0d8865a7fa5f319621830bdba79995d26396f145fe16

    SHA512

    24b8473df509e16adfd1f80e29c2b37ca5ec5d70dd7c88254e4c8bbece0c64e9fbcf00b1b8f788c25df057e86fbcb8a6a3d4fb6250363409790c4b5e968c9f8a

    Download Submit

  • /data/data/com.atools.box/files/.yflurrydatasenderblock.00e4b4af-1cd9-48a7-b23e-8659b9a1b269
    Filesize

    294B

    MD5

    3361578c3ae7b40a09f9d610ebb968e2

    SHA1

    dbc989391a126da9c14edcae1de801060347dd37

    SHA256

    8dc2894f1357b28272dd95aaeb36b0e08e50305ed10b4cdcd3ea28198d25effb

    SHA512

    af282f82d0742c4806a9b743abd17b1681f847863ed6289df12e0f28b66c21f085f37446a5406bdb86cf003ab446d8d8605c45b8845ddaed94e7f19a8e363ce3

    Download Submit

  • /data/data/com.atools.box/files/.yflurryreport.76d699a537a86857
    Filesize

    361B

    MD5

    6f5891d51038c2189c6bb903bc5e71a2

    SHA1

    4bfa0dbe74eb1de37012e514b06c5afa794a33d7

    SHA256

    984637ae5736f0919517bcb9aecf4e374a1a2d6dfe974408699630a6a5b70415

    SHA512

    e9160b090bfacf1ee37f198c37af616cd6567afcc7b1951ef88c2e3313e80e3081e9e7e734bbaf7d6bcd38fada4b12ac7ca65b9fd6b6838ef595d30c20f4a5dc

    Download Submit

  • /data/data/com.atools.box/files/StartappMetadata
    Filesize

    6KB

    MD5

    b615f70313b9cc24a1a8570595f753c0

    SHA1

    d95e8a693c0ba29e42a884049a2764b7c9e02e05

    SHA256

    eaa44d2c794b506d71d7ff577dd1343103a65bc8f0dfa706f82c56da9d114c91

    SHA512

    6a2363a04774a07d9be9f4a883d7b1f347f8af5b8b8791f3b5c108ec51117ca56a8b7e97578e1c0af945af6b4b01258397ab863266ec4d7c60aa3b14f6e594f2

    Download Submit

  • /data/data/com.atools.box/files/shared_prefs_sdk_ad_prefs
    Filesize

    161B

    MD5

    02f47c98a76dfa5cf85c60ea3d09888c

    SHA1

    99e1111b0ddfc21580d09217ef46379533fa5f18

    SHA256

    378734426b72b33eab2ccb9f5b6e5d3b7923110037415a425df599a9bb1d7a83

    SHA512

    d901c89cbd0f520d305a4d8289e91855d3a7c289e215b43bbacca4644e5d55b5af30a355b0c604b9a7998566d04d88817eeef2d8297b6b8fa2abc8b0345de6ad

    Download Submit