a63891ed72d6b7742db95e32f6c251163913384ed46acfae0011e62128eec113

Analysis

max time kernel
99s
max time network
129s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-10-2024 14:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3047d9198278f2c1c58176e892684a0e_JaffaCakes118.apk
Size

437KB
MD5

3047d9198278f2c1c58176e892684a0e
SHA1

67327d3727fa922452347f7ab8eb1f1e150793ab
SHA256

a63891ed72d6b7742db95e32f6c251163913384ed46acfae0011e62128eec113
SHA512

fd45020026625685e0f305b076a2dbc3e73fbdd1457d9cd7b706629c31c8f9b68e5e938b2c2ef656d1757941fe1181177bad9a59d6cefbc6bfe6b160e4c01560
SSDEEP

12288:3x1Fn/+G7xBW/GUaPMQtX79xa/B9xQglKNG1tG4EmzD:3l/v7xEKPMY76Z9xQglKN4GAH

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.kang.tras

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.kang.tras

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.kang.tras

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.kang.tras

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.kang.tras

com.kang.tras
1⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4249

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads