Analysis
-
max time kernel
133s -
max time network
138s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
10-10-2024 17:02
General
-
Target
30fa04fd1ae4504f0eb812f2f56bd0e3_JaffaCakes118.apk
-
Size
1.5MB
-
MD5
30fa04fd1ae4504f0eb812f2f56bd0e3
-
SHA1
7773fd1fbba1043a13c3fa9a48612676788f7bd7
-
SHA256
cd05f2f35bd0bea1239023dbef23aa9a42710ee66182cc289c95392215d2f014
-
SHA512
0e1dcc71383cc7ec6bed61d73131d10b6099f1c15f10068e4f4e1b3360f5fb5f760ea332c077cd94a2473e3160fae6c06afe4adf19e183f0d3701cfbc7c607f8
-
SSDEEP
24576:PfafHW34tckcti9be4VsAeWxx9+N9hLGuQVqgNY3Q6T+tHGgY0bk1ZfvUXbk1ZfZ:EHWIhKchs+xxm9hy1VDaZT0Bk1erk1eU
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Checks the presence of a debugger
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.lkkl.jtxh00142394.video1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
-
/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/storage/emulated/0/dm_push/com.lkkl.jtxh00142394.video/info/dmpush_lbx_local.jar --output-vdex-fd=121 --oat-fd=122 --oat-location=/storage/emulated/0/dm_push/com.lkkl.jtxh00142394.video/info/oat/x86/dmpush_lbx_local.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
-
getprop apps.customerservice.device2⤵
-
-
ping -c 1 -w 100 www.tianyantoad.com2⤵
-
-
ping -c 1 -w 100 www.tianyantoads.com2⤵
-
-
ping -c 1 -w 100 www.tianyantopush.com2⤵
-
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
48KB
MD546d1de526e2138a571a650af58554064
SHA19727bb847fb57fb748a31064cf19885a3c162b01
SHA25678b6239a10c1e1532f843735ed5b4c3c27ea3252411b71d0d2fbb90afbc75333
SHA5129127756eb5e894bd95de4c78a0276f4b3ac3dfabb0040512f5117fabd6ca5dd050b1f574709158150476c9e2c2c09773b98b7ebca51374f57fb623bc12c53603
-
Filesize
108KB
MD59222af96150123d299e12740de9869e5
SHA138c6e10b3c78c75258c971966dc3964e51b60cd3
SHA2566e5c94d5d1f0163f418a1a25e553c65cf5ec9e62856d937a42fcfd1f51136287
SHA512e05e857a3b92119e8bd495c8916815489aae54b49496be6a53638fb281da3b7d9f695971b302a03464058cf0550ece54faf5180aea71ff81a593266a2add2689