Overview

overview

7

Static

static

6

31060115e0...18.apk

android-9-x86

7

31060115e0...18.apk

android-10-x64

7

31060115e0...18.apk

android-11-x64

7

b.apk

android-9-x86

6

b.apk

android-10-x64

7

b.apk

android-11-x64

7

Analysis

  • max time kernel
    127s
  • max time network
    140s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    10-10-2024 17:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    31060115e0b126d878cc8c28ab072fa8_JaffaCakes118.apk

  • Size

    1.9MB

  • MD5

    31060115e0b126d878cc8c28ab072fa8

  • SHA1

    f4aeec239475633000386d500f551dd1e57025b7

  • SHA256

    023ce9a368ece43992682377d3d341b75b7b54452bad1dc90419a86fd97c980f

  • SHA512

    9be7b981b20b9efd1529ee789b3f90eda6895cee4da627bb8401771a3db9979dd42f69da374bcdf7c82c1be5c04f7c494e9fa185b5730a7d77d15102fee8eb44

  • SSDEEP

    24576:+8TnIAQH318QfU3zkEriqUfgMpULJHx+zz7uHIA9giY00+QLxe99IqDAFjQGPfU3:+82lMjrOBYSU9H0zkIAChFxIVm0KC

Score
7/10
bankerdiscoverypersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Requests dangerous framework permissions 9 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks CPU information 2 TTPs 1 IoCs

Processes

  • com.szds217
    1⤵
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    PID:4214

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.szds217/files/mobclick_agent_cached_com.szds217
    Filesize

    100B

    MD5

    ee4c7f5dbeb2d6b694366b8716019e8c

    SHA1

    6091de99f2fbb76288e7c6403b4d88c15dd7c2e5

    SHA256

    da52c0b31c5d834fd402c7737843804d23add221dd83be1ded810e6e4bd4579e

    SHA512

    cbc3f4431adf713918b95f72d27f8f0e71774d987bccc0cdc799fce228373e9f489d808c172db4aea77cb7542b36aec4eeca6fa3a2d20779fde55cdb73f6a418

    Download Submit

  • /storage/emulated/0/Android/data/cache/AppPackage.dat
    Filesize

    9B

    MD5

    dda4ec9229ba618a3727c93d67e39678

    SHA1

    5bba8f1c1618050ebd8d2568a610bae9c83acca0

    SHA256

    9e4b5b0e78e3b4d58b66da469bb510aae347bf353208260a6a53cf4609888eeb

    SHA512

    f4c5f42336aa76115c0054eac8cf4dbfbd7a9e54b34027c56a6432b23a03f961c2eeef144c7e2cb13320bee92fb0bb0411ead8c970ea295cad7aaaf91f08889c

    Download Submit

  • /storage/emulated/0/Android/data/cache/CacheTime.dat
    Filesize

    13B

    MD5

    b9ad419207219b85e8860d76dd992f3f

    SHA1

    3ac4d05710062e5bdc4fe71d6730fbe27ab25060

    SHA256

    31a0007ecf27b812267e41e6d445353002eb9e4b4b8a9349c5b0b374392705cc

    SHA512

    12026c62ff4728a8fbb384f2028172911c853fe38cd4e52b11598918b263e6649d1ec456c817aa7afd5b6233505798007fe8a36ae522bd6de8621d128e2379d1

    Download Submit

  • /storage/emulated/0/Android/data/cache/UnPackage.dat
    Filesize

    12B

    MD5

    8158e0becd13015c610dcac2b31affd7

    SHA1

    70624584d84e9e90bb140d6b2396b0a1637249c8

    SHA256

    e58ca2bfe78d163fd258d3c4896fc4ac821d7fa7ba6d052955be695802799734

    SHA512

    d3681b92edb7ae8f22417ffcd5c75fe6a57201c22662bd08580fb6962c7530130b147518e8c998f22d3ae484528ff5105b6f6183f9a9ccc4390fd512a49022a3

    Download Submit

  • /storage/emulated/0/apkB/b.apk
    Filesize

    982KB

    MD5

    e6658f97192b31a14f9142cdca67f54e

    SHA1

    900971b86950af115dd829b925fc42d51773d0b5

    SHA256

    e2cb52fcd8a17d6854c048d44a22f28c45e2f7d20e6f2914f735c7f268988383

    SHA512

    942d2b2f56c4dbb3acbad8176852426e3e461fe1b4e0689ec023fc8b59e4b41b674e62d11e385cf16eb6853f191589c5be71ed5750c5aff017e74b1c89f193f3

    Download Submit

  • /storage/emulated/0/apkB/readme.html
    Filesize

    1KB

    MD5

    9d3aa42ed6e7a379823ddc7f347da4f4

    SHA1

    c05a1f06b7fc0a4a4e64c9a74a556e26a9801ba0

    SHA256

    bf6a8cfa0e013c49b3809d4607235319dab24466a01d55970f6c686fdc34af35

    SHA512

    b951b1424e2bd221cea73fa347d670e0d655acb7e369be134aa0a437ed7af311e78174765d3d6f0f8193bba2460248c4be023d27a8de319aebf6a6f756cbb7b4

    Download Submit

  • /storage/emulated/0/apkB/yizan.html
    Filesize

    1KB

    MD5

    f7e1a18c70f3e778e9d4286ef843e9ca

    SHA1

    78b1bcc6a11388333188a99df5d2935310b3bc22

    SHA256

    923031db4a7331ae56a78d31221c8e8202fb04224861c309eaa224fd41b5e098

    SHA512

    e242fcd677e62b3d0ea97e4507dd91a9524d1ee9772b9393c14a93772f4b1fde497a8ac9047c065494d8af416a83fa1189111ec5be64c092989ffb95772ed3bf

    Download Submit