1e70d1f1efb4619d7763210a634b882d3b442fd3eb9e389810b949017c2760e3

Analysis

max time kernel
13s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-10-2024 18:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

314985092f13d343678ddbbfac9f33b0_JaffaCakes118.apk
Size

2.2MB
MD5

314985092f13d343678ddbbfac9f33b0
SHA1

db17dd599b08fdce0ef702289b58b2058fd3ca14
SHA256

1e70d1f1efb4619d7763210a634b882d3b442fd3eb9e389810b949017c2760e3
SHA512

19cc5ef1da27ed0c3baab0deee341c00a5cb3093b071cdd952e822f476ba0fcd346a7e92b8609f8cfae1dffc314b9c8e69f46c817bd1174bc2f6ed0bb9961103
SSDEEP

49152:YXqWrBnmSHH7fhRocjepNTY2Rz5uFrI6P7EsnBnmiW:YXZBmSHH7fLocj+TY2buFrBBmiW

Score

8^/10

evasion impact stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4260	com.main.haha

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.main.haha

com.main.haha
1⤵
- Removes its main activity from the application launcher
- Uses Crypto APIs (Might try to encrypt user data)
PID:4260

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact