a6e98c879516f96a8ce34e87676412458dbd0e76c8750834a78bfc4ff4cb88e5

Analysis

max time kernel
22s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
12-10-2024 14:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3a6cbc33b046454227b0c866c29dec74_JaffaCakes118.apk
Size

1.1MB
MD5

3a6cbc33b046454227b0c866c29dec74
SHA1

9f7b94c831ee652755b535c411507946b2a9274c
SHA256

a6e98c879516f96a8ce34e87676412458dbd0e76c8750834a78bfc4ff4cb88e5
SHA512

62f2eb17ad91c5572f75d28c2a194ef80de77b97721b7bd63944873db99d1575af5b86b1c4b22d81a5d450c08fb1424f55f75271eb5b7699fe3026c6d7559abe
SSDEEP

24576:d9Bg/AKnp8gikde5zSak80sNpKDQTXczTuw:dHfse5zRracozTuw

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4487	com.elfswipe

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.elfswipe

com.elfswipe
1⤵
- Removes its main activity from the application launcher
- Queries information about active data network
PID:4487

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.elfswipe/databases/du_ad_ts.db

Filesize
20KB

MD5
ce0ed1bc15a39f9fa405b27c4fc795b7

SHA1
231fc522b7bee278ac7cac0bc6e2b88cdd1d694a

SHA256
3a3703ae5e39349b23bd00e0268702fafa43fc59706b50c7af05531dc95f1e11

SHA512
cfad60f9cbcca9a3c09ffd53557c0293db2e2b856f2ddcff02b687dcb2dc0434a87db2d4100f0004e32790e0cc233244730656ee6e200ac9b770992ece33e592

Download Submit
/data/user/0/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
512B

MD5
4d850b0f335274c5a0538ef8ef9060ea

SHA1
be02c192b6a5e9c7cd0fb9a9ab2d57c5aeba5411

SHA256
8b4be8d714ca5791bbf7dd1fad346c385bb498f41a2e9c0384c6b41714051ba5

SHA512
c61e8775e11144b2b0066dfbcf6b2bfb53f1e1b90ba2229ac476d9706aafde56cbef5ad02cbabdfb3e520a773f7aa748d5b363ac1af4e16d6ec23e5bac67d9cf

Download Submit
/data/user/0/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
8KB

MD5
7554341cdb6c78a2554739455d89435c

SHA1
34f027cda153187f7ac69b11b2664d81bc82a7eb

SHA256
8fa6f4139473d5c28b076d5272e058153ada92cdbc46d418911e0b1f840f00e3

SHA512
8f3ff432c337d0bbe5e73da91d863466c9102f141c0692fed3abe6716fddd604b9826006b7d2832f4fae64ab5216de4cc67fb450ba2459b4aec9d1921041d35e

Download Submit
/data/user/0/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
8KB

MD5
d0ff7f510e53bf93f49108cdd77c32c8

SHA1
37e11d0ec603109a5c59961e18ecaee84a9a0add

SHA256
3f3de959b3cb2e73bcd4bb2e389a8f788ed81a2d6ede0ccd51813906d6e65734

SHA512
8b462353d0dfbdc5383b2d557f68cb028608d9be9374a5b8a222830a690a0cc70c618dc96fce3ac478fa8b0a43e223fa00019e4e7901491cc4ea4af3c2a90455

Download Submit
/data/user/0/com.elfswipe/databases/du_ad_ts.db-journal

Filesize
12KB

MD5
5b9b6b125ac25ab593e854ec1a6102ee

SHA1
5b03bd5a5a14928ff7d9171f2725912f52215d83

SHA256
c5f482c1fdc550eda119a507b75d3a3b9a45ba770a8dc5c8af01e643be19d25f

SHA512
021d9a092bb9f97cbcf377b566679ba25d4f85bbfff9aea1fccf5084fa0e1e38846602ece3ee03e792b33f9c7a68e4a2609b25092dc1df20601866c5ba5bd973

Download Submit