Overview

overview

7

Static

static

6

3cf1926754...18.apk

android-9-x86

7

Analysis

  • max time kernel
    30s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    13/10/2024, 00:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3cf1926754591bd9f09c90f7e6bc4f74_JaffaCakes118.apk

  • Size

    1.1MB

  • MD5

    3cf1926754591bd9f09c90f7e6bc4f74

  • SHA1

    1039618256094477022f6197e144bfd935194adc

  • SHA256

    546501cd37d117e14e9a0ab6410213dc7172ae76b43dccee638dda2242407b80

  • SHA512

    b65471955d54e24070aa10ebf7064751701d786b95b41fa07ca81e2b3d9836896e77066f6e2ed1cac1e2d244344369321683ae6f1c33203448e2b1e34ad8a17b

  • SSDEEP

    24576:uGuoyEk2P74ccXfkJ/DyAxMs6nUQUiRL3tlEmWCmyR8//if:uGubEzDsXgyWdQUih9hWCTR8//if

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • bltnpdz.avct.dajddr.xbjwk
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4222
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/bltnpdz.avct.dajddr.xbjwk/EOZTzhVG.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/data/bltnpdz.avct.dajddr.xbjwk/oat/x86/EOZTzhVG.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4283

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/bltnpdz.avct.dajddr.xbjwk/EOZTzhVG.jar
          Filesize

          569KB

          MD5

          ee212c35e914dc791c76242c78b3a28b

          SHA1

          7d6eed66507ae240769824d5957fd62d96f7d106

          SHA256

          31ef37deddb5c4b63c1f873e2a2ce2f776cae57d21f396682e6afbb2902bd906

          SHA512

          1552180f305ad4d8696848ae3ca25259c125bdff1dfb10444bbea9ab3f21f21d870b44ef109d8fe029e96600e2972d249a3b44f970529c4d7ef316ebd8900ff3

          Download Submit

        • /data/data/bltnpdz.avct.dajddr.xbjwk/EOZTzhVG.jar
          Filesize

          1.4MB

          MD5

          b24f0128284f237d8b29dd8d5f7a87c8

          SHA1

          f2e4de473944cd9a1800a28feda1a048fa8fcfd7

          SHA256

          1013ef2ad925a30d89b353fcbeefff89202be0d5f2c9086a9132e9167a5a2077

          SHA512

          0228a64203bcd3f99ef9ea9b7740630145c5828b6d1ff24795ea82d84b995b83b873efc79823f2e5d477ec4b0f7953f40c95332c06bb3b3a96d2759607b6ff10

          Download Submit

        • /data/data/bltnpdz.avct.dajddr.xbjwk/EOZTzhVG.jar
          Filesize

          1.4MB

          MD5

          d2e433875c5f24cf257f1c800b0bc236

          SHA1

          79ddc90ca7991d6bb43f40ff76f470b3a33355d8

          SHA256

          125979fc22b295afb22cc3de944ffb8f245403cb0e79ccbfb96ea556a71b3de0

          SHA512

          ec105ab6252946d13a9c33540dc7f220ca01ee82b5afd522c7762e8218292aa5bb809828ebb67168b1f603e7b9a9a44682cbb9201cd07914043c6f8129905337

          Download Submit

        • /data/data/bltnpdz.avct.dajddr.xbjwk/files/.libs/libus.so
          Filesize

          45KB

          MD5

          d2c40416a5ac850d634a6a1501eaf7df

          SHA1

          674e7e32573abb17cbd6fbc197d8554aa5555206

          SHA256

          db4debf7746a3b46209de465650dd633994412ff003377a9d785f9040694e185

          SHA512

          ff67414392674266f78ec44b73bbe41edbc25771f4a7012ef0995743fa604f12d40bc36c439391f0fb67803a9f3a717b642e453f7515897b03ffab228ab76a46

          Download Submit

        • /storage/emulated/0/pvnew/app_acshe/journal.tmp
          Filesize

          31B

          MD5

          8c92de9ce46d41a22f3b20f77404cc1d

          SHA1

          8671a6dca00edb72be47363a7071be65cf270373

          SHA256

          68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

          SHA512

          30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

          Download Submit