Analysis

  • max time kernel
    6s
  • max time network
    13s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    15/10/2024, 21:25

Errors

Reason
exit status 1: "{\"level\":\"error\",\"stdout\":\"\",\"stderr\":\"WARNING | unexpected system image feature string, emulator might not function correctly, please try updating the emulator.\\nWARNING | userdata partition is resized from 6 M to 16384 M\\nERROR | resizing partition e2fsck failed with exit code 8\\nWARNING | cannot add library /opt/android-sdk-linux/emulator/qemu/linux-x86_64/lib64/vulkan/libvulkan.so: failed\\nWARNING | Requested adb port (28008) is outside the recommended range [5555,5586]. ADB may not function properly for the emulator. See -help-port for details.\\nERROR | crashhandler_die: fatal: renderControl_decoder_context_t::decode, OP_rcUpdateColorBufferDMA: GL checksumCalculator failure\\n\\n\",\"error\":\"signal: segmentation fault\",\"time\":\"2024-10-15T21:25:29Z\",\"message\":\"Emulator process unexpectedly exited\"}"

General

  • Target

    4a1417007cce3309e04b28f326953288_JaffaCakes118.apk

  • Size

    3.8MB

  • MD5

    4a1417007cce3309e04b28f326953288

  • SHA1

    577dee7298196e38cd0df9234970205b71288304

  • SHA256

    592fd5f007d203ca288a16161f53dc7ca7bcf84ef431b45c48e42d7d202c0ba9

  • SHA512

    93b577cd84b914cee8bd0a816ee9207ba48bcf98836bbd69fa9376375999f6238ce932fc248618bb0af9614effc7e321a6ffd426ec94bc5f5137dba992726bea

  • SSDEEP

    98304:eHEvO202+T2nchP/WNLTYnOFTk+KmJDAxRhEwlGlvNayFdP:UEvOfth/WFB6EPXXP

Malware Config

Signatures

Processes

  • com.dajlxc.djzdls
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Reads the content of SMS inbox messages.
    • Reads the content of the SMS messages.
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4954

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /storage/emulated/0/Android/data/com.lyhtgh.pay/plugins/com.lyhtgh.pay.ltplugin.apk

          Filesize

          145KB

          MD5

          278e8100ea1ee2c466d55451e87cef73

          SHA1

          8347d2b269f74841ca92cef51d450ed953d73aaa

          SHA256

          06d08532287fc6a934aba8d5a361eb83e4d7a1c8cde4f6663ab2746e4fc09a38

          SHA512

          3e7fcf245a07ce8e03a78f75835c30e0b0f270e68987f85b92aa97f7b0894d73702ebdd80372cddea310a52624db1ccf65125399b6bf218dbd717ad053dec088

        • /storage/emulated/0/Android/data/com.lyhtgh.pay/plugins/com.lyhtgh.pay.ltplugin.apk

          Filesize

          345KB

          MD5

          21c7c675b3dc4ba37ecf2e58fec9ccf8

          SHA1

          16d524195e74f324010e7e5cf5a73e39bf757864

          SHA256

          7502952614e205d4d5605d0af83169fb70efedc52b0feaa1f9003cbfd830ea93

          SHA512

          ad3725129013e75c632b383999b7a936beed98418ed7d92d4dd4a5fb9ac7a1f518b4b6444324d5f366f422fe5099f6a54bc7ce62be4f8077ab4957b144b85482

        • /storage/emulated/0/com/android/system/uid.sys

          Filesize

          85B

          MD5

          44369ec4020a3de1cbb93b91b534fa90

          SHA1

          796bc8fcdca9a2eb3b80d334b6490dd14f05c78b

          SHA256

          7803e84ba2109bb973471fc882900c1b54f6945507af7b5bbba9c66531e00fee

          SHA512

          cb2eed985115f349c244494352cd08fe43068423d6b60e1a9292e800a8c630e099cfc6c68ef88c63d11a8d1302c6fed6ee0413f35f8eaab54bf115050c4595d4