Analysis
-
max time kernel
5s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
17/10/2024, 18:54
Static task
static1
General
-
Target
532f73a7da3dc050567903cfb83e72b8_JaffaCakes118.apk
-
Size
2.6MB
-
MD5
532f73a7da3dc050567903cfb83e72b8
-
SHA1
2dd491cdcb5a0418027d03c34fdb4d6058a826b5
-
SHA256
175fc8ad5d12d48a2bec8ba9ac833d8c829f4744bc24aeea0300f2ea678705d6
-
SHA512
eab879ee34df393f391f84da264ca2cb6f80b136637bccb467f15bd8241810bfa8a80423a6978569bf08957a56db61970dafca575ad150486fae2f3ecb056a86
-
SSDEEP
49152:R84LjOD2gLUMPv0Cx7nnLjQfKSg6toEchtG4gDF05jFKo7lDg3s/Bd8diZL034Af:m4/OD+Mn0G7nLMiSg6toEcjG4m05jJ7i
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /storage/emulated/0/Android/data/le/ce.zip 4278 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/le/ce.zip --output-vdex-fd=44 --oat-fd=45 --oat-location=/storage/emulated/0/Android/data/le/oat/x86/ce.odex --compiler-filter=quicken --class-loader-context=& /storage/emulated/0/Android/data/le/ce.zip 4251 com.android.little -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
-
com.android.little1⤵
- Loads dropped Dex/Jar
PID:4251 -
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/le/ce.zip --output-vdex-fd=44 --oat-fd=45 --oat-location=/storage/emulated/0/Android/data/le/oat/x86/ce.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
PID:4278
-
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.3MB
MD54ac58ad990252994badc06da1640a009
SHA1b13b0059cb1bffb518d8ca4d0e8286dea2949e16
SHA2561027583f1cb4eae246fc3ac66eac3c3db44ada98df5bb1490707174d28f3dc8b
SHA512e6e60476216d2f05aa61e10c25aaf0340a75b56165ca6e2481153bbd4df85578d8ead6f05c05e5716263fca3133e4419c86fc7793ac5fe33a97ee781bef42634
-
Filesize
1.5MB
MD5487577c4f1b2571ea83da4c91819a90c
SHA13cc5bb808d8faa4d6cc16978937b6c20b7532cdc
SHA256123d78c48044debe7311e6dd1474d0c253ef960e6e74ee115701815f579ab898
SHA5122cbafe3865d919b6399993bed5c3622bbcc8571b291be77dd2cf8593787a30c1ed2e632f92cd977ddecc8cf39bc4543a86e3900f311e772cc69dad9e912078ae