f09db31ef6d4a6c18681d1785ae7b32a82afe818c44d7d5a338d454603f57ef8

Analysis

max time kernel
146s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
18/10/2024, 04:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

558eaf7244e256612fd7234403ee9717_JaffaCakes118.apk
Size

254KB
MD5

558eaf7244e256612fd7234403ee9717
SHA1

e5e08aa1d0d3218f1b71aa01d323408340fcb99e
SHA256

f09db31ef6d4a6c18681d1785ae7b32a82afe818c44d7d5a338d454603f57ef8
SHA512

b5e1ab26c1f12e237d71b9aafe44d25881b697591b35a78ba2dfccc28fc010133ba14b5858bca53fe6b353c6c1893a6702fb671bce63534af8de33609d42035f
SSDEEP

6144:RyMz4eyONlSg9go5uLMlixWkRaG8CxUyI/svj2zB7VM3l6:IXeyONll9HuwkEksG81pzB766

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4526	net.droidjack.server

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.droidjack.server

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.droidjack.server

net.droidjack.server
1⤵
- Removes its main activity from the application launcher
- Acquires the wake lock
- Queries information about active data network
PID:4526

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
70ab0184149f2a2235ce82b245bb5c3a

SHA1
ee3b0fbc494cf364705fddb1f3ff3503e4f70ffa

SHA256
27df39c9b9de413f6bc5ccd57272857ef5500c20ffc8b4e90e35088b3f4af80f

SHA512
52d291e398d4b4c5d754d02aa2afbce0b8f87c71b60ba5f29f2d6adc6f72318b97d7fc252fbb77a6cc721b6a7c0cf052c58ddd0648069bbeb5ab259089a22cd2

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
28b8bda191908ae5fcfb96d9c12b386a

SHA1
2230874c0842d77b85b8213a9cf49fa87ba569e8

SHA256
eb6a9813e63536f12b352df4fad96259098f8a48b7323a697ccf4f0051c2f42a

SHA512
e6bd50f0d6a6804e604c049f2fd6b5e8e0c15f331e2f19bdca98bd2acf670f3736a4937a1410fe7fa5dd7712d038e7b8d2558e46eaffc516446457972d450b81

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
556037c0f74575b01d8eccfeb0edef6c

SHA1
10a0fcdd1a054bfc2f1b9030a4d94557227d874c

SHA256
b46b9e4defc8ca9da55491a3b8f03f274b3f6fc48d72921f53539cfd16c74b85

SHA512
baa691cfb30bb3469969593f80f217489ac22294181761206ea4569d649dc0ebed197d36fddec195b65e6b6df24790738fa426d8671599bd5ebc16dd10064b98

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
512B

MD5
08785786d6458a99eee5535151d7db86

SHA1
44c8aaebdb36cd775c0edf4ce310874fef6c4cfb

SHA256
a4fbd9681b666726847c17186968b230e17abdc72d28a93dbf34f59db6724f7d

SHA512
f07ba360176670068368007bdf6a3fbd97034438b3df54bda8c7527e2ffd6005fa9ac2a0e91fa3d9614d45039dcfa574fcf9517d8fc46556f958e724996abf72

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
0bdfa241593db03095d9ff5f6cd585cd

SHA1
46d32e65c894846195afa28495a4320271e50bb2

SHA256
1d196fe337bd4c077115bbaa52062434f59abf0bd31a1080844767761f070e87

SHA512
b64cf17bdcf47672106b8248b54e10a08cd1b1d24566668932f8d1766f73e4ea95d4e8591d021569892fe3acee4a6c0117d2b7348a390a3fa331567126055a1d

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
98b656e8996ff49d9d6ccb6f274c7ec9

SHA1
b4b2448844a5ab32546bda21c22dd7279e93fe32

SHA256
4a9e7f5d46bbf7dacb0e6d459e131e344621e3647aba19ee0a8a39218317c91f

SHA512
cae3a5c2f99603499ac514708e2a5eeda9911c35a3d2e5b4c458a4a7b1059e5ff4273ce81f173eeb9cfa698b0a941352f2151c138ce50db71a117e8871b5f478

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
c2dbd8a9e24440e99780e594833ab27d

SHA1
727561f7ba3809fe553e2fe352d692b637d23d8f

SHA256
1cb81ef0d32b48e6cfe265a00f57e8bc46931ac8777a4b1eaabd825865e5ac8e

SHA512
919d5500644f5b729149b53a8fda4eab2dd1f189e51ae54434f2eb1ed29b171e3866e2ccbcdf603a149c7eaa85904a14351b57ed57521827b189afbba1b8bc88

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
e409a1ddf999395135b19d2f08a8bef2

SHA1
8e411f57277b44070767ed71ae6566e89d044783

SHA256
ee9bf6ed13e978316ac279eaf6036660ad7687081112c2108146fedca681359b

SHA512
950e16b0cc7e0f160b7f4c658cbbbcc286226715dbd07d87f1fb3fc7d7ae3a8e0b6e20e047983032b99d4cb76387b3cf0aaa7f9ebdc4954530c95f10ffa69d25

Download Submit