7234f5b20f120bfa002f2cca5bed324a435a4f1521f99b096d650ae3a93d52db

Analysis

max time kernel
132s
max time network
128s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
23-10-2024 14:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6f6898e9e4a8acc82dc8c976b0f22116_JaffaCakes118.apk
Size

1.8MB
MD5

6f6898e9e4a8acc82dc8c976b0f22116
SHA1

daf3b73a2147c2a37f4f29fea8fcd946264b62ba
SHA256

7234f5b20f120bfa002f2cca5bed324a435a4f1521f99b096d650ae3a93d52db
SHA512

1d7ae1726b3c673145ace7044f69990b0c13e88b60059df8dcef7f48689b9e8bde5bf464bd949cce8839573b7bb568398f93784dc25b946d3937438f3c7248d9
SSDEEP

49152:ZzAtkicRShU6qLUR6PZ0WrKy+PcRPcZPcxPcCmPc1u13F:9MDOS26TR6B0WrKxoos/md

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.aljmfs1286.bsm1286fjl

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.aljmfs1286.bsm1286fjl
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.aljmfs1286.bsm1286fjl

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.aljmfs1286.bsm1286fjl
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.aljmfs1286.bsm1286fjl

description ioc process

File opened for read /proc/cpuinfo com.aljmfs1286.bsm1286fjl
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.aljmfs1286.bsm1286fjl

description ioc process

File opened for read /proc/meminfo com.aljmfs1286.bsm1286fjl

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.aljmfs1286.bsm1286fjl

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.aljmfs1286.bsm1286fjl

description	ioc	process
File opened for read	/proc/cpuinfo	com.aljmfs1286.bsm1286fjl

description	ioc	process
File opened for read	/proc/meminfo	com.aljmfs1286.bsm1286fjl

com.aljmfs1286.bsm1286fjl
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4240

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads