Analysis

  • max time kernel
    33s
  • max time network
    132s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    02/11/2024, 06:25

General

  • Target

    84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk

  • Size

    951KB

  • MD5

    84de8f4e8f79e7b3271cac3b2d4ca7fa

  • SHA1

    db4b11540cff81a99160ff0c8fef3ab74e6937c0

  • SHA256

    8dc5a50cfb17110faf8614d27ca02130a933b03ea4d9e6626d5eb48fff095118

  • SHA512

    724a94fc21a49e8f82859a46aa92e891611dfac9ec129d17e1a2d27b4fef389ae423873d8fa23f6161fcc769ab7f6a46e122482d457fe5283b87c5d90e20549b

  • SSDEEP

    24576:dempTfemZSAqZrt3m/bemfem13emGNPN+QDGkcBJgKYOTEAFcyTmz:dRTfhvqXWDH93+0pkcjjYeFFcyTq

Malware Config

Signatures

Processes

  • vn.adflex.process
    1⤵
    • Queries account information for other applications stored on the device
    • Queries information about active data network
    PID:4269
  • com.gasgarena.store
    1⤵
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4333

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /storage/emulated/0/tvtas/as.sqlite

          Filesize

          24KB

          MD5

          5f3a37a846fa112d9db14009fadcd18e

          SHA1

          8bd4442f25b1fb1bbc6ce257a542ed4f903dc613

          SHA256

          a5a9e8d0b73273e7ab1cf04d689ecf742539849d41b33532b235b1f71c39cb07

          SHA512

          4e2dd27a0ce4283f7a63d62a75779ea3a1392b98fdad2e7205db7ca29342c135405752e9d8f12ed07bea9bb8e0a986f24f82f60e35afcef85120103e041b25a9

        • /storage/emulated/0/tvtas/as.sqlite

          Filesize

          20KB

          MD5

          bf0cc6831add8537315ae9c1226b9a70

          SHA1

          e10bd70ce479fec1bb0d0a303d6d732c308656d9

          SHA256

          97a0b0cabc7ece49f8e23d9c5422d33e47bd0e7a25a5c636777c06eae015cf54

          SHA512

          3ed8a6f084259cd627e5efcb58a853059f2635e1c0b0096c8b940666a1f843d6e718b99ac40b95e69563489bf088fd226d24bd3686ec24d3ab64138071db7bc2

        • /storage/emulated/0/tvtas/as.sqlite-journal

          Filesize

          512B

          MD5

          85515039863e8b552458c086ca9f13a2

          SHA1

          b6d7690c43989c66e5669df7c2a7e838c49026fd

          SHA256

          144f1d01eb4e338318a3564461210c729db41cdd03356860f360acbac08c0553

          SHA512

          166f1bc86e0b1626aa9600d3b6e4f577fbaa0452dd5dc63ba0fb5de932bc2650e75eee0de955f1fc8eee31ce545b44b363b17b977582596b8401bd94b0151cb1

        • /storage/emulated/0/tvtas/as.sqlite-shm

          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

        • /storage/emulated/0/tvtas/as.sqlite-wal

          Filesize

          52KB

          MD5

          1fe21e8989606a1bf5a12d8341dfbb47

          SHA1

          299ba694b8e31b9667a14a936ac5d05c14e80b27

          SHA256

          f1ce7b01f7f3544bdf5771bdb80ab0a855333386ae96bb2d0c3ce842db7121a0

          SHA512

          62c28a9758531b9c14d7d876e762615c65d97e99dd3f2679fdf7212584e2e7059d57a91c84d2a6d8bca051523a156dc5b949680e0829028b4dc2a7de19d35cd8

        • /storage/emulated/0/tvtas/as.sqlite-wal

          Filesize

          8KB

          MD5

          b634847006ebd4d502b2865562d9eeef

          SHA1

          81c56ad82f0bf0c53cfb4f3862ddafbf7953f1f0

          SHA256

          92e233638652c5026c36b65600107a0474e2e5f54df450c627dd5d0dcc19a0c4

          SHA512

          69a6e9916e6662b1ffe7ad101ff345d689fe305d1182d1db753eaf5518907d1d497f55a35ea83ac69506c9720b880889c1e32a6966451468f6cd4fe7c63a2178