Analysis

  • max time kernel
    134s
  • max time network
    147s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    02/11/2024, 06:25

General

  • Target

    84de8f4e8f79e7b3271cac3b2d4ca7fa_JaffaCakes118.apk

  • Size

    951KB

  • MD5

    84de8f4e8f79e7b3271cac3b2d4ca7fa

  • SHA1

    db4b11540cff81a99160ff0c8fef3ab74e6937c0

  • SHA256

    8dc5a50cfb17110faf8614d27ca02130a933b03ea4d9e6626d5eb48fff095118

  • SHA512

    724a94fc21a49e8f82859a46aa92e891611dfac9ec129d17e1a2d27b4fef389ae423873d8fa23f6161fcc769ab7f6a46e122482d457fe5283b87c5d90e20549b

  • SSDEEP

    24576:dempTfemZSAqZrt3m/bemfem13emGNPN+QDGkcBJgKYOTEAFcyTmz:dRTfhvqXWDH93+0pkcjjYeFFcyTq

Malware Config

Signatures

Processes

  • vn.adflex.process
    1⤵
    • Queries account information for other applications stored on the device
    • Queries information about active data network
    PID:4422
  • com.gasgarena.store
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Checks memory information
    PID:4543

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /storage/emulated/0/tvtas/as.sqlite

          Filesize

          24KB

          MD5

          2b99d5e769d59d539c110dc698e6e75d

          SHA1

          41accb8bbdc215014bb34a53c3d08c2afc20768b

          SHA256

          45d7ecb2f4fb0915ae2eec32f931eeca3c1f59e936aaabdfebdf5a64187bdc3a

          SHA512

          bf9f9d82cfb15a692d2820aa9af51166748ec00e5034c795901fd72e863d71de8408ea1612be590803545f2af4e6ebf5119c482874273b206546efa6230486d1

        • /storage/emulated/0/tvtas/as.sqlite

          Filesize

          20KB

          MD5

          6473c6cd7f6cd0e2d87bfd77c5e6b3c9

          SHA1

          20d81d3c278bbec4df54a0dad93d57f6d3112d41

          SHA256

          88fc468a9d698fd84deafb7c0ef394f403fb0bc72a93dab8849954cb51d63108

          SHA512

          4ce6af6d8b591cc40f8dad9eb169a50e26ed2406f2bc034862df564df90eabec2ede2486cd49e2daeddc6a0723e3872ffa8bd99eff8d77c78b0438c47187d937

        • /storage/emulated/0/tvtas/as.sqlite-journal

          Filesize

          512B

          MD5

          ecc93bc363df55a565651fcc53b50a51

          SHA1

          424cb5b0bbebcac09061339a28461541eab17949

          SHA256

          8901d878db39e23c06bde6c76a3e13a019ad215ec564458ca2d856e5923e8a4c

          SHA512

          c49dd21bca97094f17354bb54abc724d431a038c50442da26c784bd4ab84b2a7c16a079235eae2dc58d655525c5c1a17311176426d3a6eefd1a21df40e894c4e

        • /storage/emulated/0/tvtas/as.sqlite-journal

          Filesize

          8KB

          MD5

          2fbf176bc6e5719cb9b66057cef15ece

          SHA1

          bfa1f53715986e62dd7583babfd53a98c8a254e1

          SHA256

          410c91de794573b81cdbc07ae856a3c1d960c1a6871113bf1f52cd8e1fce4e8a

          SHA512

          0740c88963c8e99d716a3792f75f292d6e6a156e8f2aeef4227022300c41da8ca1966f9abdd9573f81ded3710e6c26b3441e9ce9d1479bc2ca701ed0354dab5c

        • /storage/emulated/0/tvtas/as.sqlite-journal

          Filesize

          8KB

          MD5

          0c35004189e73394c1be15b6690ae8f3

          SHA1

          b502e9e49475d554ea5eb1d736c1493c2050426c

          SHA256

          8e8d86039ed98efc11fd7c5958d3ff709e4cbcb32ada631e5c6da751ad8d8368

          SHA512

          d0fa5a671f9ed3de0cec981998f5cc0bb3b2fed43fc6e5bd7e6cb29ded1bae65fff52588ecbd4fc880cde263300be2a737f17dbc42e2cc989e98e08d594b9893

        • /storage/emulated/0/tvtas/as.sqlite-journal

          Filesize

          4KB

          MD5

          bc3923d8f860bc18f625cd1da0a53d54

          SHA1

          8fd7ccc90bc12028138da4f53b23a23cf9d6acb6

          SHA256

          0e619eea55591248456bca21a613c121a0ebecf97bb34599e9129190888eda44

          SHA512

          260614e96b08ad0f64ede16937a8b2d015af174bda31a1891ff6a1c9bf5b961035737269448c97282bd12f1cca784a474ceab95091a4615b855ef5adb490ac6d

        • /storage/emulated/0/tvtas/as.sqlite-journal

          Filesize

          4KB

          MD5

          4f81cb88fa24d6b4919ce5f58a914068

          SHA1

          d5bfb43e2c0b1ece86c20e82f4c61fa6249d7741

          SHA256

          76b43daef9fd88a3fad05dcb579e7ba4b031905772f87c44d32aeeb876641296

          SHA512

          860932cad7676fc56f72cbc8249da3bc34b7dbc2c0cb04c5a49e30a00bae0568bba1b176bfe65a354b165ab624db7627baf255117cd10ebe110556c241615b61

        • /storage/emulated/0/tvtas/as.sqlite-journal

          Filesize

          12KB

          MD5

          161f0499a5a67f9ef308c6a8ab856530

          SHA1

          dc9ffe372ce7936c3ef6f2de1afc88114d41a6b6

          SHA256

          62a520b630d9445e6d1cd05e867ea2bf77c473bbc5488a448212bc3ae319c9a9

          SHA512

          99d9984c6966965470b4a398ce40a34f4fa8638cf92928ff1481cc86f165a09ca791e638a2bb1e60e707d5a2d37b71718d19f2016c7833d10ae1e242bdcf75c9