Analysis

  • max time kernel
    5s
  • max time network
    160s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    03/11/2024, 02:36

General

  • Target

    893a1f486715b1052900e52cad0747f9_JaffaCakes118.apk

  • Size

    3.4MB

  • MD5

    893a1f486715b1052900e52cad0747f9

  • SHA1

    d288b802292628a3b0d2572f0178c4eab723515e

  • SHA256

    e8021f5725bc0cd7cebf4d771c4e6c5af37bbefa2b3dd623f20fa9e172753e58

  • SHA512

    0cd2f470e36f24cfb95d81be752d5e38e22f6bd41f95f1fe8442c19e5a51190e78caf051c4ed9a3577857badb8bf1117a1d2ed31e158fd8f90dc3d9ef944474d

  • SSDEEP

    98304:eibGOeNUyD+b9a4063RwGTUgpM7TeT0Czh6Ru2ijtkKjGrI4hjf6g6:XYNdDD8KGT8OT0CBfIhjfg

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

  • Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Reads information about phone network operator. 1 TTPs

Processes

  • com.ijiehun.tcmn.zimon
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Reads the content of SMS inbox messages.
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    PID:4502

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /storage/emulated/0/com.ijiehun.tcmn.zimon/log/crash-2024-11-03-02-37-02-1730601422408.log

          Filesize

          2KB

          MD5

          64d23dcfe2728a536a86be8824a18de6

          SHA1

          2202aaaae03fb63ffddb2021735b209e8a295f92

          SHA256

          c16e7fa6efb803e6a1b5f77f494e16ca94301886a81d5af364b3e28daf041b70

          SHA512

          32a7d28a4f3fdaa332dcd2d9933cc8d9730b26c0764da5de3bd6239694b648ba5d6e7d73f424f7655e9eede38418495240249d8a1961ddf00f57a4a3a0662344