Analysis

  • max time kernel
    12s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    03/11/2024, 04:44

General

  • Target

    89b08378b0a8e05a11b0cd65a210b937_JaffaCakes118.apk

  • Size

    220KB

  • MD5

    89b08378b0a8e05a11b0cd65a210b937

  • SHA1

    21add592198b51bb1b73ced7fd8d41e52d4f0ac2

  • SHA256

    b4b8622c105d4a4c9e20f07791553b0e0e848d41284a8a8a3ead9c02ec112117

  • SHA512

    50cf7f10bff803989389427ed371d917e8a145cc1240174e9384774f25d1bb0fe2b3db5a2f5bc4020fbdf1cfcf3475cbb310be826762c38676c87bdbe3ecebec

  • SSDEEP

    3072:Y7YBNPRWbHLiNlC5OkEXPq5Yg90bQXRgbeoges2LgIjAQvdeWVm23VetkywACJB6:Y7Y/OODC5OLcI22LgIjAQvxvToNWh6

Malware Config

Signatures

  • Reads the contacts stored on the device. 1 TTPs 1 IoCs
  • Reads the content of the call log. 1 TTPs 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • com.mgyun.shua.protector
    1⤵
    • Reads the contacts stored on the device.
    • Reads the content of the call log.
    • Makes use of the framework's foreground persistence service
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4967

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.mgyun.shua.protector/files/v.dat

          Filesize

          2B

          MD5

          182be0c5cdcd5072bb1864cdee4d3d6e

          SHA1

          b6692ea5df920cad691c20319a6fffd7a4a766b8

          SHA256

          c6f3ac57944a531490cd39902d0f777715fd005efac9a30622d5f5205e7f6894

          SHA512

          3163a8d6a4540ecf1794ece0245f291154d30e1080359d2e994ef79c1a469aa0cd808769d9c7ee30ca342c6803d2ebcec3eb71a928d6db187dfb1fc2cf640395