398308f2b66f62326eb8a69e21f66dc3ecdf6ae8b6d13133adb35a3c6d362e31

Analysis

max time kernel
18s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
24-11-2024 03:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

926daabbdc4a53deccf965e14b082209_JaffaCakes118.apk
Size

6.3MB
MD5

926daabbdc4a53deccf965e14b082209
SHA1

d2a4e7d47963f586058d520bbd8be79cae5c6117
SHA256

398308f2b66f62326eb8a69e21f66dc3ecdf6ae8b6d13133adb35a3c6d362e31
SHA512

c000b6e5aa20d662f9e1608e2650f0c6bbe2ab948701a77c60b81d4191af873bc10d46d3984bb78e27eb25a1c318630d0a31b52abae3a81226883449cb4af33f
SSDEEP

98304:mp3CUsuJsSFbIum6i1bBlLXlx0wwgjNwswXac8vQ8VmQS3soX/k6btNgnsI/:m9sWssK6kz1x/lws88vQ8BS82/NtNgT/

Score

7^/10

evasion persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
Anonymous-DexFile@0xd1bf7000-0xd1f0f5bc	4240	com.color.monopoly

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.color.monopoly

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.color.monopoly

com.color.monopoly
1⤵
- Loads dropped Dex/Jar
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4240

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

Anonymous-DexFile@0xd1bf7000-0xd1f0f5bc

Filesize
3.1MB

MD5
36e27ba587247aa7c63bc610643f658e

SHA1
e0e191e2fe5983005de444b1051ce68a32489c6a

SHA256
7cd311f806352c2a69f8c22a48f732a1c27fd00ad07690a8ae2b1fdb0aa7b1e8

SHA512
8fbcc69ac3a363ed76376b6bc7d49616f5335f6cf9791e8498e25f14542764e73407b47492aa29c0af671aaa56f777fe518a9a8575ddefd8da5f370de48622ec

Download Submit