Overview

overview

7

Static

static

6

9ea42f4d81...18.apk

android-9-x86

7

9ea42f4d81...18.apk

android-10-x64

7

9ea42f4d81...18.apk

android-11-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    25-11-2024 23:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ea42f4d81a9e756cb98b66b8e81c9f0_JaffaCakes118.apk

  • Size

    2.8MB

  • MD5

    9ea42f4d81a9e756cb98b66b8e81c9f0

  • SHA1

    6de552ccf09b14d6351804e7894aa6f5abda95ae

  • SHA256

    83586b8bd71b8a067993755ccfbf90d961c273fd36994bf3af54f62d4cc98c8b

  • SHA512

    f34ac52d8c120c4353705e9a540b5771f55c1ba44f0b02391f4af63539ae6a1ac829c22061006c8c55ce7b8e41d52b271780d0141df2da1a62db387b3ed74df7

  • SSDEEP

    49152:npsBnPFA2bKW9GbYUGDH7dhJlth7NcuRphXF6AKv5igsK3rAbcNQVi3jFf62NZlE:npMtAZmEPGD7xl1cqhXF6AKv33rAQNQn

Score
7/10
bankercollectioncredential_accessdiscoveryimpact

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about active data network 1 TTPs 2 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Checks memory information 2 TTPs 2 IoCs

Processes

  • com.ezzebd.androidassistant
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Checks memory information
    PID:4619
  • com.ezzebd.androidassistant:beyondAppMonitor
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Queries information about active data network
    • Checks memory information
    PID:4677

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.ezzebd.androidassistant/databases/beyondAppSDK.db
    Filesize

    20KB

    MD5

    76cd82df132036646134bdda403a9abc

    SHA1

    778786558e612913125d21ffba2e6d7c0429c464

    SHA256

    4779db1a222079b04b16c4708471aa444970c347bd5dce767c7f21a72a46f9dc

    SHA512

    6337b8e91e6b402ec1ed7c8ff8924ec993949ef03f94dc570420581f2ca25a90048629dcb15a8c76f9d639e92b73c3d6a6805b8929bf4a33ff0bbf2470c879b1

    Download Submit

  • /data/user/0/com.ezzebd.androidassistant/databases/beyondAppSDK.db-journal
    Filesize

    2KB

    MD5

    62691d391a38436d40b7a440e64a207a

    SHA1

    cdba80c78e222d428670bfd96c79e3c6b591e446

    SHA256

    55f4fa2cc5be3fb537a2fc9061d8c652bb7aa27a57b9691d4625bea6a8b96ba2

    SHA512

    2432d89034096b0a70b7d4a45e0137e558d7a16faeadc52561dabcd063755a9ba410a8d513c1ce348114dd2addbc78b417dfe501c40895aa2fb7e432fbdd37fd

    Download Submit

  • /data/user/0/com.ezzebd.androidassistant/databases/beyondAppSDK.db-journal
    Filesize

    8KB

    MD5

    6ce66072347c3bbc6ea99d708261b6d4

    SHA1

    cedb308c03e4f4547f48be65026b150e76eeeda0

    SHA256

    68e5a9415c8f40df8a54e15a9ea502d77eb4bb5629f31cf8aea97c081b344186

    SHA512

    d4c0c996e6af692e797889a0d33064df519e7be7d63fdebe68227e55d74b4afeb9ec3e1faeacc3c06a7372de30a767457cc7d46403f75cca1e815bfa82b1ff90

    Download Submit

  • /data/user/0/com.ezzebd.androidassistant/databases/beyondAppSDK.db-journal
    Filesize

    8KB

    MD5

    66117c4a3b8ba73dac5737a90427cdbc

    SHA1

    15fbdbee562c43f08183644ec846913eb6dc9a36

    SHA256

    b2efa78e78d304957ed14775338c2d745726c05de8c2f874f86017590bef8d3a

    SHA512

    3bfd97c7bca2bb36b635d65903867967f75695e909519fc4abbe03750cca26f690ff306a20f5beabcf202786ae2526be02de5486b7f95b5750675b41f09b054b

    Download Submit