a0c6f248f02967a02094f937f82571ffb69de97b76fb663229715966fb675ff4

Analysis

max time kernel
146s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
25/11/2024, 19:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9d7c6db36b65909e13a87e497bd495df_JaffaCakes118.apk
Size

244KB
MD5

9d7c6db36b65909e13a87e497bd495df
SHA1

20e7902b318c92dc39f609b3bb0c0bcc0612eb13
SHA256

a0c6f248f02967a02094f937f82571ffb69de97b76fb663229715966fb675ff4
SHA512

c2e12e256f7a801bc9b4c4ee0814d017b6a9dcf5456bbb25ef91094ace7b80563b61616c88980b0ae3a7dd4d20823dcab2fdb46e15db1733258327f89b77d59b
SSDEEP

6144:5+jNdpp1fKdky1GCFlYc5ecKLjU7upREu3vnR3HiCJAu0CaIIc:5+XzZKdV1Oc5vaj8uYu/9HuVml

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4481	net.droidjack.server

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.droidjack.server

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.droidjack.server

net.droidjack.server
1⤵
- Removes its main activity from the application launcher
- Acquires the wake lock
- Queries information about active data network
PID:4481

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
70ab0184149f2a2235ce82b245bb5c3a

SHA1
ee3b0fbc494cf364705fddb1f3ff3503e4f70ffa

SHA256
27df39c9b9de413f6bc5ccd57272857ef5500c20ffc8b4e90e35088b3f4af80f

SHA512
52d291e398d4b4c5d754d02aa2afbce0b8f87c71b60ba5f29f2d6adc6f72318b97d7fc252fbb77a6cc721b6a7c0cf052c58ddd0648069bbeb5ab259089a22cd2

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
93deb887840ec91289dfa661baaaa2e7

SHA1
106e7dcdbe0ad30e7e03d0f9dc1c016b96c6eec2

SHA256
6be490981bc4d85fae8ba66d45399ab3768032f7a4f404594e518ad64025e05d

SHA512
2b40e23169ec4a1cf2a873bc2341bd5ab2e8e89ce773c628c1642dc803bdabe0fe895adc3efc3714def3120c92c2b54167841ccd2d096a9b7717d3e715ba4b5f

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
3242396609da7e872d662a7122c2e69d

SHA1
9ccdaf5e150798d89c7a1a21e8442b33cc186d8c

SHA256
0673b54aa7be17482638e820a620a5b14a1098231edcf3b9c8cd81023cef4a45

SHA512
2a8ef59bb160f431d4886626f8826fc662a45729dec043330722aa1cfd1611542018432b0943fc1dcb7d5ecff12f5287942dbcdaeccf4c8ed0a39b2b35458271

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
512B

MD5
118c552d793300c07c61af3b6edd11a8

SHA1
cb253caa427a803701df0f5e4e5a9a07fddcbfbc

SHA256
1313f7544020f3da3a5980106fe26933e304ce579986ecbfef139f04b2997711

SHA512
fc9edb1ef300a45388630291c97968d8d30dc7e5814ed6a63de0d42fbdc09a719bdbe6e4c18844eebe0a81a336edf8382d8e2a884c1c8ed48072c360b40ebe52

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
b8bb0dc6dacb11f41f596d80dd0f5862

SHA1
a6a0211953005d58798ef85dc543cf5e69641a38

SHA256
e8585783a103eaf894303093dd25d4ea156e50f08678cfc41dbf48cebd376b7b

SHA512
fff0a39df956de7674ad6817d2691d835c4ffa8798c90e07f1ee37a574d0d7c2d2854ca7cc798122198c311da0d91a040e9e95a419f961b748d3778c2eeb0d1d

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
9f49a4983c10348781b75cf9d4df05c2

SHA1
a7bc3d75f13b61c48f50e1059d84be1e62178209

SHA256
32170931e61da8d378955d744f373f1163d66846028fcfc26735ff1ef8e3eb12

SHA512
0d52345374f3354427e9e974d10fd56fccb27463f2f934d1521f6836bebb3c9e30034d61ecf0a9c04a05366bc29566d15b53b05404eb2f18e7a2bb466d9b870b

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
eac6dccbe2803de5240fa5a53c6120d6

SHA1
d65ad723a603488f17d1b896d2f88fefd2884e3d

SHA256
3bb2d77cceb0b29a4ead13cef30959562358c01d22d0cf10d6608447457c6d69

SHA512
768d5eecd55301b071160a85ff70cb5d2c818de808f69d8a15fc30ee378ddbaac429e34fa6970d6e93816dc67c98df749de7c4df39ebb915382c9368f6ffacce

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
9e1e208d98072008da828b2dc116c8f0

SHA1
456cdbe4dd5dc1c550cf4f99fe8f330c803c5a0a

SHA256
707d7dd0e1f3240a16d6b28f9adb5479b013cb35c33aa9792eff4ee7d2fe1dd3

SHA512
2cd992f2df1e640d3103b3b8f6b9fb0ef5a9839d39d6948a88c56428d5d4bacc3379a44a3cffd67200d072a7100580ba105aa7be1bc79152a6a34a4f0047420d

Download Submit