7f38a9f0a6a72b244c0e648e201492b499ed69c0124d79f8b538769f74dd3a59

Analysis

max time kernel
136s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
26-11-2024 00:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9ede50657e1d9be7411f79f6668011e7_JaffaCakes118.apk
Size

148KB
MD5

9ede50657e1d9be7411f79f6668011e7
SHA1

7c387e0152e596fcdbc4d274382687fc9fac0179
SHA256

7f38a9f0a6a72b244c0e648e201492b499ed69c0124d79f8b538769f74dd3a59
SHA512

34c49144ad149c84ca0b7628fa3020dbfe40ffc3dcede47e30876463cb11a31082e796eac7cd25126202d7908e47654152b0fad3a58937b9312e467b6f5b6144
SSDEEP

3072:OZbUDEYT0y3QuKy87kHbUDEYT0y3QuKy8/nKuALnKuA4nKuA8oRFvd5e:txt87fxt8/nILnI4nI8oNE

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.tx.show

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.tx.show
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.tx.show

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.tx.show
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.tx.show

description ioc process

File opened for read /proc/cpuinfo com.tx.show
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.tx.show

description ioc process

File opened for read /proc/meminfo com.tx.show

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.tx.show

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.tx.show

description	ioc	process
File opened for read	/proc/cpuinfo	com.tx.show

description	ioc	process
File opened for read	/proc/meminfo	com.tx.show

com.tx.show
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4256

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads