f311a9a841886de42749ff62ce757ddf86d081a936c715fb6c1c52d8bca372c5 | Triage

Analysis

max time kernel
65s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
29-11-2024 11:27

Sharing

Report Analysis Logs

General

Target

b0ec9f3c2053f2860ab16cd7770c2ca4_JaffaCakes118.apk
Size

4.7MB
MD5

b0ec9f3c2053f2860ab16cd7770c2ca4
SHA1

6b1f816691031c8a9eb11df65fc3848a8620ba36
SHA256

f311a9a841886de42749ff62ce757ddf86d081a936c715fb6c1c52d8bca372c5
SHA512

a9e987ede6409808b916268f4948a8e3c23dbd5ce1ead02a3f13c1496ce4515579e4550dfc9a70f972479de3d42de4f3c9dffcd757a82b6fb4e9024e80c0d26d
SSDEEP

98304:Pij0SMGt9SRRn9Uz71xqMFjd/3ir7WQFsNxOgFIe4:PCMGt9SRvU/qMFjkvH+Xy

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

Transmitted Data Manipulation

Processes:

com.yybergeanzhi.yizhibenlang

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.yybergeanzhi.yizhibenlang

Checks memory information 2 TTPs 1 IoCs

System Checks

System Information Discovery

Processes:

com.yybergeanzhi.yizhibenlang

description	ioc	Process
File opened for read	/proc/meminfo	com.yybergeanzhi.yizhibenlang

com.yybergeanzhi.yizhibenlang
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks memory information
PID:4468

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Replay Monitor

Loading Replay Monitor...

Downloads