3f3ab1f617649421a443997d84a5583d6ac5043c38ef6ccbec63fd4f9322e810

Analysis

max time kernel
35s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
29-11-2024 12:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b160b217ade33093e3589f2dc5a146dd_JaffaCakes118.apk
Size

29.5MB
MD5

b160b217ade33093e3589f2dc5a146dd
SHA1

381422931a8a7b2f96303ecdc79592db12c6ebe4
SHA256

3f3ab1f617649421a443997d84a5583d6ac5043c38ef6ccbec63fd4f9322e810
SHA512

e3de72ddfc8edfbc58325af9ea785385d007dfa23b2072b039341a38a78c13b4341df9b8adfb0995ff961d95e5936a75c66977b49ea97e6ae6ca3754c63f705c
SSDEEP

393216:XQtBWdYQtBWdjQtBWdVQtBWdCQtBWdXQtBWdzQtBWdmQtBWdkQtBWdIQtBWdaQtm:A+B+a+g+v+2+2+H+R+Z+3+A+j

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

com.zu.zu

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.zu.zu

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

com.zu.zu

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.zu.zu

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

com.zu.zu

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.zu.zu

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.zu.zu

description	ioc	Process
File opened for read	/proc/cpuinfo	com.zu.zu

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.zu.zu

description	ioc	Process
File opened for read	/proc/meminfo	com.zu.zu

com.zu.zu
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4995