f5b654396e690cdef07318b705974c35a155e7a528d48c97e0b1aff0efcc1916

Analysis

max time kernel
146s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
10/12/2024, 06:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dd60c8f63996d8ed23bcd8c0cdd4ad6b_JaffaCakes118.apk
Size

254KB
MD5

dd60c8f63996d8ed23bcd8c0cdd4ad6b
SHA1

16b74de31df6514e6f1e0143ceeae8731ea3beed
SHA256

f5b654396e690cdef07318b705974c35a155e7a528d48c97e0b1aff0efcc1916
SHA512

eb234200d08ba70176f8cbd7e81322528bd21fd9a7cc89d77235fd862371decde26fbaa27d7e3de9080f643f3f8af2a201f886b3208b49ca4ebd53742fc3b547
SSDEEP

6144:Yy+X4MXJU8eMK+AUR3nZ+cHoBH8MVz6RQjPJS6xv:Zt18sk9nZpIBzgelSQv

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4515	net.droidjack.server

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.droidjack.server

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.droidjack.server

net.droidjack.server
1⤵
- Removes its main activity from the application launcher
- Acquires the wake lock
- Queries information about active data network
PID:4515

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
70ab0184149f2a2235ce82b245bb5c3a

SHA1
ee3b0fbc494cf364705fddb1f3ff3503e4f70ffa

SHA256
27df39c9b9de413f6bc5ccd57272857ef5500c20ffc8b4e90e35088b3f4af80f

SHA512
52d291e398d4b4c5d754d02aa2afbce0b8f87c71b60ba5f29f2d6adc6f72318b97d7fc252fbb77a6cc721b6a7c0cf052c58ddd0648069bbeb5ab259089a22cd2

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
91a4e44713ec22fc2bfa5adb5a448ade

SHA1
0d958e5f5988ea4a84ab4aa3e97720a7ded58d02

SHA256
3f4beff61875a02d123b28b3baea71a7d7943a850f1aa341322097868419eda9

SHA512
b93bef740335739f08dfb04c207f2b6d5330917c9ea33ba16b27cab50aa97e0df6184368cc3a6a89e559a2c77db8173528227dedc0fb65f4943834490f5a7aa6

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
919886595b0e82b2aeb8c7f97fbd6b19

SHA1
5621bed74ffb7b200ac672a30985c09e8a057049

SHA256
40db59fc9f50eb7fcfe182712351493a3eede84cc7d92c9ff224ec5a95986d1a

SHA512
36b0a50b3972f690355dfbad41298308c17b0e3c74fc2c6860fc9943b8b7fefa53ddb542f914e4e6f369d85501a93d26a2cd086fd98f552268458d47ef50c1db

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
512B

MD5
9c940105feefbf713e7b6ebdbabc9858

SHA1
426f462fd5ffa73928e485a1bc05b2223309a754

SHA256
c198f70d5f075c0bd6c5e27f7d28f4855d1ea53fefca94c618f42386b9de86c4

SHA512
3cea798f3f13f57cf36a40648f1697c50a56410377d2f50ed32d24c11d59fa54649a3cfab9fe3cdb3d875458248e82713db368951141812dd799b6c57e9d96a0

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
29af70e609a8248dc4cda1b0e1739326

SHA1
0b0e71a86d8609a56e79f4905ff301a0383ad6fd

SHA256
ddd287dafec686b4ec3e5750453d52ffe5fbee99aa7079039707ec9478211f4d

SHA512
c5cdddf48cf07172bc6aed11c6641af6172829f8502e7b7c7965c3b348e18764253808ff811f6a6a129a456cbfcc12ba3a5cfe35d1caba223b4319849cc46064

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
f726ebce4e3c9bc8aaa62e980487a765

SHA1
5563ddde70fb6c2a50362f74aaddb7e34321928c

SHA256
85f032ce890593556fa048234e734c1b9b9542263b612f545c1c2eb645aa15ca

SHA512
6890e98287cca186da23ba9fcb1b97d10981e85b1d397822a044985834f93cae5977bc2f0fab2f16ba9a702b090e3d65726ea57bbdccd724e2db695347313baa

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
21d87557ac9f3ab3032fdf3b8775e367

SHA1
90248b4a01d6e56b80e106fb65238ebd89b96baa

SHA256
1624540765da2062cdb8d1ae78a4e2b0fb463f92fd50bdcaeb9f6808845d2332

SHA512
ae0cd9378ba8242592b1cdd92b0fae9c9ae306376b0172edcd3e5d4e81c466b09bbed23cc2a5dd5ea61182fd41c3b305fba9faf8fcd6479bb8e65ebaadf4ecfc

Download Submit
/data/user/0/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
d7de3edbaaffdbf38eb70cca85b1184b

SHA1
772417a4c11dad91837563db268f39b832f3b166

SHA256
cec985d813d69a4f5c6c65bef50f21d127f75f3e02cf8d096c49d9a7d15e8316

SHA512
e3d2522303d46587463fc681446a8d9df1397058caa1e2393512c9480ad767cbb21ae569e942880b4b416f0bd20b55686f6ec02bf3a41b580d0af2abe455e173

Download Submit