b4ed7eae643cea6f4087cd5b7187675cfe252d0f638657496458fc38b99d70cb

Analysis

max time kernel
47s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
11/02/2025, 14:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e718e9b1cf8c5f81f485022e44a8178ebf3aed62.apk
Size

1.5MB
MD5

80cd72c756b488b057157483bf4c89d3
SHA1

e718e9b1cf8c5f81f485022e44a8178ebf3aed62
SHA256

b4ed7eae643cea6f4087cd5b7187675cfe252d0f638657496458fc38b99d70cb
SHA512

22c97fb8b4894b7dc5668f4c2077704f516247eaf41a515af4f453643734d26231ddc07fa993da458fe6913c18025b9b69bbc13158b95681c9349edf9dc69b3e
SSDEEP

49152:HFCp6BL43YiKL/GtQnqahUaTcjLsV0tfRfVd+vdu:AWLNqCBTGU0B7Cdu

Score

6^/10

discovery impact persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	org.jackajks.nkar

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	org.jackajks.nkar

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	org.jackajks.nkar

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	org.jackajks.nkar

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	org.jackajks.nkar

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	org.jackajks.nkar

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	org.jackajks.nkar

org.jackajks.nkar
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4222

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.jackajks.nkar/files/PersistedInstallation2996586660281586230tmp

Filesize
570B

MD5
94ca4768799d750ec5eb6635739ff257

SHA1
b7fe879bf079ecb35858bcb5dabaedd439bd6747

SHA256
a1e909d008bd94ef76e5cfa95a301726016bbeb54d45a21262e59797e9a80201

SHA512
42bcf0483a110be913c59e8de4a5d56a81eb581bcc3be41c5fc2e07a535df6bc8cc46e7f730483093a80f5f7fc60fe39c6ca1449c4ecb80fb4ec8c0165bb932f

Download Submit
/data/data/org.jackajks.nkar/files/PersistedInstallation8252259623643312148tmp

Filesize
90B

MD5
3fd7633f65b2b5d052e4095bc0b746e8

SHA1
21459d064d4d435acbe2672a4b7c73d81aa6eff9

SHA256
c25655943e27c56c8c0ca828b094913ba2b3fc8419188b0c58227729792a15f5

SHA512
cd81198ea6f901ae53b892e635bd3ab56318e822fda9714620b3d4197cac3bd15f756b06eaa6941b4e11f195d0d60d69acf8872a419b4800f4574bcba0b14830

Download Submit
/data/data/org.jackajks.nkar/files/profileInstalled

Filesize
24B

MD5
176c8cf71b66b9e876c84c4db687e4c5

SHA1
990622b9dd80b1ecbcc4802d960f24a8762fd500

SHA256
e752753f6befe8b896cb64180c0640bd0ebbf70d76fd95b48d7fd1280c1f14a4

SHA512
67adbb7cc02784856d19543f22b2fb80fb5dcd8ed0317c1a255ce9a4735d53f0c0234950812f19e1c6b751056df2584ae35464a8ba8b8cb15772aaff1b38c793

Download Submit
/data/data/org.jackajks.nkar/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
b1e274328757eb6a9f40022bb12237a6

SHA1
a7c140f2dec8a949d8537aea84137e87e013ba4f

SHA256
b704cc7dbc212ab7bf0dabf3a61726fb695e76e523e5b341046d7a1879b37d9d

SHA512
b23bb629f6c3863b1ca7d95c224168c5d69bb904f02e02e1a09209c4c8cc18ae82fd52d0abbe3ee89654bd24be06ad5a0e427cee59b6979afbc20c029fb62aad

Download Submit
/data/data/org.jackajks.nkar/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/org.jackajks.nkar/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
2634f9890a3fe7ff68ee109589a141a2

SHA1
3a5b1ad0d5f341b80ac05270ea577e77d881a41f

SHA256
4add13c7806a861b79974462cac523e73b8b792abee2983ec8412e33c30088a4

SHA512
8a612ca8d95a0b2507908cb288af26a5be2569d75fb76debb1e51610cafa1a59740a68386eede6bea90795994a20a7a2e9488b0c6632702789f0f3e94983427b

Download Submit
/data/data/org.jackajks.nkar/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/org.jackajks.nkar/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
f742f013c2394d2113eab019957ce96a

SHA1
8e9f5c554db7dfe0ba860670012170d0777f82de

SHA256
31c1c2140995538448a01004419f0b46810c6590e471a66a1ffc9dd4cf6ebb6e

SHA512
23a619ef5ca0005dd732d85b6dd1e42bc46dd2d43ed8a1110e9c33d31516440ddded97cb1ccf3085e08918139648dca27af0b1abc34b8143e907a08201701f61

Download Submit
/data/data/org.jackajks.nkar/no_backup/androidx.work.workdb-wal

Filesize
124KB

MD5
f20ed2918ad6c09d1251fbd8bb5f3091

SHA1
d413e57c674cd56c2d1b347bef5c7b8387e43a22

SHA256
e4380f22b336237ee631d56edc1c40ff7ed964c16f4135e7ed1d34abfc5545ff

SHA512
865d94eb1aca65019bf6a3640d172ce1dfa8ffe45aac69221e231fc84d758a75b4027f04072abb2d4438312f8383061dc36fa9b196646811e0e1d98763d3f116

Download Submit
/data/data/org.jackajks.nkar/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
42d60b3a4e18718753480ce7acffdfbc

SHA1
b6c22ccaf5f5df3c9417de627e511e8237ca4494

SHA256
68e5e70d9ca4632250e0306f9315371ecd6ac44bfabe4f3dd273cbc68b67f2b1

SHA512
144351e1043abf7d2c2d77a3b637cbd3cbfb4f81f5f3bc3e3bd47e3464f50f024903f264fd33f727d7eaffa32024b814d3986c2abf2ba95cee5e4b576b9b951f

Download Submit
/data/misc/profiles/cur/0/org.jackajks.nkar/primary.prof

Filesize
141B

MD5
c9627b3bdd95060eaffc3bcced6ff148

SHA1
5f7da4e987cc3e98e6e6cb6f514bec6947088a54

SHA256
a8d3c5c0bb7cdaf805ee152befe014e8a1b63a4cd0c4f022e81ba3d688abe9ab

SHA512
8b422453cbedf6c18a5fb9276fdc06fc23abd6d1b6db7c5e50f10018777abc08d0ff221de7d4087419a223e73ee017c01d3c533fa59fe728db93e79eaf4ceb57

Download Submit
/data/misc/profiles/cur/0/org.jackajks.nkar/primary.prof

Filesize
1KB

MD5
725470dfa85c4910bdd2ddcc4b433be4

SHA1
4469684f3fe135cdddaf5fef1665465207d9193c

SHA256
2b2a93fa1deb999aee50f855929f92079276874b61a6bb64ea402b43bba664cb

SHA512
ce8e386900783fcfbf7066500cae2f35423555522cf7ad976df4a8d21d9299ad16f28b635cdd7ab154b9d32d66065837fb21780ad0d1231c6cec60caa3233232

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads