Overview

overview

8

Static

static

6

cf7a6d81e5...18.apk

android-9-x86

8

libgpc-1.0.0.apk

android-9-x86

libgpc-1.0.0.apk

android-10-x64

libgpc-1.0.0.apk

android-11-x64

Analysis

  • max time kernel
    2s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    05/04/2024, 09:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cf7a6d81e5457e2032e4768e1226d3ff_JaffaCakes118.apk

  • Size

    6.0MB

  • MD5

    cf7a6d81e5457e2032e4768e1226d3ff

  • SHA1

    7eaccab9ca44c4bdad4e291e2744c343dd864ea7

  • SHA256

    a852e4875a8bb3d4e3ebf175766f58325575ed4d691548415fd4b662dac18f9e

  • SHA512

    3eb336c083867cd514e86681f79ca003970b0e07067e0e6e447778135a4381fa094769bd8f93f542485afe9ae3b8e9e1dd6fa90ced5d909196f45bc8e9e176ad

  • SSDEEP

    196608:y59SNNGQg56l+dQV4EhWnsQbVC0s9dz9MogxZ:y59SNNGQBV4nsQbVhaneZ

Score
8/10
collectiondiscoveryevasion

Malware Config

Signatures

  • Requests cell location 1 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscovery
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device. 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion

Processes

  • com.liuz.cqsscjh
    1⤵
    • Requests cell location
    • Checks CPU information
    • Queries information about running processes on the device.
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4458
    • ls /sys/class/thermal
      2⤵
        PID:4497

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.liuz.cqsscjh/app_crashrecord/1004
      Filesize

      225B

      MD5

      e3c9ece526e18767291c6850b7988e1d

      SHA1

      07ca4b6c5f26a3fe249b479f0afa497930c57b33

      SHA256

      8aebd6d39b10a3355aa2e3e7fbfaa68d0c3d94c7234f924153fb409cc17215e6

      SHA512

      4ee9ce46deea618c1dbe7e7446fb9483c749b9be15114743594098b03d639715edfd46d5a87f7620d945fb226267a903616ebdc24f7f2a24824cf51f154c17d6

      Download Submit

    • /data/data/com.liuz.cqsscjh/app_crashrecord/1004
      Filesize

      58B

      MD5

      0d210bfb2a0e1f1b4c082a6a0f79de07

      SHA1

      bb8ed9e364db79d1d9f2fcde3f15091893222faa

      SHA256

      988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

      SHA512

      536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

      Download Submit

    • /data/data/com.liuz.cqsscjh/databases/bugly_db_
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.liuz.cqsscjh/databases/bugly_db_-journal
      Filesize

      512B

      MD5

      1779b1188780e872d84ef619c4851b31

      SHA1

      2dd8f982bc8340833dfa04e7b0e62c56a71784cd

      SHA256

      239b79f7165b27c15319399179cce71388b9743b2d6cf51a06c04104c3d1ea62

      SHA512

      3096bf41aebd1b6978b0fcd662d01e31a5677f5bf386bccc6b151fdcd8829c288a95d43165ce7f98f9879d1fc2076a77540823c5af9dab31e521ca6a4d164e3c

      Download Submit

    • /data/data/com.liuz.cqsscjh/databases/bugly_db_-wal
      Filesize

      16KB

      MD5

      5c42dbcbfd98d5542cdd21bcef7e57ab

      SHA1

      b3d7e8f6dfc57695bdf0aa3d5fe99694343270ea

      SHA256

      f02f8dd19e622f6a2abfd367ecd740fe58bb28bac40240d7806c85650dcae119

      SHA512

      1472dc6555e3804fcdec796a458cb5b4314488a98d23cc4bb5d5bd0983fc59565e317c57a9caa92bb67c8e64c316e78da5c07f36e98d0cd8e038fce647941815

      Download Submit