Analysis
-
max time kernel
154s -
max time network
163s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
-
submitted
18-04-2024 07:21
General
-
Target
f7871bb5dc9d79fd0b0e689bfbeb84c1_JaffaCakes118.apk
-
Size
13.2MB
-
MD5
f7871bb5dc9d79fd0b0e689bfbeb84c1
-
SHA1
40c0de006ea3672f7f1ff18ac1da393cfd7ba4df
-
SHA256
e7858e0c3ac80b923e07b79839354a5312cf5aa111ea0ccd761eff679fea3739
-
SHA512
b5bd93ced7f3924997cb141dd1c9b3d4803f628704a568eabf28d9c47e6bf127644edac83f7b0502abd730dd093cf310438b049333c0521ebb3b3910fee4ed39
-
SSDEEP
196608:mCbn3KLX2w0WJyTiDhpDUQGNeFRlhKE1l9kzd/1y+Zh7lyFRjbBU6ZS6s0YXBAHP:n3KKGdZGcrnKEz+y+X70xwK36kQQ4u
Malware Config
Signatures
-
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Checks known Qemu files. 1 TTPs 3 IoCs
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device. 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection. 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
Processes
-
com.mobiletool.appstore1⤵
- Queries information about running processes on the device.
- Queries information about the current Wi-Fi connection.
-
com.mobiletool.appstore:channel1⤵
- Requests cell location
- Checks known Qemu files.
- Checks known Qemu pipes.
- Checks memory information
- Queries information about running processes on the device.
- Queries information about the current Wi-Fi connection.
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.mobiletool.appstore/app_crashrecord/1004Filesize
8KB
MD5a985350aa1d178926b8901eef7c8fd31
SHA127d3726741212fc6318a85277bb1ba7680c24d21
SHA25608a8f8ab7b981af2cada164e251bce840dbfe532fc23436de53d8c53ec5ff58a
SHA5122e0be47ab3bfe7f6980031f7161b165f11824c4d5354bccd8be324d016e73cccbfee70831c75543014084f1bad501511a84c6b75dc3f5b52ff55d4080e8af725
-
/data/user/0/com.mobiletool.appstore/app_crashrecord/1004Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
/data/user/0/com.mobiletool.appstore/databases/MessageStore.dbFilesize
36KB
MD5ea5e907dc8fa70373ced3186db2d3c42
SHA1c89203aff8114f87434e7c5f74ceeaefdfe6b09e
SHA256d41b63a5e5bdaf5307b254bc943b71d9164fab148acd05e1d0f18f5ca3c15f3f
SHA51253b957576d28cd83f9e89274f178cf98d5e1e6934e738ba8cc7cfeb3c061ea4fb46718c912bd9f51c03be6c608443b5f6750feded129b056ec760cd2aad2293f
-
/data/user/0/com.mobiletool.appstore/databases/MessageStore.db-journalFilesize
512B
MD52bb4c6b88158097e738431b669092baa
SHA12f7a33e905cd26a5caecc145ab63b8f007e3f9f4
SHA2561028f7ae13ed6d553250b8c8910f383b250ac18dd2cdbe12c413653cf286fe0f
SHA512cbe95e9f8d290a87562486627ad0fc3ec099e8006cfb1a4ea88dbea7ac3c6ead14fcfe9e1297a19de41f7927013bb1bf18fe4b3fa20da99446d79c7e30781f22
-
/data/user/0/com.mobiletool.appstore/databases/MessageStore.db-journalFilesize
8KB
MD5a5a03aa96d3b592c98b220b7a7ff2017
SHA178a551daf5a85dfa2028f62ffcd34e8947743fe8
SHA256b176891a51c5016301f8ec8394f6c9819a59a5a9387a9a44ced17756e156a0c8
SHA512314b71f993b7c3f5ef567d02f2ed04bf53303b25aa570708d9172cf51f62101f36cb319324b76d5831d72607aa68564d13f9af598650165e9e537f742b5decbd
-
/data/user/0/com.mobiletool.appstore/databases/MessageStore.db-journalFilesize
8KB
MD546b767246039ceaaae3c235ea3f83992
SHA1bc691bd247f1c4e157c507b34731700cd8a05a09
SHA256f07baec1b4d49c0deb242bed879e1509c4f316422c973e3253e9eea3de004d8e
SHA5122eda224e99db058d8bc637afcc9867a4625797e9080bee153c4fdf3bc67dc6a28304907fa7a16eeb14002fbeeb58d5a376fa473c0b7b229959898a43c95653ef
-
/data/user/0/com.mobiletool.appstore/databases/MsgLogStore.dbFilesize
56KB
MD54f556157ecfe6bb4b7791e703e683c15
SHA1aa6ab516c368e6bdcdc72a49cbc8e01bd2f527bd
SHA256b66d5bd74b985c69d1909fe409bb21ac51b0856e3b66ad37a4440f0aed4be0d3
SHA512fbf0cf2c8cb2c585f32055c7d59c19c093b47f8887f5026ca27b518bc441d839c0eca6651a6460077d998d683603feed9fb47f3d27bcb2e1b939a64d3b202a0a
-
/data/user/0/com.mobiletool.appstore/databases/MsgLogStore.db-journalFilesize
512B
MD53ca0f9baf9f305aaaa1ae4646f371dd3
SHA1b83c7350cef997bae0c1f54c4724deee4078c09a
SHA256b79c4107ece392b3c2e0ec571ba1b6452389ea65b7c544b65c10e3853eb0f341
SHA512bf4ce45d254b58fb5576420d213558df53c1d3b6dbb469d51302b11e36801654adc309f95aee46d0687ede03a3b91ccce84ef9c917342d398012d771c1a2a292
-
/data/user/0/com.mobiletool.appstore/databases/MsgLogStore.db-journalFilesize
8KB
MD5c53acc75dc868cec0a2e8bff24b4def2
SHA11ff2f4120533dd215430ebac5b51602ab6abb0f1
SHA256f2a9bd07161b5b40e0f515d236ae878981a0ce4d6c96d7029a2d98af3c6b48c3
SHA5120b452dee1f57fa941604db5a933eff083af15de0c71e690559efda4f2f443f945336e227ac947b92d20cab8fbb5237f909483835ebb26f3c6c52ad0c8a715b77
-
/data/user/0/com.mobiletool.appstore/databases/MsgLogStore.db-journalFilesize
36KB
MD57c0b5c6d1120bf3635cb815eb5e29f28
SHA1cbb58092e164d3d098e750a608f3833f85a06476
SHA256f2434b69ad5ddbdeb3796b9e34fa428cf6fc31bf987dee42c12816e3632a128b
SHA512151d69445e8311fc78f40b5781e2e1f1d631e879e87a08d1076ac69d7ad5bbb8ee017fa4d5be934f9eaf1cd3a0aea87c40be405c2a601a845820d73705ec7a36
-
/data/user/0/com.mobiletool.appstore/databases/bugly_db_Filesize
24KB
MD56f8b7bdb7b925fad8beee56c0f4a8d2d
SHA1c510b8cf2671210ef04355787cd8412b6151fcb0
SHA256bdf114f4c4136e6ebea8f029699476efa26534ed19326c60f378d29792da1508
SHA512f58fa605381a0a8c1a034123895ab4cecc3b29a5a3048bbc5a1122fa7d3b3ab05c734d4db4fe126f96044f82012a1be282209dcc97f5c36fd4f4229b94ab82af
-
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journalFilesize
8KB
MD597c9437547b6c74b69ce0a72b0891834
SHA172cc4c0116f3aceff68f84f917b4a8b24814db4e
SHA2560fae9f104c39c8b7b709fc3f3cc368c2c3c6e9ded9309c748b54511447e9be1c
SHA512080984f53a92d11a4ba246a9f944a36c50faf613f0e64acb0aad0a277b921df305d82f7b20c9040bd9d7953371135647804d98f15fc6d2901bb98375c06c0a55
-
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journalFilesize
8KB
MD5157a20582a7a99b9ca70a497bfe8b9c4
SHA156b003d88c8f01e2e6b3eb02bab46790746a5bd4
SHA25640bf9df773bd5e9b2b7064eb97807cab7f31e26ee405249f9f80e19a46b71d2e
SHA512cc64b94c2cb9ce3cc2673cb6fc7f22ccd480c5eeb9905db3e412341f037b51d6c108ddaf5ee8737559d32b0531b11a4ca55d6b4b5f5205d1c628e33065d11d9c
-
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journalFilesize
8KB
MD51a7010de1ebefc868f3660547f97fbd8
SHA12226c8952ab2e6c2cb5ac8399c321e3424564575
SHA2564ac39d37ed0181d96ba34a167259e8d1dc46b0657f4feaaa293b0e6c2245719e
SHA5127c9fb5ceb2e00e2bd37e5cbc64e59ffa33cb2e3033c24f39c18649d1efe48d18246c437a5bafc8745c4a9e272db41f7fcdac84cf50d5eab60afa6c52f4eaff6a
-
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journalFilesize
8KB
MD5809606b52bcc047bc2e47122214cfbcf
SHA11dad4d4c457d0a8fc323dce750eac72604097817
SHA2563fb915d80aefd3e4b5b8e0893bbad3c0e319d0b9cd4710dbcd4c95af43cd54a4
SHA512fd2ed0becef7b3a059bfc2d518c08c92000cf0f6fe7ff010f44688aeaa2448c4ecd9f7827acd5d702b5183622adfe181104824e1b0d6632a10d418ad7cadb327
-
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journalFilesize
8KB
MD5c5d17379d2fb4b5810bd9e956337ce4c
SHA181ef606661529ba78021005ae7ddaefcc83e268c
SHA256bb5b206cd5fb3c3fe4fa8d412082abe080db09d4657ec40f7f58643c583fdbef
SHA512e47259a040faf4bbf1877e0061603065e9412a9b0394968c5abc628c50543adbde8bc6bef678b9d1a913c198db0beaa709e1bff594f5866848edd2510780f9eb
-
/data/user/0/com.mobiletool.appstore/databases/downloads_classic.dbFilesize
28KB
MD5a734880ceb8ad79833c2db1c4f3a5eb8
SHA13aee4d7233b125fe12ff67e60f2d9b7c189e7228
SHA256d23fc73c2bdc4611be16a17a8c41e8763ddcbdb78185067d3b790875382293d2
SHA512df1fa7eb5dc87af9ef3752989d74a5be0534e0126e579556f50d546a546f38e1cd68861dabf2bbd371dda693fc8373df82c976da037a817486537bedd0862ccd
-
/data/user/0/com.mobiletool.appstore/databases/downloads_classic.db-journalFilesize
512B
MD54ff9feea07afa1dc503b081c2412bc67
SHA1545d7b874500416cc7e7e705bbdb0881efc4780d
SHA25662dff12a5d06ae611e66a6c54c046f754916d49a5fbcf8245592486e420a895c
SHA512ac38fb0fef05f687c0d060de718034c9566cba35b130d62fa910d518f9eff9fc4060b10a93e0719b6ad2e2f0c9c58a5a5a2f4460b4c6db8f5c1e50861fcb32ce
-
/data/user/0/com.mobiletool.appstore/databases/downloads_classic.db-journalFilesize
8KB
MD54f2a0cb25876485f72e216823b1c4a49
SHA10d94c1341ba587be7cff306f87ca9634fcca0800
SHA2565419a77800a3836427c727a9b6f35885e54178843a05dd9f8d1053f6cc889ac7
SHA5128374826d36fd8526fdf7309472244fb2bed5381e1281fdbd4fefc8948254fa5c6d37d6f0af633500689bb6c464ede08e0462c2887fe4aa2b5097e9c832c24ff0
-
/data/user/0/com.mobiletool.appstore/databases/downloads_classic.db-journalFilesize
8KB
MD5b280f3891c1c0b932bbe969bfc973ddf
SHA1ac0a80da311e0502477cba766588a84b1176cc4d
SHA25608a9f571b7b7a68f1d12e2f77b6a78207638dd4c56ddf2e28e4349333c2671b2
SHA5120d275dbde05f51e93eebdeae8789ad29de496faeb8cd9f987a50f957bcfb569f3fddd41824ce022c3ec3e9ac119d81d84bad6970b0e76c2ac47f847c674fb072