Overview

overview

8

Static

static

6

f7dd866d28...18.apk

android-9-x86

8

f7dd866d28...18.apk

android-10-x64

8

Analysis

  • max time kernel
    151s
  • max time network
    159s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    18-04-2024 11:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f7dd866d285354c66c1e2226a551da03_JaffaCakes118.apk

  • Size

    17.3MB

  • MD5

    f7dd866d285354c66c1e2226a551da03

  • SHA1

    f4469e6d9264f11cf7fad6f1ccb28733cb0994c5

  • SHA256

    2ec6ed3358ba4f9cd3b2e61222872a863141aa7e42a61898b4b73aa9d73f53b9

  • SHA512

    6f41a6457cf05584e55e18e6299ab0ae16ecb5d2d206055618e98d40771c10de2a42ba35fab4f11cd98bcf90cf437b09a72464eca31f719852ef5480d19c94dd

  • SSDEEP

    393216:e1dT65LlgOxKVFL3uArenzoWlM420L7xaupQ2cY+ZvsttyI0Mgj3T:0tahgCKVNkUW6cLN9kZ0t+hj3T

Score
8/10
collectiondiscovery

Malware Config

Signatures

  • Requests cell location 1 TTPs 5 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscovery
  • Queries information about running processes on the device. 1 TTPs 5 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection. 1 TTPs 5 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.yijiuyijiu.eshop
    1⤵
    • Requests cell location
    • Queries information about running processes on the device.
    • Queries information about the current Wi-Fi connection.
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4188
    • cat /sys/class/net/wlan0/address
      2⤵
        PID:4445
    • com.yijiuyijiu.eshop:pushservice
      1⤵
      • Requests cell location
      • Queries information about running processes on the device.
      • Queries information about the current Wi-Fi connection.
      PID:4236
    • com.yijiuyijiu.eshop:ipc
      1⤵
      • Requests cell location
      • Queries information about running processes on the device.
      • Queries information about the current Wi-Fi connection.
      PID:4261
    • io.rong.push
      1⤵
      • Requests cell location
      • Queries information about running processes on the device.
      • Queries information about the current Wi-Fi connection.
      PID:4315
    • com.yijiuyijiu.eshop:ipc
      1⤵
      • Requests cell location
      • Queries information about running processes on the device.
      • Queries information about the current Wi-Fi connection.
      PID:4508

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.yijiuyijiu.eshop/cache/image/journal.tmp
      Filesize

      31B

      MD5

      8c92de9ce46d41a22f3b20f77404cc1d

      SHA1

      8671a6dca00edb72be47363a7071be65cf270373

      SHA256

      68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

      SHA512

      30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

      Download Submit

    • /data/data/com.yijiuyijiu.eshop/databases/eshopv5.db
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.yijiuyijiu.eshop/databases/eshopv5.db-journal
      Filesize

      512B

      MD5

      9c24ac26041b6184c7d99665009907e9

      SHA1

      ffd25e40ae4578564b6185b8d819d3b7f29f3df0

      SHA256

      ae2770c50959ed2f1dfd84bff2d0b85accaf70b1e85130926aeeb39c2a67ceff

      SHA512

      580453597a90e192ccc851cd2bdce649183113d2e40cee09ccf159ac2a6441172e6f8e6296b0f13856a5949f9d034d6c952e0d5ee503884838737707e46a3bb7

      Download Submit

    • /data/data/com.yijiuyijiu.eshop/databases/eshopv5.db-shm
      Filesize

      32KB

      MD5

      f40760f2e2f79236de776773bbd92504

      SHA1

      32867178f1f4267f0c8b82cbe957e338835a248e

      SHA256

      eae29da362aa26b9abe0e4467d39fa6a2eeb054608a749c8aec16c60f24ed4bd

      SHA512

      a261d147b005a01e28f5ec875bec980dc9c42a07db186e49e22fac562142514d51b5f283a831403733f1f84c063360c358efeefbf3f8b7fffe69d8863caafeb3

      Download Submit

    • /data/data/com.yijiuyijiu.eshop/databases/eshopv5.db-wal
      Filesize

      88KB

      MD5

      8d44e02eaef449c3bcb0488b5a727692

      SHA1

      217392feeb0aead26cc9ad7fb962d59b6e7d2ace

      SHA256

      6b03920dc0d90df0630191d13e84a2a2b2ddea966eb1439cc6fb2391e6fd85b9

      SHA512

      06212b8e37ed178dbb110b17de6564b9941c3b010e4cb91faebea7fa80160af2acc72e032379ef84113c13265e82f0f7d21166889a04b6d4eefb0a98ce01a145

      Download Submit

    • /storage/emulated/0/.DataStorage/ContextData.xml
      Filesize

      65B

      MD5

      9781ca003f10f8d0c9c1945b63fdca7f

      SHA1

      4156cf5dc8d71dbab734d25e5e1598b37a5456f4

      SHA256

      3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

      SHA512

      25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      381B

      MD5

      d2293a09c95ebf4ddce3882537881890

      SHA1

      751ec4bbae2732fb5a6a1b73acc65b1d2ec5ad6b

      SHA256

      65ee8f95fd68df3105cc2803cab0e4164b98de397c8352f09edacc440b5dd4b0

      SHA512

      c6d0a6be7521b194a13ad447d78eb7195ef08210fddb9cd90834f757de9a91583b04f6a02a98d67592a8b6079d3695a75e99dbc7bc1b7216e1e598543c62de67

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      111B

      MD5

      18a37366c661a779d8c9f7b1e054cfde

      SHA1

      9e02f41fcb10756774f79c3e7e2c7ee84f4c5286

      SHA256

      2f47c415541032c0e9785733ec1f95148956bdeff53e607340ae4dd875e4d626

      SHA512

      322050393770bb013b1bc97323149dcf50da282b1535fbd131bd40d1b4d4467f21bed3b09530d07bfda3ce137ba45103a47507c21a9ddcd4403e8d7900dd2f3f

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      381B

      MD5

      10c0136f9d253f5070d6b0c18fe67236

      SHA1

      6615e6e7e5f3779f26b9aab841dd7d1664d3bcdb

      SHA256

      89fe5f4278990d77195fc65a7fa5b60c4525327bbbef9f5fc2c5944839a45758

      SHA512

      02ecfff5aed742dd02ffa6b8b77abfe5e6ff4fcb9ac9e50a6f069550a310ce1c42dad8bea8fdeecb0f42c346e555c9e02cf0c02a2b71fcba6331a86d8908bffa

      Download Submit

    • /storage/emulated/0/backups/.SystemConfig/.cuid2
      Filesize

      129B

      MD5

      59057a0507bbabba9ceaae15d12946ed

      SHA1

      50650e1302fb097a623ba7bc114b0ea7ceb7b888

      SHA256

      8f0e519b5f6f88ce409352c0dd3e42afe2d66dbb6efa80cac734337dd7ab44f3

      SHA512

      a725404e96193fb37f27f1d1c1070910dc9325b836ec5028533bcc7dbc180b0e47aa952f39efd7c30f6e1beed36010cabcf2606b8724236b9ec55513183825ae

      Download Submit

    • /storage/emulated/0/data/.push_deviceid
      Filesize

      32B

      MD5

      e15bb424e7eed617a241257c5f373c35

      SHA1

      497fee0c4d05077a3f19e414fe64116a84a99073

      SHA256

      4d2aa878e7fb397a7445f76cfe2e283bff6cecee24c991c887e152ec15ee3a48

      SHA512

      15d1ac1de435edae18774f17186ec2b82e4eefd3930ff7e404e54bb066da85cbb1b795cc04e08c5f2d9318336bd4a100717eeb76d8684a44e9904810fe52b5fb

      Download Submit