47a09bad8171f24c3c87b9226baffcee13a8807c7372ccf502844dd9459c8856

Analysis

max time kernel
94s
max time network
164s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
26-04-2024 18:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0162aaa2d96d9e78abc54f735a2330b3_JaffaCakes118.apk
Size

16.6MB
MD5

0162aaa2d96d9e78abc54f735a2330b3
SHA1

7a8b6878d9bb8916530d657ad32a5c1fe887baba
SHA256

47a09bad8171f24c3c87b9226baffcee13a8807c7372ccf502844dd9459c8856
SHA512

42a3b2092ae5db5514d285ec77a6fd9456a0300353852e787022c80bd3ee3b434b3ef80b981378bcbb2a4803325d5c59bfd530d11572116ab1bc5ed9d0e051b1
SSDEEP

196608:F53oiIx0i8e3cnQKPXk9H/keH6qzzFXhIyRBKB3na7zhL1x56voexRfnvvJ:P3jA0i8aC89H8wzJPB83aPhL1xMvo+J

Score

8^/10

banker collection discovery evasion impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

cm.aptoide.pt

description ioc process

File opened for read /proc/meminfo cm.aptoide.pt
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
collection

T1409

Processes:

cm.aptoide.pt

description ioc process

Framework service call android.accounts.IAccountManager.getAccountsAsUser cm.aptoide.pt
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

cm.aptoide.pt

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses cm.aptoide.pt
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

cm.aptoide.pt

description ioc process

Framework service call android.app.IActivityManager.registerReceiver cm.aptoide.pt
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

cm.aptoide.pt

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cm.aptoide.pt
Checks the presence of a debugger
evasion
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

cm.aptoide.pt

description ioc process

Framework API call javax.crypto.Cipher.doFinal cm.aptoide.pt

description	ioc	process
File opened for read	/proc/meminfo	cm.aptoide.pt

description	ioc	process
Framework service call	android.accounts.IAccountManager.getAccountsAsUser	cm.aptoide.pt

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	cm.aptoide.pt

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	cm.aptoide.pt

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cm.aptoide.pt

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	cm.aptoide.pt

cm.aptoide.pt
1⤵
- Checks memory information
- Queries account information for other applications stored on the device
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5094

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cm.aptoide.pt/databases/aptoide.db
Filesize
12KB

MD5
b2b08598b09a2ebea05360441f337760

SHA1
8edefb42bb3212f916a5c61a09321de7ecd999c3

SHA256
cd09400d6d538ca8041c64fca3121b1c0049b99398438b1ea88dbe3ada041bdd

SHA512
55f34c6ac2d91328708617cbd8ddf5f55723989109abfd0625e0a2d431c849a940d91510a2ac2998c33981c3e55e3d5e87f45b243d9a796b2850b3bedd63aa38

Download Submit
/data/data/cm.aptoide.pt/databases/aptoide.db-journal
Filesize
8KB

MD5
1f8b9aa5ac267a24ed04686da579d483

SHA1
4b9f33c25d8fad5ed81ceb4eb2d8f01f4c7867a4

SHA256
0c21476e977150c9f353561ff54a39681589f55d97adb32da226cd9cf4fae816

SHA512
11cfedd619603ed14af43bff7399790a2790a61b35c188458da03894ffbb89fe8b355eec3bc9365968dded529bb2e379c2141be875e53396f9b6f49925e11a11

Download Submit
/data/data/cm.aptoide.pt/databases/aptoide.db-journal
Filesize
4KB

MD5
4f974f4b7d93bb3b299eff7090af40a7

SHA1
11326fbf8e7e11a9de8247c4518c90e4b79a4709

SHA256
9e2fca77138cff8bba64929380caf5cf0b3f1d140f8af0be22c43032bc9c8579

SHA512
a2c8402a995facf55bc2fd4a832ee040416728f371b262014824ab188012caaa1354a798edd09b5e5490f24ba749dc75e490a28017ee6aaffde20a2ac3f28ad7

Download Submit
/data/data/cm.aptoide.pt/databases/aptoide.db-journal
Filesize
512B

MD5
08fc9e8d858fe2cd2edf12d705b5fad9

SHA1
8b02f0fc3be091fb6d6e4a86782ad7782bf035ea

SHA256
3ff97d25b6b16b22d466c6ce8bd648e9c0cf06403ba0d26ce76276c14362c3d9

SHA512
f52f6d41713825588a91965062ced9f277fef600b4b53c0e90aadf42d05934a8442a3dcb502b88e00d30d12cf7522c92d0cec1003733ad0630177be9598b9657

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CBeginSession.cls_temp
Filesize
79B

MD5
ce62ccad8fc95db8933ce21ce43f0adc

SHA1
a80e45a4fb1bc00d68cd3c12b86dde3f6d2e7812

SHA256
0eecf94776f268d0da67447cc43657212c2d75e8639647607fffc64820fd80df

SHA512
a7f377a8a9303653659dd8d42b9fbb2fea8fd50d777d750ebbe59c3215c711e0e88f0305e944d7195d2a88934550aa5bf6be9dfca88810ed39048bfa7d3d6f24

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CSessionApp.cls_temp
Filesize
112B

MD5
5bc0fed11061f0c57e9d6d3d19dda306

SHA1
ed0bd52f52b7301d2be68a6eb061f8f32535a1c1

SHA256
43789e1d3e8052bf64ffa9dc2878166c3460f74d63770164a80f72567db17ad6

SHA512
e047e98580b30b8c17482d94e364b81bdf724303d4e2405f3fa2dfb626d3a73d8d57a09903f116aa96e8e00162662635baa905b27ff9b19f060e9c2c8fc907ee

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CSessionDevice.cls_temp
Filesize
131B

MD5
6731fe5e6c416ad7f5f6d84169e9b6d6

SHA1
a9a44bf588d958ac27ba3a799707fb466fde7121

SHA256
5a089a251016dca124553dab95e5c9c5e3abeb766165bd8bcf73c0d3eaa58600

SHA512
02c583b354ad898f62a801b5ac66c67c122f4255ddcc83312afa5a7b9d6214abb32554ed066974a379ef3aa99800226fc64393d6d659848a56e236784f6cbc6c

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CSessionEvent0000000000.cls_temp
Filesize
1KB

MD5
0e12038eeb22c0316e7c267a47ae3e63

SHA1
d211b15d5ebe690f48d8dd51675b34367276ea5e

SHA256
7019287e1d68a3f42e07e973c8e83bb23b1a64a2250ebc06e2e73bcf5fea1263

SHA512
a6668f4d5e8a649eac9310108b27aa9332778f9fe928aaddef5da151eda596659497d2a5c388ccd0f093bb0a7a894021d02f5c898a902626b0791711eb50a4fc

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CSessionEvent0000000001.cls_temp
Filesize
11KB

MD5
3ba43f3e342fe22115afdcde38a15da1

SHA1
65d51336b90631177bf5538dfad2f699dbdfa797

SHA256
daf6ab3ba28b8cdb74ade9e70e6bd4609c2ef0ec45529a8109befce6f8b559fe

SHA512
4c9c12b8a43ae788f5229518bc96d4386676747980083ea9a64bdf074092e3336dee10d4b47eb1dfc17ebcd1b9b0b26a5457deba3cd8adbbd32cc5f644bbe003

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CSessionEvent0000000002.cls_temp
Filesize
11KB

MD5
25893a643d24a9c42fb0f683e613dae9

SHA1
4f4d1cd78d136885deb59ccf9d624511a21cf45f

SHA256
6182bf75edc7cbd77509f9bc87acb8da38c560e0e149b38fa7be07a62de83a09

SHA512
abe4493b9d60ba3114709d17e88beb34fb15c505725e3a5dc12f3a4d9aee6507ab4328b808bf68cd7aed37acdd676b775e383d0dde1bcc7510bf06a3f9b29d9b

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CSessionEvent0000000003.cls_temp
Filesize
4KB

MD5
4400add9f61c489745342444eb430c74

SHA1
ece5e2575bc3d19b7c58a9c94da98820a115c549

SHA256
c7fd24dd43f05c698ebc3dae998f60041f9e2d70844698b75d1a9cbd047096a5

SHA512
7689bf01ae9d886bd4d3bf728258dd2759629f384cf62c3f3714da6f3c453ae94fb73276c5a6a83cfe33385743d8f5918d78bd2a05e7b0fdcfd78b427175c7f5

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CSessionEvent0000000004.cls_temp
Filesize
4KB

MD5
88d097440371952cba83a4e6d4d71c64

SHA1
8d229eee369e00efc6cb6083f0a65c24227e293d

SHA256
663d1ef4b84fddb9c47cbd70c3651d184df2a5679f89eb07611d84435ffe6ac5

SHA512
c962edbca6084c7ca88d2225fbba9f41631eb0c4871146c00f834ebbc0d1884e0315f0da7025d5a83083f83228397c9dfb7bcb02a1a2920c15cdb548de2ba040

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CSessionEvent0000000005.cls_temp
Filesize
4KB

MD5
cc947b895198ce27269d65d704c9c2c4

SHA1
740ed480d14678437e8255aa3b196fe98355a0ac

SHA256
48abb305fc08cb719e6981a13c4cae5d73bdb9f8c0b0c808cff51396652040db

SHA512
82a9f49f50c93bff064600fec5315631e4c581963a99a4da0df9773553753c883b80dbf1d0f270e212f41e394d7662fc6a18e4a47796d0182295ecd613af70c1

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38CSessionOS.cls_temp
Filesize
15B

MD5
2566d27ce8c28d8961f082c375d7535e

SHA1
92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf

SHA256
5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a

SHA512
1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/662BF18402A8-0001-13E6-30866FDFC38Ckeys.meta
Filesize
17B

MD5
9bd664411b2c38543a551acb51c19ca6

SHA1
9f53dcda90ad2f378f8d676bed6626c3f50f0516

SHA256
2cb3788794c78d71e39b078942cbb1868b7e46bf4925add1c23decd644af438a

SHA512
3ab3922e0b3bf6c552ea01a0adc6493acfc58f8e3956687c6fc7414e916569c33117d575272a495d296fe858f4dfdcfe92c18238b7c3dd70749aee9ea9b34d27

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
516B

MD5
888e0dd2193c7f94b4279e7586a2e923

SHA1
4f1ae68b459491599eadfc0ec4ee445079d62657

SHA256
5dfd8685d006d01fccd3434ecc9c40ea8301d4588683d922b745feec3e60b55b

SHA512
15d1a4b3077968116b2b9b9e6bf21f3d7957e70639c7742988511e2cfd4c5069cf37d337f638eec53a69c7574a60275b4f83a088379dc96b7dad322be1dafa92

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
3KB

MD5
cc3b2ed1ce691feac3ce05f331229e54

SHA1
0c590361cb6166d63e1522e7aab882cc6363ca3c

SHA256
ba353243aac8e4e34fd185e0120cbf37e8f6c4516dfb4820c67bfe9ca8438b7b

SHA512
0243d70836dc571318025fe3c94c344b89ee2ad2ba08aa79fcfe4f1d9ac614ac7dfbcf5980bbc33e32e2f0c6bfeed8746c17d170716373e50c591321aaed4737

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/cm.aptoide.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_292636b1-4f72-4d77-9cac-6ad35a275d1d_1714155910866.tap
Filesize
395B

MD5
e1b3374d23d5cf8c800bf4ff37a4222e

SHA1
08173594ace927a913bfe69b791cd25a5e0c4459

SHA256
a2570d650c08b4f2c0b88f6d360682e229e05f4d101fe7fa6a6175bf629e35bd

SHA512
a928aac15f1dcad0fe88b19d22903e07ab583b38ff26277d7a8d5205d068813cdec4fe0e2d8ea3d6bc033fef2ace52e8cd5d1faec9ae7165bf70cd9622c454ba

Download Submit
/data/data/cm.aptoide.pt/files/.YFlurrySenderIndex.info.AnalyticsData_X89WPPSKWQB2FT6B8F3X_229
Filesize
88B

MD5
fd0b90eb733e05f798d0c7d28c68d425

SHA1
585c8d548bfe90c5f0c15258f776822b6f1797e0

SHA256
bbb587c166c077693b15bd0a9fc0223c82657260d28a75a0144add63e4f20fab

SHA512
f6cbc845b1426e73f0399f51c2e499f36a80b232d52270637e673b3d95e487016396642f5af4aafc3621f2692b8f22b22caf5fd92b7b47d17a900b848afc4c18

Download Submit
/data/data/cm.aptoide.pt/files/.YFlurrySenderIndex.info.AnalyticsMain
Filesize
72B

MD5
9178aeba7a4106d6fa76a9381b292fbc

SHA1
5726c7ee8f69b92f216b4fe4eaa2beadfac2af85

SHA256
8c06b6e6defbf1adaf5546095cb1bdef5cb40a6285c342649c64fc6042ee8800

SHA512
d7fb2df502d891a8b8015810363f2df6fbb3ef4b32ccb07eefa278ba45ba324288a0a16db33edee95fcacb637b69586526663478edfa810eb205ee9f5b4d1878

Download Submit
/data/data/cm.aptoide.pt/files/.yflurrydatasenderblock.e4556782-7c2b-4683-a00f-f7bcafdcf5a3
Filesize
293B

MD5
099eeb365c672530aaa6d7827a81a5ea

SHA1
6cc66c8d06b03e00dc43113e27ba94b84d99be3e

SHA256
94842c72c2be506874748c2a5e20e1f6e62df4bd409f253615e3d3216fd4bcb7

SHA512
3b20ec6703a1c6ae74e4b6a869d06f1c8f242d691a4bba7aa18255403cf745e090aba085708ffec614a231aedef8e079a569d5488ddc45cd36d848a81239fb69

Download Submit
/data/data/cm.aptoide.pt/files/.yflurryreport.256b446f1755d92
Filesize
447B

MD5
a49158bad1b5ad7378a20a477a38be8c

SHA1
96c653b4318e745eacd6ae0a5c73e8d1083ef1f7

SHA256
c4a332456febc2f1631f4fcf5cca64d4d4379c235c478f2e574c0f1999df4f9d

SHA512
ef29747b89e79f7e9287e279948dd92cdeccf8fb54cea9f49e98daaf9df59e3f2e478d2a42a01d5d0d8d67313274692c08445659b4c1b50afd042be30a27a834

Download Submit
/data/data/cm.aptoide.pt/files/AppEventsLogger.persistedevents
Filesize
907B

MD5
8b0a3001e4ddbd7a6dfbd39c8c357b11

SHA1
caf7102eba4410aa51423d25b9fbaae9cc0accd7

SHA256
8478c2ca29686dd6cb35903986d2c93ff1a6cbf88f114d92315cb6d3fc6cda14

SHA512
eeafe41d2417845b1da9cb6591d2a4e1430184e66d06b2554bd12dd0302ead132b72728dfafd58f815346355e065de10be373bb79a4c7bfe558ba2baf5544886

Download Submit
/data/data/cm.aptoide.pt/files/aptoide.realm.db
Filesize
24B

MD5
a6574431b943e0bf47642c666f3fbbe7

SHA1
79191cabd86accd903f27c523c95ef19933c64d1

SHA256
60692d3a39b5fa2c7ea60c7be7014c2069f7c0a3fedafa269addd8143ec15f6d

SHA512
c438e1cda3bce0de04a34e3f53f17f7cdd235e80c656c31e43a21b37e77dfd90de14c17a5c6719b84a14899ff41107a75790b35306c7ecb1674d6f60de9bbbef

Download Submit
/data/data/cm.aptoide.pt/files/aptoide.realm.db.lock
Filesize
1KB

MD5
71061ac82f49273ade97a1b6d460295c

SHA1
9e604761ddbe2822c5e265850b3ccd981345298b

SHA256
bf9717c9f404f2be08057fadce3d41e80e60e877e6a348f1a141b4d8d7c4b15c

SHA512
24f91421dd69c7c7b2d7e5ee41ab9e67a876492d8debdb3a47de997b9280d488e3cb0fc6208325ac7371c40fd684b5211ca9c52d999fba66ae2cce55d800ef48

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads