479e965bd87a9436f5f0fe72d42c39f9ae97984b9bd3bb1f6f814068ba4c05a1

Analysis

max time kernel
156s
max time network
165s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
27-04-2024 23:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

03ea051c729ff412cfa56fe95b16b492_JaffaCakes118.apk
Size

17.9MB
MD5

03ea051c729ff412cfa56fe95b16b492
SHA1

3056d89dbb740dec8439e8e07617099e24bcaa20
SHA256

479e965bd87a9436f5f0fe72d42c39f9ae97984b9bd3bb1f6f814068ba4c05a1
SHA512

51fe78c82d3a0272db370a9f721bb90c72212cfc68d4e05388602bc7a3f6fa1b8619a0f69204e8d96d4dd20d6b095c95b36b97b828e6174f3f1a339f0e9318f6
SSDEEP

393216:lbgSb13prSesBFNcVF03yw66Rkcm53V32nRJBA7PqHW/y9irf0qsBL:r132BFaXoywVbm5J2nzS7Pd/brf0Pt

Score

8^/10

banker collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.juejinchain.android

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.juejinchain.android

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.juejinchain.android

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.juejinchain.android

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.juejinchain.android

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.juejinchain.android

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.juejinchain.android
Framework service call	android.app.IActivityManager.registerReceiver	com.juejinchain.android:pushservice

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.juejinchain.android
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.juejinchain.android:pushservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.juejinchain.android
Framework API call	javax.crypto.Cipher.doFinal	com.juejinchain.android:pushservice

com.juejinchain.android
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5090

com.juejinchain.android:pushservice
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5246

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.juejinchain.android/databases/cc/cc.db

Filesize
36KB

MD5
67c12933d1e0e63d9801a6aa43092ce7

SHA1
b6936908554e4a1986b8eb08289e2d3545e8ff74

SHA256
abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40

SHA512
db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd

Download Submit
/data/data/com.juejinchain.android/databases/cc/cc.db

Filesize
36KB

MD5
15fb2ee7edda64a821d9f7ac642a7337

SHA1
554e72bf9a5d87a7537573854c38f64e0b3f0218

SHA256
22aba360c4b8b08c0f6e11930b7e256f852d527194f41cb02c962d53c6fdd095

SHA512
e86c5392a68e5a64fb4f483cba6cf441c4203db0f5be42af1579fafe94c1e08c8ddce135fec99d032d9d9c021a18bc424083a14b105c0363663f7211dde54f30

Download Submit
/data/data/com.juejinchain.android/databases/cc/cc.db-journal

Filesize
8KB

MD5
ef6a8d5df5d7a38a5067962d0dace7a8

SHA1
f6c586975f49ba6704f42ec038df6d917e658955

SHA256
da59844caca904cce225e95bebecd931aca5136d369752046fe88a849d1985ab

SHA512
468e6954aee73775640864e4e7b5556facdf267e7a92578ebf6d7b7371ac94d2b908ab1cdcc9855a30ae76ebe22890dfba341f1503604c57a9bd34548d0b7240

Download Submit
/data/data/com.juejinchain.android/databases/cc/cc.db-journal

Filesize
8KB

MD5
4f903a24b1a3a73bf0c1817d620fb1ef

SHA1
dd52c37dd4b2ec497fffe0269be51b6225582267

SHA256
10d81595378f5a39d47780bd024fa3a15b417e0f95a05a7f6f68f3bb5db2f7d2

SHA512
fd00f922ed3c649b47148e41dedf2c7b76c7e1a77aa23c4f2fab67238cc38986279aef59435146923916116811eb0c358c744e2232e038df22f61b126676f508

Download Submit
/data/data/com.juejinchain.android/databases/cc/cc.db-journal

Filesize
12KB

MD5
30ffdae8ed71006b8e4fc133ccc16e1d

SHA1
f76a05bfda4d385070e52d5f0f5e8c5f1db29c33

SHA256
bf4b5cceaf4903ddbaee0be6c02073db75245f5a70c8ddc76026eb840bdfee4b

SHA512
08d9c83f36c5e4acaa849ea7568498758bf36dd09971b2b406724d31a388c2bdff97c0dc1efcfdffc08f859b062dc05900fe44d56703ed948818dea71dc77c01

Download Submit
/data/data/com.juejinchain.android/databases/cc/cc.db-journal

Filesize
8KB

MD5
e3da7439aa472e72096200f0f7b276ba

SHA1
322ddb30f2e932db7b84840d9659932db82c70a3

SHA256
c4db3e5f903b4a02bce1ae0cb793631891abfcb64682e78a7e67596bba06ee53

SHA512
a767740755c625a8a2e241be169b033ea844d84f1afd47811a2fae00ba27f31d8b0481a691047804d2f6e7ab439ea16c6b1bea9121149e05706d2350adcaf588

Download Submit
/data/data/com.juejinchain.android/databases/cc/cc.db-journal

Filesize
12KB

MD5
210f43dab3379b07a3ba48d004a514fe

SHA1
c276e1f588ee5bff9b1822d5caeeddafb0b47bfa

SHA256
0d73dea0ecac9d5305369654f7f54f0e61eb12ea4d0a0a7bab772df86c260a54

SHA512
8ff0cf8ce28aeb50f0b8d0fed372377d51669a889137064a1aa140c01b2a8ba89889a98e2df7ff0341da02c1e36987e68f5bfdb44b5ef37d5ec92480761f26a4

Download Submit
/data/data/com.juejinchain.android/databases/cc/cc.db-journal

Filesize
32KB

MD5
425240422601907064f79c9f2fe2bb5e

SHA1
621680c0b66d65931b25ea244442fb51494dc5a2

SHA256
decbd6de00cf6b082621092aaadb98eb3bfed97ca512e14eddd60f3227ba4487

SHA512
9df6ac2f760a349dcf91f474ba6dd958484af8291140448381c5c7eaa4744257c3ab2eb8a674ffc6bc82e3b4d46ce9654d8fcf77f5d80e4193e4e3a935251815

Download Submit
/data/data/com.juejinchain.android/databases/pushext.db-journal

Filesize
8KB

MD5
6be3dae483c012d2cbde0ee10853e60f

SHA1
5cd15881003d81cb39a4650d73b51f78b3f12fa6

SHA256
fcdbb15659f5827e5a1b44de666a6d6deb25c90c58837e89a6eab94d46fc536b

SHA512
ff98ecbc27b0e9aab1ebf6337993937eef0b2d4c1c8b30a3eef34d01983351b310b883f26cf2490681ae341185e5831947b431107031e04584f48f68c0a4fb58

Download Submit
/data/data/com.juejinchain.android/databases/pushg.db-journal

Filesize
8KB

MD5
a123c921aff6a64ec7a55d71e4246e77

SHA1
13bc598ed09930a5ac0056c7f6d769b5c5ac828a

SHA256
72020aab2f62bdc75ecd07d0eada701da8f187aec6b257cdd8535d374180a3c8

SHA512
1af978cff40d906889d013f4976f1c90897f018a174ef2da0841660cf55630fd1f4af3193759d3dfbb73c12a7f2c8645543f9cd2cb91e7a0fd9f6e8335a163a3

Download Submit
/data/data/com.juejinchain.android/databases/pushg.db-journal

Filesize
8KB

MD5
d20849ddc096796f079dcd0e1d60fafe

SHA1
b4d9dac23f6c88f533189310760d4b7388b4a60e

SHA256
3b6b435573280e30654662276d3c0f7061983d7afb7b4080e25c9895f5d12112

SHA512
1f1f9a83872f89b8b19f5f42800dd6c8d23b5532b11a565701befa75676587ca881138d3608ce2aeaa5dcb3c6bf1ffbfce267580a9103a211c17dbfac2dc4aa0

Download Submit
/data/data/com.juejinchain.android/databases/pushg.db-journal

Filesize
8KB

MD5
c9fc5da6ab7b2116b7e49ee32b8c8e66

SHA1
cdcc70073bf9c2be08e53d7235d52d8190f34f31

SHA256
59591c0e9d4a07fa7c3dde4bc2d720bc836b50a43d18a6607c9ac2bbb8134a7c

SHA512
11b078c7d5aa9de41ff537f6b63c1b458899ed239db311b628bb221d44cb56c93b2d874dd5c0d1b11afbf005dcb9bd8fc153721c549a5ce4f948c4414a15246b

Download Submit
/data/data/com.juejinchain.android/databases/pushg.db-journal

Filesize
8KB

MD5
1f2eb9ad4d32f03d8d00801536325400

SHA1
0275d1eca07f16948715dfbfae3c10e3a2ea15ab

SHA256
b65900276938ea5a81822f919b96a3f7a4afebddd77ad84515ae8fb0b2845e52

SHA512
294cb11d4343d2410ae085ec2f550b5202a4e0f75acc1b8b79da9869c88d7ede568ce1d844c9b0729333143347cd2397bb56aa17e8ca69da3c8352da8c685c3b

Download Submit
/data/data/com.juejinchain.android/databases/pushsdk.db

Filesize
48KB

MD5
26a9a1233b1e5814240fd1dea225c6ce

SHA1
a6f867825b6ef7212ddfb75cee95a882f76484a8

SHA256
ec15240ed0781f12bf3c3380b04fe77655a1049fe95eababfd6bdd063d37fab7

SHA512
26e6da36e6a9ed68e98009ce41382a5e343d7aa92ba3fc8503cb1e62a78c5598c1cbe638d013874e2969f432e0ed0bddaf6cdb07b158184c53e4a6095bb6841f

Download Submit
/data/data/com.juejinchain.android/databases/pushsdk.db-journal

Filesize
8KB

MD5
8775d61db0402cb11ff46f2fdcd91807

SHA1
6ab168fd2e4af1b9c40fe67c19251a9123782f0f

SHA256
1879058b84d55ab373e6237f2888316c6badd7ae136c0de1fbc6573a15ee79c2

SHA512
f2ed94c2374787bd0fed55604ccb4bbc05e7f38a0c2f719a990fca7cb3133ed81880c863e07271e25601858ea8ad3bf7b9c10485da99b29d6e4fc0cd1dbf52b2

Download Submit
/data/data/com.juejinchain.android/files/.imei.txt

Filesize
512B

MD5
faaa80403e4401cf879914a3d18285ba

SHA1
57ee568e59409d38e8b35d32840af8439f633edd

SHA256
26ca1f268305ce666c07205f0f8441dd5bbe65ec86d0c95b4084dfdbe386485b

SHA512
ce0e83b49489e56c6a79a9b2d8baac1a4161a4fe9170c941aa921cf94aac4c7110624e956636ea58c3b1c9f11a3e804d6249f6e3b869a3e2b085a38e6672aa3a

Download Submit
/data/data/com.juejinchain.android/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
98bfbbefa04440dcaa9e01168cf0af45

SHA1
6ae4beff0e319e06c6657bcab39994ed158b3b6c

SHA256
697ba8c6e874a67ad71eaae4033341f426415a82f77566b02c75e1ab2d18737d

SHA512
51279ca81f9caa5fee443f52b0420f5f4bb31050b42e36e455486dcd0ec124aa7a1136097476f3e9199f1c60762f4163ea44c6cfa0bb65dae2b93bc8e209e6ea

Download Submit
/data/data/com.juejinchain.android/files/umeng_it.cache

Filesize
28KB

MD5
20e4a5be8364923237e374e17c65d96d

SHA1
4040a7140f0184234b2e04e40410d2e78066875b

SHA256
1353613be85c95e186fa5bac413ce4c41f88584ec42125cf01e3fca015779b47

SHA512
37b8291f7f9cc05afd289f5cca3cd0dc1493b467231a832f38526a27ce953b1d50565e50fd0e8acd39ceaa3c26da7e93535e32d32ed070f384fbae70d6beb97f

Download Submit
/data/data/com.juejinchain.android/shared_prefs_ext/test_app

Filesize
8KB

MD5
316f9d3112756dae050510ea1fe8ec85

SHA1
729eebd463d269ada62bbee58b48c0895f583b60

SHA256
e261829e147ff0f946bf06ee6f5fd8f1ccbeb4d2cf022a541a8351b46293d9fd

SHA512
9faa5a8b2c34c17ecb0d4355be0f5eff6001803eb35482060c49f6b19cc337b6e296b9b7aa7a80ceb639b1227556f2487f16d062553a11a5e9a7a51b45c668ed

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
8KB

MD5
463ad8e65307fb94bca47590f98728a7

SHA1
760f617b8425548c2b49d636b2b6a2297df02252

SHA256
df939720ad1054447fa2d575d89ba402f5126af437f9eab79742435427e51e30

SHA512
6857ab4c2c567ebbe528eee4129f0cc48c385000ae71db0a167200786cb6778e20e8c0dc74688105a8bbbdcf1f7915b13a046775052f7b536eb1710c236e2f0a

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
8KB

MD5
f7d9f4cd2e61ad5a6816d655e5a0afb2

SHA1
ffb0681043b0c41ec1ccb87ae6879df1069cb629

SHA256
34bc2eadcea1fa811277c1ba411b54aca464c76b0e6f87cbcbf46f587b8e564a

SHA512
626cb3925498b6cf61037e9cedcc65ec055abcf17158d98bd5c7c75e3aeadf93f5aaa702df23d24ad0aa1d05f031846df05d75044ebab08b98deea3db2836fbe

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
512B

MD5
9de36bfd3c5914e3b9bad8a90308e4fb

SHA1
363d9626c4569552916cecb10c7f09a7f98db225

SHA256
2d7bd08bc60940cbd350a760ad43dfa6a9f149e49d65f20dea38479dc4c941c1

SHA512
6bed1fb8d08f3da940587056d9f38de0fb240eb8a5f676fb188947d3ab934601f1e0a555a2e7d9ed3c33098f8b6222fec315b1c6a1386f79437de6a24e57c3e9

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
8KB

MD5
663ef8db577cd3aa828b7d91e25aaccd

SHA1
df354f675133ac9b25db8f4cfe443f140e95c3cb

SHA256
bb9fddc17f64341d23193af920326cf94495fbef4e4bb48d9061df13b2f4b3fd

SHA512
4417357d2ee37d966b26932932d9bbcde9bfb95b4cfd6f13035596b2761bca47401d8018ce04a329531403163a2fe1dc88a6cdc2f15896cf73c437b73c0ffa9a

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
408B

MD5
a54557dbf7e015247770e2841f144c0a

SHA1
b7c4d6f2677bf636a0928f67ffb390784eea7259

SHA256
2a5d18533957bba893933f6f4c9444d055adc74795db39853aada52ff105949d

SHA512
f23a7171258979b8e4dbf954a06e3b75b067bdb721674ec1e2ceb5770ba0c7fd6718c21fcb9ea0c066a03a42839b81cc01e4e3e3714eb9435020cee75a3ce7d9

Download Submit
/storage/emulated/0/.imei.txt

Filesize
32B

MD5
4bc59bdf50d74f66b22c496de281df56

SHA1
daef3bff826c4b313ee5419c0bf15d44b85053b6

SHA256
ef09524a8629aaad9e8020ffdac87dcd4eef3d19ac954bbd20b47daf3ba0218d

SHA512
0ba644c74793df465172e2458db5f0fe779c5620c545ae1899f2d7d1c58956a4e717cdc048cc5c446110b0ec5b599a53367ee623f18531b190f918f3fd0a1039

Download Submit
/storage/emulated/0/libs/com.juejinchain.android.bin

Filesize
1KB

MD5
7d978f762304313a0e7be69abd577c70

SHA1
c7662b8631ec54d70a5160d66effa65a8db1facd

SHA256
488affbfc362c4a14012b1ca0178bba90124bafee5cc102fafccce35bf3f37e2

SHA512
3073330f941a3933cdb56f5800b5879dccc455e680dc9d9c7a216a017dbbf45f97f605ed60cf71ac81f9e9b521e5c8cd7e8d05617bc5f82daaa0dee94f05e126

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads