4653d410a8fe58822e6eb45e8548a548a48feb33ea8eec31ab763974299ef4e1

Analysis

max time kernel
12s
max time network
157s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
28/04/2024, 20:35

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

060475bb8935b6ce583372154fff7180_JaffaCakes118.apk
Size

3.5MB
MD5

060475bb8935b6ce583372154fff7180
SHA1

084a087002c04ece06626a3b2685eb62c731a8f5
SHA256

4653d410a8fe58822e6eb45e8548a548a48feb33ea8eec31ab763974299ef4e1
SHA512

98786b62c57c4b121c178bba53fcde931ab9c3d02b4f303561dd9fdb365799806923dd6f4728700d6a1732b9888fc919466d267650a7083cdcfe4a6ad2fda03c
SSDEEP

98304:CODDQIol5oqAzyK/wcU97IbEENbcuHDl9X:JBol5bAzyK3UWRcujlN

Score

8^/10

banker discovery evasion impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mumayi.market.ui

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.mumayi.market.ui

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.mumayi.market.ui

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mumayi.market.ui

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mumayi.market.ui

com.mumayi.market.ui
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4184

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mumayi.market.ui/databases/mumayi

Filesize
36KB

MD5
29f79862a3c228d65008ab33a3806815

SHA1
739d78efb01cf412c365245378ce0ac9ad586964

SHA256
d59d8ef603352981d1b05d2e92c1b8c0fb938eee19b26f29d904a4833f5d4c74

SHA512
33b7bb8d4f945e876b8cc2a3ac974969f41361329e9313cbb6eaf580dc315c806a9ff995ad06c049addfec50933a5f2670a986ac601f9d34e8f292c718fff125

Download Submit
/data/data/com.mumayi.market.ui/databases/mumayi-journal

Filesize
512B

MD5
9c372ca893411a5b26b5a96152ae378a

SHA1
49518c227bab343a19f5d9739ce8964cb2d27ad2

SHA256
39d91a418d0ecb1c01a58d42c1ede732f8c2afc2ea2a5955ed00a0db3befc002

SHA512
368825642ffbddc61e555604193f06d9b82e850eb0e4f4e8bf0b1ade79bacfffa7356e1877cc7b35d345b4f731ce372854ce7e9f70b3aa65ac0d4133798dd527

Download Submit
/data/data/com.mumayi.market.ui/databases/mumayi-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.mumayi.market.ui/databases/mumayi-wal

Filesize
402KB

MD5
37d113c075fcbd78ac273a09be7740f7

SHA1
f90388ea6c8a4d6596f9f7af945d79a09d5c09b3

SHA256
171de1f74834e8e8196ec0953776c2750827da84ae704d1157a9a05f2a197d85

SHA512
92f6f76f6d30f16c951c6cbb3e3147516b0e62b40fd0eb4060ae1e6ffc404fd791288dd77945a07c0973f4fa93545af2e702ddcd32cf077210e31bd84640f72f

Download Submit
/data/data/com.mumayi.market.ui/files/umeng_it.cache

Filesize
294B

MD5
9eaf89160cdb466cd9fbf3aaef1c6930

SHA1
8fc079054da2f89b6937534b97f055255a3e287b

SHA256
e41a8cb449ca54b184304729159034eebd50314840fcef6204f145ef511b7c4c

SHA512
90c54708d35ab7f726af0ed7fa7d471910c01b1074a5740b9230c7b1dcd3fdfe737f05955a0e72cee6c8190bbe1415376f3a1a71bec675af6235428d7c857bbb

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
49440278b792e9e1876658ee84f14cb9

SHA1
f9a488b262369c9c0aaffb3217b43df94c373a8b

SHA256
689ca44bc354eabe47ae274d4c3c00830f2a04f100946d7dda1ba6ba2fb04ef2

SHA512
33cdab898198dae48c48b977de0bfb022bd76d994c93dec73225e21dadfaf270a140f8a9afcadfd36b48b571bbab588c9af6efb86bd10d7eba2eaec125e030e1

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
7cacb7f33c1d42f1b00a83d801c36f4f

SHA1
59d1c7a59e34a09b01337dd191f6f60112e451dd

SHA256
6d5be187e8d4de0ce919ec78504b6e75a4b8368f459e8ba31b3fecfea99f60eb

SHA512
a5a7f17eb125634591a7194d4915effb54a04685d461683ec63ff0b980c8ab17e85bae1395f32fd50b9216de692b96dbb0d8954cec294f1195f2667e6aedf834

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
65b8699deeeb1427bd92454cac74c2fc

SHA1
ac0b4b30a687fc1b79871fc71e74204f1b7ca86d

SHA256
42e030ede9f4d8d678447359764330ee722efc9cff9b4e945c71f86cbf76bad0

SHA512
b372dc8ea838f8ad549b1f3ef277c37888931198440f9ce5dbcc715873996f6175a8c536f9ae5bcdea0d68cb5d4466ae2fd5e625c4d58cc33b0e733e53cf9fba

Download Submit
/storage/emulated/0/mumayi/alreadyIntstall/intstall.db

Filesize
507B

MD5
38b25ea753941440c9a8f97e07d511e2

SHA1
24f0dfc0b96c7d5cd95e1c830dcb93068ca69a36

SHA256
2a3dac6e859b591a55ae03a228453f850cbacc71f675dfde27f7b5f7611555ac

SHA512
3806dbdd63ba1c321d6c71892bc6afaa33d9ab7753ac1b5585b1ef887471c54b39a9cefd553af5590002486c533ea17aa784488bc90bd2a33e304e3ed007a44f

Download Submit
/storage/emulated/0/system/android/mt/my.dat

Filesize
10B

MD5
b35b0cb70712626cd5eba5433ab312fd

SHA1
2c9c1c56e999f0983259a2ca110caddb63a20ae4

SHA256
6e07237854ae3ada9e905f3d57523b1450f98d67255c79276836f994c990c132

SHA512
86cf406beccd2bb9bf86e92d7c63f478115c9eb8361f4b13b366846c0d9f39e480858fd46d51ea501b18e8f320ed0b139a76d6f9f10660a63ed66d5129b2fd97

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads