Overview

overview

8

Static

static

6

07a49a3993...18.apk

android-9-x86

8

07a49a3993...18.apk

android-11-x64

8

Analysis

  • max time kernel
    124s
  • max time network
    155s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    29/04/2024, 12:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    07a49a3993a96031e3b08336b318bbcd_JaffaCakes118.apk

  • Size

    1.2MB

  • MD5

    07a49a3993a96031e3b08336b318bbcd

  • SHA1

    f429bca06ca376be2cfa054b55ca27e4c89e107b

  • SHA256

    1fc74cd2c9dd27506106823cc44ea2ae62a494465342e3a36bd61e658d11d6b7

  • SHA512

    da4eeba45c94bed958832b1df987b06662403c16e8f9b34738bd380a88fbe148247c2988f98adfbda62865dddc52ea7dd1cfa528fff262596e42034df10c4aac

  • SSDEEP

    24576:lAcUQDgtHrvCQInjyeqXEdmeVx0X8q1Tk2gNYQDZE:lAFQDmCueqU4MGD1Q2gNYge

Score
8/10
collectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Requests cell location 1 TTPs 2 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscovery
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 2 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • com.peigy.weather.widget
    1⤵
    • Requests cell location
    • Checks CPU information
    • Checks memory information
    • Queries information about the current Wi-Fi connection
    • Queries information about the current nearby Wi-Fi networks
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4187
  • com.peigy.weather.widget:remote
    1⤵
    • Requests cell location
    • Queries information about the current Wi-Fi connection
    • Queries information about the current nearby Wi-Fi networks
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4317

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.peigy.weather.widget/databases/cc/cc.db
          Filesize

          36KB

          MD5

          7985ea917e4ffe6c11f1551ba514e684

          SHA1

          147704cef9451eca461622715c1e50ffd34dfd1f

          SHA256

          890266f254544693ca354a52878a042ab3de7ad4f4158bdf27c8a8436bedee24

          SHA512

          dda5f9ec146c572a2aca6de7b084338a9c857c8b8c430110f27f98fa3f44a67e5b22b67a0ead1c08bbdc1a8bd0d7c0417c69924e09fb8c7b0ee70a6d5e3fa866

          Download Submit

        • /data/data/com.peigy.weather.widget/databases/cc/cc.db
          Filesize

          36KB

          MD5

          d422883e4047fbd3fc0c03fab6719b53

          SHA1

          b43b28d5c2f95374347a1f4923cb342ecf2ce2f7

          SHA256

          b416f5aa42a8aa5ff34bba8ca829b3146be1e5c10f8bc040be3e633ef28bd6ef

          SHA512

          15a6f413433f942c4e8c58ac7aea7ba1a64215c2f75a3d9e0610262d4ddb3ae75e2753321d442bfa177bf63c9b62e3b8a167d36d237e5237c154f669f44376f8

          Download Submit

        • /data/data/com.peigy.weather.widget/databases/cc/cc.db-journal
          Filesize

          512B

          MD5

          187ebd3fa202e61f4ca163d69dbdf54b

          SHA1

          a1a804fe4dd01faa7cb5db4cb9252e825a79b0c6

          SHA256

          2edfc251c047cf0085379f123371a28878ddfb618c010db309b04fefd422fa86

          SHA512

          8ac5ca9f878bc57db4e4b6d8ac1c604c795620708765195ce9b15eac3bbdf6519f3d7e91e5ddd9fad603dd5644cc6fc8eb59d7acfa826720db9eb0c77daa891e

          Download Submit

        • /data/data/com.peigy.weather.widget/databases/cc/cc.db-shm
          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

          Download Submit

        • /data/data/com.peigy.weather.widget/databases/cc/cc.db-wal
          Filesize

          16KB

          MD5

          744697d05c5e8a83b4e5842c719b2e25

          SHA1

          ee2b5429c8f06357319ff7e427967115172dd111

          SHA256

          6b244475093cf19e60ab099bcc6f822167b91f9ba9685672d906ea99d7a05de6

          SHA512

          48395162b6dde3497b8252ef3582c623b6cff47aeb50c84fc80f66b6fcaf91314029a150fe86b50f777a4e7936131739431511b9f9a4f1c43a4aec93786f02b4

          Download Submit

        • /data/data/com.peigy.weather.widget/databases/cc/cc.db-wal
          Filesize

          48KB

          MD5

          5661b48937cd9cfe7697ed44a06c8e49

          SHA1

          8c728c0f3cdc8a1d11adee80519cfb6e7724952a

          SHA256

          0082f4a66722869c1738f9bd27f58c04d79c68f38c04762e21d78e625d0f6ebe

          SHA512

          fc8902f53511612b948e1aa828276a26af07b675ce9c52179bf818a682fe93472541e16e641111fbf5f63e15629e5ae4d3705d83d5ff0e653b37efd16659dd9b

          Download Submit

        • /data/data/com.peigy.weather.widget/databases/trail.db
          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

          Download Submit

        • /data/data/com.peigy.weather.widget/databases/trail.db-journal
          Filesize

          512B

          MD5

          6680f6a4df168ec18c63477ec83de046

          SHA1

          c2398ba7cca56e7cabdeb5a4b25c105630a3a483

          SHA256

          64f74a8236248903879afeae70dcdb03e3b1bab0d946b8575899543f51cad875

          SHA512

          24ec07938f8524a00a82b3e4d57de436ec8efead16e3917e5d99ddfdc02e7c74d3feb6658e4880a30bd5a16d758f274a9e5918b6c3eaa386ec5e85175971df94

          Download Submit

        • /data/data/com.peigy.weather.widget/databases/trail.db-shm
          Filesize

          52KB

          MD5

          c2dd7aa52eb84c447e0573608a72d29c

          SHA1

          d419b45394d33a727da774795d9f9f4db68e23fc

          SHA256

          633390cea2f0b460ebdb60f32a6838ea2329c3e44511dc34b6a1f0cd0f44e7c0

          SHA512

          114a6a657e75a20d637d99e1c35d217516d3f6fa219be9b8824d6db83958f457574a88fca98121e6187aba0cdf7f34f933619be33f89f221df8180b31a5bb7e1

          Download Submit

        • /data/data/com.peigy.weather.widget/databases/trail.db-wal
          Filesize

          32KB

          MD5

          1ce0db4223473ae3e570721d63239f07

          SHA1

          61c25f149b09f7ca5093b4e32274ba154286822e

          SHA256

          b0b674bc426095663459d3986cc03a7628cf4e1f4bcedabf5b58c8389a687c97

          SHA512

          3e0d7425ce972b4ba6e0f7be268f654ff90a00da61f201c1d88ee0df878915a7e14733280ba6cef7098ccc0004031a1cac88e3296bc00a7aa5f3ae8c7079ff3e

          Download Submit

        • /data/data/com.peigy.weather.widget/files/.umeng/exchangeIdentity.json
          Filesize

          32KB

          MD5

          2d11c58073cace3c260b8bfdf10bd968

          SHA1

          93173e298fd1007b393396e9f3896fa9bea51ed1

          SHA256

          6f353f930b407a0422e76980a79da195748b57f986de499bcc12349bbd7966dd

          SHA512

          61c68a3c8640d0e8964e0feb9c16cb602bbc30182446cf83c2f959a651caada432c2a5662b57722b35652a067d8cb94fc4bc055aa5ea483393add98e017afdce

          Download Submit

        • /data/data/com.peigy.weather.widget/files/libcuid.so
          Filesize

          512B

          MD5

          b2d439b283f48783542b797d7d179bc2

          SHA1

          19ea7fc750f57cfe99acd7f93e8e12fa6df7dcb6

          SHA256

          653e385a6cba626237ca2ba52f99d89731459058d27038614b8b0710a7245b84

          SHA512

          49ffa6e262ab789050dd8941ec9237ba05a47519b36243ed50011449765a40e1d0d0544f0351e74a1dae86403fdf3cbc953af486af2d0a635cfa9cd03afd87b5

          Download Submit

        • /data/data/com.peigy.weather.widget/files/lldt/firll.dat
          Filesize

          76B

          MD5

          92a9f6ed86a51ba42d05a40f36aa0b80

          SHA1

          c81c7a3cc2f8098f248f8049e245f221fb2fcef8

          SHA256

          b1a4dd99fdc70df3262b8877a97368da20fe4b45feec84ee62038e31c5b476fb

          SHA512

          b95df9a9c72a76495209b5198f858271ec4e9e5f3d199a27fe394306b38459050be2826c47b56b76c61bf25ad19bb6f25c6827df85ce60c30a7f2097d3482bfe

          Download Submit

        • /data/data/com.peigy.weather.widget/files/ofld/ofl.config
          Filesize

          235B

          MD5

          59af1e0a143c13c54fed93c3469355bf

          SHA1

          81f4d44878bf96802fc22a0a7668d6f0303d6cb6

          SHA256

          3f08b112d43e5a7740e25cf1e6298ffc10b131c7c524ec7b74154693f6f923a0

          SHA512

          a8247f3da4e9e13e660f592ac0b3d5cddab6aa24f9988e6677f3fac7bb15ef83592726f250b155fe9d5539ce578f8f7d18eb89a8f9655d0bfef18680375b07ea

          Download Submit

        • /data/data/com.peigy.weather.widget/files/ofld/ofl_statistics.db
          Filesize

          4KB

          MD5

          70508202df6eaf70f2d582f65fa027d5

          SHA1

          bb71374e07726bd5f7d0872264abfeb2f48a0758

          SHA256

          a6758c368a6ae1bed8fd3a8d3180bcacdd80a4a6b1ccb15e039a4f68b7afaa36

          SHA512

          9716daec5edd216b2747121d0b0eb024f24f80b685ff0573085fce8e602fb330ee8b2a785931bcebce937f056a105d4365b98dc0bbed42295f29a2832a8ccf8a

          Download Submit

        • /data/data/com.peigy.weather.widget/files/ofld/ofl_statistics.db-wal
          Filesize

          156KB

          MD5

          f688b2b2db61e5441bdf6458234c8134

          SHA1

          b9401eb31a3c18dfd2c5e6add8911e2896e5aede

          SHA256

          4107148d6c123781ab4ff28ce8632d35b7e8c51766a60b0ed81d58a46f3dead7

          SHA512

          a58047ecd71669b98db447a4617ead68a09002db1cd342f54e34e9d4f2a0ab109dd13ce54f014a02d7cec41363b499fcc624573cd859d63091a62a97189c53c8

          Download Submit

        • /data/data/com.peigy.weather.widget/files/umeng_it.cache
          Filesize

          48KB

          MD5

          54645c3b03920945bfad691f1d33fd0b

          SHA1

          3ce25937e2b7bb9dec221fe3ce1a65949ba464f8

          SHA256

          f71bbb37c93c320e1b52db31e23f3d0ce049b98cdca27e5898e8639b9ef9c0c0

          SHA512

          b3fc164d26ce3c8982e49e23f188eaadb059f2a163b309bacbd422f5708844e862c2f1d2d4e8e0a338746edae3b0552f9c2d9a0ab92bfa005fc8a7e04d9c5a5c

          Download Submit

        • /storage/emulated/0/Android/data/com.peigy.weather.widget/files/baidu/tempdata/conlts.dat
          Filesize

          12B

          MD5

          8d80bc8ea90e9cac010d3ddf97bda5f5

          SHA1

          f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07

          SHA256

          f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93

          SHA512

          9ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7

          Download Submit

        • /storage/emulated/0/Android/data/com.peigy.weather.widget/files/baidu/tempdata/conlts.dat
          Filesize

          161B

          MD5

          89725b4204bdff0d1c1692a58db0702a

          SHA1

          4a9c0fca5a9cf804dfa791d25f2fe2bee66ce9d1

          SHA256

          61100f061408cea7eca77cb97cb5646bb94e2f0232274d539dbec7c073e0815c

          SHA512

          dff3e35935f541890a7c99a60614be56aeb85a2eb29cc3aa010d42cfee8a960a43f568766d3386e3d389bd4fd2dfe280b356a2d0744126f6f3efb1e996bda79d

          Download Submit

        • /storage/emulated/0/Android/data/com.peigy.weather.widget/files/baidu/tempdata/llg.dat
          Filesize

          24B

          MD5

          161557b06b4a4d3ce095528dea370eb7

          SHA1

          8bfe9c4d916fe58d856b5a6ecaf8cd9ea4df2c9f

          SHA256

          f054ef19481234ee5b2db1d1c681839dab235a857ed3a4bc02efa8f785f478d4

          SHA512

          96ce8aedbdbb387438efc86aaabd13a6378628bfae203d2bc25ea1cd7daa6ddbd6dd2c81d631fbdc9b653a93011d3c80f0c085580275b683d5e0bce077e6e449

          Download Submit

        • /storage/emulated/0/Android/data/com.peigy.weather.widget/files/baidu/tempdata/llg.dat
          Filesize

          506B

          MD5

          7ce6b909243bf2f3016577b2a4c51043

          SHA1

          4f296187c7e9cc6cf302c1cd76aaec3d7b98139b

          SHA256

          975a778840969854808538d3c0ff24e2f6769bd0b9d4df2235293ebe3765410d

          SHA512

          11849af4098544111b281bbcfa4664904bb79aaacdb9eb4a5705e42f8727e1a0f63e76b026a5e63a6befc9c7172a97ffaf1aee379f086f9482ad4768e2f344c6

          Download Submit