5722a4202f99383447a7fda418ff92c673b8796aac01ef735be525a3ba94e1a3

Analysis

max time kernel
9s
max time network
164s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
02/05/2024, 04:57

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

0d90b4ef6af78415e6135bbad8285b31_JaffaCakes118.apk
Size

14.8MB
MD5

0d90b4ef6af78415e6135bbad8285b31
SHA1

576203c83881781f6b9f2e8999e4661f23bc269b
SHA256

5722a4202f99383447a7fda418ff92c673b8796aac01ef735be525a3ba94e1a3
SHA512

0abf48d1e886a93b10486f184fa0641073663c27c768dc07f3362828a69fcf1a757adfdf6e56457ecc0393b5eb5c855b978484b875f2912ec49ec58b98182c4e
SSDEEP

393216:FtetZUV3pTrcfRMs+NGGCR9SPbeW0ZUHUsD:XSUV3p8fRMSXSzV6U3

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.zufang.ui

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.zufang.ui/mix.dex	5030	com.zufang.ui
/data/data/com.zufang.ui/mix.dex	5030	com.zufang.ui

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.zufang.ui

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.zufang.ui
1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5030

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.zufang.ui/app_bugly/rqd_record.eup

Filesize
348B

MD5
16174111d08a53f53d0c9e22f6eff666

SHA1
45dc0882272eed8d82fdf56885a96f4c96d66e7c

SHA256
8896882ed68b0667088d4a27a20393d155d3bffbc610f4d8a0bf3fc230256e5d

SHA512
a445f5a806371ebd009b1f54dc42b13e9d17f0d3b872f73683c733cddabc15dfaf82ddefa27d525d9e446b416cbed793913baaedaaa4683553082aa0e80aa2a8

Download Submit
/data/data/com.zufang.ui/app_bugly/rqd_record.eup

Filesize
1KB

MD5
c6ca12b197ac08806a82a60932867e0e

SHA1
9ab68ff312cc05b3f9ebfb1b5d063738397f9245

SHA256
e516f14fd851c60bba699165a3950ccf5de179ddbde1ad7ab5092d083400fced

SHA512
b590d31bcc6a56a34418fda141e80906a32dcef6cdd03dc51ea31d6424184158ea5328d342b16ab8587dc8081e54fdafcd3b2327a7524cd1f39c761f95d2793b

Download Submit
/data/data/com.zufang.ui/app_bugly/tomb_1714625887583.txt

Filesize
19KB

MD5
5e854263f67fd4f710a5ad8474bf0be1

SHA1
68767c595250cec89985d9b22eeb9d6f40b1d60f

SHA256
83810971480d4af3f53233655329430877343706cfac506f653f9eced74e13a4

SHA512
92ce154d7c83cd80c4113d2a5d8f072a031f0e451b2fe1ff5988a1463a6ded98bb482515251245155feb52cd4c899cc4181bdc096f6ce95f107310c2ed3edb04

Download Submit
/data/data/com.zufang.ui/databases/bugly_db_legu

Filesize
60KB

MD5
60ed7cbde8fcc80bd60e7bbb4ad2eea7

SHA1
26fcc7f4554688e296e894633a6a2ea8cd7b44de

SHA256
95256f01c03ab0dc043f760bfbd38a8584ac89d17d33e6574e3e7cb8dc46996b

SHA512
434653b708185fe3a43796077ef300e82e457f2921ae4b75cc54913baf33d45be9601ecffa53a9c5e950851036b9f422d37d82b755c47499c015eb0a5be83443

Download Submit
/data/data/com.zufang.ui/databases/bugly_db_legu-journal

Filesize
12KB

MD5
1630c87aed71193b355120e851e6b38f

SHA1
ac648b8df148429d8409fcdb14c1f9ed18fe8c99

SHA256
9559ebd0a0cf3fca657c8f4cd301ab0b5791d5976de0ebcb5de33b8f5cb9e6c5

SHA512
2784b247d0a2282638340ab312f86abd425bf1796e050794b21770ebd999e8e2aa0e71b267d54431a05d43b62ca148a1020520c241c08852c68b65544339dd4f

Download Submit
/data/data/com.zufang.ui/databases/bugly_db_legu-journal

Filesize
512B

MD5
69cb4eaca83e29a794099574667978d1

SHA1
85318eff6b9607a11211db721e10579cc6649fc4

SHA256
07e455acc9941a38fab5de1c5be1b3e14cfc38656d1dbb4a6e3940152a96e842

SHA512
7c87d0506d6cca3c8eb44e682ed4ae91b007ee2ef65317eed78b331b4defa3688732882ccf74e4821f6e4718418e47c3a7e3785e9cf1dd3813080302eb286b33

Download Submit
/data/data/com.zufang.ui/databases/bugly_db_legu-journal

Filesize
8KB

MD5
2b102600836cd368949dd3562022193b

SHA1
f7bf7fb58df4d0412c858b4477020bbaad494fca

SHA256
83bff3015069d1e411a51c8ca5ec0dc62c544e50d3c4b6af1acabf10226f02d5

SHA512
2466b488b559192fb96a7db681d1dad59a7283fdd3714d7c105580b0b8b0c7b3670fa9f4870bc461a95600c1330b06f2961eb369e81cab0cf516c56590f19633

Download Submit
/data/data/com.zufang.ui/databases/bugly_db_legu-journal

Filesize
8KB

MD5
7cd31b5a6e9e70ab14d78e2388e17032

SHA1
cce982ca9deff580fbb821e94f0ab0b11774a5f6

SHA256
7ef3498ecfc33980d36111a6e3314f2852135d3da71fd02e68e04b2f598b03fa

SHA512
4c9eddbea3cb25ce4e40efd7555920615292f38ba6cd8a328c4ddde445ae952dced1c044a882f96353304effb3b6c68973da1f93705152526058451d8b1ac736

Download Submit
/data/data/com.zufang.ui/databases/bugly_db_legu-journal

Filesize
8KB

MD5
f3e324d90ad1b4a2580cce910c0e4ada

SHA1
ebe294879d072cb6a8133fd4bc8b42653e8fcefb

SHA256
2ba8b574dfc40658ea785a9586c8ca9d24a2a34db21aca0cb09babdb3bbe8434

SHA512
5e59c14b174f07c9dd6fc7216ef0d7f7964b8887bced4c7a4da194fb42d2a229dffccc9dea27403e753d90ee04abee91eaf5f8f9d5f6ef96649e3cbfb7f1c958

Download Submit
/data/data/com.zufang.ui/databases/bugly_db_legu-journal

Filesize
12KB

MD5
8f1965b8f239e04a76e84f18d9df3757

SHA1
35e86dd5d6770e54c274fccf8b529c30aac93848

SHA256
91c886be119381adce8c8d5cfc36b07b9c9ae2c02da2764fdf575017be66179e

SHA512
5d6662e8d852efa8b55628c13e5ee11498b7c8782c79d4c1779a004943709850339b3a268b2a15f7aae1540ec4d773e817505dbaad21c6431a00f7e253065433

Download Submit
/data/data/com.zufang.ui/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit