Analysis

  • max time kernel
    155s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240229-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
  • submitted
    04-05-2024 09:45

General

  • Target

    12296f2dad04f985a4e8613680577401_JaffaCakes118.apk

  • Size

    9.2MB

  • MD5

    12296f2dad04f985a4e8613680577401

  • SHA1

    1fb6fd787e74fe67c780620c329cacc3cd49c620

  • SHA256

    d158a9505c196100b495278f98b2bb76f9128e4feda95276c2709d099f75da3f

  • SHA512

    60f3b0531b336eaaacf14ad9e0da02dbb3e1317fa404ed7416679bbc5c532eae96b1dcf7526bcd04d0212a168b626022fae4b48ca10a3f707b2c3e1fd0c5b099

  • SSDEEP

    196608:7+R6+zi0iOSS4pwTIJlkSch/Uvw2ph0MAg+GZ2EatP0SS8expiMwJE+4V:7OziwGYdSch/8H+GZCJLEpjzd

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Tries to add a device administrator. 2 TTPs 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs

Processes

  • com.jkw.avrplayerpronbg.yelyup.avrplayerpro
    1⤵
    • Checks CPU information
    • Checks memory information
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Tries to add a device administrator.
    • Checks if the internet connection is available
    PID:4243

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/app_app_apk/avrplayerpro.dat.jar
    Filesize

    309KB

    MD5

    96bc192b4e5f9d9cb889c7e0460de8fa

    SHA1

    18d8ca61858aa3f27b3036f38fc2ef2faa39a936

    SHA256

    0633e93620e67e6ee90863fdf87ef52ecc2c5fb990764a319a65320f1e33380f

    SHA512

    5c4c87542215177e6c69ee6989c0e2fa69e828e08d964963443cb50cc9a7d9b2d9585339a0565bd1b4c8e82831a25bf27af32420a313c1562ab88727cf065376

  • /data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/app_app_apk/avrplayerpro.dat.jar
    Filesize

    511KB

    MD5

    226bf1bb1dacf1c6f7ba1c4926f215da

    SHA1

    d0460824e639b2b8b7ef2f3878a7829d2e95db08

    SHA256

    cc866593a53c0da4c02d2b74f924814a204a33ee2b15e829f50d651669e8428b

    SHA512

    351cd5b6a9bf345423f0d0da003601506f8c6c538b407b6b89493ae571120cd8feed7abd05733c4bb89334bee2aacf472da8bc081c567ca59f7df0bae89eff69

  • /data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.YFlurrySenderIndex.info.AnalyticsData_K69G95JC7T5MMWGF62XJ_228
    Filesize

    88B

    MD5

    729fbb88b2745d7d14c8874e74b17743

    SHA1

    03be21523eed2bc9503d2ecc7fa0c8f538bb00de

    SHA256

    9db2df6bc5a230590ae050fa94248bb37a4f8c875195e43276b68e9c8c8bd50f

    SHA512

    1b8bbe31ef8a05eb8457560e4179d842378749a7786ff8c34eda7f17cb29094592dc3ed7cd20548e8b3e20a4b4344d5385bb93f2b47b720b4b112d14bb6cfd74

  • /data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.YFlurrySenderIndex.info.AnalyticsMain
    Filesize

    72B

    MD5

    c83cb890fa8acf1042b3ebfd4c1431d7

    SHA1

    cd7bf7c86064e2194e70bf4432d3153fc2e3bf08

    SHA256

    2ecf1acfd0cfe851ddb3cfdb529d7b2bceebe3296401bfa76c5e124e84134f10

    SHA512

    65317c818c7a4b0546a2be2368b8aa2d6703cc183cab62e40537991606aa548636c88fe5598fd72ac7aa670c92792a303f47daa9723fe5a18fb651c547a7da68

  • /data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.yflurrydatasenderblock.06ca87a4-b1dd-41f9-904c-bd0edb7cbbb0
    Filesize

    310B

    MD5

    00b6dfbe21318ae366e3506490f0067a

    SHA1

    15f145b24d35a486c0b12bf6fa9bd37ba8103565

    SHA256

    654a2ec172f44e69c7efbec68023012dc012aa5c19d39e3b820cbe4717d3c501

    SHA512

    b62c2831b62770f212a388c895684cb6e9d95350f1f027331dadabd01b7d041b7c01eec39d9f776378aae23f243effbbb180557e67d215598e2f67510793b818

  • /data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.yflurryreport.731bb495fc32489f
    Filesize

    334B

    MD5

    88d23f350d4c5065c3485694ba57d922

    SHA1

    41ed98f476b1f3e1c3cfecb5ad72fba8f5837601

    SHA256

    7984b9689409bc0298bdd0453ae33539c9a29a4c7c6fc07255dfa5684a22a12b

    SHA512

    ea0e7606427ee8a0e01fe9a2c6eeb5ff1e3fe0c6233c9c42b90a300f598ff1c9f73e59dce4a607be78930a23c411cca3f2348051b03f84a7b6b6eec83548ed34

  • /data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.yflurryreport.731bb495fc32489f
    Filesize

    329B

    MD5

    5eb751af3fd0c5ccc60860fa3bd431ed

    SHA1

    efbb29bbca596281e86a61f7f88f7072687cf859

    SHA256

    f88aa7286d9a2dc257b953ef072c70efa2523c23158a68a8c1ad6e75bf3122b2

    SHA512

    b67cc26a2ddac132ad899ca1d9644ca78a6ea6e40c603746a965ac5c0c4ac2d5897db542e287b602c4eeaa860d4b31b68c868f9313d993ef82c372c65e295fb9

  • /data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.yflurryreport.731bb495fc32489f
    Filesize

    334B

    MD5

    bf63c1f1da6a690352177721cbce5565

    SHA1

    f7b9f8ec919787c42a32859846e7ba546aabc40a

    SHA256

    d0000729043ae9c7eb7edd8c0779597c0b3df64c1331d8160c3d6e79badd9046

    SHA512

    46e3951c5e7ec523c78c0f9897beb2b27ba74ff6532a89090f48115904920cc32d9e52e0c736d4af1842de43b223c7166bc939ff914287f67b7e9f582346f630