Overview

overview

10

Static

static

10

2fc6435bd7...18.apk

android-9-x86

7

RootRobot.apk

android-9-x86

1

RootRobot.apk

android-10-x64

1

RootRobot.apk

android-11-x64

1

ri.apk

android-9-x86

ri.apk

android-10-x64

ri.apk

android-11-x64

Analysis

  • max time kernel
    140s
  • max time network
    160s
  • platform
    android_x86
  • resource
    android-x86-arm-20240506-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
  • submitted
    10/05/2024, 15:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2fc6435bd71cc4e52fb0526734b50000_JaffaCakes118.apk

  • Size

    9.1MB

  • MD5

    2fc6435bd71cc4e52fb0526734b50000

  • SHA1

    f034b7b93b0656a9721efeb03db7e0a596998f47

  • SHA256

    59c059af923654a57cdcabe0652daf448200d51368ffd7610d4c5a421c0ca70e

  • SHA512

    cede8419d65992ea76fc5158539784aafbe698d425c9e8d8b722389aa16a7c6792e53e20202e331b5e8b10c64459ae02992952e15d947b6e633479c840ec8617

  • SSDEEP

    196608:eytBtUOGLBNd/KexY/w2wgplItfErbjC7PxTP9nJ0biEDDNpSWwjE:eAULHdqTw8ly799nJvaPHwg

Score
7/10
collectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Reads the contacts stored on the device. 1 TTPs 1 IoCs
    collection
  • Reads the content of the call log. 1 TTPs 2 IoCs
    collection
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • com.tencent.qqphonebook
    1⤵
    • Queries information about the current Wi-Fi connection
    • Reads the contacts stored on the device.
    • Reads the content of the call log.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4188
  • com.tencent.qqphonebook:push
    1⤵
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Reads the content of the call log.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4297

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tencent.qqphonebook/databases/common.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/common.db-journal
    Filesize

    512B

    MD5

    a499aeed7cbe78731f6bbeb9dd293c5d

    SHA1

    22a09ee2ef66814853dd81d0611f2824afa89b0b

    SHA256

    79fce46c5b1f60af87389ada818a99f7e5dcad4270948eaa94e4c76c3ae2ac27

    SHA512

    1343c0b0517001f501b25a23ff7e427683ec23b4a8e198b630d5a4214308713be98edbe8a8b2d28bf19df7ed791602ebb3b786b77a6f1d91010a8ebe7efa21a5

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/common.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/common.db-wal
    Filesize

    80KB

    MD5

    e6cc667423f6b257ab463eaa335347a6

    SHA1

    b34a463f4c47b20237c802266c8521dd980eb08a

    SHA256

    b024cadf6b670f2f54f9ea39f168c936a6f31997a5626ff74a1a2c7071418e43

    SHA512

    71192e23813e20b7ac221a498c6aa1401541adc7b50a0d63c05d8020565e77f426638f60b69626b6c2bff417452c9e441b16c8f01c9e7635579ceeb4ef684959

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/eup_db
    Filesize

    32KB

    MD5

    8d4c41247270be02f096aa690064c148

    SHA1

    d34d94e3ae8ebc336877fcbcfb996f71b27669e2

    SHA256

    69e1178e88b8ef1ab9211cdd534de8da1ee7eae5bc4ca9d0526e756ef7eacf44

    SHA512

    21e66d61b8bef429400b7932d8e1c0c1e60b6aab590029c6c3ddf9149321e40f05cd40f7d22714726c2ef92dd6e38d003e64367dcefa57b1b7832df7d396adc0

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/eup_db-journal
    Filesize

    512B

    MD5

    22165f5f9126b2aa4500b66583d448e2

    SHA1

    fa8c19d6af4f11bb483c78e0f302a44a76d39f78

    SHA256

    7a741d258e1dfeeeb9c0ed96e5840808a31371ccdfc53a119cbb6801b8c28013

    SHA512

    1b231eec4e53f15f4257d8de9e8d5f03b4d6bcd6ce1239dc48bcfdd5d4009161b1b7aa6e5392c342ea0d8474d54e63dbfcc9a1e2b3850a391a4c66bc2eba6db6

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/eup_db-wal
    Filesize

    44KB

    MD5

    611f6d27f6d318362a24998ab0d95150

    SHA1

    9306848243df25fb5c7f825eff689d4212684050

    SHA256

    710bc9df4c80f1f5dbbd8946ebf901e63392d3b3909f2aaed29ee3745d8d5d49

    SHA512

    da433fa964df7ed32c95c54dc09a8b4a168f43b1b6244e6eccb6db05341c81e59a7fd51ead8484608010a3a9a56646efa6cedff30a543378e83fd76ba9ff3f19

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/privatemsg.db-journal
    Filesize

    512B

    MD5

    3319cbab4b7e54e0396425a27e49e61c

    SHA1

    eaf0253d8b79048c5574981d04d28e9b00244089

    SHA256

    0f7947a1c8c17df57186fb065933cea9eba9062bdd8ab11280fc91e6c022165d

    SHA512

    d0b26a5966cbb21e6443f5aadcb04bc797d43b4c979419075306c62f2d472caedfcbf710b475b738583f85531dacc787eaf6d32da942a3b2c640bed389306976

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/privatemsg.db-wal
    Filesize

    40KB

    MD5

    85c7a8b57c7bfe52ee955513e42992cc

    SHA1

    2f8f0e30cafdbce3b9116c8389d66b37ed68a0db

    SHA256

    c0c98438c140545e0508db7fc516d81e08c1e7310836136f1ca51e93c56e7a66

    SHA512

    a0dda582c3925386466f3afb16489925f35775ef93a3cdc99441e8bd1a300cc6788b0247582cfba8c2d37ab7b94b2222173bbf5b87db06660ef9ff766124ae30

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/qqpimsecure.db-journal
    Filesize

    512B

    MD5

    ecbf6eefdb03b3d04b0bca09cfdce884

    SHA1

    238c10869c6ed54d7c51e35eab611f4bce7ec6d0

    SHA256

    83fe2536b7bfd8d113deaede8db76feef619f272e573fe63928f7cb65758ab10

    SHA512

    48f0b5c17a5884051565028fd04ce898724ef3f559da6f7206de77bf32c540cd6ce86ada847a03eea4e64a5da629f087ed0bea377580bf9539970a3c555f6a07

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/qqpimsecure.db-wal
    Filesize

    56KB

    MD5

    41d7987f18651163f24e4b56a31bc184

    SHA1

    08db0b957280a89d36a9d820d0ba5c968ee71ebd

    SHA256

    b147088a2e8ffb407bbb7fa1724ec75439b6beacdcd75db46ff8f156fabcfb7f

    SHA512

    712d2aebd764ab826ee57717a0dc8564b4d3382486d15f70af342eb27badd2762ec01b2f09b13955470e5b3e870058b8a7ed60292c42d63d99910f68c65b3be1

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/quickdial.db
    Filesize

    16KB

    MD5

    8b31e4f5cebb788126c5695a5fef423c

    SHA1

    cc48924523f82031e22fc95e5348ac0f3bb5845c

    SHA256

    2d859badca014ee81b4d3d9c0d94b9072e6db7e9c8ac97f23dcb9c2ea7c13256

    SHA512

    d647caa3a7d851a2e3420cd8910f9e477b5f9d0e154dae61f6b3ac7d0015466cc40beb6be29a950de59cc7d5e570f97de9ae64b0fbb0d570f7e6744d5ddf2355

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/quickdial.db-journal
    Filesize

    512B

    MD5

    3b60c4df5f872bc5cb68b989d87d832e

    SHA1

    1a909b48971a4f5c68bcbeda1a990c1972417f9c

    SHA256

    e544bff03aeda08416089944331928a659fcaddc48f428c3ccc4ebaa0fb70d95

    SHA512

    a514aa87129b8566b09afe098641fd4b5c43ebea77ef8368ca3d5debc5d6513a9021c9b426ba960c0588d4656d4a05bca1acc39bc52cfb804f7cddefed8ef1c2

    Download Submit

  • /data/data/com.tencent.qqphonebook/databases/quickdial.db-wal
    Filesize

    28KB

    MD5

    0b28ee9be951c270ee4af6c10178d20f

    SHA1

    e08fd6e4e326c4bbe2564c7b4108ad5bff24c96e

    SHA256

    139ad177160e304e0802bf8f74c7161ef8d6a06591d0d79b3b5d77165b376cb6

    SHA512

    dddb06b1f973bad955d73640177f26812eb513a48bb1f73d2921d7c59b4eba678d58b6f6610943f97f090f979c02d8d208a363d1a5b1c900e55a260ee507f4b9

    Download Submit

  • /data/data/com.tencent.qqphonebook/files/nldb.sdb
    Filesize

    150KB

    MD5

    187748f444036879c6d865606a4ddb28

    SHA1

    48a7d778aa45062116f0682c434aafad04e71267

    SHA256

    f269568431cb8a95931c2d08abb2df001f4c605328241c56c5cd7d8a456d3404

    SHA512

    72283d734f12797799c24415a89e8503c0551bb371973e4c5fa69217565760f34840c567456b2d90e47b09534791eb797b1f955745d09955004b021178c198c8

    Download Submit

  • /data/data/com.tencent.qqphonebook/files/properties.txt
    Filesize

    59B

    MD5

    3dfdcba6b2735601bf7340e62b200535

    SHA1

    82134afc993b20ed4b2dcef651237e64ad5ae9ba

    SHA256

    8697f8ec07b09ebbd50a60498c6a046883b9061ae77e5666f106b9fac215cb1c

    SHA512

    bbc01791d3cd66882ada8e46294863dade83b2e5a4c8c22bc8d8f7c2036ce786abcaa6dd78cbb56a22cc088637c9623b681970891d4f6e5b85f14bb9a0d22381

    Download Submit

  • /data/data/com.tencent.qqphonebook/files/rule_store.sys
    Filesize

    54KB

    MD5

    112ecc68ee3291fa485f25e5a6b42bd1

    SHA1

    ada8d49f85a2c8a7f4df5a8da7b0b7c2c9279b77

    SHA256

    8911958809604f769c674f1eec471ec715a750006e7f0f50c1e31672fe69cd53

    SHA512

    141191c718e5649a4e4e2950a5744a60c301ac675290177a48426312c06e1439cb6e1de98aa8140965ebd79418670476b54c46a5c731a3911761840df2f77c40

    Download Submit

  • /data/data/com.tencent.qqphonebook/files/yd.sdb
    Filesize

    18KB

    MD5

    a34dc9a25045a49bd4381a927fe10aa2

    SHA1

    3b78af82009189d1fa08b54ec81ceedc9c13ce80

    SHA256

    f505fe0e3c04ed64881c195e00deb757966b76867aeb7d354a034fa1106a03f7

    SHA512

    c28a95466607de7e4e47b6fbcf3e16be61a1e7cd5d701dea76c172a6f2bb43e2341dd2589ad13e206d93bf06f8520058a62ebfeb66e8f076edb9168e54732003

    Download Submit