34488165a1c0beca37c230bc9daf6ed1afbad3c801f03f85920769e2092b1e79

Analysis

max time kernel
148s
max time network
156s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
11/05/2024, 17:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

35b8e0ff5694f2821f5f2cf88a13568f_JaffaCakes118.apk
Size

18.1MB
MD5

35b8e0ff5694f2821f5f2cf88a13568f
SHA1

a265013313a4930ae5f00c85efcb4d418a1d522a
SHA256

34488165a1c0beca37c230bc9daf6ed1afbad3c801f03f85920769e2092b1e79
SHA512

869cc9fce6df3f8b55b60e3f1b53468ff5600f9aa7ae871c104140caa0b8bf924b91d1efa261dbdcc2419345777b808eb265ee6967cd57308782b8c78798e243
SSDEEP

393216:HLbsKB7ZRsDQ3hLIR+mtu9uLgzyp9QZIRwyN8Ljo4FYdPkVoevz:H/sKte2hLIR+mtu9kgzyHmIRwyq84FY+

Score

8^/10

collection discovery evasion impact persistence

Malware Config

Signatures

Requests cell location 2 TTPs 2 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.sz1card1.easystore
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.sz1card1.easystore

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.sz1card1.easystore

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.sz1card1.easystore

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.sz1card1.easystore

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.sz1card1.easystore

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.sz1card1.easystore

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.sz1card1.easystore

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.sz1card1.easystore

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.sz1card1.easystore

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.sz1card1.easystore

com.sz1card1.easystore
1⤵
- Requests cell location
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4271

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sz1card1.easystore/databases/beacon_db

Filesize
20KB

MD5
5492c25eb97b94b1bb985c1631defd1f

SHA1
eb7e84609f5c567aab2a7f706e7b90d6e1208fcc

SHA256
8bb86d6263f928debe6994ced5a76faf4c42419c727b66f6a3875c5bd7959a49

SHA512
38620e3416d73ac1bea00f64800be865695f122e4372fcfffef486a4a6f63abb15e622baec7282f2f47792f3de1423e98a71e24581ef01bd0befecfe2be98a15

Download Submit
/data/data/com.sz1card1.easystore/databases/beacon_db

Filesize
20KB

MD5
410ebad09c22f2b70ac7afb05fe659cf

SHA1
70189f16a077306f0889bcb074bc9d48aef2809c

SHA256
66103c944cb440fb9d14a0198235230e39d9e06fcd8d0ecc9c91e9ac493f4a1c

SHA512
5958c0a34de27aabaef483686d8961edec19fb935e94a3a8a00dfc9a0bd30eb6d996b39856dc7ef26dcfd3942b41a14910c698c282699c25e718eb901fcb412c

Download Submit
/data/data/com.sz1card1.easystore/databases/beacon_db

Filesize
20KB

MD5
0ed8b3e9909860ead3e097b8e8865b51

SHA1
f6cc9ca8f3f3d8075be2426bdfac131a66d18fc3

SHA256
bf21542425b27d1d29088a4be528acd7f952dba26dcc048c2de941d9f65633fc

SHA512
4362669bb6b885db119549f1f263654d5578020bb2dd1e615719327283eb7415065083ff1b6abc1b5bf20675cb92d7a11019bdad3c5a0b4b554e9302a72d760f

Download Submit
/data/data/com.sz1card1.easystore/databases/beacon_db

Filesize
56KB

MD5
5296bbdcad576decdad1fa1db2c79786

SHA1
efe4014e15562cb563769fc614b2075a3f53ac18

SHA256
e591a5d118e40e0126d5438ec8cde292b7320d668d8b9b872a1579b58779c8ca

SHA512
26f494de646f0856c7428be8a507a69fb82242301fe63ec6c47c02a6115b9a0c4d332ce2440e3eeef62f91bd7a92cfb49deea54c8069f66a1c3ba2f12db3cba0

Download Submit
/data/data/com.sz1card1.easystore/databases/beacon_db-journal

Filesize
512B

MD5
586ffe04713e755d15aad78b6561b5c5

SHA1
22f24d8b92c60a67fa7ba08d71c96935062ea41b

SHA256
7c94a3dabff4576a196f55e6593562b581c0df523f58b20cf8ee8c8cc8229955

SHA512
2252e2633ef52189a82ff67605aed263d0f6b96403ce117352e9816e0acb662b7611fc1cc73ea2eba728bc352d7b5fdc82b362033c170ccb15a50c183e5f85e1

Download Submit
/data/data/com.sz1card1.easystore/databases/beacon_db-wal

Filesize
68KB

MD5
a11821bbcb8e404a9f9b6d674e57ab1f

SHA1
5a78c1a9e404539b2fa1d095108214b6801b5f10

SHA256
0f098b20037f37243224f2102687e9195f92bbda85d7ad04ffe7e77413fdddb0

SHA512
740372b794b41ae7ec575c69f1a37beb1dca3567e55cf7ab49776df6c957eacd977ffbc9ca2b91a7c2976fe349b097320c1f2923258a1f4f43c9e8fea552c710

Download Submit
/data/data/com.sz1card1.easystore/databases/beacon_db-wal

Filesize
16KB

MD5
b1c3cbfa235604d95c03a7728747f5d8

SHA1
d0a6d2fa994473fca5f11fbdb433da9233713335

SHA256
f854de4b1072ada7fb733d12057e71badfa32b2f525ccd9ffb8eb3dc970d7794

SHA512
0baec78d96073af02987f8bdbb4e74f7b91cfc11210e2012bfb40fb5f0e6f269c284ab7b26f2d4b999f90fdbc1bb9a85512d0ea007d7a6ee6453ce75779838ee

Download Submit
/data/data/com.sz1card1.easystore/databases/beacon_db-wal

Filesize
8KB

MD5
fe0c7adc5ee486810d55e2981831bda0

SHA1
284b70489395b9221cbbab447ffcf08d1ae512f4

SHA256
f53db40a03776e950b22030231e2594b40d693d1e2d510b740c80c7dca07fcb2

SHA512
b44238179dc7e52afdf8b45ef6dc4ee71e84bf1be22bea21f0d7541849752bcb9352d94b8e459ceb17c702074c37c598a5e83501f1a2373bff4d29fa24c1d944

Download Submit
/data/data/com.sz1card1.easystore/databases/beacon_db-wal

Filesize
16KB

MD5
53c38a8b87c5574167b1168786f09864

SHA1
7e446cc77a3c11d44347a120a103b5aa54e24130

SHA256
e1fb1813ee536729ec5a27c03e5fd60e72f26e6dd00579547b6634567b543d7c

SHA512
68785bf763363a8496d71485562d484e0d42ed48ea41f1acf9a015f87fa8edbeadee322e9d5002254a964f959f44e27f1036223478987568eb7b9ef100f3bec0

Download Submit
/data/data/com.sz1card1.easystore/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.sz1card1.easystore/databases/bugly_db_-journal

Filesize
512B

MD5
549de393332949f4e2c9d1349a9670cd

SHA1
af80691c44b5f8feb9af9c072aa646085e14f8f3

SHA256
68b23c14aae378ff1ee0df33cc89882d533888abc4624ac760b6ae6ea21a7009

SHA512
ab62ba5eaeff90b4c45f83d5861b837ee2354479d6224b8e054e2dd94f02feca14a4551353edb518606f4b676eb41681e387e2d6260e1707a9156ad1980ba900

Download Submit
/data/data/com.sz1card1.easystore/databases/bugly_db_-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.sz1card1.easystore/databases/bugly_db_-wal

Filesize
96KB

MD5
bcc54086f74d54931e0472b5769f78d9

SHA1
43a11c78d088f48b519f3a953f8ccbbcd7dc25b9

SHA256
e0b7e6d0f9b06fd74e962780cdd9d6385db3f94402d4c48f32dfab2696991e19

SHA512
5d55e3ca05d44f5d47337db8e6c07a4f41bb207b7745465ad5ca992320c9271e89c7a79f5d3e7cfaaaf912f23dac04f05caa133207244e889149ae373abb4cbc

Download Submit
/data/data/com.sz1card1.easystore/databases/mpush_app.db-journal

Filesize
512B

MD5
fb330260b2b8c4ec748434d6cf49accb

SHA1
1c9b566e0d3e1cd6ca66b599c26b5b6f8d41c9f7

SHA256
a522d31540c6dd658312e63de49829baa86ca663d4d4f174131671a652c54e15

SHA512
e773a3f008cac80c2179d02383ebe675dbd07fe7f1c86f66d259d32bce05d36949fa3332f6b7c50dd61ef478e117a05365ceec52a18f778b0fc7b160fe0838fd

Download Submit
/data/data/com.sz1card1.easystore/databases/mpush_app.db-wal

Filesize
48KB

MD5
e53264c3961fcd31d81a2535970f6f98

SHA1
b79c50f865a568fc276b26f6dae0f01879cb7fc5

SHA256
81a045f4ac846024143222733cc91158ccd07a45519456a15bcca4a3c075a81c

SHA512
4802d220e1c859a7fe4c80a926d03c9e1c389d09a41d4721509f581f0b1bcefe67b09bc6595976ac45cb037e3d305b375e4c70c3b5757569dbde0ee2ee4459aa

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db

Filesize
32KB

MD5
a64ed0db240d3914f2690223fd92d8ad

SHA1
05611a85274356de18c74747de7f30df7f286ba1

SHA256
a0a6b263087fa8fb9d8d85ace11c0391b7cf399da8b4471c62c8b05cab975813

SHA512
2ea50db3f02da45df15f983b0edc5ff060468f250293d09bd1bd9cb5ea37cf282a57cb69cbb6638dfbf5a161dcb002438895449364b636fa7849e5cfc883da13

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db

Filesize
24KB

MD5
384d095fa126cd61e7100c205524bb20

SHA1
b67ea6f457ad32142942f5d377e48be614431c28

SHA256
e65904a795c3a0c4926ed94c2177c3ff95562dd8841132c9392a15f63000d18a

SHA512
f485f5eb4f6a18d5cd29fa1f5aaf16fe6321b37b7c5918c3a5672b51dadc980e15838cffc904ec21f0228a88cdbfdba6f8e8b0bfe86329720635ad85a7c70e21

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db

Filesize
20KB

MD5
550840f9974b2ac3a31743745ccb6349

SHA1
9c1be1855832ef1288218be98c3e12766c79434e

SHA256
bfa0bc6fe29d937df8659e350f42395181a620e206eaa72333c0236336c55be1

SHA512
fbea690d7ded0c8b6692ba45adf881479e2e00fdec72dbde0ed53637ef6038fe2e84cc3f04db1107acf24cb65665c7b8824d85b500bc40858697fa3dbea7f671

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db

Filesize
24KB

MD5
14bc70ef36f26ab6d03bb87ffb3f8dca

SHA1
fdaeaf52e498fd0f552974829ade86f22f3161b1

SHA256
52d1020296a5c769ee13eb5671c5ed51053020c39d4a1c1d60d43ae4fb6b4964

SHA512
85064714e7bbdd9e6c08e76513bd8d0f7b6d2b01cd7306452d7b3c6db9bbfcb7ad9f6151bd404f5485f8d101c1807d87715f490bf54e5ca7bee4c24fdc267e56

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db

Filesize
24KB

MD5
9355a1d244081c793994c7d385ded80a

SHA1
af97ab6c6aac90728429bfcb8d8c400c20279a01

SHA256
246fe83e784bb739a03daa32b82a1024931eaecafa1f61acbc9e37e6097411ae

SHA512
f96c3526837197adee8eb36a77acc6f94240b6cc83839842c8f6223d7e63c62636a9ca84ca349eb9a37ab595c9d74a88775ac9ca381ac7828ffb1af03f507348

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db

Filesize
28KB

MD5
bbf562702d1dba4282740b5347fa1724

SHA1
b145a9db48ebbfe54da68f07797f8e4aa02caf8c

SHA256
3dbbb4bfa5dcdbafd4128e98a152eb3093e0b3da1e2cc0e105aa81ea071307b2

SHA512
a38b78d9d8024d19d092f09b2193a2864326cab48b58c721665fad52be1bf1939b2a293c1e833f8ac3d6d701b2aa9982a6859008eb513b0e49addbebcbe1650e

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db-journal

Filesize
512B

MD5
1552b259d05844f8c6cfcb06b3eb248b

SHA1
3ef7b35f3e6a60e91f3e8350231d0f6cebb46a67

SHA256
dee79746bf6a6bb75ed24746190ae62043ea0a77702d5cd2dee35210d314adbe

SHA512
5319fe409708d1b7f530cd3cdb6e8fa75ad0f02ea038e540667dbd206cfbcb586f0382282a713c77e344690e943694304c1ab9c2c067dbbd981ef507297f1d95

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db-wal

Filesize
72KB

MD5
47cf3340bcd1ae2b3edaeca31ff4049c

SHA1
3ff0e96e55e9f0a695d1bcf31e483483758bb3a5

SHA256
9f5dd1576542e0ddbc8a8b2ebbb9be6ac23bb8da2f05a6b8d16f971cf733897c

SHA512
0681d012ef30c984c23f70cfe2a780aeb34c3f3f12e2081bf1fb5378a5703091b932eecadb99609e3a2d0231448ce839272755816b16ffbd1c399c0306cb9fb1

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db-wal

Filesize
8KB

MD5
329e3be9898edf881f535bc8c0aa9b7e

SHA1
3721479a0c3ca56eed4453df04170e3d5618faba

SHA256
64c33d3ee5bebce56f587e235dafcc8803fcc561872bca4db5e89f2864b1a724

SHA512
3087727196f88f23910779a3dea4deb664f415aee9754f800355bafbef34807d39cecb866e96585e0ca4d6cba43cc5e3152347b152c2c53e9b31489dea3c611f

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db-wal

Filesize
8KB

MD5
94353edf9e57fda13f233339534f1fbd

SHA1
39d744260917735852cbf372ac643cbe558889b9

SHA256
12cb1c5832d3faf96becfc03e55b7c5679412e82b3a1b3a36587170cc64710e3

SHA512
22b9dc8c175707d3fddc863d26d75e611354821d9f10be73f5412d79e8715c269c934803ad73d69fb7afdf6ef97f3fc3708a9a048a150a1b3dfcbdb1aba2fd59

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db-wal

Filesize
8KB

MD5
ee073e3add2a1f256c250749472d5dee

SHA1
ee2e23fb32b1b81f8641bd2048459ca78c7c8629

SHA256
a279ae0b125a8fabfde77bcc55f5a28bfb1be19104f85f21bdc2eb987c14b2a7

SHA512
79657f52cf65544c803e8187ac5bae464f5ff8f345ead655d9b1e58c152f8dbf55e3b207aa8530c973e809b074a384dc3b425121fe1e29310d6aba4189faac7c

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db-wal

Filesize
4KB

MD5
c8846e3ef1896abf7e46b0318b163d2c

SHA1
39e007e6d25f224c3457c1a3bd86ff3e32e2f342

SHA256
1ae72aa963a584ccf9f9e20b7e80f4838231aaddca0c913edb76353d631cd0a9

SHA512
e85c1de2ddab1fb2979e07330f0c7efc92c889877505dbc9f8e2145bc9bed0125da894d8fd7195468257d0b4ee725da097864e3fda620634cb134ffb967d0dcf

Download Submit
/data/data/com.sz1card1.easystore/files/TDtcagent.db-wal

Filesize
8KB

MD5
398706acb92b4491ce0c97190a4275b0

SHA1
b0b4692adb523993db4467ee2d3db67de37167d1

SHA256
6fc7beedd58d9888229e4f9580e1e7b893940627b68c3f4185c51ff10feaf24a

SHA512
87e65fb1eeb82f0e19f8d1a35fd36147c0a6edb7974177e17c494a1e1ab80fb6be95c3caef807b62fbae44ba5530de7dfdf4ead5c8bf426e40d0d9a4d7f2133b

Download Submit
/data/data/com.sz1card1.easystore/files/libcuid.so

Filesize
129B

MD5
c3e3ce6e38dee28b0d2caf21a6c2d2b4

SHA1
013a2d838b30136ab8199c2652fa1ce5f58353d2

SHA256
b31186dc3b8a76044468d4e0435ece0feff8d91aad133561de432bbe6783ed43

SHA512
792898a0bb374a3cc22d6427874e37aa839b3d3b0b3439afa0579d9510a246445b35d29b3c83742aee683f51f6bf326327daafe39f65c5fbea572af86462f32c

Download Submit
/data/data/com.sz1card1.easystore/files/mpush_gateway_preferences_file

Filesize
18B

MD5
5b783a723321f384ea8a021d20ba4280

SHA1
8a53b72a13e69184d8d0ae99568e7d3b95fed07c

SHA256
f79b6c0ba6379e405153ae0536b49ce9ab8a64e8585cbcc4b7ee10a357b723a9

SHA512
bbce3c6ae766581622fcf53a41cfc47aedaa2050caa3fcefad2e5238470067d5e3b1a7f586d57318d74e0c3725bf0970fa9a1c02a3d0139e1f8444f2310c56a1

Download Submit
/data/data/com.sz1card1.easystore/files/mpush_version_preferences_file

Filesize
2B

MD5
4e732ced3463d06de0ca9a15b6153677

SHA1
887309d048beef83ad3eabf2a79a64a389ab1c9f

SHA256
5f9c4ab08cac7457e9111a30e4664920607ea2c115a1433d7be98e97e64244ca

SHA512
e053886e1b797bc5a80f932302f0201265a599d82e2502d41941d6e652614ef88fa058e009094d26655f880200df12c2100f690254fd1e5bae75d7441763cd33

Download Submit
/storage/emulated/0/.tcookieid

Filesize
33B

MD5
557811159a06fc8a772a4046afb5bc7f

SHA1
7fba7b31acd63a1052797d0bf7a8043525768d26

SHA256
0e0d19414b41053fc8a5d7cdbed154a0954f28b9ba95113dfdcb2ca537dd90d2

SHA512
862a855073a4c3b3a1247902b20431271016386ad4ec708e63078b331afbab5c7b13b3d170747ef5e07c2b04e5b83e21192eff62d51df0082c65868d848553b0

Download Submit
/storage/emulated/0/backups/.SystemConfig/.cuid

Filesize
89B

MD5
6c2938dbd8c2379426b425c7fcbdbc9d

SHA1
960ae0c0ad802b07c877899653029bfba048aa4d

SHA256
aa4420eb80ab64dcb4f2c5448b2388c42a44558a51a59535bac9050c924b9693

SHA512
f4dc93df42d1688a2aef98283dcfe16a34d967af410aa5a019e362ce45f605e91570dad0ddb31884497b57c228079aec7560259901109e6bfdc74b9b2b930089

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads