a6ecbdb5fc257f59a2aeca5f6d44e5f4f0637c5a837dadee87a42ddb2fac3c41

Analysis

max time kernel
127s
max time network
148s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
12/05/2024, 16:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3b1991e3b20512a9c5bfc08244ec6bec_JaffaCakes118.apk
Size

7.8MB
MD5

3b1991e3b20512a9c5bfc08244ec6bec
SHA1

c614d97494fddc3f8d1182e899f94625ca9e9162
SHA256

a6ecbdb5fc257f59a2aeca5f6d44e5f4f0637c5a837dadee87a42ddb2fac3c41
SHA512

6abbcbec3f344ecde8cf71cf73cb2f6ff330e2c5a1ac7707662a5fc6e03c6b43d6fe23ea9295c25ec773019020e080ce44ba8c2f1e1880b9a2111c0d91e269e9
SSDEEP

98304:WUDrpQIYgqOibemwKOH5qW5xoaDtrD3W0ERsKaX+m7dtnoD2TyxEQGgs9XKnPzEz:W+Yg26heSybStumhBoD2Tqs96nSf

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.begcmnq

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.begcmnq

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.begcmnq

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.begcmnq

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.begcmnq

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.begcmnq

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.begcmnq

com.begcmnq
1⤵
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4282
- /system/bin/sh -c getprop
  2⤵
  PID:4323
- getprop
  2⤵
  PID:4323

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.begcmnq/app_crashrecord/1004

Filesize
220B

MD5
ac4c30e1d28cfab12422a3dd668f38a9

SHA1
9549d5412a30b1981e1f8fe24abc8607b508d151

SHA256
8b196ba905ee47abc3ba14df48cf36ed327e0a5c25f5dafd9ced6662bfbc87f6

SHA512
a1962917fe8770a91b6808a12c80b8b95422ab1c817c7870db1ef31049e743c6b01baa774edfb44ff75d1b638991f12e690224a4abeb9b147db2eacd59b8cee0

Download Submit
/data/data/com.begcmnq/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.begcmnq/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.begcmnq/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.begcmnq/databases/bugly_db_-journal

Filesize
512B

MD5
01f76b95da06cdbe8b93cc65f71ebd7a

SHA1
4a9c919264a1cee4651c547aee403d8e43bef441

SHA256
759e8fe07923aa6b4f727a6a7e77f804fd4f25760e6e66ceb90aea769dfb7629

SHA512
7f60a395de558eb0378296b4815b851114168d460cd57c83512ff85c64b693c80345220807e2654022fe8f473296566295e8e26a32c847ef520c45b162ec76b8

Download Submit
/data/data/com.begcmnq/databases/bugly_db_-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.begcmnq/databases/bugly_db_-wal

Filesize
76KB

MD5
22c2b6e5f5fad68128398a2c6eaee554

SHA1
7dd30f428f90049019348664e37552dfabb9e154

SHA256
6c02da77ac3b81637069680e8915b358428880fe96fd93525864abe2934a3c78

SHA512
d9f314e01b4a9fe2af7fff88b023becb22b1b50c2411c5d047db160af42792bc8bfdaf24230a6a2ec9ac09cc87be7a5143d37e57b91e5bb92c6235888651339a

Download Submit
/data/data/com.begcmnq/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.begcmnq/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.begcmnq/databases/cc/cc.db-journal

Filesize
512B

MD5
22bc8511d76b8b03f4ca2846ec89234d

SHA1
078961ef290283fc298e34dd0a18e5acf7caee8a

SHA256
bf7cec1df5b2696816195b32d6e44b0ee313c79b81948486681a4fc1179f660c

SHA512
f8fc44c1de6dcc51b8d3990599e9f63499f3171c1cbcc040eb15f6481d51340ff3557ea451fc4d7ad4f2dfd2f573b03734fdbdc0d3b14b3ca6fecd28d036a3ac

Download Submit
/data/data/com.begcmnq/databases/cc/cc.db-wal

Filesize
48KB

MD5
70e68c33179b6ab5feee7f3b0b50a262

SHA1
667785b61f21f39b482986bee58d43768d407a17

SHA256
9d39812faeb9929847669b5f4ee035f17062931f7f940216f510847ebcfdd302

SHA512
bb1c7cae6b9b4176b0fabc1a8f9edcadad09bd2a15d0b3436e4cd25024baa82d095ac9d1e48334d5d313a297b44b02380f03f7ac3d44413d7937af8d28e6a7b2

Download Submit
/data/data/com.begcmnq/databases/cc/cc.db-wal

Filesize
16KB

MD5
916dee8775a7d4460655bbfdb64a329b

SHA1
87aa00f9c23b15fbb2812872f4087d4f0772708d

SHA256
6228b1c38fa14351dda344054449f7e5642850f879d982d768096c6de6d9dc66

SHA512
f7e8d4fc1811cbfdad99f221739c6e13951fe5114ea218f4ce58cc4c2ea52319986b3cec68971b39aa9036207b6a9bfd019379c3fb52e43b72cc9ad49af96e7e

Download Submit
/data/data/com.begcmnq/databases/fba_game-db-journal

Filesize
512B

MD5
4e6fffab19e3f927276072de2968bfd2

SHA1
25bb3aff561efddfd4d31e6a1a124e013df78797

SHA256
9d463a38f177cbfa894d12fcdcdc858048c04d64f6890d5153c80d62e399f1e9

SHA512
777a896b41e46a8f25c6b281675810d118d406d5a505ce73816e9b33d3b77db14dc16e19297eb1c4d36310c1e17bbb5335fe5c2cf967667025abd1a379ee5f55

Download Submit
/data/data/com.begcmnq/databases/fba_game-db-wal

Filesize
36KB

MD5
27ebb1b58118860bb1248692b72071b7

SHA1
aaae01ecacce14f38e7543c50040dc01f668649a

SHA256
8a33332836ab1e8fef0b6d47c572a69b999b0aeb50187729808b541d810dca6a

SHA512
a1be1de3718c07b08085d4022193a196662e6a66d743e66d2fa984cc1fbe5f380eb45baea3cfd2a2c9701e272553aaca665730d602d5e1b8b6630715cb64e366

Download Submit
/data/data/com.begcmnq/databases/ua.db

Filesize
32KB

MD5
15e79426721e1bf39534d29c221b13b2

SHA1
a1c27aa9a72a3543698a87aaddabe9b24b652c63

SHA256
a22805cd5c01aa85b9e7a18c45a34d73c106e75ede9c384044b16232b5beab73

SHA512
2721250292fa8cbb90f122d16d40397758193c30d4f70b9ffef49ccc67bef3b4cbda9536d862d282f3fd1897d4e7c6a6306b568ef5a8c55b505218f0616e696d

Download Submit
/data/data/com.begcmnq/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.begcmnq/databases/ua.db-journal

Filesize
512B

MD5
851a71eb32c1ab06b2d4613e52314cb6

SHA1
e6d5b44ff123a9a1e8926cfa9d6ad6f95d79b9f0

SHA256
dd2a79ccbf43231c4061c177dae716bab35247fb05eeac3203423751a401f9ac

SHA512
6a5e360e037aa53199bdf77bb2c5e708fe2d1a8b769cc9fa86aba446f84df0c84f95822f0e7393e41ce5b21c339c94a479892b2abcfac76140e4a74a3deb983e

Download Submit
/data/data/com.begcmnq/databases/ua.db-wal

Filesize
56KB

MD5
ce8d2ed0ebc0b618f61eb968acbf498a

SHA1
c8cc31d4fd0684cf341e526e09b8c4178fecdc77

SHA256
68478087556bd86cba51af12f4769ca88fccaa880fe0c6e74035a1ada2868db4

SHA512
aa21d783762c1cbba2a9ab270b80a043eca71ca557d7b2faf90d633da11c5c32f5fb5b93b53608073bb18ae83e026c8e65246018266cfe8ef71813b8ff0c4c25

Download Submit
/data/data/com.begcmnq/databases/ua.db-wal

Filesize
8KB

MD5
c9bfc87dfd45ab475edccfe242da5fc7

SHA1
37c99a28d3a374feab6d52c7bcd0720326737ae2

SHA256
399f3c3365fdf98c8f7d0a46669d581d97a1848f531670f1cf9fc3d55ed3863a

SHA512
99e5fa69866e421f265c3c899ad7ab838a75f6fdfefc4a6ab946afba1269b1b12a730201d513550594deac145dbedf4c2a60db3d63126ead1a735b8ef7590496

Download Submit
/data/data/com.begcmnq/files/.um/um_cache_1715532438780.env

Filesize
1KB

MD5
64b78e99561d7c7ee996cbea8d3ff4f8

SHA1
de69f108ed27a8545622d81c18f28d4b47e1e294

SHA256
68355546d024afe8ca2978313ef4cc6ede6e7e5e3d2d2c5a11aea8d6e09e8c69

SHA512
5447f8c7cf5f3172e52457e814c95615e8e500ef269230c653409f27a94752e351c24a8c4dadf464f41aaf6ee33403d47cddf5405098224440a4befc9a991644

Download Submit
/data/data/com.begcmnq/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
cb1347edc697e10bb863af238321d0c0

SHA1
dc94174e770eaada37e9a71efdbeae6c799dbf91

SHA256
9802124e60081d65b70edcd51ae48e9864362434d8f9f2e8100531a1754e7db9

SHA512
eff8b8c44c054c064c618218740c8f8408e65e18a916493f00adbbcfebb434e94f3e5553193e2cfb6fccb4674c571865da3115b9c91ef601f7510a6a8329c11f

Download Submit
/data/data/com.begcmnq/files/exid.dat

Filesize
60B

MD5
dc4299a178ca680dd25ee77f7117e753

SHA1
20bbbdd67fc73b4f6374021996c0da633397b523

SHA256
e8ff15a6a47a3718a1d8d70c958b97e56edb713bd51760bfb7f33dd012d449f2

SHA512
d89332769c8a3c3fde88aeda9aff0a6bea1251792df6bbb0d17f2c2b37c4748ec2fda4766e846cd420fe6ecb7ec92911bb93fa1a971b636415b4ab39bed2aacb

Download Submit
/data/data/com.begcmnq/files/umeng_it.cache

Filesize
413B

MD5
63a3e0786a071e7a4758cbbe85694ffd

SHA1
85fe0fcbf73845f01df75b8171467aa97f46e42a

SHA256
7cf9cdce119d7ae72de8e6ff8e08fd39e190e7316d8dcaa7c9ee81b1f7d05958

SHA512
b899cbf97c9a36c46268f35d1a9ae71b14acedb30334a8f15577599b2e76c38a7b2ad346de387c3a6662192eebb949e3552d8f4a12e7c714ebd4c8218d5c0aa9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads