1fe1fbdf19e4ada6d66b3257929bcca12788e60d1e21e8fc3f0dd5405d88d0a2

Analysis

max time kernel
127s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
14-05-2024 12:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

417d729dcec21368835718503eba5716_JaffaCakes118.apk
Size

22.5MB
MD5

417d729dcec21368835718503eba5716
SHA1

1555376d998ce74ea53b39140fa9aa261358cec5
SHA256

1fe1fbdf19e4ada6d66b3257929bcca12788e60d1e21e8fc3f0dd5405d88d0a2
SHA512

9a9f7cd2af963ee6e792e6db0bd9d0e47aea5f148962ce79431d7e65a099f5b997c35f4f29828d1435e8f95c2fafee7b85f9461b57dd16440d1e7bf4fabf5502
SSDEEP

393216:1O1wHTsrGRMb7NF61hlRSvT3XTXK+R1cuS2ML5pWv:1O1w4b7NF61hlRS73DX7R1l658v

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.moli.hongjie.moti

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.moli.hongjie.moti

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.moli.hongjie.moti

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.moli.hongjie.moti

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.moli.hongjie.moti

com.moli.hongjie.moti
1⤵
- Checks CPU information
- Checks memory information
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4275
- /system/bin/sh -c getprop
  2⤵
  PID:4314
- getprop
  2⤵
  PID:4314

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.moli.hongjie.moti/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.moli.hongjie.moti/app_crashrecord/1004

Filesize
230B

MD5
4f2c0ab231f3ceb52f48467aaf4fd002

SHA1
7b66784610040116c22e8e72cf9a8d346f53f20d

SHA256
5ce528ecd3e2c68a0fb94de8466ff53fdeb242e1448451344af09b192557318b

SHA512
adde98f2e10e5e2e2dfdd45b7dfdc60676f2dbcb8a247127c4d6a006875976a4b7df070dcfa42adc378b1f6a970cdf6cfdcc5fe68a3db3edae26e577e84141d8

Download Submit
/data/data/com.moli.hongjie.moti/databases/bugly_db_-journal

Filesize
512B

MD5
354a609e9ab54bb91454cd6b4cc2f980

SHA1
d628835e5bba2244259c9b90dafd3d437d35a917

SHA256
7da06d5b3e87beceef0b3f771eb247a156d9a15ec9cec63509dda1ee36410f57

SHA512
6d16b20ceab3324b9aede16d2f3512f1a4b77c250b6299b730786facd94d3123ded4e646839a8d0905d3c4aa769a4a0ce5b196e2c71ad305641b3f7d825a3cf1

Download Submit
/data/data/com.moli.hongjie.moti/databases/bugly_db_-wal

Filesize
72KB

MD5
568cba3f404dcd67378970bb6e23a470

SHA1
0b36249432a01323e71ea59b7371bdec5cd4a340

SHA256
80d7bf31ec3b862312f45748a2438bcd4f8df31558fd3a0eaf5ba3e595042a92

SHA512
e3d85227a48bb7d76fbf50e4ac2089deac7f99504c1feb235c7c86840d7df98a5699419c8e1b12ba8a7b6de6e5454d3482fb6f2492d3dd96f2f6fb1c50bb0a1b

Download Submit
/data/data/com.moli.hongjie.moti/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.moli.hongjie.moti/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.moli.hongjie.moti/databases/cc/cc.db-journal

Filesize
512B

MD5
0dc5879701510c8595b56810fff526c0

SHA1
3047626bd26525acbfbd5d1ba709aff72b0c5963

SHA256
b79f7f9c5798c77c01f2a8b7d3cb7b02b21783a49d9ccc32c3625a348492c152

SHA512
35e0c560673834d402f9ef09619896e0c060a09f77eec2136becebbfc4020c34998f8a097fd2ebb168ca43d5f13879795f50dda9503d16f0ad2f8927683c6b12

Download Submit
/data/data/com.moli.hongjie.moti/databases/cc/cc.db-wal

Filesize
48KB

MD5
efe53eb0e6ca1b754197033ceefbe64f

SHA1
985b08950abffe598724b7ae904ec3271e09504a

SHA256
09714994a24c80cfa0b58a4602eaa89942026e2bd93014bbd29324a22d44e67d

SHA512
1dac4d7ea66083311e589b11e46b160057f046846aaec5aad5df6e234cc60b913add4f378425d52703f72b661ef217c1bfb36c068dd3c1ffabd559c42d066694

Download Submit
/data/data/com.moli.hongjie.moti/databases/cc/cc.db-wal

Filesize
16KB

MD5
6b26436349c3cc08ab541a98fdfa159a

SHA1
f08530540634592a07cbfc020af9dfddca57218d

SHA256
09730995eeb6fa62bec3eac300ee1bef6dacaca17d9f902a81265f4b74627454

SHA512
b14acdf86c3da999c38cd602abddb3c0ee91205b580f905575a7cfbfa5f54d65fa697bf214f89265d7248538c0b49f4028d5568c4c0882a5e9eca1b29f1db752

Download Submit
/data/data/com.moli.hongjie.moti/databases/mofei.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.moli.hongjie.moti/databases/mofei.db-journal

Filesize
512B

MD5
ab9e5bcbf6deb8f06bb9a0f22016b695

SHA1
b7b652cf2488c9b80eb3e1954c94b4f9f81f37ea

SHA256
02a7033241f98c12fd1e7c5600eea0f38392643016d35175bbbea15942607f54

SHA512
ae926320bea1047d6264a43f8a4c99b0e731ed37e78034c9cab020ccd562ae594376cd341d17189438db0e7f20ee0f8f128a75eb493d96979c92005d5eac27e7

Download Submit
/data/data/com.moli.hongjie.moti/databases/mofei.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.moli.hongjie.moti/databases/mofei.db-wal

Filesize
44KB

MD5
ac7ac29b77805da0e9ba20a5015a5ba3

SHA1
a4348e7931760d96bd3af6059db04737dc0f97e1

SHA256
44528a1d169de1c8ac65c6eecf77d99b7d9568e08e54eed7d41f8d9ce46edfe3

SHA512
d3dec846266d6ebeb9bcee7ecb4077bb102e065c9668e83f8b700dbb7104edb1ee2a1ed1c3a46df9158ffa676c1a7856fc0b839c9e903ebfc9fcce7295f0d0b4

Download Submit
/data/data/com.moli.hongjie.moti/databases/okgo.db-journal

Filesize
512B

MD5
92574fe665d1a1bf6d03c7f0234cedd5

SHA1
43afa37993cf50dae91b78f2f48d9171b68a152c

SHA256
37db7e03ca7bd098d730cade49681018e46ac6c515e3c9ae776570921324c43a

SHA512
c08d046fee4d94e15aa16c15972d5c1734d41ef868d7a6078a6bfd964928231659709d039f8aaa45b52a4bc68e3fdcf121889275d26acba2d0758739b14982b6

Download Submit
/data/data/com.moli.hongjie.moti/databases/okgo.db-wal

Filesize
56KB

MD5
b15e532159801a8da2e06df08fc3f64f

SHA1
9074814bbc96e20a4ed12c46ece194ec4f4e9a54

SHA256
292055eb4ec59f7b927ac4da930217eed829a7b84806a5322c54b8df061cfa91

SHA512
22ba5afecb3f8ef947149361601be0f02c09686c55dcdc2a6b33322e1fb79bd3542e7538c3f77a205a52e7af56c0fab8e9cf745449255a65fab9db512051fb44

Download Submit
/data/data/com.moli.hongjie.moti/databases/ua.db

Filesize
32KB

MD5
08fc21780e1ad962f9e8a5d33e2d6471

SHA1
4e2d06f35c5bb63e3c85838423730d509049af85

SHA256
efbf26f71ce4215b4cb8ca18dfdb967327567128b327a7f21f28982a6ea30e5e

SHA512
aa61c271e8763122791886f57a2033fd5ccd473b6c4313909bfe3ff62678cc23aeb10cbd8e34938d6e6c1e137fb40c0a29171d86fde01fce4508058e2169959f

Download Submit
/data/data/com.moli.hongjie.moti/databases/ua.db

Filesize
16KB

MD5
c1e390173d96fc6218e4508faa1d2b42

SHA1
32cd8f8a5e7691cf02df55bcf3025d810746eb14

SHA256
4913963786c0682a9d829e8deb2fa18f09a9d25c52d825ecd8ec360c9bec9a61

SHA512
f188b8ec1c7b90001c7aad5abe5525c77270b49bb16796c9b2d0e6f8375ff28e661f6134d9c8cc89b79675ec9bcaad0d47a63d05c3518cf7b4f2af23b495d3f8

Download Submit
/data/data/com.moli.hongjie.moti/databases/ua.db

Filesize
16KB

MD5
ba5b46e7ba89bbea39a036241ec00686

SHA1
84d4716bec500f39802a5a22cc6f440e3807ada6

SHA256
8c463753cc9aa0068569ebab255a6fb7022467749bb9d0d2507939502b2b23fb

SHA512
5afc99ce46087edff893ec562f75924f3be021efbb42e662c9863524b05103c2cb0edfab008a28bc133b781aa224f8ed7ac4d33f1aa06c3fdea13bc1b1dd9e39

Download Submit
/data/data/com.moli.hongjie.moti/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.moli.hongjie.moti/databases/ua.db-journal

Filesize
512B

MD5
a9f9579389839c7c2d5e57eb40a1033f

SHA1
a2fbe1e4ef710c171bdc267b09767116d3ca7218

SHA256
9567c0a4f0cdadd0c9bdcfd4632c84e213786dd56aeb3d2e4125f5133e846ff1

SHA512
8468d51eb111d3154d9bcc7380b287cfb2a108b200b8eaecd838c85a974f11be3a7d0d11f73c6218e0dea7e1d0f934195b02676870eea2f2f31821607087b10e

Download Submit
/data/data/com.moli.hongjie.moti/databases/ua.db-wal

Filesize
56KB

MD5
da88fcd5d000f668713f6ad41bed04a0

SHA1
0dc334d0da834ccd5def5f039f7afff0d88066c2

SHA256
f156d0d44dda854490adb09bb0dd8d83e056bfd282a7448f06a1709da6c6da55

SHA512
e96ce2f567a3060ea8ac3acf1f0d34256931ff9497f74c53fed705a717fa57980a0e85851e3566aa9ab5fc8ecb02250204b6bebe1ad6bf31f7f2ec531d7cb330

Download Submit
/data/data/com.moli.hongjie.moti/databases/ua.db-wal

Filesize
4KB

MD5
76b0bebd9521905dc32e53518ee99542

SHA1
559758c674034b464f872a56be8d7d5dd844bedb

SHA256
867fcc066bc7fa1ceadcddbd004d17ffe572c21b382429f5120076096741a755

SHA512
3b9eb8dd5cade8fccc980c3d88c9ecb64ce17b560a172087ca58fb7c49c21290c6a4f9046d4a0c6713b023c4a89c2b175742370a6c6a15307350f63528748709

Download Submit
/data/data/com.moli.hongjie.moti/databases/ua.db-wal

Filesize
4KB

MD5
0d13d977bde8ecb4a376517555865c72

SHA1
738285ab2211e969a95315d4ff7d8c42b9d9f63a

SHA256
c61697396c65373edf0278851100a2e2dfd1cec21bc4effb6e8aa4f103ffcba5

SHA512
e9f7e9b4dd0fa3d1a910fada3a9e6f637c3b410b2b871cff26a270e950bd63532fe6c78aee597f16711644fb6e845ec09cc5d4bfd2f095d681f0e47525242a46

Download Submit
/data/data/com.moli.hongjie.moti/databases/ua.db-wal

Filesize
8KB

MD5
f8bd0e8bdc038e606e5c30bdcd509cf6

SHA1
e19083f441ee2c76b03924d1ad6cdec5e4336f0f

SHA256
05bf8dec859da563ccad48b77694e621671fc2e459d81b1c488c24c5e9d35bbe

SHA512
c0ae4b02b111568e4d71ed3a175d45ea6fb2b1e6d5b516a27c93216727f74d06d3d757274fb84f76d6297c38149a565eda0ef9bd39bc0b1505606a06056ba001

Download Submit
/data/data/com.moli.hongjie.moti/files/.um/um_cache_1715689826392.env

Filesize
1KB

MD5
651126dccd110dba7292ff1c5ffb4701

SHA1
98f43879cc2a0b18ec96a5d0f03967e649b51edc

SHA256
cd5843ca0586167d937b5ec09b885f6ad1e352cacba9b2ec0699664b5242ebf1

SHA512
fd1f5c3d012ebece3eed392d5ac7989e471a83cfd712950d8b0cbb4e8229f438beb74cf72ce7c2b4e8645ce850c128dd78045892900874ec1b12aa461f3d3dc5

Download Submit
/data/data/com.moli.hongjie.moti/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
89bd8d8b678cb1d660c4b75ae283b14c

SHA1
f51d3a05f274fcb44b8bb53fdce7670a3a70ea0d

SHA256
ea6c388286cb538773b620bde313ed61d76f51bea9e83def2a6ab2bde7add499

SHA512
2e5e80e73e496794d892114904a889629505ed8fc99edf5db8cfbdea5f50032021651b3134ce6b72bc35f93f4d2cafb28fc5997d4ded6fbf0dde22bc73887815

Download Submit
/data/data/com.moli.hongjie.moti/files/exid.dat

Filesize
61B

MD5
c92096238e90acdeaad5dd1769e48230

SHA1
ce006f3cc5ddd3e783b700817253e3022cd0cd88

SHA256
663278cdceaf5c09fe0251d5d82fcfdaaedb5d80f516fbd401242e059eae7ac7

SHA512
5cfbcce239a9e46252b4a6d6f92cbf2c6ff41c8b220f2281f857c618abd3257f2dc500fac297daaf189fd090c3eb598a667b23d0de50294aae2339996187fcb7

Download Submit
/data/data/com.moli.hongjie.moti/files/umeng_it.cache

Filesize
413B

MD5
0b09697886665151732827afa0658c52

SHA1
99f8d0fb9c7f5aca779cccb1af6b386f5b51ba88

SHA256
386fb3f2a174af0d5d53fa026af5bedcb8bf28bd170fdb08ae269639a7c5fd64

SHA512
4fabc438620f67874f5a0df82fc3b419364dd8ba9f1c77b17cfafa89d3e866f159a939e46ce646b0a0c0517fcdb0d1bd127e3ee690b7f87c18b1d980a1c1603e

Download Submit
/storage/emulated/0/musicChe/Innocence-Avril_Lavigne.mp3

Filesize
910KB

MD5
a1178d14be8e4a30b6b070923204549e

SHA1
8c11c7a006986687b5e1abcaf8d78fb2c9c105a0

SHA256
db29c1de23b05764b248fe3412c16b48be12b75984c0c5d22dd235c43f190ea5

SHA512
77f6a769959928efc77755fe9016d30f1532cb0fc2d6f9c2bc8115d38ffdf00186097e87f0e9d94509c7759ac6cc6a921755c92a71a8b76d3f3766637101d6f2

Download Submit
/storage/emulated/0/musicChe/Moves_Like_Jagger-Maroon_5.mp3

Filesize
788KB

MD5
204e0e23cd91380525b963cd1505fe17

SHA1
5faa62da0c089315d31c5bda85a5c217f72aa8e6

SHA256
1330753ae5dcf08cc37525249c3cf436153cc81bee63bcc9db28a43eeb08a170

SHA512
a46ef70c07d1c5e7cd82fe84bedd3b89638951c388c30eb2995780cddfaa477bf31e24066b23fa2ca3aec112c178dceb3f73c477c8761f172010bd8ab1a3659f

Download Submit
/storage/emulated/0/musicChe/Poker_Face-Lady_GaGa.mp3

Filesize
927KB

MD5
bff589b301ec2a9573c79262224ccc5c

SHA1
a171f8d8600472ff6d880917af3e121cb7b427e2

SHA256
781b419e0889541b1585c5bcdbb23f7c2be08feb9b8af0f8c792a72e1cf334f2

SHA512
91d55004befaa750a82713cbbe391ffe4bb0d35372a5d617f4c9434f4d048432ac8bf94b7c154def45ba6f395c6d727f2f8104059e2b1e1ea22c81e234cb04d7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads