Overview

overview

8

Static

static

6

43069852f3...18.apk

android-9-x86

8

Analysis

  • max time kernel
    170s
  • max time network
    183s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    14-05-2024 20:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    43069852f3afb6d8075c48d64831391c_JaffaCakes118.apk

  • Size

    5.3MB

  • MD5

    43069852f3afb6d8075c48d64831391c

  • SHA1

    7e4cddff503119333104aaf71ae2e6f93848173e

  • SHA256

    09d8be43a2dff1308d7820112a87c6e6a9dbc53ebd89a9edea06c260b88a7bfd

  • SHA512

    e8b78b7c176bd9ba6cf738d051b9ba69a12d91e061f1505fb70f218984bfe9e6c443379bc15fb17399d31efebb94f435e42af2e7751459cb7c05cc260eee2f48

  • SSDEEP

    98304:p6v1YISUaSodSUvenvBeCsozvmlFRw/isdQSfbHwRrvnMcEQCPzAoDlXQgAEpiwl:p6v1Y8aSodSFZHqwa+8rHVCPjDMEpiwl

Score
8/10
bankerdiscoveryimpactpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 2 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.aoyuan.aixue.prps.app
    1⤵
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4252
  • com.aoyuan.aixue.prps.app:pushservice
    1⤵
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Acquires the wake lock
    • Checks if the internet connection is available
    PID:4289

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.aoyuan.aixue.prps.app/app_config/config
    Filesize

    32KB

    MD5

    d75ca1c5b9ff713ad979b85257f1e754

    SHA1

    6927c2b1a7b4fc0dd9bae086555bec0c72f3a9ea

    SHA256

    feeb2b7afa2923b8bcce502c37f5172a2085f4597a9bbc773c2be50c96623f52

    SHA512

    c8fa08a51930f1c688b0bbf5cff044b760e80b2a326ffb621f3259a13105a3ad847f9f89d346ded7987ac0b67027be44bc1b59148e0c77ed42d62cb2945e60fc

    Download Submit

  • /data/data/com.aoyuan.aixue.prps.app/cache/log/2024_05_14.txt
    Filesize

    56B

    MD5

    8d34efe568e0936357eb3a6b2e49ac95

    SHA1

    f7eb2b81cb343f1d57dc43a7aa83686b9cdf53e9

    SHA256

    8b664f1847f2de352838f8099a9bad94a1d2b8f0d86ad84ad622c04ea5844e2d

    SHA512

    536889c71d7026c06bd3b0597dba73d16df3a4c0ac4acac30bf961d7d7e6ba7578887826578490eed7f1a95fb126411315920adf575445c46ac2d613d56fb445

    Download Submit

  • /data/data/com.aoyuan.aixue.prps.app/cache/log/2024_05_14.txt
    Filesize

    1KB

    MD5

    fc6c19de95fdd463c0103f121ca4d58d

    SHA1

    dacf0156a1688c195efefbaef196795820470456

    SHA256

    ec23eddd4a3deb6f9b866fc4c3b95d4a1941f5b5e2d039a00dd094d61d1c5c8b

    SHA512

    423024cc31faa128e47b1b86df8fcaf0aea9cfda37f9280c0d772e305be0f535b12d29518e09aafe8bb247d66b141708950ffa858570bc866c866779c89b496e

    Download Submit

  • /data/data/com.aoyuan.aixue.prps.app/cache/log/2024_05_14.txt
    Filesize

    83B

    MD5

    101429c13fc0a58f94516dfeac1e897b

    SHA1

    40ded6807506f5d4790509af186ede177815ec65

    SHA256

    f84b19f23610562cb8856fbfbf2d8b1d01b652f6b01985a7e6c433ccd58b4d7c

    SHA512

    766868f84187e2563f8acbcc919601743f9d60e24aa28df7f55743f2d1e6d15e1e43395c415b8ac17f22bc09dde31e1b33ffd2ad3efd3decf1f2d6b0d7ab12ce

    Download Submit

  • /data/data/com.aoyuan.aixue.prps.app/cache/log/2024_05_14.txt
    Filesize

    80KB

    MD5

    abf4bbcbfe3d1780dd6657485d0fd338

    SHA1

    691b79204eb196739f0f42b7788e2abeae30eafd

    SHA256

    d32faffe355624120b25810ffc92b5720019c8698cd154bc2265597bd689b89f

    SHA512

    07da12bd5900d0a9cb81bb4d5d85191cccc3dd0287f7c1e3a5afa0a76e8618fb68e36fec14fc101cc980fbe04da264ae69f7de273a024f58be804de3d4b2b84e

    Download Submit

  • /data/data/com.aoyuan.aixue.prps.app/cache/log/2024_05_14.txt
    Filesize

    83B

    MD5

    50b23f566f5602066f46ec18eea12f52

    SHA1

    1175cb29d7ef26f30026b87a2646187fbae7daa0

    SHA256

    31fa5939fd81c0c26a3a0d59fbcc6617911c844a82c0f0a6847418af0433d386

    SHA512

    7f53d65dd64d2dce611b900b8a2d925d237a656edd85600f453fed05dce361d7751da6b1abc2d3e3fc346c385fec60fdee3c07164a4ec9c061eb77c1e8d644a7

    Download Submit

  • /data/data/com.aoyuan.aixue.prps.app/databases/pushsdk.db-journal
    Filesize

    512B

    MD5

    b5e84fc6248378d2df4bd02a1f6f9316

    SHA1

    3050675262bd3089ddf1199e6d3d555da834ea26

    SHA256

    c12702dad6707a6072aae96a8dc0155af3e8b72a0b1ad42189a87dd48d65f82a

    SHA512

    c65df4b099c944936b50f888cf336b44144403970f82b3d2244d687251181461c45aedd1c2993ffd08c3487031dee5438af027efae8537850754384fa5db37fc

    Download Submit

  • /storage/emulated/0/Android/data/com.aoyuan.aixue.prps.app/cache/uil-images/journal.tmp
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit