b1c4900e98261b92f063c8a582c7da54e121315ea3d2b9b089eba623238858d7

Analysis

max time kernel
136s
max time network
156s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
15-05-2024 22:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4858ff70665c00ec158f59fbffb5164f_JaffaCakes118.apk
Size

5.8MB
MD5

4858ff70665c00ec158f59fbffb5164f
SHA1

8c12c55faa82844c775ebb98e17debd865165af1
SHA256

b1c4900e98261b92f063c8a582c7da54e121315ea3d2b9b089eba623238858d7
SHA512

d1f2fca3320aa6e70baba3a62b79a426fc0ced49bb7f4430c22b5eb22f99c7fa4f346c2bd311523d97bca07df0acdba8f9a2c61c6a52a2d179597bc475b95d2c
SSDEEP

98304:kBe7qTfeVUF32JCeVGe7O440q9h6ln/S5IgrgKQed6iPmv2QZu1howNT4xJzNHyE:+FfemVof9OTh6lgrBQed6i3obxJ19

Score

8^/10

collection discovery evasion impact persistence

Malware Config

Signatures

Requests cell location 2 TTPs 1 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	cn.aszk.android:remote

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	cn.aszk.android

Queries information about the current Wi-Fi connection 1 TTPs 4 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	cn.aszk.android:remote
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	cn.aszk.android:bdservice_v1
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	cn.aszk.android:bdservice_v1
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	cn.aszk.android

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	cn.aszk.android:remote

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 4 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	cn.aszk.android:remote
Framework service call	android.app.IActivityManager.registerReceiver	cn.aszk.android
Framework service call	android.app.IActivityManager.registerReceiver	cn.aszk.android:bdservice_v1
Framework service call	android.app.IActivityManager.registerReceiver	cn.aszk.android:bdservice_v1

Checks if the internet connection is available 1 TTPs 4 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cn.aszk.android
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cn.aszk.android:remote
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cn.aszk.android:bdservice_v1
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	cn.aszk.android:bdservice_v1

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 3 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cn.aszk.android
Framework API call	javax.crypto.Cipher.doFinal	cn.aszk.android:bdservice_v1
Framework API call	javax.crypto.Cipher.doFinal	cn.aszk.android:bdservice_v1

cn.aszk.android
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4204

cn.aszk.android:remote
1⤵
- Requests cell location
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4251

cn.aszk.android:bdservice_v1
1⤵
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4305

cn.aszk.android:bdservice_v1
1⤵
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4432

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cn.aszk.android/files/CMRequire.dat

Filesize
1KB

MD5
25e57636aee83606d202f04f26c2913b

SHA1
1ef0ade456ba38aa31584d0fbce647d0ba74b399

SHA256
89c56da41f0046c9e733fed330d2636d623510c217f72c2d025df3343dc66783

SHA512
3a8d294b8be98abe4d18116cbf7c16d44a541d1d20dd4dfbbbf3bbd8cb7997abcbaf51790bbc1978135d888c4e89868a9a2575d9cfed65a331969de77ba07326

Download Submit
/data/data/cn.aszk.android/files/VerDatset.dat

Filesize
172B

MD5
caaa975d7bf4952bd5dd695ade33f1da

SHA1
119373fbb2db036712df72ec9b26c0c2840dfbb1

SHA256
d0f94264a6b5c355dbf5c0516202c732bcae471a2401542b2ca43307727a0d02

SHA512
db2acdecd236eab67cb67151032f53e51c9c04e754f3c21d74e05cacb1ea5edecbbccbd66ee760624b9cac97b8dd77f568324e8abc2b9c16aa73131db81c8b06

Download Submit
/data/data/cn.aszk.android/files/cfg/h/DVDirectory.cfg

Filesize
69KB

MD5
cdc4650029686d82e393023120a36dbc

SHA1
0850a6f2256470fe6adf1206c681aa5ab8bdd655

SHA256
af482880f07b7384dd1357f9e52f6f7d5b5838c6218850f6b79e5c5472a2c164

SHA512
4314d3ecb7119a123f711b19ecf8c251e29fcde532e7cc0207533c711b9a93354d6d17c1aebd36e91ff47e64d02e47704b5cfb0b738558adedb16341f1b3828d

Download Submit
/data/data/cn.aszk.android/files/cfg/h/DVHotcity.cfg

Filesize
1KB

MD5
1d335013ca7d9773180867ae0705e97a

SHA1
e5658eabd7385e45f529279790a12b9c208d7709

SHA256
b560cfaca15bca257ce41cc5b25d4480ee4dad06df2121d21e804d6ee78cc9cb

SHA512
5e6384eac82149a17d5073a772770706410e21727c469f9330030258454eced07b6867b23366e7e024408706785ef74f4b0fa6ddd4952733cce110dd5b3830cf

Download Submit
/data/data/cn.aszk.android/files/cfg/h/ResPack.rs

Filesize
485KB

MD5
dc21b4edc571aced2aa937d173521c91

SHA1
e2960e6f71e352309991b25a44d4f7518d60f5e3

SHA256
8c896c9cc47451e0c79b3b341cf6aa14792a2aad21046ffa6ec363f37897283a

SHA512
2001b46c1449715f205da8a4a14196b1cd30f78898ec141ddbfc7d20d7e03d25438b754fda80c023e6e3d26f72e181adb2f28aadfa2a5ef10502e59c078ec2cf

Download Submit
/data/data/cn.aszk.android/files/cfg/h/mapstyle.sty

Filesize
86KB

MD5
3e9e9386139b06daa234458f72c4aa5e

SHA1
71c6db2da17205229304fee5d1744cc09d21b1ca

SHA256
5ee09824f41d9449c6650230cd907680ee3939b1244bb499b4b1b0f966d20e5d

SHA512
086731d5e258bad57adaa8d4be1d7a1ff1d7e6e0b29d515f2ef0ea602664eadd079661e3df50d4a5232647ce3ec2e20471c6e4f40f672c78794139713a873920

Download Submit
/data/data/cn.aszk.android/files/cfg/h/satellitestyle.sty

Filesize
92KB

MD5
133d44c0738a487f2d79deaab7108426

SHA1
a1f5a0fdf81c11796e0016183eba5af614f0ab36

SHA256
8b58d194f193300a6e683329343a4e8b42191f6fd3a58ce9173741f814d0f12e

SHA512
a0c5d88e5c55211aa378650b40e1ff7ce6520eb0190793bc6a5aa474d8e5ad2f0043deb68954337de4e044cc21bc0e0e2f793897374bc2fd4667eea4a7f97719

Download Submit
/data/data/cn.aszk.android/files/cfg/h/trafficstyle.sty

Filesize
2KB

MD5
28d2d5ad01ab7f972300fe9c1bbd136e

SHA1
c3c9861d7af8274436eda1f794fdc2ea938494ff

SHA256
812a376ab7b20b8434ae5e2086a4942ab719450df7b7af9444e0996d71a6aea2

SHA512
9aeb4cd6c34a48c4bb79dd12cc1525984204d885df1675808c85afe77ad42a4e1346d562bd095404c36524a095866d38e806e736ce66df71ce9cf4b352490ab7

Download Submit
/data/data/cn.aszk.android/files/cfg/l/DVDirectory.cfg

Filesize
69KB

MD5
f2d3e2aa6890698cf36d3c4e3075c6d8

SHA1
96d788adc72eb08c4c72cbe933f8c5e2770522e7

SHA256
3f0a5be76f3872ce20b31f052e942b7b4d5ab77a84188ffeaa1cf28f8cc7b8a0

SHA512
648ec9e0d79a62739e12fde0c99955bc0afa472f81097798887aff665374680e5d572417b8db29efd52004c06794b301dbd3f36f7c5e57b71e8f628eadcfd5b9

Download Submit
/data/data/cn.aszk.android/files/cfg/l/DVHotcity.cfg

Filesize
1KB

MD5
ae2eb9bd87feb727bf7096ba8ade8c04

SHA1
dc959ae89ef6cccbf373bd4e3741221ad5a2bc1d

SHA256
fa71ba760e1b3a7df0f4e6957cc008baa9f1533bbf743f920fc352f7f141d42b

SHA512
a5fc8d247c6d492b47829305ea455eca2eb3f38a181e36ada7b212e107cb1047bd4aa5d2a25402a69d60ab03e3bd30a8f8b5d242c30f262dd8bb52b01607b3af

Download Submit
/data/data/cn.aszk.android/files/cfg/l/DVVersion.cfg

Filesize
76B

MD5
d7b2c2b7a6b3005faf649099e4574066

SHA1
a1723e239e4d4120668ff9c473232656feaa31ea

SHA256
8015e5d3277c1072516bba2fc262b80351da55191dd8ec63d4dadb86499efd9b

SHA512
31d4bd54a779643fce02a3fef597e1e64dfb0730c5dce59582e1b8cf6beb494657e063fe3abbbff267e23bad9eee3a4e6b01137b3bc48f6b92def39e85182d3c

Download Submit
/data/data/cn.aszk.android/files/cfg/l/ResPack.rs

Filesize
426KB

MD5
7806e5053a46c8ebc18c2c8b46f67b58

SHA1
511d8a0e0939f004b515d591554b129b6d93b884

SHA256
f0ac8af0a9b2bc0db27c044cf7af338928a45fcd3ec48a2458dcee4f05131135

SHA512
a3adaca2e6c1ec238a203059d0aecdfe24f3a6fdcb4e88c21e6bb5353d3d6e05daf5d14024081e1b278bfd4153102293e3abe9f077caaaf7369f13b79590f4c6

Download Submit
/data/data/cn.aszk.android/files/cfg/l/mapstyle.sty

Filesize
85KB

MD5
1bd4d431d30054976b72a48e44725027

SHA1
5b5a0aa9246efc8dfb80e8000b36cd004859125c

SHA256
30ae549ce6cd36212fd0964524e87ac319000060f463c041d471fd0badb37d92

SHA512
fb95475ceefab5eccc557b19d6d2222984d7c8f6391afeff23315d33132c8fbc1b90ad9c4982273cdd5dcb17468e97308dc27505ad6a6144b619ff9871e9fd94

Download Submit
/data/data/cn.aszk.android/files/cfg/l/satellitestyle.sty

Filesize
92KB

MD5
d01ef6b178212594adfecee921485759

SHA1
3e8bedacf422fbd5754edcfcfa62896326535a6f

SHA256
4e30e1ce6f6d0af8414a6538e83a8fb7df1bde44b143a6280be04e97b99e4ab5

SHA512
7291b61ba7223219988a15b0a05b4663ed7c173fb85642fd6c0b7a2e9b9cf08e18ba9465bd49ea0d8fb0c4ad0112b163208a6b9d45751d4b9211992103eec29d

Download Submit
/data/data/cn.aszk.android/files/cfg/l/trafficstyle.sty

Filesize
2KB

MD5
b6195b62e9932c6710b135179f4c4c22

SHA1
954b3823f6ec5d6ce2df3066c32ba7de1f9e4f0e

SHA256
1dd67d5d39b6f2c0e7763239b9b0463b38d1365c341d1c50c4250159d8c28cbc

SHA512
1bd38136abfe46eaf41498837a280584a7c0804efba497ee62edf7544e2020fbbf1fff425cef10acc4282b50456e38f1f7d6ec817578ab091276c814453a4405

Download Submit
/data/data/cn.aszk.android/files/channel

Filesize
32KB

MD5
2c3a20cace3f001a330596adc3279434

SHA1
0036ed1cab86cb1dd05b34ef6492d6b81fa5711e

SHA256
e229eda10994d736d36b026b29ee0c1b29144fd858b9bf241b2601415e40bf57

SHA512
c98c349e202d906dbaa359441a9cb93b1d6c23552b074c2575af610fc7cf8dcacf5d477086b8f5be613464be7f8ff48d235a028e020459f0fe087b7a3388f4e0

Download Submit
/data/data/cn.aszk.android/files/imei.dat

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/cn.aszk.android/files/imei.dat

Filesize
512B

MD5
3446147b902b4226609275f51b030a2f

SHA1
191303d4479a872f444325de0b3789e7a6839fdc

SHA256
c3ec1d480bb7c2ddfd8c929ef2612f1f1bf799188114be2cd751a6d0ca3e1c49

SHA512
ca4bf70d6180bf72668613e511c5e986b51749fcf34e4b93a9a7385ceb8be87bd660d136389709ac254d0796a99b8638dead6ef6b6e6ad533846ffadfec50c45

Download Submit
/data/data/cn.aszk.android/files/mobclick_agent_cached_cn.aszk.android

Filesize
197B

MD5
e167b76d816ebf7f6ee5e43d905e63c8

SHA1
d5e2fe2751e9fadf469abebe090deb6f7b25bc8a

SHA256
cdebcaa28c87b4f612f0cd854a6dea176c60c7d2975d4e7e610d6518b8f88ebd

SHA512
33f48e0564362afca468b5e423658aee992d9f69f2e99b8c87f4fdd8a4bd16863258d7e6781b04916025c9cb74c9e714313be5876e0ffa3f2d6fa78879c2fda7

Download Submit
/data/data/cn.aszk.android/files/oem

Filesize
5B

MD5
bfe279945c6109d067bcd295b5189d86

SHA1
9969230fa9c65716f6f82a97c9ba7c7007609014

SHA256
a89151ba4b5ac0f22e96b71b963db927791d3808f5175f06ae4a60de5891bf0f

SHA512
c843adbb98d263d02ce3f9d3d9c684b9cfd8e61e8b155d8349317f122fa9089119e8eeced1a0f0f134db68a0b88ce095273acb863c86c1be6f9b8e4682eb00e9

Download Submit
/data/data/cn.aszk.android/files/ver.dat

Filesize
6B

MD5
ea58bedfdb6cfb48cef4fae785468b5e

SHA1
59898d4c278cd3743475a6ceec3f8cf955449fb6

SHA256
6188278802c1243a78e1db82e319137ca3416036ac835118caba00b07cfec62a

SHA512
51cb055c3a6d8a6d72555d24e47c670aa92d71ebaf12894a3f43010f64fdf26c92eac2153d114aba43ab28b67b7dcf656765f95962937fc16afda0f89cca0dfc

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db

Filesize
44KB

MD5
6d02ec96cf9e032db9ab8aeb1be3239f

SHA1
f702701cad2392f3be9a5fb25746ea0bbe5b8f4c

SHA256
5b9e69ba51aae12147156f6629ffd264bb409ebe57d83968fb640432b467dc17

SHA512
025a549214dc283e493496b6efb6d9a6695bd144d4bf694e7757b63797bfac6e81d8c2bff917fe4b1a20129fa8d300049c87d70c363fdbd0f7ea267a652d7de7

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads