33edafb9357463559d8f420e3b49b8f3e5f66e81a19e6bf0b981a0adf02d9b51

Analysis

max time kernel
179s
max time network
187s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
15-05-2024 00:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

43bd657d456d1560c109c8d2cef9963d_JaffaCakes118.apk
Size

26.7MB
MD5

43bd657d456d1560c109c8d2cef9963d
SHA1

58f9fcfbc6a50e072fd2a83ea7737fdcdf809ab7
SHA256

33edafb9357463559d8f420e3b49b8f3e5f66e81a19e6bf0b981a0adf02d9b51
SHA512

83bf0116af2ff32cbb8775da9abb10bc396012786dfc553c230f79bba1cb5647332211f46dd6faa833c887adebef306dff3386c487e09f6749bfd48a502d12cb
SSDEEP

786432:z9PomeONUa+167/LpRsbljFUNctqg5E+owaGXs:z9PomeOp/LpRAamtqgqbOs

Score

8^/10

banker collection credential_access discovery evasion impact

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.app.starriseuniapp

description	ioc	Process
File opened for read	/proc/cpuinfo	com.app.starriseuniapp

Checks memory information 2 TTPs 2 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.app.starriseuniappcom.app.starriseuniapp:pushservice

description	ioc	Process
File opened for read	/proc/meminfo	com.app.starriseuniapp
File opened for read	/proc/meminfo	com.app.starriseuniapp:pushservice

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

com.app.starriseuniappcom.app.starriseuniapp:pushservice

ioc	pid	Process
/data/user/0/com.app.starriseuniapp/[email protected]	4544	com.app.starriseuniapp
/data/user/0/com.app.starriseuniapp/[email protected]	4720	com.app.starriseuniapp:pushservice

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

com.app.starriseuniapp

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.app.starriseuniapp

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

com.app.starriseuniapp:pushservicecom.app.starriseuniapp

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.app.starriseuniapp:pushservice
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.app.starriseuniapp

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

Processes:

com.app.starriseuniappcom.app.starriseuniapp:pushservice

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.app.starriseuniapp
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.app.starriseuniapp:pushservice

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

Processes:

com.app.starriseuniapp:pushservice

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.app.starriseuniapp:pushservice

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.app.starriseuniappcom.app.starriseuniapp:pushservice

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.app.starriseuniapp
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.app.starriseuniapp:pushservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.app.starriseuniappcom.app.starriseuniapp:pushservice

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.app.starriseuniapp
Framework API call	javax.crypto.Cipher.doFinal	com.app.starriseuniapp:pushservice

com.app.starriseuniapp
1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4544

com.app.starriseuniapp:pushservice
1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4720

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.app.starriseuniapp/shared_prefs_ext/test_app

Filesize
8KB

MD5
dc60afdeda3d5f4b84a1aa4c531d9d38

SHA1
210acc1d5411511f12cd2df8eef0b3f188e12fd7

SHA256
73c9c45f8ec6a354f89efee32b96e9f60cded739d656843c80ca19b42cdbda56

SHA512
9379af274e6b0d2fa3c9087ebd7de6076ab1d3cffbc41ab12769bc0ea3d83706a25015fddf482b3c612c47761ad1d464a528399cb4d511a0fce06418ee4f0276

Download Submit
/data/user/0/com.app.starriseuniapp/.00000000000/A3AEECD8.dex

Filesize
63KB

MD5
7877fcc6ff27adf942eb7cb71ab07d16

SHA1
0e41616b580a48d1088b17ba395ee8030fe158d9

SHA256
3a73a082690268953f9644a8ac01a8d1e3712fa69a83f8ddee52c6a6122b51e1

SHA512
e9501d6c7353607ad479fc3f44f29253a706ecb54389b90206be74b1971e424a50860d5a5d386bb79d43eae0e1040dd0ea0fc7ab28755bbb4a393a5e65b6223a

Download Submit
/data/user/0/com.app.starriseuniapp/.00000000000/A3AEECD8.dex

Filesize
63KB

MD5
5061e4948844f7d366972ac8005e9f13

SHA1
a2b79a1c79afb095ddebf0f16a1f9db64482bcaf

SHA256
3aa6caecfcd101531539147e01382bc530b4fdc61e98937d63cc4648793c6a45

SHA512
223d18ce248912df18cdea3c8e864ea5e6ec058ca42cc5fde738188c54abcd260d7f24ac53d4987d3e32f4ae3e1e40e01354054d035bb100eef51b2d695f5299

Download Submit
/data/user/0/com.app.starriseuniapp/cache/image_manager_disk_cache/7c75aa823b4b2d24b61d6fd9dc5f0e3d186bb5d0724c8c6e177a95bfd3a5e4a4.0.tmp

Filesize
903B

MD5
72e8f7d3218f35c6f120b9b68ed74218

SHA1
59cbf6bcdb3b6ebb2d540de3efd6bfe66d494691

SHA256
cd278ab68751cb50e1caf3c5e8954b396c01db716194efba9adb9559512c059e

SHA512
25b12ecb9b1e7bf0b44f8733c427d360bea49c60e5793cfcdb40b6d269679c64c913b966b5ed0c8592f8556d93665eeee57683cb77ecc1206434bc7a58d11418

Download Submit
/data/user/0/com.app.starriseuniapp/cache/image_manager_disk_cache/af53f536b991f911248fa0dfda01b7d95489301f5e66d3301256e5115f8f5734.0.tmp

Filesize
8KB

MD5
29dd233a29fe97ad603c48ed8a58161a

SHA1
7a91492f5ac12497cce458614406a6e2eb466ac0

SHA256
9e6938c9f9895ca8e99f8253150d71085bc062b295dd2cd4e0cffb70172cf074

SHA512
e93f1d181802d6fe2a53e9a3320efa9bf1f47e8a345dbc74e5a2fae0bfe5859e2d6d69ccf66de363a93eabaad4450af4f0dad2655b789be9d3d34edd3b8be75c

Download Submit
/data/user/0/com.app.starriseuniapp/cache/image_manager_disk_cache/c7f4ae546f2b923cf8d1da98c0ab556700e2a4512b284255133b516a5f2c35e6.0.tmp

Filesize
8KB

MD5
e25e3135d3b68c2ef8fe7de3c98aa1bb

SHA1
bf2cc99085cfc2267418ad501cb9c6ec76b15b3f

SHA256
d8f43155d2cbf59a8e54fd7c67e6a0ca5b870e1f4e92a9448050a0a7645702f6

SHA512
e6b7e38702d317418ba5aac110c8c4defa9d5f49a888de67b419c694e5c9d5c6c48dd289cccc7cda1c26e8858aabda7c4b235dbd58ac32898b8f57192a028c55

Download Submit
/data/user/0/com.app.starriseuniapp/cache/image_manager_disk_cache/journal

Filesize
8KB

MD5
8b5240fb52070e81bf98b71654450f01

SHA1
c3f7e6560ccacd733b9b69e2428f2637a8939425

SHA256
3f200549d88f8a63e04a80fe557529618f993465d08821702302b98c114a4a8e

SHA512
ef64a22437bf56e172429d3be1e4f99483d31c3bbea43727e91421968e4609bae87937e2df8781a17395368070a1a21277562b947eb5ef45d573a771987c5064

Download Submit
/data/user/0/com.app.starriseuniapp/cache/image_manager_disk_cache/journal.tmp

Filesize
8KB

MD5
378ce2606146af2282de52c45c03fb93

SHA1
1a48f2755d0c8370010613d41dd6def2191ce7ca

SHA256
337cfeeb2e9d24c93c9a37b60085b933c105337b68ea041b6e9a46744104a79e

SHA512
c794ceb5f9509adb837e3629ea6eb607593a51bcf43f35f2797d568e97d4505e3e14b8484dfc94413a91af942c4eb303c2034b863dc8332312359547340feff5

Download Submit
/data/user/0/com.app.starriseuniapp/cache/jsb.version

Filesize
8KB

MD5
b165fc31dbfca28368e72c0f07aba14f

SHA1
386f3c64fc3f00ae09a960c702b8d0a4021948f6

SHA256
05a95a89a7f95c5f203db0a952fd22f4dc5018f6dd6222d8f921fdcfa40a84ab

SHA512
03afd05392121a5f97f50c8929d141a36c8528294680907fc268571f55fc7491baf401cf3d779841127a6d994afc2f35276bb09e9231b1b32cf4b4b3460431f5

Download Submit
/data/user/0/com.app.starriseuniapp/cache/libweexjsb.so

Filesize
32KB

MD5
a0c8558450fabc35a625a138b98c4cbe

SHA1
7e1ac706afa1a1056e3a20cd0cf4480fdd3e7fec

SHA256
652d51e79b09366b3d861364ec7f8a3a493407aff94713dafe01a59df03cd284

SHA512
0398ee8827f2c65e9c61becd2b4f46176cf14504a12cdc21efa13dce2e97218ed955a7e55caf3a4fb77feba661c6c04731f1087bb4387a3d8a7efea038cc8cc3

Download Submit
/data/user/0/com.app.starriseuniapp/databases/pushext.db-journal

Filesize
512B

MD5
8203d732d7dd1838aec27716a4ea0117

SHA1
45db1255976f25a84fa360418ce934f6294842d2

SHA256
872760b02487f7bc95548a7e43628a1650878a904942a6a6edb8750b45e4c4af

SHA512
93e189d81a597fd99a3bff0fa0607fcca2c33af6973eacc4d8f6277c54e6dfab6a1b07acd63a072ab23eaf11908ac0e16925a9199224ad6c405132ae82d88868

Download Submit
/data/user/0/com.app.starriseuniapp/databases/pushext.db-journal

Filesize
8KB

MD5
7cb617dd076f7722d04aef450cf83efb

SHA1
157530458542bdbb5aa5e78d94390b2e057d962c

SHA256
282f8cbd76a8a647e9e44db90fc3db6747b432eec9d4b9da753ceb6777801b0b

SHA512
81d76e2ba276cc9285793ea97ec5d1796a43c856de3e395dbcf71ed8734b982dae4c65ece6bc6f10484d76387b8dbbcd325ae93698f46f1a1b0a2fbcf5517dd6

Download Submit
/data/user/0/com.app.starriseuniapp/databases/pushg.db-journal

Filesize
512B

MD5
652cab593201dbd321bb6d6ca04b86c4

SHA1
1b1396186feaf988473e29d38424302d1d17660d

SHA256
1a9ba2bc28eaab9bdbd154903a3bac7f63fef7a44081623290588f4b69919320

SHA512
5c5c6065ae679f2aafc9aedcaad7f328c38bded589a9461f3a10c25da642a57dc1b664ed2a3a906f5c4aa09c5cc650e3d3d877b189d4759c4dbc020b08cf895d

Download Submit
/data/user/0/com.app.starriseuniapp/databases/pushsdk.db

Filesize
48KB

MD5
84d474e4630bfb3aa4b9b65c15111247

SHA1
a317d555ae12a3cd1157fbb5f5438222199ffbd6

SHA256
d97426624f7ae0183e35ff2d8a857063faaf31b36024bba7f3d8e277692f7b6f

SHA512
37cba232d132f708e95acb02abc43973318d4cce7edc68dc92576d0cd4a1c8161691131fed8d5c678985f280fa153ef9989301b307d357860ec2df0dbd8c8f23

Download Submit
/data/user/0/com.app.starriseuniapp/databases/pushsdk.db-journal

Filesize
512B

MD5
f0fde0d81ab674d1649cc8a6d01b5e00

SHA1
68fa75fd4321ecdbaaa42dfdc7b3a95950de04df

SHA256
5dbbeff58e8ef025f5c4f26e67c62b2d00a486da5e5e49d137b18930d57b9387

SHA512
bcc04c7255abc421965c1771533051a312af813308e633a07c677ce0205c2390aba4f1a1867de9fa65577ddbd63d8098143a7887ce0e292a5a8e99bf56f5e4b7

Download Submit
/data/user/0/com.app.starriseuniapp/databases/pushsdk.db-journal

Filesize
8KB

MD5
cb06c5d6b82c6066c152a49fe036e6ec

SHA1
09836140640613a25ee174f07c28f22458655825

SHA256
b98f5e6a7998579af14f9ac04519274fc55656c03ba1db9954d93df94ec4643d

SHA512
e5b891f410d88aa3e1eb35b00b13746747e6f9d4ebfe3cb529dadedefb92481119738cd58bf985946e3be1baf017dac67fc10a149312b69d4c1e87ce686b2786

Download Submit
/data/user/0/com.app.starriseuniapp/files/.imei.txt

Filesize
32B

MD5
4952865f6482dc17280b1021986209db

SHA1
a750dc594d0d5ed42c3806cc5e5c6d2cce87a7aa

SHA256
e601199eeb8acc213123bc0a40350177e7f623df36a4b1383ab4a1693604bfe8

SHA512
dbfc4294c77bb81cb2c7c3d3400d84f30f4e8f977dc8325f9194c1c2fd41cbf126edd6137ea194f65f178bce8fcf26867e9d5620f34e1b18e77aa54210cc4378

Download Submit
/data/user/0/com.app.starriseuniapp/files/cnc3ejE6/eje3cnc

Filesize
39B

MD5
7769d4507985f59116153463f09235a2

SHA1
b081e84d14300ac7a7947aade9c025fa83bc17fb

SHA256
5ba33c69421ad27727832442cb5939d5bc853acecd0d8162d7c10a6b96757dcf

SHA512
ce5bb431a31eaba24c0cf467bedb1abee2205b74c4533067058b09ce7e8f9480b8baa01866e3dc89d1800d07da6007f36c1b4fea811e3da164b187903480d29f

Download Submit
/data/user/0/com.app.starriseuniapp/files/init_c1.pid

Filesize
14B

MD5
4bac5a95f6e5a3d2f646e87144103d80

SHA1
b7192e49823acdf495cba8aead97c7ab122cc43c

SHA256
7fc3170294c23398013a2feda093f11744acd7cae91589f62150880c5eac76fd

SHA512
4a596b42b650149c16b794df1065dfb6b698e047dc0d6aa818cd9d076cd34cfa102bde2805570f3030bf7092130f23409f6041ac5e5316823db28f12ac169ab4

Download Submit
/data/user/0/com.app.starriseuniapp/lib-main/dso_deps

Filesize
4KB

MD5
c1bd90dbe959496a973776703aa5ad95

SHA1
768bbe5fea2f86e473d7038d415e97e3e9260b82

SHA256
52efd40de7036e8578f78d3c8da4b1c54f3360ece08dacbb1558b96b692ba363

SHA512
9c7f1bb8d1f425eaaf0cdb69a55978a86c19c1d94082baeceb5105c4ca867a4235a2d41ae9847b54f4ce4d278e7a6d8213e65651eed8a2185df66cbb330059b8

Download Submit
/data/user/0/com.app.starriseuniapp/lib-main/dso_manifest

Filesize
8KB

MD5
ae062c0381c71d65fbd13cc4d95389bf

SHA1
56be8f188d7c738c3b0990355af29f2a3fb9457d

SHA256
2d767e94ff3e0707ad5d9813e6d1ae6a9097cab2965895f5eb8c06ec1f365d1b

SHA512
06d998734523bf7a8b18eae038f5c77c047840fa7c5defcef99deda1a2babb92d4992ca3fcbd3c527f44d683e00ea1bf324a1447f757b7fe257f55e58e946792

Download Submit
/data/user/0/com.app.starriseuniapp/lib-main/dso_state

Filesize
8KB

MD5
a69a7d02221a3e20b8ad9ce7bf832960

SHA1
9976e87efdccf5db2cf3a5e42b0daef551bd9e84

SHA256
3648bcc5c435f33dbeb1782aaaeaf90cd76d4ac54673eca2b6fd51fb76f2e406

SHA512
3c602f682f17b6dac3cac0fccb7d65fd83033c094f2643cd26086c94c1c77ebb853ecb9ced20ef92c608fc044c033684d29578ecd372200258f18d6134bafb36

Download Submit
/data/user/0/com.app.starriseuniapp/lib-main/dso_state

Filesize
8KB

MD5
1fae1e993f6ae7bc1b0a91e37ef748ac

SHA1
53150236d4e0cc37406194b12a2ea3781b65d11c

SHA256
7c744f3792191140bcf04c2d052859b3d0b4b395064da8940b1ea704727440d8

SHA512
66e0b02a77e8d617bc6afd3cde056b77375396d3fb34b7547bc093d239da990ff907fd7f60fc2ab865e7bc00a36de976116a9aae11521867f58e90dd299768e1

Download Submit
/storage/emulated/0/.imei.txt

Filesize
28KB

MD5
a1f7186312dedc7c03592e22af158f78

SHA1
694a8a0f19606b65c50d62e4baf1fa4c3cdffbd0

SHA256
519778539287260beccd61e4c05ce416de8291c8be0ab69ada0d03b17edc8041

SHA512
d303292d5019409091ac5547ba909f0681b23e040a8aea248bfbbb211deb8eaca98d5031d8aa93287399601363813c2bec45d1fda6a5123ad41cdcbabc06ecfa

Download Submit
/storage/emulated/0/Android/data/com.app.starriseuniapp/apps/__UNI__99FF083/temp/1715732316209 (deleted)

Filesize
1.3MB

MD5
f1257e30dd56438c434704d9c3c4ca4d

SHA1
eda2d792fba15ac9a2694b16fc512e0983a29acc

SHA256
f8acf18e7ad4d0e78196bbfff94cf5a24d2f862cc30a6779131e8d5d4fde2055

SHA512
2a037b85508c8d017353fb6a03ca65801592655ac7d1d9e1d182549eab085b44140a042852ac4bebae836f389f42a412a2c018d10e3255b80ba85670cf77a2a9

Download Submit