9a4e6b395bbfc447d66b7575bd3e6de1e32221bc2e45c65f90106d30a5657147

Analysis

max time kernel
10s
max time network
141s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
15/05/2024, 12:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

461ea8557e21f992f429544424cb15ee_JaffaCakes118.apk
Size

8.1MB
MD5

461ea8557e21f992f429544424cb15ee
SHA1

dfbe7843d2b65f198ce94727fdbea0e14973351e
SHA256

9a4e6b395bbfc447d66b7575bd3e6de1e32221bc2e45c65f90106d30a5657147
SHA512

803522fdd31e0a31df0d4519add1f1d29bce093dc5d288aa589ab9970718028a156b0ae62713406b2b459d6e8771d03e2971f704bb7f8e0042b0fe7b19c1a1cf
SSDEEP

196608:YZn1ESThV/q2sJgD2CVpYlVqf/wTZYL0SxjNa9lWYIzFg3HF43Tswm:i1PTh82sJgekIY0SxZIlW3zFmOsh

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	xinglin.com.health_assistant.beijing

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/xinglin.com.health_assistant.beijing/mix.dex	4648	xinglin.com.health_assistant.beijing
/data/data/xinglin.com.health_assistant.beijing/mix.dex	4648	xinglin.com.health_assistant.beijing

xinglin.com.health_assistant.beijing
1⤵
- Checks memory information
- Loads dropped Dex/Jar
PID:4648

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/xinglin.com.health_assistant.beijing/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/app_bugly/rqd_record.eup

Filesize
383B

MD5
92f5a9405c07f8b435db5d44c5ca65e3

SHA1
c87aa6484d75684879baead6fa76acf87d153b76

SHA256
6de2de3bb36cf349df458542709d695766c3f1dad84d312094f79838f60f3c88

SHA512
ea6e4525a4f714db7dba2e16b1c0b038f7a435e981817c9dccac6d9cd809a2239cc0722b4ed1570b733a56a52b7c68588d00631d3563970acdd01bd4f6d5b54c

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/app_bugly/rqd_record.eup

Filesize
1KB

MD5
2cfc5860ac9859698b17649398cf7564

SHA1
60465394b21d855329d1ca6f4c8c525df2b9750f

SHA256
01bff0b8c543973e851e2a4f811766fb2659a6a46bf6319cd9b70160da2bedac

SHA512
49ffcba948155f08b63e002faa0881243eedb8295eacb2f07308a4fab7fbb7f402e624e96063b35ad40b59e6e81b175c0a27f14be7e107614ffb5b0854d05c13

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/app_bugly/tomb_1715775122408.txt

Filesize
56B

MD5
bd0f8f8f3ad93fa07623422ec6e72003

SHA1
c3589295e7a4ddcf35bcd7a2c13bfd381783821a

SHA256
7fe875398dea7537a57a77c5275cbc8647aaf63ab6fd9148443b65df2e1d0647

SHA512
2ec3e073321262b667afbf98fe4e9f51e4c0c58baaad506b120239031f10699d699b94470bef13007bd6199df3d3b03f1eaf147c0cba5178aee7e267072b1c0b

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/cache/tomb.zip

Filesize
207B

MD5
776b8333ccf995974d0791371111037f

SHA1
fef52fc3da4e8ed035423545a84f8e197fd9e5fa

SHA256
36ac9b2015de550bc63023a65dc7d039c484d3f6438d05a08a0dcbb41e3a3f2b

SHA512
fe9f20089aaeed71fb56933507a1f96627b1424766611dd893640591b5744327bede99129092da63da40af4b66132a4007af3943930e225b3018c335a83ff89d

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/databases/bugly_db_legu

Filesize
172KB

MD5
6e458ef6019c4a64de6182ac54270b0d

SHA1
17c23f1cb14eb34d7aae0535f751b2e3a7ce77ab

SHA256
634d2acb55601b4564d77724aa9381e10cfdb14969668ec5c2f99aebc0920e70

SHA512
d94a64319bc214175469361417c397a2b8adecb1414f0327447fd5c46edc5e3390c30ae85c693ef36b8acd584b931a870dcfced7da2c92cc8cfba80b6a7a5667

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/databases/bugly_db_legu-journal

Filesize
12KB

MD5
c2c6c294ae3a42f42c4e4a0525077a13

SHA1
856e79d0a5a6d0924ee9d20fa0ef8198481bf653

SHA256
68d96352e3d86306b423b2f9e879d666b06d450ed547036243108f6867cb0574

SHA512
8916603b11636d63498268b70d7f1653012d6e7d3d96054e9914a5d1b60d00686922be4a7695758ae815eca89b4973e162a8b3fb228ed77634cc0add6bfa2d6f

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/databases/bugly_db_legu-journal

Filesize
512B

MD5
bfb38ee2a2a6ad042d890dbd60d5d8ea

SHA1
8e12c7e626c7c96cce2c94b2869a4ff512f3d1f6

SHA256
cdf7753b1fcf715c8165243a03a07dd11fbbd0b1f06b48aa3aa7c6554bc06004

SHA512
5300b96198800f7b819f70657729108f08b9c3627c26180e8d488c7d2b18d224c7debc016cff5de13a032a4b2376f2601af376cc58fe648342abed6f2464f05e

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/databases/bugly_db_legu-journal

Filesize
8KB

MD5
62a161f815a838b49b8c112ff2d92b43

SHA1
576e87ba75236764e4f425d3389779539c4c33c1

SHA256
aceecb2034f3e0cd849fa625dc20c5da8c0039bde4a8d28a543c31fc8216eb6f

SHA512
bd60452d6e0c572d15ba668f0b4251f03835a64339fd36c9a01574fe3461d0a4463c9b982d4c58a61fbd243bca4d769aca00cf8193c58009fe361fd8ff6e7fd8

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/databases/bugly_db_legu-journal

Filesize
8KB

MD5
45f4d9c372be5180c778a0cf6ba2c3fd

SHA1
56e214cb7670771110655aa165a3dd9ee45e8ff2

SHA256
ad8af5fe80c76579aff2bc444c73b96a26bdf0c2f1ab31a9bcdc74a4c33381e3

SHA512
c58e046101e284e049e9b49dfdb7c1801bda98e274c1b0e44acd7e39594a234c075fdffba680f96371ccf6a3cd78c84978b6b7c441ea5807792717574b13114c

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/databases/bugly_db_legu-journal

Filesize
8KB

MD5
703d6b0287d4435871677cecff7bf54d

SHA1
9c60add1dd35eafcb93fc58555c5b364a72cc851

SHA256
af09a790dbce43c7034bf5e8bd5bb4a3c04ec45bd47546698d675bb5c2663777

SHA512
e8e77a64d0bfec8928a37f765c0b620d20df5d4a08c2317ade10354c5ac32e494e21d83bd9e018c1a50ad163d6e8c317e77e92c9eb0a544a2b977ff23959a575

Download Submit
/data/user/0/xinglin.com.health_assistant.beijing/databases/bugly_db_legu-journal

Filesize
12KB

MD5
0de4d1f9eaf4c185b8625e8b255587a2

SHA1
da26974780652ff7665d230b8839e8d0f0ed1207

SHA256
24338a0d01a975669f761048f841b371b123cdb7022072e594695e8dfe79b41a

SHA512
51f6d36ab8bd4ff78e547774dabe1a6598e6cf8ee8589f34bccb3d89dc3dd97ea4566636b6cc6724d101637c41c53af18a2e46401b605cbc3c474d0c358c01a7

Download Submit