Overview

overview

10

Static

static

10

4dfa2a2812...18.apk

android-9-x86

8

4dfa2a2812...18.apk

android-10-x64

8

amap_resou..._0.apk

android-9-x86

amap_resou..._0.apk

android-10-x64

amap_resou..._0.apk

android-11-x64

Analysis

  • max time kernel
    175s
  • max time network
    190s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    17-05-2024 02:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4dfa2a2812981b7b881a292aad4c03d9_JaffaCakes118.apk

  • Size

    29.3MB

  • MD5

    4dfa2a2812981b7b881a292aad4c03d9

  • SHA1

    6752394057effe2e4fe89cd0c5c4575b7b042136

  • SHA256

    b851761640c18d6ce981b2caa46b0021562586ce2fcef0c2b6253c73ac9ab4d0

  • SHA512

    68f78e8af3ca9b8b3e2da1af90b79d65d1834e9a347597c4dc6640fa94b3a638101eee8b6af2a9cf9b7c55210c942031bc722e91591b6ca9f0b6e2d1379b8ee5

  • SSDEEP

    786432:swCggntDWPsYz9SUDRZl8PGxRF+owaFbrf0PI:swCggFOfDuPGjdbFbrsPI

Score
8/10
bankercollectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Requests cell location 2 TTPs 2 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscoveryevasion
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 2 IoCs
    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • com.ijingyi.buy
    1⤵
    • Requests cell location
    • Checks CPU information
    • Checks memory information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Queries information about the current nearby Wi-Fi networks
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4318
    • /data/app/com.ijingyi.buy-WtEcUtRVJwUM92rVywqThg==/lib/x86//libweexjsb.so 47 46 1 /data/user/0/com.ijingyi.buy/app_crash/crash_dump.log
      2⤵
        PID:4382
    • com.ijingyi.buy:pushservice
      1⤵
      • Queries information about running processes on the device
      • Queries information about the current Wi-Fi connection
      • Queries information about the current nearby Wi-Fi networks
      • Registers a broadcast receiver at runtime (usually for listening for system events)
      • Checks if the internet connection is available
      • Uses Crypto APIs (Might try to encrypt user data)
      PID:4530

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.ijingyi.buy/cache/image_manager_disk_cache/3633f4aea60087a3172ca815e8028876b98bb5e2882b6c1dfc0e02d108ea142b.0.tmp
      Filesize

      310B

      MD5

      30d1e3da722eecfdcbe0dd29a917ff07

      SHA1

      270cf9da2583ed840fb63e1aaf08ebcf0c496af8

      SHA256

      3293dc5faed55dbe9ed42892b964c6e29fd267fdfaf5e33a4339e94aad6cef58

      SHA512

      fd8b592bea9c6567b1172f6cbbd5c6b961a636442fbccb02e669b2f7b4b1da477342fac47acc2f3fae189cf03a70fac7d693aba286a4d3d0d578d0031814704e

      Download Submit

    • /data/data/com.ijingyi.buy/cache/image_manager_disk_cache/9ed1e417a79659ff517a3930dbb48115c728e1575520924147dc7a8309ca1e4a.0.tmp
      Filesize

      287B

      MD5

      024c554a1bc64d006509320157062bc5

      SHA1

      c4b3ad523fda2e63140a8fb62fef3e7a9c48e604

      SHA256

      3c4bf1482af05f8569b021870e4c5dd09a615ed7ea0f9e92ae065603d0159eaa

      SHA512

      521f640ac15725197b4eb41525c904327d68225101ed1fcbffe87af367c946c38c2cd72a9358d1d4d6264169fb318b3a81e3bdce1fdb95ddd0d8024d267416a2

      Download Submit

    • /data/data/com.ijingyi.buy/cache/image_manager_disk_cache/ceb4efcee8bbaac8fee8f9483de122e8e49cc1f1b7eb90d338c505ce26bbf208.0.tmp
      Filesize

      1KB

      MD5

      4da61df6d0c4ce2452c91bff017d7ce8

      SHA1

      391c63e86e2e863ff60f2b6c3ea00ffc6b765eb3

      SHA256

      3037557212fcb469f9b508fa094426584591d771527d5cbfbde1340d5f179b13

      SHA512

      64516e5f72ae7f037469ff2755f1b6b76f868b73d685385864befbf53cca77f321fad8a72fcbd68371d00caa4cec5234e92c474492bc615c913d06edad37c170

      Download Submit

    • /data/data/com.ijingyi.buy/cache/image_manager_disk_cache/e5aea0590df81b4da37b9dc1cdbe9fdcca272f9507a7592f89ce612c4fcae2f2.0.tmp
      Filesize

      489B

      MD5

      632e203efe2da11849a22490ccf89644

      SHA1

      8eeb6b9fe35ae7e015c33e777ec96026f33f4ec9

      SHA256

      717953fe14e41640d53100c0dec4f46b7d9fd390c9f09a56970c7618072983ee

      SHA512

      64236861ff0e9572a110ab2df1d1259180dc9438818f4a3b62cb3a9fc58ea0817aab59c4349cde843266a8fb230ece9d326a6789fc974b3489fd66e2103ce318

      Download Submit

    • /data/data/com.ijingyi.buy/cache/image_manager_disk_cache/journal
      Filesize

      974B

      MD5

      34454efdfa732126d66f4fe28214e7f0

      SHA1

      a09a4d69a334c8775b7787b5ed24015bebcb53a6

      SHA256

      244b34aea35eff61ec86a78592c999965d6011bd04c7b5fb0d9403dc1cfd1c0f

      SHA512

      7cb4120c172fc250a1935e825024ba04e6920d7c4ee6742922698711598782b1e691901670bfcc5221a47d7cff1b1dafca1164ae3aac06ee3ed9b91e5e9ba1c8

      Download Submit

    • /data/data/com.ijingyi.buy/cache/image_manager_disk_cache/journal.tmp
      Filesize

      31B

      MD5

      8c92de9ce46d41a22f3b20f77404cc1d

      SHA1

      8671a6dca00edb72be47363a7071be65cf270373

      SHA256

      68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

      SHA512

      30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

      Download Submit

    • /data/data/com.ijingyi.buy/cache/weex/libs/weexjsb/x86/libweexjsb.so
      Filesize

      32KB

      MD5

      5507ebec985f1ceec29e90ef15129934

      SHA1

      aa65901187678615a5dc9b8ab11cab09abae9988

      SHA256

      9a9824fa247724da36229b32c6a2db5bf7a6c837de08255e80cf9eba5843b796

      SHA512

      3a66ac864e5e8376ae1070ef839e970cc39ffdc452e56052ae56081cdb3a67b404e2e89efd7c021d8dce69e6c69c312d4b4a7ca7feb7c46e3f197f0b90091a9d

      Download Submit

    • /data/data/com.ijingyi.buy/databases/logdb.db
      Filesize

      36KB

      MD5

      a7b5debf648af8527d38065f285c6754

      SHA1

      ad8513c878ca1483a2472c7f8dfc8a416418517e

      SHA256

      0d8f1987d41b042ee7aa1ae97d1950a40884ff4ed620fd02371017160e50eaf5

      SHA512

      c879b912d723e9c382e547f605dea4d77830d9300c3cdb1a14c2758cf4e895000c7ba2afe37584ed2fb94a9893e8ff47bdfda4dfbf2dc47aca75efc5d28984e4

      Download Submit

    • /data/data/com.ijingyi.buy/databases/logdb.db
      Filesize

      20KB

      MD5

      be5671c81eff187a640eae8b1b07c320

      SHA1

      ab35edf013dbaaa267db3c871bfc2c18ba68ca2d

      SHA256

      4351472efff537a26a79e22f26d027596234d9d5245342161103a33215494a40

      SHA512

      24658194aa0804bd1057a7f449ad7693162054519746b6e326730f5c6d4539ee9c31307d74bb81dc3c42c526dee84e257799fa6bf4b98409d1ab27c24c730bb4

      Download Submit

    • /data/data/com.ijingyi.buy/databases/logdb.db-journal
      Filesize

      512B

      MD5

      f61943acc1f5edf8b8150c2085215390

      SHA1

      f17bc7c281bf63f8c1be5c56b3445a1eb2479df1

      SHA256

      d782fd14922ca4de1446ae77217e8886923011254ce4c04a17b24a265088ae4a

      SHA512

      491019d4cbd803d826cd4f479b5c1d9f02ec95e14b70700f2c652db8335989c1334c944fea8c9d5185bf8ecedb2a17504b72f10db33d9a5f9a4bf01d02c04048

      Download Submit

    • /data/data/com.ijingyi.buy/databases/logdb.db-wal
      Filesize

      48KB

      MD5

      06588c3692bb9f695c956d293072d713

      SHA1

      890d0fd4211241c7c76e446406a634544f5ba258

      SHA256

      468a01c1f16b1fb342bf3b2f9986893315c5d717a117fe46fc1909189cc95a21

      SHA512

      e4cf867619965c2c6464ffcebe7f27210ed79695961341a3ac86918c919f5579f6c7a28b78ddc73983aa4c3ff0d0da2d35aa84fa990ff9cc067b101f6da76198

      Download Submit

    • /data/data/com.ijingyi.buy/databases/logdb.db-wal
      Filesize

      8KB

      MD5

      6c0264ecf949ebfaa6ca007062e0720c

      SHA1

      0e3d2b4b4a51dd486a586e53c3bea1353b70dbda

      SHA256

      47ee4b3ab913c7dd3c2e90cb3b3d057b6d247a15a7ad23878bbac1730435fad9

      SHA512

      1c76748e3b5ac145041c9cd011e31707f8f6e7cf543459ad124930a26db3b1b9bb860f6dc92e4c2ae69bf9d5af9cb800842fb8f4ab8c803521551ee3672cc94a

      Download Submit

    • /data/data/com.ijingyi.buy/databases/pushg.db-journal
      Filesize

      512B

      MD5

      5d78b5d0d90e2fc34fd56f842362848f

      SHA1

      48f3a9602da49a48ca173f32ea49f8a9d5332ad5

      SHA256

      beca183986ae74ecf76bfeacea7c5c341f25e60a6d90ce86cc21c3a0371e5828

      SHA512

      9fe0aedbbf910b127ac66cb35cd0eabab3255ef272c83d16d0fb29c71e91d76ce78473f364c1b273745b12306ae88defde9000d868c6af80f5c50ccb347e7289

      Download Submit

    • /data/data/com.ijingyi.buy/databases/pushsdk.db-journal
      Filesize

      512B

      MD5

      2486116c92de7031f9fc1e52d70cc9ce

      SHA1

      d5beed229a2099428c92ab9c4e5f0553c7b7a6c4

      SHA256

      7a39e3e14111cd804ebe9b6f5fc42492d153e940f42cb03bd01e646ff2e560fa

      SHA512

      fee33a4ab3400d0f727a40a0bbb0b48279492683b859ec3025738ce701c0329850fc811c7d5742d4067f3f50b73150aff28c6e0f0a6774ecb8aaa4f356414496

      Download Submit

    • /data/data/com.ijingyi.buy/databases/pushsdk.db-shm
      Filesize

      32KB

      MD5

      bb7df04e1b0a2570657527a7e108ae23

      SHA1

      5188431849b4613152fd7bdba6a3ff0a4fd6424b

      SHA256

      c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

      SHA512

      768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

      Download Submit

    • /data/data/com.ijingyi.buy/files/a/b/4c984fe24161907e5b5b9423ecec3163.0.tmp
      Filesize

      567B

      MD5

      d12f3bd056f7d810404e377824ec91a8

      SHA1

      5a8054e0b7084765a0a3acf1f0445cc3b2a49bc9

      SHA256

      c5319a67cdf09b105947b536939233128655ca95c4b509b5825c30f55026089a

      SHA512

      0003cb4f87d26681fae8f7c95f0902bea02c15a2a583240da647f08b4c002b0b81c3d49286cd77ccd6d19cbe0f10a92a12f89830a0932346baa1190867c946bf

      Download Submit

    • /data/data/com.ijingyi.buy/files/a/b/journal
      Filesize

      113B

      MD5

      0cf77f36c527abcba3e91da23011c1bf

      SHA1

      3bd240ceb6e24c9ceb3e2ac8cbaab6cec10cdfdf

      SHA256

      a6bb2d97757402adee9ec84cd2497f9e23a9408d3ac4f09f2d8fd23066cad0b6

      SHA512

      6e6e40d6ff7a2e539b81246e9176b4ee18937c9f7884592a91b7613f4eaa754c54c97dde39c6c7c81fbb6901231c3136a288c801bd3c654e58bf24a29112cca4

      Download Submit

    • /data/data/com.ijingyi.buy/files/a/k.store
      Filesize

      32B

      MD5

      e826b47cc4810a6b0594b20bc276e5b3

      SHA1

      3e5172ab33315cb1e5524afedd9f084723d6e072

      SHA256

      b3356b40ab4f81880ad4af063c9b400f24860317c5457d82b1603ada8e691209

      SHA512

      6dd8816851e49db006ad374c1380bba94ca8ca3806c00776165783336da35d3cdfa6eefba70a1d342cb62e520c5a21d8a9805c7b62eda96a2b2ab8bffa96ceb1

      Download Submit

    • /data/data/com.ijingyi.buy/files/cnc3ejE6/eje3cnc
      Filesize

      35B

      MD5

      762298b93820a5cd8b6d8ec469078f7f

      SHA1

      d5b02a2ff3b235cd2b61ceff53a1d88b8984477d

      SHA256

      dc3f98a33c26c2796dc294b354831fd5ca9796295f4cb38479c80b145d4807db

      SHA512

      70f864211ce16679d0538abf9b7071d27c2d22ae458e32409d20065032c762dd186307ef33ede90abd9ac794a4ced8b163404e9799c05f0c515337249684311e

      Download Submit

    • /data/data/com.ijingyi.buy/files/init_c1.pid
      Filesize

      14B

      MD5

      6cec773da51ab0744615b3d4161e7288

      SHA1

      ccff6363cc687b75ad30fb2b8e30a0fe9b263e5a

      SHA256

      41151051df08417352c4a22af996fb0f559d73d29d61728277c6fc070bf886be

      SHA512

      c855e9e1d219e94ada977969e624efee1598c8e54360f1f1690da3489f4259a41d0d3d5711f6f7ca67657d6ae7c6ac4e621ac84b81fcc2ffc717cb8842bf7c21

      Download Submit

    • /data/data/com.ijingyi.buy/lib-main/dso_deps
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.ijingyi.buy/lib-main/dso_manifest
      Filesize

      512B

      MD5

      6e1140106ec6d6b41df7f211e157ba8c

      SHA1

      4b390947df075621d4566f263083608761f1d5d9

      SHA256

      456b8797f94c8e2862832eacd3606cfd965656d87448dfd9a97d809a64713b5d

      SHA512

      188f7e2d0648687f4b16e957757449eb6df4268ef8d89b709a7a8ac37f53c5a6ea47b2047133dc74b5041835fdf09396da34a2645ff901c3069cb5e09e67c9ee

      Download Submit

    • /data/data/com.ijingyi.buy/lib-main/dso_state
      Filesize

      189KB

      MD5

      fb228d91f849ea52901c93ab85d4d83c

      SHA1

      9271753c9dc903d22228e345b183279cb822580f

      SHA256

      8096750461165289a127f5880b77fe97fda9a642876140023a94cc443113176d

      SHA512

      a5587718bad69547c1a8f3ae784a207e12ae4f5d00aacc2f3e25bc2f74bf31bbc94280a42c3c95bd6e3d6e926e58f33a2e3a0d747796183da72727caac7d78ad

      Download Submit

    • /data/data/com.ijingyi.buy/lib-main/dso_state
      Filesize

      52KB

      MD5

      3933dee45cfd74d90156496e6c66cd82

      SHA1

      5d7752cf66e47a02df110816ecde3ad7cb526d96

      SHA256

      63a29ee5f5795135e04d34eb18740ee8d8676f5dff8e2986ed76ca18da4ba661

      SHA512

      7e983e1a45809cce2c53d4226890fac776c6dfd609db121f18aef2a2a3dfc545b6aa4586f7d3c23b94b21bd8702bdbe8612c0be4bb4256d85d5e650fe2d50ded

      Download Submit

    • /data/data/com.ijingyi.buy/shared_prefs_ext/test_app
      Filesize

      29B

      MD5

      dd22ecea781787dfa6bcfcd293b4e58b

      SHA1

      5eed97fa9faff121e290c8767ab495ce7feef0bb

      SHA256

      b7b0c27dfa0f55bf68cc933bf96d9bfc703439f49bbf2884411a5d952baf0c37

      SHA512

      81e67b8837239d26e4da5f076fc3d8bf4726f2ebbddb6ad65e4d2e0b382c6e251ceb7fa17710dd175682164795b6ce4e5d989a9025536e6ed9d5fd4219622045

      Download Submit

    • /storage/emulated/0/.imei.txt
      Filesize

      72KB

      MD5

      371ea152b0f738b694e1d914c47a47c5

      SHA1

      583312253ebeb61ea57d2e7d9d20e0e2668f502c

      SHA256

      34529b96c4e1e7d318c20282bb00bcf50c8f269da649e72a86068eb175a8b949

      SHA512

      24485cb5514f3cf8d0cebcad11e2976254e317ee67ad3d7cf43ac3aa2a579c5051dcc84650f21d456aedeb0b7350973906e9f6f7675ca3d37cd1f30170597b26

      Download Submit

    • /storage/emulated/0/Android/data/com.ijingyi.buy/apps/__UNI__25C561C/temp/1715911310492
      Filesize

      1.1MB

      MD5

      55d152677a7a210e93fb88d1c3c9ba48

      SHA1

      c0732afbaa328badb2d8a5354075cb02f734ca8d

      SHA256

      1ca34be1cd1cdfc26ae914f8ea8f5793aefd05128790019546f59b1422f5479c

      SHA512

      bb52d692202dd284090aadd338aec487b7665c70c6af12aac755988ec1da9a52ce542e4252f8bddcb83226475dc188c003011fb4ef9cf56d1830cb8f9be5a1f1

      Download Submit