Analysis

  • max time kernel
    7s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    18/05/2024, 09:28

General

  • Target

    540f70d9d68a6a7851a327b51a2e18d0_JaffaCakes118.apk

  • Size

    10.8MB

  • MD5

    540f70d9d68a6a7851a327b51a2e18d0

  • SHA1

    360edb830dd99a27a4c74c5c77ac6a63641fd4d3

  • SHA256

    30533dd01149aae9d1be0c7e6bff2535a4d4b16d73265057725a00249dad693b

  • SHA512

    256159cc80bf489423b036690869b1aeb6c63a63584f15d3e56231be9cc012c3118f4ec432a85fe0a360ca4db13237261d98e8ea2d8b45c25c1e869a8e974b2e

  • SSDEEP

    196608:Gi9wXFJhkn1C0ayoo5SFhZWl+DbuSYBMwokT71Xe7e4lf0Z/aorTC1XZZLOt4fyg:C9iayoo5SFhTbeUkECw0Z/aoihTvIY

Malware Config

Signatures

Processes

  • com.yiwyxb.dk140255
    1⤵
    • Checks CPU information
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4317

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.yiwyxb.dk140255/databases/RKStorage

          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        • /data/data/com.yiwyxb.dk140255/databases/RKStorage-journal

          Filesize

          512B

          MD5

          2be68e595c0b1e2d7a6523e02bb3311d

          SHA1

          968587d9132a45e6f1c678e99cfeefa3096b5b32

          SHA256

          ed40c86c4fcc12ea6ba3b14fcdde0c1dca5c901d7ed7902a814e5f9cb4879cf9

          SHA512

          9eb6ca86e478a9e18c532d250cf838dbda0decf31d72968df1b3fb9f341ced708146762e3bcc32d32e3ce96edc0696d79afd6f0021c2beb74e9e706617ec8dc7

        • /data/data/com.yiwyxb.dk140255/databases/RKStorage-wal

          Filesize

          72KB

          MD5

          ad91fdf01ab58c0ed7fe7668bfe95713

          SHA1

          d5ccac26583578533ca2a29d5a2266161e278b06

          SHA256

          a2b6535c775aa9de86ca98c5fe773df586c9b0ed6619c412718266747308edc5

          SHA512

          016dedcc2a248d7f7e736cacf80605f6dc98df44162c4c1c4fb8b4de37e574ac984287abfe51fb291dc509dc22b3b90a21358664a8dffa38ff185804e366a939

        • /data/data/com.yiwyxb.dk140255/databases/cc/cc.db

          Filesize

          36KB

          MD5

          5d7ea1a23af19b4340cc8d90f28297d5

          SHA1

          4cfe95b23a9e98378d69c4290af81b51fbe76aea

          SHA256

          474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

          SHA512

          33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

        • /data/data/com.yiwyxb.dk140255/databases/cc/cc.db

          Filesize

          36KB

          MD5

          ce6135aa1b1fe4f2c2db2a546d2a5558

          SHA1

          79b59582154017aadab783dc266fcb158c252940

          SHA256

          7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

          SHA512

          2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

        • /data/data/com.yiwyxb.dk140255/databases/cc/cc.db-journal

          Filesize

          512B

          MD5

          6834026af7d57349218c12f2492394e0

          SHA1

          6f098899ebdb7ea5a947f124a3f00070d7f9878f

          SHA256

          acc269c9b9d8da94ec31ad4cb6bb05b4b98a98d566b0a015fbac773602407377

          SHA512

          966a52faca95304038a73fde8b9d88eb70858901fc15b87fe50e8e24c40059b0864db5d4a79f3051e8ee13fce43bb2166afd009d4b1f7da81163dd9ed2d17ed1

        • /data/data/com.yiwyxb.dk140255/databases/cc/cc.db-shm

          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

        • /data/data/com.yiwyxb.dk140255/databases/cc/cc.db-wal

          Filesize

          48KB

          MD5

          e1c7bd7d5f656d69709c712ecdf9494e

          SHA1

          e67e89cceaf5a2d61469bdd312fe4e76ec23be1e

          SHA256

          3408c1423bf5a212f1c6a5db1d79851c956529b3b7f3c8de1559012faa14b622

          SHA512

          9c1556592d5a1107d3cfbc90c43beb494dda9d87c2498c1b4e8dc85ab83b06cbe1d6c5a5a229f0624356b0599f6340ee7f33df4636bff40917dbfd879d7fa080

        • /data/data/com.yiwyxb.dk140255/databases/cc/cc.db-wal

          Filesize

          16KB

          MD5

          f63c77996c9186d2d53c4e048d78603f

          SHA1

          380cba6364464621d20bd97a94a815c070b0102a

          SHA256

          aa8f4b4ab8a71b8cb68a9c366d08e24daaee93a969b609f1c56aa1fe561400a3

          SHA512

          6fdce1b7d96cee68e3106608bcbdf5b0e944c38d34e81d2af640a3067d99e8b700c423886d435f3936040ad223398fb060240871cc83533307e9383ada421585

        • /data/data/com.yiwyxb.dk140255/databases/ua.db

          Filesize

          32KB

          MD5

          b25b9df4f4fc087dd278abd4af82f36e

          SHA1

          a8da4d658dbe761f6bf56d19057af871618b377c

          SHA256

          244e3b6f1ae95ac98ebebea28784845679bd4dd68fa021b076aa299e56f96409

          SHA512

          1d6e5a3f333f8f2884fba59c32256683537b09ee891448b44617d91edf405e1fe590cc4a04d973e667a542393ddc18c0f63ed634541c7bbd6fd701d8941212ba

        • /data/data/com.yiwyxb.dk140255/databases/ua.db

          Filesize

          32KB

          MD5

          d604a3bf1f8d992cc320ea5b1f7609bd

          SHA1

          247f88df0b55c7d523ea5398637711a0e4a483a4

          SHA256

          329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

          SHA512

          67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

        • /data/data/com.yiwyxb.dk140255/databases/ua.db-journal

          Filesize

          512B

          MD5

          376a2b67d278ce11e070d31ffc7ab3b9

          SHA1

          3cf1f51919d37fa5cd7c107e9ac655f8e35d4cc6

          SHA256

          fd907ebf91eb3474119fcbff3e351ee79a344de014d9704c955aff44ae5c84d6

          SHA512

          ac5b01b7462900b149111d73373e68cc43d9d822ef288e1d9081e67594f12381403fd506ef16766e5823a2f660cfa60b6c3540a1db737f4bd037d16ea1ee102d

        • /data/data/com.yiwyxb.dk140255/databases/ua.db-wal

          Filesize

          56KB

          MD5

          3cd6ad6c29f14b042fb3ad5ca31b4290

          SHA1

          28ffe098a0b63e9e53c243a5f0060347cf76427b

          SHA256

          28c5f85e59bddafa9b82699b19d7380be4af6acd9bc1b940c6c18e97c8978d83

          SHA512

          bf653303280edbd7899b9f6b896cab4271fcbb78db2b2fa39b54605f5d9cdab5544bec50aa978a937da9c5fb001e8ef00ca34b53bfd204efae83d855eafb4527

        • /data/data/com.yiwyxb.dk140255/databases/ua.db-wal

          Filesize

          8KB

          MD5

          6709b19d5fac64adae688c839d1b57a0

          SHA1

          0ddb5b9539e7de89ecc4382cee17d1deaf733fe4

          SHA256

          c73be80880da46b135877f1357851cc7856629c023df00bb6ea393080901a3f4

          SHA512

          00bff8527fcd8b2150cd2a1eab38bf7038fedc996c685805587f29f2c8d7c9736c08c8dc482d146a4031d86a85e57861e9af37dc9ac068ae04758f0b0679bd52

        • /data/data/com.yiwyxb.dk140255/files/.umeng/exchangeIdentity.json

          Filesize

          162B

          MD5

          13eb7f4ff2974fc242a76c7abd4e1934

          SHA1

          a98065cb4ae6ca64f1fe3dd72867d7ac53dce3e6

          SHA256

          10c2c9164da3886e32840bd77f1f8a338b53e4d3e5f1edddef65d2582129f90d

          SHA512

          50d0ec7c6774d7c01d0dc9ae9b0600e151d9f08253709961732bc7d4a07285e300af735b320f6a97a3dcfa1d5518191d4d357d47658883b090eb32a9f3196341

        • /data/data/com.yiwyxb.dk140255/files/exid.dat

          Filesize

          54B

          MD5

          8eca6f1cafc0b3b293d3d25476339bf8

          SHA1

          f0175a2a6c166ca6be7bfaf3a01e0073a28e765a

          SHA256

          cf0563c7683abbf91edcb5b3f5ed516c6c544d2f4e05534757730a157e802095

          SHA512

          76d0158b3d5861de62dd477f6421f0f60ae102752e43a45cbc26223d3d24a405db768562ed8c8c1fa661ef6634ab36763a961aec534c297dcfb8aa33f691c098

        • /data/data/com.yiwyxb.dk140255/files/umeng_it.cache

          Filesize

          498B

          MD5

          3c1a5d05fafbdbcdf29796d48aaf0daf

          SHA1

          16c5a8d821ff447cf7334f21a33ab9ab8cf8d62a

          SHA256

          1e3bc0eb546d7d7921c0aeff9f727cdd705f3e236dd5f288410690dcefe4a523

          SHA512

          215331207e0abb8f418c236e9c0956425b71bc630db817653228a8d656800c341615ca08dc389fa8474308e2181851f32219d68c58bc43f996d633c942992ebd

        • /data/data/com.yiwyxb.dk140255/lib-main/dso_deps

          Filesize

          144B

          MD5

          284b13d7abea8c7b06f681168ac44d6e

          SHA1

          938f6e288fe5fa641cbab5fe960a53b5e3ee0418

          SHA256

          377f5ce3f7cf22f99d0769b6c0be594af18ba114af25e53fb581843eeef08bbb

          SHA512

          7bba4e2dad38af7cfea6aa1a134c9cab58ccb8c302ce7bf30bb10a5a5517879d82550b660ee2f1a29abeafc2d82c778690db555281a2594fab9745a1524dcdb6

        • /data/data/com.yiwyxb.dk140255/lib-main/dso_manifest

          Filesize

          5B

          MD5

          c06857e9ea338f3f3a24bb78f8fbdf6f

          SHA1

          c5a0a2529d2deb60fec041b4fbd722a2ebe31702

          SHA256

          957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

          SHA512

          29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

        • /data/data/com.yiwyxb.dk140255/lib-main/dso_state

          Filesize

          1B

          MD5

          93b885adfe0da089cdf634904fd59f71

          SHA1

          5ba93c9db0cff93f52b521d7420e43f6eda2784f

          SHA256

          6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

          SHA512

          b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

        • /data/data/com.yiwyxb.dk140255/lib-main/dso_state

          Filesize

          1B

          MD5

          55a54008ad1ba589aa210d2629c1df41

          SHA1

          bf8b4530d8d246dd74ac53a13471bba17941dff7

          SHA256

          4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

          SHA512

          7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

        • /storage/emulated/0/.DataStorage/ContextData.xml

          Filesize

          111B

          MD5

          4fe834b443af9ca9bc8dbf186a76c40b

          SHA1

          2f12ac09967ed4261e38cd122d492c6114a9cf8b

          SHA256

          f27c3aedfd9baa02fe049e3cdfe503d699180aba5ca1d719257907d6dc55078e

          SHA512

          ce798e69f0166bdc860bcbefd275084692d876f72ba769fad3ca42fc142aa5ee6fc629d99f980a52730733341e05321e02d6e44e973b32b9bae85b77ea22a70d

        • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

          Filesize

          65B

          MD5

          9781ca003f10f8d0c9c1945b63fdca7f

          SHA1

          4156cf5dc8d71dbab734d25e5e1598b37a5456f4

          SHA256

          3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

          SHA512

          25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

        • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

          Filesize

          111B

          MD5

          296117b3c187a7ccf4c17b0989ee61bc

          SHA1

          973e59328ec56731ae7e822e1610b3dbc8562027

          SHA256

          08ea3409728b1b6a1956b6d64f77d35af7281ecf725d45041b7bdde59456f0a7

          SHA512

          4ca44d2ef1e04bd571bcd64034766e12087ef65c0e3b6b047f56299cd8ff7a40d31af2882d0ac3e6246be40b0462a72d5b1a078df69df890bef5af74bd405cbf

        • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

          Filesize

          381B

          MD5

          e8d341fc357703658ff5257b968ff74a

          SHA1

          d7bd43a69f65fac6359069eb7580f1e70c076c3b

          SHA256

          2401cf1e1843788e460126616d34364fcaf0cc403dce35cc995e57d09b42c237

          SHA512

          fca6b997ef1d4d5071244d165f6fce49b66e82269ccacbdfaf44f650e233a7ae09e4851088d2f60d2a296838855acc8cf699ab24d769551057eb9dab13167b4a

        • /storage/emulated/0/JXCP/aff/com.yiwyxb.dk140255

          Filesize

          8B

          MD5

          4fa7e26102afc285def55883c283d885

          SHA1

          ce1709a188ef1213291453f4751e3c5c5d048301

          SHA256

          ec600619d127b4524746c2668a7e5bf700042643d25951f1e6feb99bac4a4423

          SHA512

          c0191d0e19a0ececfb137fc102a7ce92b1f3b9d65c6e8e21f45cb9e9527b17b6a6e0bf68ef0216b69c3e0795556de29ffd7944d3dacf847b2b5f0e2813a5d3a2