Analysis

  • max time kernel
    63s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    19/05/2024, 04:21

General

  • Target

    58849c5a9eb5285b444a1f0ea8827d0d_JaffaCakes118.apk

  • Size

    4.6MB

  • MD5

    58849c5a9eb5285b444a1f0ea8827d0d

  • SHA1

    93e9ee07674c2d5e76eaf2f002e4abaf75c6a6d4

  • SHA256

    f4192402915d000ca1389cc24c6cb7b7245372a10d1735b3a2b7c3a2479eff18

  • SHA512

    946baa86dc14ccfbfd414cad3d07b823cd8eee24e784e6131c4326dd0231227d316fceb350d7e20d1661ac351de13751b7c1847da6e353269ac7e016aa91162d

  • SSDEEP

    98304:p+QcKM5ZNYWp9x6sCZs8JnONVQ99itGgBA0/zPokTXmqGQIZvtbAFpTJ:p+QcT5ZiY9x584+wGizPJ7vUeJ

Malware Config

Signatures

Processes

  • com.itianpin.sylvanas
    1⤵
    • Checks if the Android device is rooted.
    • Checks CPU information
    • Checks memory information
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4305

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.itianpin.sylvanas/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

          Filesize

          3KB

          MD5

          cef792f2ee9f44ac7a9c65a4cd30954e

          SHA1

          0da47ee1144b6e178e2946df8efa03095d800316

          SHA256

          250a744c075eadad1a3e5ada45263d6622a9d84288cc1ce5cc3d4ae3a6d47fe5

          SHA512

          c4eb91d22dce64edb17a3cfe6ff6111189da58d4150c02f96eb8d104f256691665b13754de3f3e5327ce5a09a2d40bbb73a5d3fbb8de7496cb7da832c12351be

        • /data/data/com.itianpin.sylvanas/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

          Filesize

          481B

          MD5

          d34e086e3e3fe30c99159cfd4be481db

          SHA1

          a41ce678165a0436dd2313b4274cfeb2b4dabdbd

          SHA256

          e968ec7e8099b437562b5359620a4cdcced9a088fe78550526dc349107138a2f

          SHA512

          c529865a5017e861f40aa46669026ac17be26873f86a3784d09acf65dbf44d39deeb0b0bbcd0344e33d803050e28f01f0ae20fa75a9caad1e6102a294d48b0c6

        • /data/data/com.itianpin.sylvanas/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

          Filesize

          16B

          MD5

          c33583fae4e0b61cde1c5b9227963237

          SHA1

          fe2ebe4d27469af1460f7e852031a04208ef629b

          SHA256

          35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

          SHA512

          fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

        • /data/data/com.itianpin.sylvanas/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_37447cb3-46f6-4f88-860b-e9193592b6ec_1716092510705.tap

          Filesize

          376B

          MD5

          493aad8cecdb03774b1b28057843ef48

          SHA1

          416679aa7f266e7a08175412492d6832269b768d

          SHA256

          9289a4a9dda5341f2a334fad42f9d404fd30592de9ea704ca4c7e17fc2a7cefa

          SHA512

          48024bdc44459bb75e7dae8d9ffba0b2159b8d1669f7ef1a7f50f92c6b7b1b3fc2b70da8ef7c4b57147481a4bce5b7588f9568d11c87b7f3d8630fcb665fdf9b

        • /data/data/com.itianpin.sylvanas/files/.Fabric/com.crashlytics.sdk.android:crashlytics/66497E5D03D4-0001-10D1-621B277DFD3BBeginSession.cls_temp

          Filesize

          77B

          MD5

          5145201e6865ab6253b8db71ffc82011

          SHA1

          5cf8f24004bf14b5f4355db6c258812f4e1e2564

          SHA256

          7b886eab8d23c3acc0a36fc6f41ac32a4ff88ae65013c719836c77c9d0b6d372

          SHA512

          a0fcaf67ae4bc8b4279851b8c75f672a39f85b0f54ee731ae96e5a0574859092d6d5b4bebed257d101364bc3b08795f5f74c7ea0945a7f6d64d7dd44bb549088

        • /data/data/com.itianpin.sylvanas/files/.Fabric/com.crashlytics.sdk.android:crashlytics/66497E5D03D4-0001-10D1-621B277DFD3BSessionApp.cls_temp

          Filesize

          116B

          MD5

          9cc4a34328692609d114e93c51c7d664

          SHA1

          2ef094fe03ce8079048e111c615cce1fbaae5a7b

          SHA256

          9223b44e3ec0e644f49a9b77ad35b723e56863503cdd743284268f93698193f9

          SHA512

          bc5ddefc9065606f48d901d26316554ce38d94e054049db5a6db0ae1bdaa51b37de5c2f4b86a4012dfc7ad5859644b17c4eb963a694e18a203c493eb31d1e0de

        • /data/data/com.itianpin.sylvanas/files/.Fabric/com.crashlytics.sdk.android:crashlytics/66497E5D03D4-0001-10D1-621B277DFD3BSessionDevice.cls_temp

          Filesize

          144B

          MD5

          f4ea833cc067c7693866b3df990ae52c

          SHA1

          82ed754091ba11743d4131fb5547c79d13f95a22

          SHA256

          437d847ae985dac0cc8e96312de1ed323b7907b9222ef717b2e75eb455df9d51

          SHA512

          8cf3f98b4a4724d0b93aa7e76152f6645969edfb121b9bca17c7a21645729520b27ca15a41f9009f574ed7ce667fb4b15e087fc4bd0b5ba536fbd217afba88eb

        • /data/data/com.itianpin.sylvanas/files/.Fabric/com.crashlytics.sdk.android:crashlytics/66497E5D03D4-0001-10D1-621B277DFD3BSessionOS.cls_temp

          Filesize

          14B

          MD5

          9b3d4522944ce6396563812bfdb92fa9

          SHA1

          6d2a6133c8f01938a48ccc77ef86ad8ca335c020

          SHA256

          d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

          SHA512

          091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

        • /data/data/com.itianpin.sylvanas/files/.um/um_cache_1716092571186.env

          Filesize

          652B

          MD5

          966b4456a50b44933ff0e8b8c3faac7c

          SHA1

          7b253d477237e13dfa138e150c25b700262bb243

          SHA256

          f5e408e2cf4826bc3e28a10e50a73d1164c43fa86504d823596c4d1f49dc4cd5

          SHA512

          b40df35fdf1b39d9e2f2ecf7db622850b3cad302343c57ee5a1b053adaba7d0bbed2272e613f4895660399edda498a127eeb06956ef2c853a19a508b4fb3d334

        • /data/data/com.itianpin.sylvanas/files/umeng_it.cache

          Filesize

          310B

          MD5

          3844640752d11d2c6ce839b09f67bcb7

          SHA1

          7ec69f537543caddda2160b1c1919ba90cbac91c

          SHA256

          c0dba26fdb9ce42c830db4a1ca4173186c5d130244c817f2f04aa66f27f68cc9

          SHA512

          c05b2f43172fcc48d00b6e37a600104a10ef28f3881d6bca8e776bef67254df5faffb5d4d81d63dc5e62c47ecf9838d2d01cbeb8588a56caf5785f7c0f6fd3e2