24a56bfe72cd34ab12a9c3d1c02c5ce0068581cd83fc01e54fb6029dcfd90590

Analysis

max time kernel
22s
max time network
155s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
21-05-2024 19:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

64779abd1c8540735a11d4749e36bb84_JaffaCakes118.apk
Size

8.9MB
MD5

64779abd1c8540735a11d4749e36bb84
SHA1

fdf853944376cc8073839a34e3444ba3b767f7b7
SHA256

24a56bfe72cd34ab12a9c3d1c02c5ce0068581cd83fc01e54fb6029dcfd90590
SHA512

015085978de78d134f6947cc2ce6994dc569509c473f26c59874a94bdd6fac51420b484cce41d1659acd4b3ef946db41ab79c9abdb3777603694262c25d89ada
SSDEEP

196608:NZAaGowVP8djneDiBc9YpDuk70hADh0DeIA52/IeB4UoYFI3:NydoWWeDiC9uD8yhQ9A52/IeB4UoYS

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.caynax.a6w.pro

ioc process

/system/app/Superuser.apk com.caynax.a6w.pro
/system/xbin/su com.caynax.a6w.pro
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.caynax.a6w.pro

description ioc process

File opened for read /proc/meminfo com.caynax.a6w.pro
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.caynax.a6w.pro

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.caynax.a6w.pro
Acquires the wake lock 1 IoCs

Processes:

com.caynax.a6w.pro

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.caynax.a6w.pro
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.caynax.a6w.pro

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.caynax.a6w.pro
Checks the presence of a debugger
evasion
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.caynax.a6w.pro

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.caynax.a6w.pro

ioc	process
/system/app/Superuser.apk	com.caynax.a6w.pro
/system/xbin/su	com.caynax.a6w.pro

description	ioc	process
File opened for read	/proc/meminfo	com.caynax.a6w.pro

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.caynax.a6w.pro

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.caynax.a6w.pro

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.caynax.a6w.pro

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.caynax.a6w.pro

com.caynax.a6w.pro
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5216

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.caynax.a6w.pro/databases/google_analytics_v4.db

Filesize
28KB

MD5
cf959033db44c39b772c6038011ec9f0

SHA1
fff01c860bba6e8db22593c77a3fb608067ddfb7

SHA256
a22c8c16e281fa38883dd6b1c63490eef31a7c6656f0972d5499a43683315c22

SHA512
e0f24b69f89255e18882c90e86e4d6e750ccdcd8c7082f2160e6886c6cc2edac3c1863e6411972bbeb9a480265d332a7c8a20ba7e4acd5b33823292764b3fba1

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
c9b1dd011f25eda2bcb1b0c7aba623ce

SHA1
35d7fb6cfcc63445cf74915a95d411c851be84ac

SHA256
e3dbcc42e3ff846d5b40e9e5a25790d3ed69e49bf1f4e44982e5229369ee04e4

SHA512
0399693f8734416f3f4e219c7535fd9cd1380924fb71adb71d9fe1fc06cf01c9cf2dcaead2a7f5003ee01815c806141bb2362cb49a0b8c7fec1f2a5b58c73424

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
369c5cc1bac988d02ff999c4f9de01e1

SHA1
b553cf2b0c503d7bc9ac9f29194845da9eff34a1

SHA256
76cdae6decf6908bf0b4ccadee5e0230b1d0e0212345ca401ecc99ca36287b73

SHA512
fa30dae19031ddfd6d66ff8837b6d8e64b5be8fc6be99120cd09091f394a31c38cc49ecf49a7400fd61aac39dc4998d964e1ba056c8b43f564b3346b6039c99f

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
9f6c6fde8eabc7392f42acca4a8fab32

SHA1
160a1199d0383050f821aef792df09393592de48

SHA256
7bb914059350152614d0f4f0102a7099ff5de1a60f28834dd038ae51d7a93100

SHA512
01b382a604499ebc2a4ad0f164fd883e3deb353ff1356044257bce9708386a088dec327cc0ebed1f4068c587831093cf3faefecc7465e3527e8b023ba095503d

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
5260ed51b2eac58fbccb78acadceca25

SHA1
dddcdbe8163139a2a1c13a18c444bedf2f366a2a

SHA256
d8d893292bb3b8e35613c5c5efc7a2a0f39fc55bfd8596382bf475753c9d5cec

SHA512
c9e77344e0c2f3c4a54146cfe5d95709a7b1bb1f83ca5cbc0f7c44a5d46c741c1b63aa09dd14bc2b84bd318c47e5498190a6c4abee3353b5b44b953653365463

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
34895d5878d8942888ac6df73c6f473d

SHA1
5368e0623d1016dae8f181c80f37671285809734

SHA256
bdab18a9969b1b9a28b8ecf28f99fb480e3aec23872307df48c1e94784158a73

SHA512
0eaed235262e94bd55d0baef6e6c7af87effc120733068b8ec5907e80d500e82d4f4a470fad3e02b53284652db2e3db655db2a0b95c2dffb6ac9cf1f329feeef

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
ac17406d984d0461744cda91b561a515

SHA1
b3a7ba39a8b804aaf9fb0a03b5c4ba7da40fe1af

SHA256
222b83e655ee4ecb73541877caadc17ada82e36801b1ff208ec621e0a87f627d

SHA512
096b5bc2c49341ab8706fd97adf10d6591a4006e74d03ae437c4ca011111995d746c194047c42d4120744272a95b6a11a65a38e5faeeba9d02320ba2fe5e4ead

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_app_measurement.db

Filesize
108KB

MD5
c12e326370ac5c3f2d9a7ec0f34c19ff

SHA1
61106fe7f6cd67f1724357b6ae8e7a623fc0610b

SHA256
6f1206db49537431621d995baf34503a2e500da63a5b9f565c6a50112665f38c

SHA512
46b215fdae474b413d32135f1f208e4623f48b3e66ba3e9c6a9930c30875b84ff6fa87f82fd6f5860bb66bd8b7c6167ea24f8ca18ca443c9bffb9abb68c08659

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
8c6fdce6e12ed43d35c7c52e2f0a1132

SHA1
6c8d8a2a73eb74d34fa67ae33b2f90e6f718cdc9

SHA256
bf8ac2aaf2fe4e7d4164c5ea2a89f743a213016eb13ac8922f48d6adcf3b04d9

SHA512
c65ff2abf0b5f19c1aa9c4fec6d18051e0c05e296a4dd09b9f77e97ab780c1534b3436fc7cfca80871f231057749fcf45af6b675518beb3dc5158d04d63f4230

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
4KB

MD5
4148da02a2a2c45f3f041de46c2e7099

SHA1
0bc26a3161428cfd4b6e7d5864d48d65f544da6e

SHA256
9f503eed13f82821bcf18290918e687c1ff6ae87e23d483473dc59a84dec7eee

SHA512
de5c798131bd7f67228ba5f336d58f46470f0f2ceff3820ece60f46cc39b888a8ae335b929ac2c8c40890ad762a65a55dba99066ac58f92e5e369f5b5a5fbeac

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
12KB

MD5
fd721a085ae89ee922071c05d2c7ebb7

SHA1
d97137ec4a8f9c427a99f23e536babf449027cff

SHA256
04f9aed7f241179d7a8aac0f19efdac0c1a11c79c0cf20707799a11681335e80

SHA512
07749b15ed50ed656e93d61da67c83ecf20b9b6efec026829be354eb4db4ed236eeb4c3c8b127f9ba42f187b8f5274846477e4ce36492f03de9358ff1f0c477a

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
512B

MD5
9f6d03ed4807b92f912cabb7d8108a43

SHA1
a86ea56e14b226af85682740e64911c94038a6c9

SHA256
01fa25ce7e9db3a5b7a01729a5c70bd77b0d242310811ae0b688ae16f34cf284

SHA512
8a77312a716fcd3abf819dea1f5f3a5963130d6ca92f1de81fb7e174af0dbd6793175ed16e4b8eaf4497785886cf570e11a5205d238f4ce7884d415d0f86de61

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
ef60bed867496e1145806dc8c60e9493

SHA1
c1b4d45cace0382d46a8c7526c8dd621c38d127b

SHA256
840b1961332618e6d52e85db81c7b919371c4e88ce87eeaebf56539177a6361d

SHA512
032f88af36548ccf03a6ac866e68ae21863d5b2d1c7193b9f962b1fcec9962cfb8634e09cfc9e07289e2f270f1efe8d08dfa495771ae38ef310f0e490080316f

Download Submit
/data/data/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
4KB

MD5
fac86074a1df2fbb14bde98c71baf51f

SHA1
ca8a58b9b8c4a0ebed894576de8e114bdcbb0e86

SHA256
c993330efe88d9123cfdf5d0b3de2c3acb684f174b6d321e581fcb39117531e3

SHA512
4d93aa25cfc444add7febb5fbe141807af58987db55dfedf2731adb7e1b0880f5d62e283511948a7d2908be7db02490cde534082286485a297b5365e49985f51

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF45D03AF-0001-1460-180E35FBF0CFBeginSession.cls_temp

Filesize
77B

MD5
190bbde6f1fe3feca1fb525c7e910eac

SHA1
5f294d0828dc05b8bd3508a3dff5f29f523b0229

SHA256
380db8c15642d51a44f0e799b6c978ba067e9ac772d559b3be84bd3f46e9e148

SHA512
ccb662a5b0097026439be3aeed86b06c27192d9cecb55b79116bf4e06a5df83a87266cf1b30e29db35411c4bf677f098518c99f630138912fed7e8f6fd1efe57

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF45D03AF-0001-1460-180E35FBF0CFBeginSession.json

Filesize
132B

MD5
a7211db333fbda77ebb28cf35946ca59

SHA1
e4090e28024b3f3937c833b3d475eca360ddf1a4

SHA256
d2c9fd2a1f77ed2f8f630c95427c0a3c7a1771be82c9241f305630aeb1634c20

SHA512
54a3ee0cbff0d4581d13a9f4bd2c14acf55d33f6006a5a487cc116b3d8e6d7df1af83d4bc4a54ac975272263c95d48c42c782741901d6aa28a63a4377c96a384

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF45D03AF-0001-1460-180E35FBF0CFSessionApp.cls_temp

Filesize
119B

MD5
a6a3dbc39b1614ba6c603173d2fcc034

SHA1
a88e1cd6f032eeb85d154da310284b0a2f1ac3de

SHA256
3266fc5971cbe9bdbf4edec3b12a750c8d76da48d8f188a4c6c4b04098e0f678

SHA512
2297c1af95d9c9c60c74ccfeb2a87be2a290196d3ce8774d59b501e523013c443b5651033030e4c98d42c2d958aeeab186941f0722c6373deda15fe819bb03d2

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF45D03AF-0001-1460-180E35FBF0CFSessionApp.json

Filesize
233B

MD5
a90c1cc704986de72ba7b98fc24b3d0b

SHA1
e236a2638003f4e57b99da9e3331da162c57d53b

SHA256
6c14f6136b525bf2cf328d9e7d6ce31a229aa818f2916374bd882bc2421e11a1

SHA512
6d84a4d729a551326e176f2d602dfe5b03eb8847590acd51a428987c6471f46ad3984117064dfb86ae40dfe3e8b1688f8d0fb44ae73a8a17f84fe9a161451bb6

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF45D03AF-0001-1460-180E35FBF0CFSessionDevice.cls_temp

Filesize
48B

MD5
2390c1f21db00b20c07107e3ec7275fe

SHA1
e663a646460acc071aebee942cc1776c23d77655

SHA256
d348072a01496839cfcde3a18866423aee74aefd613fa3bf1ff4a203ef46a699

SHA512
43ff60754eb60795ca1c318f44dcfe49194add26cc3d92c2eac7bef538fd65b6290f2e5953b8f1693b9425ebbcdd022ab16a18280146ee0b0c2eefe27bc0bd63

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF45D03AF-0001-1460-180E35FBF0CFSessionDevice.json

Filesize
202B

MD5
afa07370d07ed0a8ac9554ee7001bb72

SHA1
d1e9de22fda1295087525ff3a377f7d7dd410ac7

SHA256
8d4b99fc4968c9cdff4626ff6c1467cdb427f7a597b153f03b4bfb62dde6c07d

SHA512
a7a974b1c4ca3d7ca92e1449dc9718d5ea2af7f8e4c605d25c731fb4bbe891fdf340835e2a4e3a363558744e5ee30aec22542f377eb5bffc0097c70d24f241d1

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF45D03AF-0001-1460-180E35FBF0CFSessionOS.cls_temp

Filesize
15B

MD5
2566d27ce8c28d8961f082c375d7535e

SHA1
92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf

SHA256
5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a

SHA512
1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF45D03AF-0001-1460-180E35FBF0CFSessionOS.json

Filesize
55B

MD5
5caea4b68c57072f7f52a5a41720566c

SHA1
4d9712f1702c7238949da43f7d8ae6efb233a666

SHA256
3223857b618b924c2b0fbc7bfb373a1aacf300a7b5ab585e18fffcf19039f363

SHA512
fe1455d21c521aeae3292bdcc386f6d2005dc253930c03e44dbcb972f96b849670d2aba039ea59e1a5ebc0350e6315151d17bcda55c161a62987d4bb01e91f9f

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
406B

MD5
2a7f7c66a0111e3896c74c061bab0337

SHA1
ad77d469795ef0e66e1bdd490a3e6868189c14f6

SHA256
f8f37b129ebc92bc56873e94eef60fb88a8d92b83caabddb729f2c005c0f6365

SHA512
ae8e0c92f932627ba17324829da7c02fc07c85e0cca14ae62a7ee3a47afad94b6f205083bbf8c1f55193b2ebef7e4399f5195b4c63a52f246308e3197e2df3f3

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
801B

MD5
72c8520f01a14af6bda32f0fb96437b1

SHA1
7f8f64303d256a108fe2856a8a40ab3c1b347b55

SHA256
d9e7ad15652f3d9270fbfe6444309b208dc4fbea18a0e51a4e5d17216747755d

SHA512
c8de3db8e235441e1ec0209da8d398a8c8ccde3f31397f364325f423fd1b01bd83d2ca97f667c0123742ad95512c328ce5a08f47f959d10a782bde726b88ded4

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_2de45174-423d-431a-b233-975ee920dc5f_1716319332035.tap

Filesize
327B

MD5
7a2968c37f83ae9c2518f33ecddc0dd7

SHA1
feb89d29fa1c2a87581416a1fcd1163ff68284d8

SHA256
99757a7ed291b7b7879528e828639b067592c956f3e22627ea18d2857d0b1b4d

SHA512
83291e75fb69308f30d7ec106e07da530e9af382d0b4502787544143373b88d853f835f62062da13de6d40c810226f0a0b1305d4ae375357630e46d93539cc86

Download Submit
/data/data/com.caynax.a6w.pro/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
ecda0acc30e709236e68820c5174c9d8

SHA1
7729e9796335bcf25058416368425434ed4c2e20

SHA256
e27ef1e96af3d96cc03b8f2a198a8fbbbf9edb365795c819eecc23ea1b1829a7

SHA512
644bfea3e5cfeb8ede9e7d9d78f6a69f280c66087d55a115a99345be4eaa16463233b5a9ab4cc9ca16f3459b89d518d6c928fa7de4d6b85d6ab6d077cb9a692f

Download Submit