24a56bfe72cd34ab12a9c3d1c02c5ce0068581cd83fc01e54fb6029dcfd90590

Analysis

max time kernel
18s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
21-05-2024 19:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

64779abd1c8540735a11d4749e36bb84_JaffaCakes118.apk
Size

8.9MB
MD5

64779abd1c8540735a11d4749e36bb84
SHA1

fdf853944376cc8073839a34e3444ba3b767f7b7
SHA256

24a56bfe72cd34ab12a9c3d1c02c5ce0068581cd83fc01e54fb6029dcfd90590
SHA512

015085978de78d134f6947cc2ce6994dc569509c473f26c59874a94bdd6fac51420b484cce41d1659acd4b3ef946db41ab79c9abdb3777603694262c25d89ada
SSDEEP

196608:NZAaGowVP8djneDiBc9YpDuk70hADh0DeIA52/IeB4UoYFI3:NydoWWeDiC9uD8yhQ9A52/IeB4UoYS

Score

8^/10

discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.caynax.a6w.pro

ioc process

/system/app/Superuser.apk com.caynax.a6w.pro
/system/xbin/su com.caynax.a6w.pro
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.caynax.a6w.pro

description ioc process

File opened for read /proc/meminfo com.caynax.a6w.pro
Acquires the wake lock 1 IoCs

Processes:

com.caynax.a6w.pro

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.caynax.a6w.pro
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.caynax.a6w.pro

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.caynax.a6w.pro
Checks the presence of a debugger
evasion
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.caynax.a6w.pro

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.caynax.a6w.pro

ioc	process
/system/app/Superuser.apk	com.caynax.a6w.pro
/system/xbin/su	com.caynax.a6w.pro

description	ioc	process
File opened for read	/proc/meminfo	com.caynax.a6w.pro

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.caynax.a6w.pro

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.caynax.a6w.pro

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.caynax.a6w.pro

com.caynax.a6w.pro
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4629

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.caynax.a6w.pro/databases/google_analytics_v4.db

Filesize
28KB

MD5
658f74c5e909a50dc84c75172f210b9d

SHA1
c9788740565257e50fca254a8f0c1fd6c680cd57

SHA256
7d3ad1333f84d8692176168a4632b54ebc699de09649dfadffd9dfa00029b8e4

SHA512
88498b70f721024f456bae6be16f529508d35809efafa8c8b6e62536e5298784c204dfca3e7155e980e1f9cd4c4476606609b357dc353bfaf995556657e0a530

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
61803b655de6c07c194a08a74b99700e

SHA1
1abfefa44ee086618f91e4e0e6b517b16a70d5f0

SHA256
6b0d3e7d6e70bceb8f012709e0bb7898fbf6950272dfee1bcec7d8109959f9e2

SHA512
6e67f3a76e352488bf266795b88b1e934e55496ec9dd4b3cb27f22d3cb8c07a2eb0a4dd8c0387ac81a583531f1ac8fec7837d35a5ba1f00fe83a6d36f3d83813

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
a2ec3578e8e26ddc43ec42435b0d443b

SHA1
25dec15ad68697ce1fc3defa02d625d88be336d7

SHA256
47fd7561598297b566ac4a9c8a6803aa67715d1830f0f6fa6e115b225fa515f5

SHA512
169c8f23deec9bbe9a518b613c1d3ad99ba4a806f05ef842b682e799aa85d07c6f30ae05505a6346c21652eb7934a691682de68a7d16d6036abada95c3490eea

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
a8df7d15f161bd2c9f8fa25572c5cad4

SHA1
8f2dec6706c209a4b669da1eeb38240139ecbac4

SHA256
0efba616937692c1c34bae215d314ef5346d078d5825c26db94f42735c98d4c8

SHA512
e3ebcc987f5864894b36863a5fefc5917727cb6e4ac6ab975f1d3fbe58a16bdc8c8c69fc5156efcffb119525a2afc2240a54608f5b40c8cd805836e3e80d1b19

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
2cd39cfb6e590fba865b8d417d218e0b

SHA1
1c3815c7ac224dcd844ad3fc44010d1f14848cea

SHA256
e46a4ae1f40a4b5222547558b9c3c463d19f86e69e1a609bc14674bec5741040

SHA512
6a415d8c0c77deefcd47a5f0e879c88e9333b53667263a7646831a0b6103259f5a84244546944ee06e4ad8b87669982585595e1361871eab1cfc545763a53d62

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
934f7aedb459bf8f794846aa65a1f27e

SHA1
62a245eadf264e9ab9378a4528a6d1effbc43d50

SHA256
2da6ff6b8c53e9fb48dd7b39648676412424a934ec658f5165c33c2b79715e23

SHA512
f2d50cef092b615a0ef071f077e6fbb2870d9bade6c5b76793a15d8e4603c87d85d22976ecc113949fa88512aeccb975b920ae0a85d7e84a6b2a01092e395f85

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
46dbd969bfd4db72521cfca2e6192036

SHA1
319638e793e5c71bf66fb78d804391fbba986da2

SHA256
16ab6b456bfab00ed3db14453d240f12dcb4a09d4c964883288770bc6316e2b8

SHA512
fd4ff5dfae6b72cf8199bb29e6d8b040c95186dc258ed8d63ec409d606fb7e14f55740d3be858b5f59c0784fcf3820bf5a0ef382393126a1b11f931d01bca821

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_app_measurement.db

Filesize
108KB

MD5
978214bd21ddf1ca2b402293607fdf37

SHA1
649f4229509e2faeb380121a7f4002261b33c3fc

SHA256
77f8771975e7adee9a128d8bc92571ac41992dca154d6879c8bae9ab17cd5e28

SHA512
b49602a9cd985dfefa5f19dfdc5828a7ec3c945d2c60e79c12cfe18e877c0c591b54cba029918d8ac15cdb6378d9c3ecf324f6fc22e84e0f0fce679370ae61bf

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
4KB

MD5
0df8b43f5a25e733a57cee5a4e60115f

SHA1
b4babd271d52bd1d9ad8f548b4acfbc759b8d12b

SHA256
b2a0112f3e22376cad43a493035c3f6b756b276852a920a238bf3f6a281a0976

SHA512
2d265fe00178e53ad31fb025135bb0ee6edfcf7f7f811a309bf76a30ffc1d38dbc4b3908e343e455ded9a8a6baef98811a99457755b6eb634eeca6c05162c508

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
12KB

MD5
382966339bf8670e55eda68ac79fedb6

SHA1
c53795fbb60a0cb9817b9c6ff5a7704df91d0e66

SHA256
800ad1e71c3343d5448e1d0ee5a59940d1710ba35eb3a98455320e0a18b3c0c2

SHA512
7aed12750f69d4cc7ec24cd9af18d80366603651e1549bdc79cb8ef455eac4205d99a801e5724a5b99faf335e34f05e68146bf0b19c189b6f68f592744992d29

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
512B

MD5
f55d974e84f8ac9a5f7ea7389586ca93

SHA1
03fc08cf9d46b4b31678f777d3d532113ec68a37

SHA256
7d67d607b870d77131672c573893f6795c42b4175b74c65236eb3ebce69b7aaf

SHA512
7a8d812b7236a772a67620cc065f4d819f621baf910b12f772b8be152e439153146497e5c28a4a5f35d9a60e87e78319ae580afca370b18acfdbeaab17e56dc2

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
4a8e6fc435aad74ac81ef66c7a0d331a

SHA1
c1934056dae004ec2185f7e0abac8d974880bbaa

SHA256
bace347d5f3cd1e8752096b925a77ff220f54818ada27d92a4a0d01b6d72d8e9

SHA512
a88f0599fa30021dc65f53f339fbf292bde6ad0692f3dfb2eee666e0d21e253654201fb0223ed99596d9a86be767439dd738f6e4817a6a308afb4b2e6a146ac9

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
4KB

MD5
b6032635deb071ab9415c439d84da4e0

SHA1
98130e83f31b23d2aa58cf2d983b230f9e33ebcc

SHA256
5df40cce835df72c4181b4d951cb4402d16a581a4ecd09c59c60eef08307f8c0

SHA512
cc8c7d49c582c8f36786ad94cc369a5c85764191a3373b5a4634f560693263befe7ad94d8f39b5fce7e8e2c2efef90abc9e2b1451f44dd494e208235c8b643d8

Download Submit
/data/user/0/com.caynax.a6w.pro/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
6c6c66af51729e495e7bb84e7f64fe86

SHA1
290f1b5f315b654ba7cd607ebe84067abf614383

SHA256
1da4648361ab34e9de09f7156c441d769896ef61d23f7a3424cdece9fbe8f07e

SHA512
31b42b20185b2bab5e396bd9135d6b5ef6bd8b1cff516c3cbe93a5612717924eb8cf4722e56aec9325cc38b73f7614d6b52b780595735ec2d906fe81f1c87b3a

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF4610161-0001-1215-02D9FDD1618CBeginSession.cls_temp

Filesize
77B

MD5
80c10e913036fda823adf562c56a551e

SHA1
2829ae6bb79dc1b0514aefd844fc5186a74aa034

SHA256
aad938c93fedcab41b45d3cb75396f768cf9c3da0441306d6adf37ab8edc9df2

SHA512
3ef26a8d8ca9f4a92c3ec06e8fc1172ded2da9f12e2f9ef614aa0f2fec9fd3204cb507b371d98f9f39d00d04b96533ca6d569e2a23889f11ff1576f849c998f4

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF4610161-0001-1215-02D9FDD1618CBeginSession.json

Filesize
132B

MD5
dfd7ff0ff6ac638cbb7aecbaaa93d8c0

SHA1
c69af35ed5f61b6b8438ac5c8b805df3245e2b4c

SHA256
307f81c2862799f230dbac75d356fa17df3311a325591347d55c5946eadcf9d7

SHA512
7a6f7d63e7900fb33e14348fd139de2be44e9cce42d4e0e5becd2bd9ae65d5c1c006eafdad120d6d15bdff9063e7328ce14f118e737a2d96bde3b1cf07ef4504

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF4610161-0001-1215-02D9FDD1618CSessionApp.cls_temp

Filesize
119B

MD5
fc5ab3ec72dcc93cbc237000ac22b2e1

SHA1
dc5d7024ca662343e7d00cfda33fba505132f44b

SHA256
831e5208968bcbd1bbb61931e99eae75325c18ecdf5cf5d05b5de31f6f22549e

SHA512
8ea31744ef5c7521082cb93a261cb80f711b7532d341dfc905b6beb02a5dae9d8f83e964a19949bf4dd67a64b6536a04470caae0c0efaf0a2e3501f381806464

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF4610161-0001-1215-02D9FDD1618CSessionApp.json

Filesize
233B

MD5
57a8bad436b0f7dcfe41bd3af3e670ac

SHA1
10f20e4d618826a21639b82af7febbe8477693f8

SHA256
8a80bbcbf245852c46c51c06bb007cb0c6589a13779f33f35ceecc99ad53f83c

SHA512
afbbd45d7d15adeddd9907ae9effa1707e3dce3723be2fdd7d071b7a5f2f771ede318f6208988e2a7713f3eb91ff3c73dd507f6b259e0bdc6e39ba819f24307c

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF4610161-0001-1215-02D9FDD1618CSessionDevice.cls_temp

Filesize
48B

MD5
fd6372364a5c5c9cf8945ac3ea7a5d94

SHA1
3c798cab71f6ae7a81e71e58712368231230588a

SHA256
7400bf714ca32b64dd89440c9d5ace4e0115ddce44d169839e465df0e1638641

SHA512
a18b18d061dfd979bce1e0b769009668c322300e7174f51d2532e86dc6018769194507a106dd30b97317f8c1a7539d13a7baeab2900c1e00da7c74e899dab276

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF4610161-0001-1215-02D9FDD1618CSessionDevice.json

Filesize
202B

MD5
eeeb942571fa704cf8ae49731fbe9789

SHA1
b5989c4cb932ffc779ee25bb3f7bfb79cf720427

SHA256
78809f7ae96de01e3922b6d3a134c3f7e9a0cbdacef313f70e8d9345bf5fbd71

SHA512
71e55c16f9f8fc936f8607448916bbfa1ba233b7120b8676fe11552916ac4dd3e3a7b0f9c31e14048933c8bb9c9d6d630ab7d28389f31749640cc965b2636565

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF4610161-0001-1215-02D9FDD1618CSessionOS.cls_temp

Filesize
15B

MD5
b3d9541cc92a9153d14e5160f8d8c008

SHA1
2e1ac80eb381dd82a03795b682f92020348c0113

SHA256
1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

SHA512
78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664CF4610161-0001-1215-02D9FDD1618CSessionOS.json

Filesize
55B

MD5
fc1dcee4e422d77e7fab7c08c8a41344

SHA1
d5340127e9d5f735b9d33b9dc61c772fb0e2dc15

SHA256
b843f05ed78cd137c272ba7f0ce8ede3aa853098a856863e51d5c223b58f21c7

SHA512
3ec07617e3e1008572f6f2528de9d4b827050cc5a7cf19a1604c961f9ec370ede6f5fd83bfcc252c0ee286fe244ee6734046ef1aa638dcfc689cd4407a6a8f61

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
406B

MD5
2917c0f7d1024fd927785f2c379ab301

SHA1
1377ab7b7a31150965440b08546c835ec59d0191

SHA256
4fe66f3a3ed8d2ac733fc67b1c2617a5c06bf27ccb44bbb5135ff4eb259d5dac

SHA512
9e6a0d80e549f1dd0b4b580e9025a71961eb452ba179430128f6f5049fd0196b3e492ec451cd078bc67fd579201af03f2d2f5495e83ec264ffb378bb0e8ca30e

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
801B

MD5
6c265eee95c7fc3088b785664b674531

SHA1
28f0f29170ece4520d53f0decea4f9e0c59784b2

SHA256
405a6e81c204ad77d1296dece5a9491ecbc124b498cc8618236e276ab5dac977

SHA512
c333d8060d29ccf6e7d30280064a42b20a6539ae6deb35d10bd91c92d9cb054c6a9012ae6e17041fd5890adac9dc1a1add65bf068293c34c97e4218f7d56418f

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.caynax.a6w.pro/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_9214c0ce-7081-4c19-aa06-db2b75d7b4e3_1716319333069.tap

Filesize
328B

MD5
a76bd58a92affc552e5147c9bd022b1b

SHA1
2e41d6a7bad6b9c8d9c5a167b57492d8a53b7dbd

SHA256
c64687701c691644c03deeef083a9acdeae4d1ae78895109d23139df6a649748

SHA512
3d59573a4267ce23290972755977553207a2c42d2bd2c9a66706a9147666bff2b19f6f0e17f3109dbbc56b2bc03dab74b98d82214878a03ec0d65ba2c538bc88

Download Submit
/data/user/0/com.caynax.a6w.pro/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
e5e75655b3dc128eacf5428cd89cad43

SHA1
cec6b1f5bf3a20aa0683c739628f96d66df4b772

SHA256
e9c516393d6f25338ac9cd240edd35b2b5a1f1cfb1f91c408aac1bd3e7381a00

SHA512
0d5d58e99608fb9696f204dc56e6b0ac59267e5fd4ddd413296a66ac6a034b18ecd8ee409311b2699e1f789b6035adb8181b327fa93ee5a071f38db264a1f075

Download Submit