Analysis
-
max time kernel
174s -
max time network
181s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
22-05-2024 02:19
General
-
Target
65aa8c4e3e86038466da82c4ee61ef20_JaffaCakes118.apk
-
Size
18.8MB
-
MD5
65aa8c4e3e86038466da82c4ee61ef20
-
SHA1
06abfef7bfb587fc37a06b58a1fa8ab2448c0b6c
-
SHA256
6e8ffb457c755929741a683783401c1a57d1b67f7a53c94fb60cb1b4b85340b1
-
SHA512
ed27177f6f2dbcb94394c8b8f6c74c10049b5c973658c2cba3f96491488b156aee039e8be3ab609d8873d93c81376b2a42cb6cb982c151d8f62a74fda21f05ca
-
SSDEEP
393216:atozVQn2/7rbz2k+TLa1xPm/nVnMlA6SGbpK1eYG1NtW2vT:atq/32TLa1xPm/VMG3GNoepR7
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 3 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.pinxiango.store1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
sh -c getprop ro.yunos.version2⤵
-
getprop ro.yunos.version2⤵
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.pinxiango.store/mix.dex --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/data/com.pinxiango.store/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
/system/bin/sh -c type su2⤵
- Checks if the Android device is rooted.
-
logcat -d -v threadtime2⤵
-
/system/bin/sh -c getprop ro.miui.ui.version.name2⤵
-
getprop ro.miui.ui.version.name2⤵
-
/system/bin/sh -c getprop ro.build.version.emui2⤵
-
getprop ro.build.version.emui2⤵
-
/system/bin/sh -c getprop ro.lenovo.series2⤵
-
getprop ro.lenovo.series2⤵
-
/system/bin/sh -c getprop ro.build.nubia.rom.name2⤵
-
getprop ro.build.nubia.rom.name2⤵
-
/system/bin/sh -c getprop ro.meizu.product.model2⤵
-
getprop ro.meizu.product.model2⤵
-
/system/bin/sh -c getprop ro.build.version.opporom2⤵
-
getprop ro.build.version.opporom2⤵
-
/system/bin/sh -c getprop ro.vivo.os.build.display.id2⤵
-
getprop ro.vivo.os.build.display.id2⤵
-
/system/bin/sh -c getprop ro.aa.romver2⤵
-
getprop ro.aa.romver2⤵
-
/system/bin/sh -c getprop ro.lewa.version2⤵
-
getprop ro.lewa.version2⤵
-
/system/bin/sh -c getprop ro.gn.gnromvernumber2⤵
-
getprop ro.gn.gnromvernumber2⤵
-
/system/bin/sh -c getprop ro.build.tyd.kbstyle_version2⤵
-
getprop ro.build.tyd.kbstyle_version2⤵
-
/system/bin/sh -c getprop ro.build.fingerprint2⤵
-
getprop ro.build.fingerprint2⤵
-
/system/bin/sh -c getprop ro.build.rom.id2⤵
-
getprop ro.build.rom.id2⤵
-
com.pinxiango.store:mult1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.pinxiango.store/cache/ACache/3053931Filesize
6B
MD5e94e8bd35fc8144f38fd1ebc1f81ab36
SHA199f1e46974c65e07664e0df1fd6267b3236789b2
SHA2564906a49adc5c472b34483976104ec1d76992745367cc22d5fbc2a4db8e8e1ed7
SHA512e5edfd704ad1861df7e2fcb6a3ac3f3e5a881d010418ce8bc34eb56a7942a7674eab6da3212309a297f908391a6cbef095d6c4b8b533906e62bfd98b03b190b7
-
/data/data/com.pinxiango.store/databases/bugly_db_leguFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.pinxiango.store/databases/bugly_db_legu-journalFilesize
120KB
MD5bc0f2f0884005c05ce9b5ec88babc886
SHA1d001041a26db7479e220bb0614ad9fc0d4215723
SHA2569308df6780897445896ea1e804cc534311f2c557a29ecaf0382216ebe169f5d7
SHA512f4363edd342aec5953b60f933973fd57212011be1cb6a2bfc16df36937c1230233a291c52ba3a5d63b1445a24960f4cd156a079da23b130aff95747b506bbc73
-
/data/data/com.pinxiango.store/databases/bugly_db_legu-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.pinxiango.store/databases/bugly_db_legu-walFilesize
213KB
MD5a978442c1a27a282da405a8998798104
SHA16bc580151e100757dfa8ad133f22429fb86dbc64
SHA25626b5c61452416be3ff07d7ce34b9fb803ed636c9a82104b947a3ac27b049804b
SHA512f8a52795a0dfc4604b4d42b743456cf53619949741cef63079d35ec56b3d8c3f4b2bb80aa769e203daf81ba31cfd99a1fbd67eb138bc135fbca0152318fe494e
-
/data/data/com.pinxiango.store/databases/google_analytics_v4.db-journalFilesize
512B
MD5fe34a62f993e8be18dd4119ce9421876
SHA193b1bf6f4c5cf2864d844553a1b546c0180d90ab
SHA256e6d2c7b7620f38f244661350d402e700d215b821e5e747390ab15c8f25f75f61
SHA5129c84b89667d62c7cf0865801e1a87eee04f17987820e270c03adb387640f779ff63cd8962f857931565d415c91b0acc49c541643ba49ec1751425dfa2823b4dd
-
/data/data/com.pinxiango.store/databases/google_analytics_v4.db-walFilesize
52KB
MD5fda7df7034d8d1371cdf5168f369fd1d
SHA111b21878e3f21a6915af1df2641c1b28254a92db
SHA256acb4d00bf46aba1555c222968eb71167fa274b14b89f50eb3dcf5ab276fb2158
SHA5124c2df03d32aca94bd98f8b553967cb98220801d508d7950ec72d4ba08b984f35ac34a141441b8d39d0496be1518b79e67cdfb79f97698f1440bc63b0075893aa
-
/data/data/com.pinxiango.store/databases/google_app_measurement_local.dbFilesize
16KB
MD5ceef7fe171a73f638ff67384ce65204c
SHA13da721bec4cd789d623d4c3e82c03ad52ec26fc0
SHA256f265903ad24f873e137c617b30b99c5c1ce040477ef378584219c024a407884a
SHA512bcf02ddba1150341bcf2931a979758e692b8dedf84fb88738b60193130daceed588f52da419b675d574adb524a164b4a6e56ff5dc2a8984d5751a48dc21bb485
-
/data/data/com.pinxiango.store/databases/google_app_measurement_local.dbFilesize
16KB
MD5d23d1dae4596ba9f00fe4052971b0d34
SHA145335ed2ee8561f31243cd2d764ab6a698337815
SHA25675f97d92ef71b5af8f7799bb228ecafcb46f9e873e12cf5c3ca7eacfa3860209
SHA512bb33d43b16a8f2d173ddd9e98d63187efa69766505ec7d721b94adfadab7b1c65c6b9037d18cf5f1876d476e9c3b7bb49c921506030352e4e6ab83b98eecc4e9
-
/data/data/com.pinxiango.store/databases/google_app_measurement_local.dbFilesize
16KB
MD5caab7eb18470504b8a6ff9821b7956e6
SHA148425abfedb12b87ec4be5095dc51c8425508336
SHA256e2d9459819ed67c7aecac13efc258b3373068e6f9e7dcf3332bc7df41cb3baf6
SHA51251cd8ec9a4b28d27ed5e50c172f42b70b831e399a6710420005075466c70a5d54050740090099eaa5f48bbedfe5b1bca862b87bef7d2d0d69385bad305fe3fca
-
/data/data/com.pinxiango.store/databases/google_app_measurement_local.dbFilesize
16KB
MD5f564addbb290dcd0068c9ef2cfd3e986
SHA126f6d28390335e2c2b23cbbad55739013dd691e7
SHA256f4a89322a91673195acb56930452ef0813676f309e781b57a915ed5a87ec58c1
SHA51259b84120a167452514da5ee4440dcf71907d2ac39594ae2caaebc2e71489f133e799cf1adebaf665b9cfacf5b3763c974cc573634988beb5c970c5bdf866ba4d
-
/data/data/com.pinxiango.store/databases/google_app_measurement_local.db-journalFilesize
512B
MD5c34d851fae4f3eabfd3295c61f3633cc
SHA12bd0d609c8135c5f412a27b1ca0271bda5d3469d
SHA2563b29a011dcf7322f5e5ee255f8093dd27c2aeda34cc5743da55103053bb40195
SHA512ffed81daf04784d1e327d059bd8162761dfa091e047a972cb11058361be957b4aadc1c8b39efc3a0568aeaa0be650254136c577cbf2f11b9810df2970ebc0c5a
-
/data/data/com.pinxiango.store/databases/google_app_measurement_local.db-walFilesize
36KB
MD59753e4d2ce7d9e891d0d4ea8b10c1d39
SHA1bdb1a2881e69b59458de37c73845647f2dca39c0
SHA2563975c88e640e427f972bb3969dd2a703c0d6f808b6ca36eb5ea9859190205f37
SHA5125753d5aeca8d175875fb97e2f25134ca421ff16bf606f6bf15333c9908bd70c81bb0896f768e71ac515ac735375f9d2e950847d4fc23fb4f59e16e71afb7ddf3
-
/data/data/com.pinxiango.store/databases/google_app_measurement_local.db-walFilesize
4KB
MD5a8bc073af56336fe966d2bd50f18a389
SHA16a56f9c5f31221a508c7edb58e873fb8c1316ec5
SHA256f539920739fbaaf8de5e022d2de3be191807a77b6f3ec444b00b90b5f7f62fb0
SHA5122c30bf526c0ddcc747f19e7b01043301e6f85c473e8e3dd128e02deadcdd696cee2781617125a991e0de19bfedaa9d39fa26b808e805f61a361d91ce3c601094
-
/data/data/com.pinxiango.store/databases/google_app_measurement_local.db-walFilesize
4KB
MD5b8173871f0a38b41e39ca1787b952b98
SHA1b0c296d7583c442930c12f3631f855a938e06777
SHA25652baf502a392e1a61f21ee711519943540f16d1fef5f420ae097aa18d146b27c
SHA5122239940c3e294c10ddaa00ea38bbbd021e5dfe21b79667386daa7d3bfc13af70c8c4e7d5399a21e4efef5659833d58ac1753973924ce0a16d6376a4bda0c07b4
-
/data/data/com.pinxiango.store/databases/google_app_measurement_local.db-walFilesize
4KB
MD52552b17e15c5ebfbf07423ede695418d
SHA1a6bcc8218cb40ef47840f7f27a9ce619f89eacb0
SHA256b92c56c6478c69c5e338bab7c00acee619b1011ec73063d3cb560fa9ba5ccfce
SHA5129a1c073839c1374e333cb83faae090723c0719d3e485567a7060448bd49a7d3c698daf2e0fb025fd437630393e90ed4c9ee32b82eaaadc723063cc4b57a8c6d9
-
/data/data/com.pinxiango.store/files/jpush_stat_cache.jsonFilesize
149B
MD52c1a7478d50575a0207a6f251d1c71f9
SHA16b78e2d07c09a761b9a12ddf84a998d93ea7c8e9
SHA256830e82579a43e9e19476a9b584806c63dfcc772aff13bc97c6da12374273152e
SHA5125661cce5ff5502f7e592bc78a660de10f2faa954347641ac38165f222c758e46fb2a5694700c729e96a96c4472f5ce91535950e66ab661f764dc4f05f48c2a94
-
/data/data/com.pinxiango.store/mix.dexFilesize
292B
MD563f77f99bd2c2b772a479923bde11974
SHA1c7632e7d301e4463fafce85f84e9c3d7da3fdbbe
SHA2564c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615
SHA5123aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c
-
/storage/emulated/0/data/.push_deviceidFilesize
32B
MD513f85e43b17f69f73370a6d7e9304aa8
SHA1d58cd51fa638c623a19aec00fc3db53ea2fa7293
SHA256721b2d312b969fb36205b005b98b30803738342a2cb571d7011d012c5049deed
SHA512810197f6279f671ba8a5ba7a321961ac3084009f1231c5b5750c728355e97f5b0756d5cd85ee34915140d87121288fff0340738758742b84715d20566e1e825c