Overview

overview

8

Static

static

6

65c6cb7a80...18.apk

android-9-x86

8

Analysis

  • max time kernel
    128s
  • max time network
    147s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    22-05-2024 02:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    65c6cb7a80baa457e85fd0954eec11f9_JaffaCakes118.apk

  • Size

    24.5MB

  • MD5

    65c6cb7a80baa457e85fd0954eec11f9

  • SHA1

    991b63536c49709186c34c95e32dd579e27ebddd

  • SHA256

    4c71bc9c13d4556977a2074ade4e690f354e1a24beb48cee5616b1a3bb35e9ff

  • SHA512

    1be996da632b5adab6a76483dbbfba48b927475bed3a1f99ab85de08a76ba14700c71ef4bf9c71c6bf2559046e31e595afff5b9ab7c404dd16e6b3ff7cedf9de

  • SSDEEP

    393216:G1XIUXCwlepA58W+CEyxKnK6dZGnaJCKXcBJtc1tAaCUS9pmB:mXBfltTEyxKnK6dZgOXcJmtAaUpmB

Score
8/10
bankerdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • com.smile.gifmaker
    1⤵
    • Checks CPU information
    • Checks memory information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4252
  • com.smile.gifmaker:remote
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Queries information about the current nearby Wi-Fi networks
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4305

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.smile.gifmaker/cache/event
    Filesize

    20KB

    MD5

    e52f241c0db5477de81bc1d407c98f33

    SHA1

    3d55c5d7cc6e1b6677b74498a40c9c9079684810

    SHA256

    122d1a47b1cec5d6949a417c443f2ddd912ba4972d25a5353881ec075bced111

    SHA512

    72df83ee807790c4d3bdd88422b3e73d0613870b8f6616e1714f3de9e29bc1570d76694c1226b594c294f8e16ccbb852e048aecea27f58fc0796a8b4af4635f7

    Download Submit

  • /data/data/com.smile.gifmaker/cache/event
    Filesize

    20KB

    MD5

    23378ce75d5b7e942324c02d7f65ede8

    SHA1

    301b7d3c87848779c53e96f76b143ee3ac3544d5

    SHA256

    1ff8dd4098f3a9603628149f9d199ff709b02ee4efefd09b1425b6b543bef790

    SHA512

    f9e5b40c3aaa78574434482f34e2b7bde1d82ea04232048ba352e96c8076a44bd18a8e5c84586a338105dfd3d9f1d19be386fd45feec29e2aeb83cbfb5e12ad5

    Download Submit

  • /data/data/com.smile.gifmaker/cache/event-journal
    Filesize

    512B

    MD5

    908430b151c3e5fd327c63e089a6b8eb

    SHA1

    766e966a689d740b4c2d0d77cba06cf9244949b9

    SHA256

    beba4b9aa5da4d5426014f1a6d067e90e47308b0040854f21e9ae5dca0498620

    SHA512

    1a914b287dd8cb66f42e45b99826890705e5909206a3d08f32b1f51ef86b9d8379fe5cd026748800898c8f93c5964b69b5e27f2e9f72ac62a380bbedf2bc2b9d

    Download Submit

  • /data/data/com.smile.gifmaker/cache/event-shm
    Filesize

    28KB

    MD5

    4808ec3e6aa23dde7b778672bcd0e59b

    SHA1

    415b31ba74b78fd83cfee68749aaa6fc98ada849

    SHA256

    0d6260d9b1dfff1d1b1ad70db60c91f6ef8806cb1ff33ba455e0eb46dc706e23

    SHA512

    1c5a8c3362a39cb120c01802da60ea59215b891b36f443d3d947da8260c6bf2afa6d5a49065b17330b27ce3e1e009bbfb4575ddfcf6d585b5c8f3a32c9619d4b

    Download Submit

  • /data/data/com.smile.gifmaker/cache/event-wal
    Filesize

    8KB

    MD5

    1832c429304ac128c41b230036f2d7fd

    SHA1

    6d659b7fab0b532a9c9cff15c4d14c87093b3d1c

    SHA256

    fd8f88f172a772e807c21fcc127930bb95acb77f5543263fb545867bd1811d16

    SHA512

    19b81a1daff12c4d5590171ac5d96c4c36c2da4fb807a1ac00f05519722b34cd3d1e94397df49ef83b9e0ff9924d5ad6e61dfaf11183101d208de419cab6d968

    Download Submit

  • /data/data/com.smile.gifmaker/cache/event-wal
    Filesize

    8KB

    MD5

    36a2e237675b6acdd88a97df9f78e769

    SHA1

    344c70615dad8046a6ad5a63fc336c646ee0e613

    SHA256

    286d144766ca1d794ac10b29cc4034a15b494c7fbac36045719524816d05d365

    SHA512

    3633e541117cfcfd4bdb04d772d9d15bd9536cd06bc3358a0bf5abeb01a787f14394622058f8c9f38c800c71db00721f55fa3efbe2976c52748c042bf4f6da07

    Download Submit

  • /data/data/com.smile.gifmaker/cache/event-wal
    Filesize

    32KB

    MD5

    39e01ee121e256c5b907eda4f6051acc

    SHA1

    cdc86221d9cde8bb49dbefd2bb80a77470b446cd

    SHA256

    c7b7a643ccc2506a7b3c8087331a262d1bf7498b110e7f0acdf7f783bed171ff

    SHA512

    48859be9ace24724b7847500bd95a1685db2e2dc20452cafb0c22334f146a06afab9d5da3dfc0380dc88de04891c2bffe6a322501decb85c340d9c56b6f96268

    Download Submit

  • /data/data/com.smile.gifmaker/databases/cache.db
    Filesize

    28KB

    MD5

    b588e2490bcce471506ee6753ce4bf63

    SHA1

    3420e6a0337dbe618b2c16c66b86c8f0f2237dce

    SHA256

    f5cf0d292b2f3327cb1d33835fe05fd9f805090615df7e22341b1a060ce74e59

    SHA512

    f66c61ddfecad4d50cc8a16a03ef09b71033fb9ae24368ef9f2c9cef34f54324471c67205244ed9b729a651ba5d23b814b9f0c23a10d7e4317425fa4f98b1038

    Download Submit

  • /data/data/com.smile.gifmaker/databases/cache.db-journal
    Filesize

    8KB

    MD5

    7a3c3436dc80599e029e393abcf5b4d4

    SHA1

    3acd998d723a090f4f96897f581edd83cc994d75

    SHA256

    9fac15a72fbbee2f2be3e7afa30fff54286725e071ec05ef8f4b708de1139234

    SHA512

    db71e0628b002516a13da6270b7156a1d91f223e3ad880f9b087e8d0feebf5582b51d2d0877df362a9952a2a2eb34e0e191dae8d05dfa3dc1263b10a37efc7e4

    Download Submit

  • /data/data/com.smile.gifmaker/databases/cache.db-shm
    Filesize

    28KB

    MD5

    c9260984f85e16aee623e2053d81ff53

    SHA1

    848500678566c68a28d4746af1a357a418607b3e

    SHA256

    c16d20dea646509758edf4d552f7ff1abc181c65e5dbf50aa3dbbf9a4a1620f2

    SHA512

    1e9daabe3713319d1ac3c5eb9aa575f40597d1de322d2279e4c40770515abaf1c93a8b276ec14b5ac2f84cd650d21bd47484aa43aec172678ab3c736ea14236c

    Download Submit

  • /data/data/com.smile.gifmaker/databases/cache.db-wal
    Filesize

    60KB

    MD5

    5c91c606c160f82f5f5117eab13aa672

    SHA1

    995e17752ab0423352c780fbf165b1cf644803f9

    SHA256

    d20dd0c7ca11cd8a3a4d1e15b3b98f1bf063dea7bdc6d0e6505ea5dc7e31c94c

    SHA512

    3a73aa355c99ad4e61bb0fc884768af7ccf81b9c245ff99fbf19cfef554b1a403915329dce2019f4d916e5fb30bb116d77b675b4b49bdd7bc130ba26aa99eb65

    Download Submit

  • /data/data/com.smile.gifmaker/databases/prefetchkeep.db-journal
    Filesize

    32KB

    MD5

    22a5f4a78d732fee4840bc77851c2487

    SHA1

    42b3398430ebc68b403bb302812903bf562e6e13

    SHA256

    74aad9c4bf8bd2067bb236386bf494292ad0dbff19d759674d3dd7dda54a23ea

    SHA512

    cd105c54bd0a1ee2b38acd5ef738ca044308cbf1f4c5dc25b157995ac79beb97d848c2cf1c45f02dd9aa5aa74deffb137a446d97307ae61cd420c0a8a79eaaae

    Download Submit

  • /data/data/com.smile.gifmaker/databases/prefetchkeep.db-shm
    Filesize

    103B

    MD5

    8de4af16f42857f003945c8046781fde

    SHA1

    88d7b414ced1479fbe28d4f92582f5ec846ed4c0

    SHA256

    b8dae049f09cb377bfd9c9b9cf3e7fdee8eff93985da349d6f95a676d0ffec9d

    SHA512

    cfe57c27e6cbf107bb07e7b5d1d9290edab075370bd44b6f9a2952e4e2ed6b8b460872c904adfe085e564331d5d07b31dc6ef08749836d4a745860d14f6a5f8f

    Download Submit

  • /data/data/com.smile.gifmaker/databases/prefetchkeep.db-wal
    Filesize

    60KB

    MD5

    0c96c855ac83826484dd7fcef44b5b6d

    SHA1

    3502a6aefde58776c98513e7e1549d5cd6ac449a

    SHA256

    f7cacec0910f9dc63a3d3894d7a30acc38e427ab4c8022af82ac5677975895d4

    SHA512

    0ee517a4e46d62faf11375f5fd8cbafbe3ce60c22a3e647416c749879beb51b0038f1476ce2d6b14e910b6e4f7708dfce5a06a6b88e4494db9afc81708cf9832

    Download Submit

  • /data/data/com.smile.gifmaker/files/dex/filter.dex
    Filesize

    2.0MB

    MD5

    4ec6d7da775e7b593688e2cf38d1732a

    SHA1

    889b70ed766560fbe4e615af9a1a65550067823d

    SHA256

    f7cbae702916eaf613a4a6c8eac0bbca3898baaa733e42a30ce73d74c3262ded

    SHA512

    21912c17d169b5db60c443da4689b44378547bfde5cea0b6ad35dd150c3d7e4f9d1584fcce208166ecab4c832f288e6500618d7a516d819e98cca0e08a535362

    Download Submit

  • /data/data/com.smile.gifmaker/files/umeng_it.cache
    Filesize

    12KB

    MD5

    669ceaf52f4feb1ba6c38c166cc9156e

    SHA1

    d09c18f1084212c51db9a1e90a1744e81b001922

    SHA256

    c1ae767af74997826c652f211e5a050ec2e52b0472cebc65604bfdde7669f576

    SHA512

    e274458e61fd778b4043897aec4d043611e59490753ff87ea248d558422f8cb77076880d29ecdab7e659a805f5d8e56021524ce21310dc32b264866b89f29dc6

    Download Submit

  • /storage/emulated/0/Android/data/com.smile.gifmaker/cache/.cache/journal.tmp
    Filesize

    20KB

    MD5

    048c73f536f234f0ad0d2fa8bdbda899

    SHA1

    dba2e666721e0b0988807b8bb3ce0452dad3448c

    SHA256

    f1a64586ce75e770e2f36a7ef6f7419e26ebb9e9e786df3c5adce50a196d2d07

    SHA512

    6ae398c682724f0008ce47cfc790a7ad3dd7cc801fb3a8a692d28da5533ea7ed830ea36933bd3e3219fc8cbade90f073c2c418611921bc7d6877d94b6745c4f0

    Download Submit

  • /storage/emulated/0/backups/.SystemConfig/.cuid
    Filesize

    512B

    MD5

    f7a05ec246946ee9ef93d2cab1b51863

    SHA1

    2ad028d9603afa9fa040602340ba9424eae3453b

    SHA256

    0ae57be88f515dfb810a0cb6aac2616dbd7347f7900a2f5a29c362d936d677fb

    SHA512

    66a702f346bf978258296bd3049cb221276486a1a05d5ca8386e6cc39b2c99f0791571a8d93d448d5830a89640bcc6378ada2f6f21e75f09ff69cd9e9fdea955

    Download Submit

  • /storage/emulated/0/backups/system/.confd-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /storage/emulated/0/backups/system/.confd-wal
    Filesize

    12KB

    MD5

    2f80db52797815551881161bc924dd8c

    SHA1

    90333affd1ffe2e98fec932ad94c7afa2b639501

    SHA256

    d40ca1fe7f907c557173bc746951d5342a5cdfd525d6e63a1f5f9cb4ebe10f20

    SHA512

    ad1d351b63fc04a06b22c15a510062c9a375ac04f21b2bc879c35ec09abe8f1e1f8e27f2ad0750e6c879bb6ec4bf938d674c97ac319f9c7f1df604dbb4067bc2

    Download Submit

  • /storage/emulated/0/backups/system/.confd-wal
    Filesize

    36KB

    MD5

    33cd1ee7b23d8a1dc975a4738145c026

    SHA1

    ee3804a64d208e4478fbe09d8368cb2372b71ae3

    SHA256

    f1e2d4f98dde8a97512def38af6758fa6827c2637b78dbe02182264ad74cabb5

    SHA512

    ee1b27eabb2c92748a28ac0fdcb4353a97950cda114bfbe2286770c03512bd8a3268c96d1677f7075fae971b811c4580ff198b4ae95e8d2b96ad11c184693414

    Download Submit