400901c1acf1074d26701bf113d5d4258e0b36add8ea163eb3a1e24bd95c476c

Analysis

max time kernel
174s
max time network
186s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 07:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

666f50b3dd75cd8dcb483e84456b0504_JaffaCakes118.apk
Size

20.0MB
MD5

666f50b3dd75cd8dcb483e84456b0504
SHA1

ad879e94d0eb619f1e54a9ee9a26ecf8372a491a
SHA256

400901c1acf1074d26701bf113d5d4258e0b36add8ea163eb3a1e24bd95c476c
SHA512

f7020d0fde3d0a1388505d8c6a7329358dd0542332fedcb3b80d02ae19cfbf34717812a1fcfec5ebc10c51f621b080c7ad2ea8e07ae41728bfcae3f1e4bcc258
SSDEEP

393216:wcciCVA+TInbacvrMlYF/x1Z/uO5gJCc4Z/Ns3o1:6je+Twb/vrMw/uYXZlsW

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.youanmi.handshop

description ioc process

File opened for read /proc/cpuinfo com.youanmi.handshop

description	ioc	process
File opened for read	/proc/cpuinfo	com.youanmi.handshop

Queries information about running processes on the device 1 TTPs 3 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.youanmi.handshop:pushservicecom.youanmi.handshopcom.youanmi.handshop:core

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.youanmi.handshop:pushservice
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.youanmi.handshop
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.youanmi.handshop:core

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.youanmi.handshop:pushservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.youanmi.handshop:pushservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.youanmi.handshop:pushservice

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.youanmi.handshopcom.youanmi.handshop:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.youanmi.handshop
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.youanmi.handshop:pushservice

Reads information about phone network operator. 1 TTPs
discovery

T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.youanmi.handshopcom.youanmi.handshop:pushservice

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.youanmi.handshop
Framework API call	javax.crypto.Cipher.doFinal	com.youanmi.handshop:pushservice

com.youanmi.handshop
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4241

com.youanmi.handshop:core
1⤵
- Queries information about running processes on the device
PID:4308

com.youanmi.handshop:pushservice
1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4337

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.youanmi.handshop/databases/cc/cc.db
Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db
Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db-journal
Filesize
512B

MD5
cb71fbae0155d78ffb7c534188fee988

SHA1
3baff5f64e812122cfa7d1ca2ec81355dd1f2f4d

SHA256
bf33dbcf04ddede9fd9f7afb97dd716e84cba3aed8a75c48d5074c7b2bfa6c32

SHA512
40feb38f2d2bae272e976520e07fc8368b8eb4579a93168379c70ff9402ab2f7cfafdc59344fe93e0fb74dc1d261534fdd01031438da01532fe86d4b9c9d2524

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db-wal
Filesize
48KB

MD5
980bea9e0d8b9f4ffa098f99cc44bca4

SHA1
be8e38a9e67524100a29ce592630eb8bc1352e37

SHA256
8341c65462b2c8285e2cd06d6a29b931515826ad750b70aed3e914755290de2b

SHA512
436de4ace9b5bcd28dcf726e8763c988d32b03b685d74876724777b0e362d1c79b157651cf709528d8b3dbb9f7fea30996f366bbaa6d8fd8f44237ed648dcee8

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db-wal
Filesize
16KB

MD5
694063773cacd7adf7dcc9c35664f1ce

SHA1
6fc5bcac535397f8ddda594d850c596fe4240350

SHA256
a58ca9686c377ce509ae2e53eddacab45aa6385cf28ef03bc4ff8f46b4f3621a

SHA512
a802186d166857e0d9c66a9837d688da145e2076c4b47ad04c13e50a625143d8963af0114837910d779e973101fbfde351b4e2374348a350821ef6cb8c02b98c

Download Submit
/data/data/com.youanmi.handshop/databases/pushsdk.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db
Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db
Filesize
16KB

MD5
4e89a4180c3ca1b5d912fc6cbb76f3a1

SHA1
e66df5e7f9eeb4ffeeadf0ecac3d081ee572d6da

SHA256
140da3eea7d9ae43394cd26e0a72d5c8aba69ae0ed633977b301d81705669b45

SHA512
38584ac836f0c28e553c2034db4104c69a9fca94d4a9d33757b599af9dc51f532786485dcdca839a7ffa498956fcc8152cf151b496fa2e27a0b90445a80d3342

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db
Filesize
16KB

MD5
1e694fc34cfba6c6e583f3ab9c21cbc2

SHA1
a2aa4c69eb29cfbf6c32535467d8fc819b8ddb29

SHA256
d25d2782e70513a4178d85edc9b33a0f8f0704b511d24e5e2577829922e163fe

SHA512
9959dd26e9ae9af9684c70a30e04e53261558facc0f2833fe24c9db9724f1a15340a85c7ccb3f67289567777f36849287abe34b8f0a8dc658e7e5ca9c8a70cbb

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db
Filesize
189KB

MD5
6cb81b64c0fd21f468e6caf65fe8e88c

SHA1
b9c5bf59de35d43de8df30f742bef1f1442e4ba9

SHA256
491701f9e3bb3ba73ec9bc58800c9db9266a94ecea9ad70cace2f803cd5b5714

SHA512
bf3666c856759caab53983fc314b8fea7c4250f60d266df7ee76f295703f1f01080c6e47e37de18a8306853cc4a1605696f832346f740a3e72cc0b3c608fb6cf

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-journal
Filesize
32KB

MD5
df4abbe7c3a1c7b42b3ff95ca1190899

SHA1
cc13313cdf67433070b0b7ae91a6425ee87d4ca8

SHA256
05b8ee7ab6f122cf776c187b4286bc8df935dbe60767d58633a7521a6f24986d

SHA512
dbb8e9a1f6b488e63e6a5cd896c1c7b82bc59f03a224beb58a56baadbd799e7817598530f5bdc95ae5c150530f902af43812b73d3f84bac9f23b418ae62d1066

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-wal
Filesize
8KB

MD5
bc447606bb6413d8f9a7ffd7d0821380

SHA1
67e418019bd88b0ed710c4d4d8af813ba27593c1

SHA256
e96052bd3b062fd10eb173dea8b1d8e3801c94bcd17d50cdc741ad6b80851ea5

SHA512
98d4b2ecd6f1d50bf6499a9808f9938362dacfcc9b7befb1af68e7d8aa894150525948a7f3342a3e2a42df860aa3ea8e7dc6067083db1f4e04476f361447f09f

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-wal
Filesize
4KB

MD5
fd2895c9266602fccf6818c3d12719ae

SHA1
20b770672865cb199d8ecdb1018895c3c1af9ee3

SHA256
9dd23fddb57c72ed4d6c8adac79bedaeb7b832e541de9dbc1dcb3ee0c48c016c

SHA512
b46503f6dd1662e29eb939a835419a12ee2fdcdcff1fe8eba440b928b621a90440883cf1306fe370c4107a62a2fea42e2fb689a3eadb33d1cd14a51036b6a077

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-wal
Filesize
4KB

MD5
6adb76fb1d03d8559d9f2890f7fccf74

SHA1
9c39eeb6296fb9e260ccffbff14ba917c34478cc

SHA256
92be6bee30e4d23984d5f56ba32968e11feca855cbc9d3777f9499aa8f18371c

SHA512
a402483636b98a795c4230590e3f0c9cf54aacdd29bb373c46a9fc807df8b32409e3a01ab30b8c3249e69e0210d0ac7e0ba064bdf0eb243ff34eb0b38500fbbb

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-wal
Filesize
56KB

MD5
868d660f36026149137f625985202ad7

SHA1
1c5f1b61e3fb8e842adf4fb9e4149cfea11e692c

SHA256
6d855ead148d9dcf91424f63756df97c237bc6ab5e567c5209ed50445a58d887

SHA512
223db45e699eecaa904d72be8f9ff160ab7a61dff7dae3fd272ddae7af0602b9f74f77cbeb276aa567f840ce19cfeaf65b85b4d73730de99f4db42d7583760ee

Download Submit
/data/data/com.youanmi.handshop/files/.imprint
Filesize
1002B

MD5
fca2cfdf7ba8ecd38a21c6e4fa0ba2f4

SHA1
50df70d3c5078f3124871bb8d502aa043ed07cf9

SHA256
4b30c4e2f4a6145365cb1b602c3e26e4effcece03695fbd5c26e54f3d8b29ea5

SHA512
df67d78e6590ab0c75745d908bb9e4839a18eb551de0eba8622349070a081a6910b5716530d209186e76ba2cd9c83f098021dd5c68303477f57459a27398c59c

Download Submit
/data/data/com.youanmi.handshop/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
16f7f6e300247c4c366ee56818d3cb07

SHA1
21b4b8b750374bee79c97a7ae8215c2874447086

SHA256
ef5c3962d48da1a1cac2b1303813b9feb4cdec3c84f2c0c08807f800af156c8a

SHA512
508b317e99842ddf1ef9cfc3138f424be7ad61df21308d25add8fb9d2aafeb48bf014edd85127679c5c7d84128c46bb07b36c44b82a925480b67c33f5ec61a6a

Download Submit
/data/data/com.youanmi.handshop/files/exid.dat
Filesize
57B

MD5
48496e8263b1ebd611fc8f20c0bbe19d

SHA1
e6f1cf16bce0c3caec57fce545d4acfe9b841715

SHA256
d5123db001589a2ea9b07129d4c59be7b38947b18c2610f76fda36a44a26f24f

SHA512
a8f5f1981ee382d7514c2569cc615b13d493c558f89ebfc99cb0c10005925ba0104d7014831be6f86ba4f9ed532c6ff396e846e5f468b791a337b1ce7dd28c0f

Download Submit
/data/data/com.youanmi.handshop/files/umeng_it.cache
Filesize
413B

MD5
5cfae840e175b60bcdccf413313a331a

SHA1
fa42837820cfeaf61a260411b2069ba2f80909b4

SHA256
07d04959bc3439d4f166a83d9557ae3d27f2e942f230f735fa71c8b5928a0801

SHA512
6cf5564bcb5712cb907a977a6fbd0ff42757822d69b9dca8603f27e4c467cbc9925c725131ff0e7690efbdf5dc196e586d16c3c3627822fb4830da8d43ea8256

Download Submit
/data/data/com.youanmi.handshop/files/umeng_it.cache
Filesize
210B

MD5
6199b8b078a64a1ed45c6071db2c0640

SHA1
5fd2a0a27af7b5b80ba4567759da7235a6b6fbd2

SHA256
6f98ef91630b6bd91214c2935528b74a1406bfe45b641169fc87b2e40a2887fd

SHA512
76d29f67ededed4575b563f8d0df3449ba94f5f34b98b045db3d1a95775e2cd6042a1e6b9b517dd43fb12223669d8421f9fee3e61c767ff71b17e9fd56961b42

Download Submit
/data/data/com.youanmi.handshop/unicorn#cheese#
Filesize
64KB

MD5
b7e878bfc5173e65df5f3b999844aff1

SHA1
cf859e349ac0bad588dc1edf9e57d9ce7b1739f7

SHA256
fb40214506246a56a7b7f65e86587a038e02f18505a2eddebf57c7a9513c3bdc

SHA512
64c43d5518923955b2f5af083ebe543607c0c7c1a66029d72fc4575c213b10d4385e792306ce9bfb4c909d8e10470b902c31eb7d396e55819a699de8eff86579

Download Submit
/storage/emulated/0/Android/data/com.youanmi.handshop/files/com.qiyukf.unicorn/log/tmp_u_20240522
Filesize
64KB

MD5
40c71283b0d3412936397f10ce1a74ef

SHA1
9e9ac62e3833dfb58011ee7881b05359521a862c

SHA256
d68c90d4be7b897ea8bbc96f90f25630e2a627d5010edc91ff607a83892faec3

SHA512
3d31f04f5d7fd9d6ee89e99f73028d0651b48b6f0941c97fc1e60b7f69899bd46dd23bcc226df744fc257782fb74bf08496dfb63125c865961aac251520059e9

Download Submit