400901c1acf1074d26701bf113d5d4258e0b36add8ea163eb3a1e24bd95c476c

Analysis

max time kernel
175s
max time network
189s
platform
android_x64
resource
android-33-x64-arm64-20240514-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
submitted
22-05-2024 07:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

666f50b3dd75cd8dcb483e84456b0504_JaffaCakes118.apk
Size

20.0MB
MD5

666f50b3dd75cd8dcb483e84456b0504
SHA1

ad879e94d0eb619f1e54a9ee9a26ecf8372a491a
SHA256

400901c1acf1074d26701bf113d5d4258e0b36add8ea163eb3a1e24bd95c476c
SHA512

f7020d0fde3d0a1388505d8c6a7329358dd0542332fedcb3b80d02ae19cfbf34717812a1fcfec5ebc10c51f621b080c7ad2ea8e07ae41728bfcae3f1e4bcc258
SSDEEP

393216:wcciCVA+TInbacvrMlYF/x1Z/uO5gJCc4Z/Ns3o1:6je+Twb/vrMw/uYXZlsW

Score

7^/10

discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.youanmi.handshop

description ioc process

File opened for read /proc/cpuinfo com.youanmi.handshop

description	ioc	process
File opened for read	/proc/cpuinfo	com.youanmi.handshop

Queries information about running processes on the device 1 TTPs 3 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.youanmi.handshopcom.youanmi.handshop:pushservicecom.youanmi.handshop:core

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.youanmi.handshop
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.youanmi.handshop:pushservice
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.youanmi.handshop:core

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.youanmi.handshop:pushservicecom.youanmi.handshop

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.youanmi.handshop:pushservice
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.youanmi.handshop

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.youanmi.handshop:pushservicecom.youanmi.handshop

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.youanmi.handshop:pushservice
Framework API call	javax.crypto.Cipher.doFinal	com.youanmi.handshop

com.youanmi.handshop
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4308

com.youanmi.handshop:pushservice
1⤵
- Queries information about running processes on the device
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4397

com.youanmi.handshop:core
1⤵
- Queries information about running processes on the device
PID:4362

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.youanmi.handshop/databases/cc/cc.db
Filesize
36KB

MD5
1b77217d803a7c04af9466680b92d104

SHA1
0cb959f4773c6730e8aed5746706c0f3ecb35c1f

SHA256
66c83ae35e997c33eaffe9c0557d98ee31931c18b99585a64eb6cc8f63d303e3

SHA512
39ea189895ca93855bb71b4a5447815e9373ffd39b50611ac172ae321ee7716fd4af5f86c1fd0d17e12b771f4016a86184620a7c5d07f57b88f017c4ce8312ec

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db
Filesize
36KB

MD5
b986a138e325f9ed31653e246087baa6

SHA1
1cda06c101efbf7c89305f44b552e38282225064

SHA256
6945d75275af161fa082eab8b348f4cdccbab03854963f5e861fde210447e058

SHA512
5894180006885af44962dcd92c6f33a640d6080060a51a38ee4e348ee2dafe9abdcf2a931cfad4c395ebe20e08b96f810ca54b5b1f584fa232cdabc76be0740d

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db-journal
Filesize
512B

MD5
a2b0240b0b3841511465f384c81dc3f1

SHA1
6dda0c3d670401f6dd302edd1c7ee66bb6cfdf52

SHA256
1669e5d6084bfb781d0ad33a916c159df60e5bde1c1c1635b569f56da344bc6e

SHA512
201e5790ae21c4a0b099542ffdcae703d62357ec8c4e03eab50fac8e1824f04eb18ad12f330a85d4f92dd9975a233a1d5f1af051b5d8595fc3372f73df0438a0

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db-journal
Filesize
8KB

MD5
cd68bb750c120d10cb8236ab5951cf29

SHA1
ecb239bb7dfd9398abaf64f89df380fd26836169

SHA256
5330b93adee7c7ada8b76b2aac20c3d62416f079f5b982c6ce797584a58565ee

SHA512
ca1e585ef5ae89d1a52f348f6d7b0b96619dcfe24a5b8521095615c4d8fd1b05eee39836d95b00b53d52f4791dba33751eb8d81ec4d5c5e1ae9f751b6ace2635

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db-journal
Filesize
8KB

MD5
fd06653cfa937b83e4f972735d23987d

SHA1
a70f1a6b5005e5c23533a4aa9d6ea644ca2eb192

SHA256
cc6a97fee9fc950ecbb1bee812fc174b3f2f6cde4470f2e4774ca069c119d974

SHA512
5cb2040bedca97d646b709dd7f7cde83edf1427319b69a96fdb117004b272b4820e3d08e9d654503f3bf5f885e4f86aa121370cbe759df47b7c67a04add7b3f1

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db-journal
Filesize
8KB

MD5
c5ff2db14c511c44da6568ef613fd54b

SHA1
8d875d25c6be53e88445157bc99e363af415f749

SHA256
e760d1b55f72b284e154427c1af24ab30c1682ed1c7d6036cf378dc3ff19746e

SHA512
b7e174f8dd5f14003466c32d13df03c219ae6d30fe26a769988f6f1b60faf045f7886149a5dd34a31f9befb30fb7fd238aa20f2d69dc3c4441dffd3de0b97f82

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db-journal
Filesize
8KB

MD5
d05a7f573cff29704c54fb8a2c05ec62

SHA1
0e83f6aaf7e46719dd3737d5d48f2aeb2d684239

SHA256
1bb7faf5e1a5b3aa272f68531bb13cd9320dc05ca7b976046d1baff8813a22f6

SHA512
5ff97bbc0443ec41db7ac84d2622557b3cb19ca10fa42e30b8d6bd60b85dd5d0318f25cdc08117480f88ac96d9e6abfe79e5ffdf32f71c18ea80948a3a2fd5bb

Download Submit
/data/data/com.youanmi.handshop/databases/cc/cc.db-journal
Filesize
12KB

MD5
5b86843439b1c557e9de918cf0d2ce51

SHA1
8dc63b2e94b51afcc27b4704e5b695832b1b1720

SHA256
0169890164379cabbff16a605b69e28bc3fe0306ffc8095aed96eddff30eda25

SHA512
f8cbbd1c710f4c1d4417b51433118373003c2659c62b25ff4c299be91bef3e676eb9e83bebe6d3357b40c1c572821850faacabd69d6a08bd92d38273c93aab8f

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db
Filesize
32KB

MD5
17bb57268badc491266a2729e57b37c9

SHA1
ebcb029dd3fc1f70e210d93ab3086bbd5d39e3c5

SHA256
eda21e9bb4ad31e62a195d99b6e8e7f361411de6ae8f3049537055c8e688f837

SHA512
a4a6b7ef13c6d81777bd583c1a96fdfc735b7aae8fa67d9502807d1e150784abad3fec756af3f59a0f9086447b89ceed5fdaa726e67682915285beb6d23f2182

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db
Filesize
16KB

MD5
c1ae431e52d7f7a3f8dfe38eb2e6e1de

SHA1
5d4832d411fefb7bad0117974d1011cfad8acf33

SHA256
4b75c46642c0dac70af8d317a2edc338a2d11d8c2e64e7d1aff3a33de13aef2c

SHA512
eeda65f73b9442201eb52f221c056f66b09468e6633b5c5a38db433fee100c5e0ee5b46d84e493a7728b10680ff70586472df25a60b954421867d3d11474ae5d

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db
Filesize
16KB

MD5
31e4b121d5cc6205cdd070492130b74e

SHA1
82b39a92a5367906d40325de4907d09e41b761fd

SHA256
0fcf6f9da18ec8df0aa60ae0526b0be6cee522874db8d533cdbce8353447dcb7

SHA512
e7f366012336ec0298c077a4cbfdb9b35e57daad60f3ebc5b7074e9c1df208832d0839cbe850d44131f79202649f7093798ac839586e7d3684e7e06f2df9b71c

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db
Filesize
32KB

MD5
f0f03c11077cd447a853cdbf73ee73a6

SHA1
4890b200caaa544bdfd31306008f25341356f8e6

SHA256
6ae18c7411d628bc6f3683476a9f6fb4a07c8e05507f15f1ebf80bc49a8867ff

SHA512
6fd8537a875c8677ae527c8e45b7f36d6b47233b3cba4da53f1122510021417f1a7b98dd4a4edeb9c384e561c45708f02d0df368efc317d1a8584c241aeecde9

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-journal
Filesize
12KB

MD5
9131c0d7c798d91277d1ccd61dc3f201

SHA1
16ca919f90d5434aeb0c80d1e7b1872d924b227f

SHA256
9d1bc40e629d97faf88e5c83f3aa6700e087c930d6f6aa5efbf59f72d80dd4fb

SHA512
bc3617d4733790bda94e3657105dcbb2237a46678d6eca7a53229f55cf3a71b495ff1cfeda443101da5c6790a8f6362952347d044005561e506e8af132ec26c9

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-journal
Filesize
8KB

MD5
6203f1eeaff9f0b9778a6209e42b1bc9

SHA1
f2785829413c2e69489ce95c805403b02f61b9fe

SHA256
eb559d0bacde7ffce9bb24af223258c82b72b533fd2f37a067370a38e2021464

SHA512
3292d9cdcd4d3664b46481c739be6aee591e251475644c449bfa2a9d2cb6d7fa66dd006bb91cb37f2b844de81a8269682940268a44e7d68f035a8abeaf8e6b97

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-journal
Filesize
8KB

MD5
49f70c7b4ee841e89c2c615ecf304bbb

SHA1
e63970eba49c0313754a820de0c32dccdca3f4e5

SHA256
bdac77ead9c1251551df0b5e386c10a97237bbfb7fd8014b94fb11c7722bf283

SHA512
78a178dd0bbe91a7718bb8e03198dcb13459037135143c572a4b2dd98c6da3f04ac49a205e45e98b8bd6b48db381b3e2cbb6ed3e89b1f5684fd86fe458738236

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-journal
Filesize
8KB

MD5
2a054d518246e2a90a45e383e9d46e27

SHA1
54a0976de9aa717b80ae8b93b9640eebe8283ff9

SHA256
662c76e3e90de47e7855ffa920c0a45574fe830d2a9bd3b5245d71e482ad8957

SHA512
16e294bda879fd5294c02174e2aa9c6434bbdac87892eb481ebd8ca597e618a33e556cb1f519b49237ed8f87253cc8c8d7429c42599b715eb55d918cf876b81d

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-journal
Filesize
8KB

MD5
b684bc0a83e323630bd86e714af213ee

SHA1
f9d3c72649b6044e30b59eab815ef923d5a7f5e5

SHA256
d2cf000efefdcb8f661f55fb4be3fcafde6a59664c0b54d8ebf44659aaa2744d

SHA512
3e7007bb98e6fbbb78f7143cc801780b5e502e86d36cd67b6c50cbe112702ee12945eefdaefbf74ffb870fd940c16c7be43645e623be3028c76e285af6c759f7

Download Submit
/data/data/com.youanmi.handshop/databases/ua.db-journal
Filesize
16KB

MD5
c0a8fc06da5c503f33c227daf57ba87b

SHA1
3042766e4a2c7b835baf10e566e17a62e1428427

SHA256
8ccdb9983c032e1ce3d31b2d6ca5427b5ebb8fea02f91cf05de6e659998745e3

SHA512
faab01d7e16e42c0cbc12c63b708507b70ce4e9b6afd5f32726fdb188b2aa9f2f5690555e36568c15edf60f5e1849a3478c424966339e5d79442bb2e16703a90

Download Submit
/data/user/0/com.youanmi.handshop/databases/pushsdk.db
Filesize
48KB

MD5
6ae607406e009fc36a3df3e43c80ac41

SHA1
21c882342ea5a90a6e7c40c43f83e7a6d1428600

SHA256
78b2fa88f0f11563bedf04278fd8d38fcb74298fb9b758a8c68ee3d0cf6b5cd7

SHA512
b4d6ae4ae748f467d42ce47dc6071d56ec98ce9f9f220f26521706560793923acb15c52d6263cb065b572d940ac21b70d8fb42a2140c7a9328ac582dd9ce36ab

Download Submit
/data/user/0/com.youanmi.handshop/files/.um/um_cache_1716362115985.env
Filesize
1KB

MD5
5b4fd7fde85988eaf4c78e2822b51aee

SHA1
e36bf1ae6f16c69f6f2fc5a74b91bb1d699c1ba6

SHA256
88e7dd2164ee69269f5e4ff42f063247c26b557d5bdd151b8c218fd5141829e8

SHA512
9503680f2487ccf2c1bf06247236b0491599644ac5e12f59c2c3ed31d5cb4c479319c4af0d3fedee660abdaeb94b3686bded5c8a2138c443ca4d06a6089f1c81

Download Submit
/data/user/0/com.youanmi.handshop/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
f20e08df3eedbb858c92a307e7d9098a

SHA1
c6fac0696c6dbee7c042a6a03c35455052f21edb

SHA256
e20760da2c2b9a93a23b6b7d3036e52d739939c494147cf678b6c308eedcd36b

SHA512
0f1e184a2be2d1f403dd394c05dfd4e7b619ffcd1901fda19d257dcc8fa1b2c580d077f50fc7aec4211257dd1477a2f4e8f65a68342879228b6075ee50aeee91

Download Submit
/data/user/0/com.youanmi.handshop/files/exid.dat
Filesize
57B

MD5
48496e8263b1ebd611fc8f20c0bbe19d

SHA1
e6f1cf16bce0c3caec57fce545d4acfe9b841715

SHA256
d5123db001589a2ea9b07129d4c59be7b38947b18c2610f76fda36a44a26f24f

SHA512
a8f5f1981ee382d7514c2569cc615b13d493c558f89ebfc99cb0c10005925ba0104d7014831be6f86ba4f9ed532c6ff396e846e5f468b791a337b1ce7dd28c0f

Download Submit
/data/user/0/com.youanmi.handshop/files/umeng_it.cache
Filesize
350B

MD5
cea49ca53875d1ca963112b56736a088

SHA1
66e9f88fb7db5000d1010fcae1c9ce8c636e166c

SHA256
70fc89f7f55c817f48d022a0a79b8b0dc8b85eade37bfa05077d97ffe5e5c523

SHA512
38ca63db19eb37a36b385b290b37bc5a3f980f3e1b9a9e8691eda4f5adf7eeaf0a4f0571ee98e1427e8a311f7d2778a81c94236630281366a8ae0a0f94ffca3b

Download Submit
/data/user/0/com.youanmi.handshop/unicorn#cheese#
Filesize
64KB

MD5
fcd6bcb56c1689fcef28b57c22475bad

SHA1
1adc95bebe9eea8c112d40cd04ab7a8d75c4f961

SHA256
de2f256064a0af797747c2b97505dc0b9f3df0de4f489eac731c23ae9ca9cc31

SHA512
73e4153936dab198397b74ee9efc26093dda721eaab2f8d92786891153b45b04265a161b169c988edb0db2c53124607b6eaaa816559c5ce54f3dbc9fa6a7a4b2

Download Submit
/storage/emulated/0/Android/data/com.youanmi.handshop/files/com.qiyukf.unicorn/log/tmp_u_20240522 (deleted)
Filesize
64KB

MD5
755b68e033690d996265c5e7a363cabe

SHA1
fd91aedb772c638e58c2f2a5221f2498e669e2bd

SHA256
9e91dcb055b40398a199ba039fef2e2d759312679168b4d8b32e7d468ddebecf

SHA512
221ea0fb0635d1a120f23823093e2da183403017f7d7d1a9b8ae99751bf3dca23ff8b7a414785c460934ce060de90dabfcd839cb329479e4e4f5aafab681ab1b

Download Submit