Overview

overview

8

Static

static

6

66c7d95f35...18.apk

android-9-x86

8

66c7d95f35...18.apk

android-10-x64

8

Analysis

  • max time kernel
    68s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    22-05-2024 09:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66c7d95f35cec2e3040fc0c536e84e78_JaffaCakes118.apk

  • Size

    7.8MB

  • MD5

    66c7d95f35cec2e3040fc0c536e84e78

  • SHA1

    b72345a2475ac0cd85a7172140bc67b1ec7d0229

  • SHA256

    4491465c38eaeb16a717db64b16a7af6d61885c08d86585e94a3ddf5f1eccf00

  • SHA512

    63b24cb55e3ad0bdc973dfcab0475433829b056ebfd27c2009c15755c796f46f8dcfffe42c532e50d04ed24b72a5f71d2f30f6e3c567709740e761de75f44d76

  • SSDEEP

    196608:udGWsMs3d+WqUOaloQ9IRTpicYHnvGd9A9sjuPO1:GGWnmd+zMoVinH+cNPM

Score
8/10
bankercollectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscoveryevasion
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 2 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.lovebizhi.wallpaper
    1⤵
    • Checks CPU information
    • Queries information about the current Wi-Fi connection
    • Checks if the internet connection is available
    PID:4270
  • com.lovebizhi.wallpaper:remote
    1⤵
    • Requests cell location
    • Queries information about the current nearby Wi-Fi networks
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4391

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lovebizhi.wallpaper/files/lldt/firll.dat
    Filesize

    56B

    MD5

    b51beb295f3f833692f1b95d1c61b20e

    SHA1

    e19133dd86e77ca9000f1c543f8c11d1eb3182d7

    SHA256

    952f366593c43c135db78b5bcad29d1e9534b7a77de05f18bd226ee037fd08f3

    SHA512

    240d39bc94976701cf9f97dd0aa94804fbf067d75c1351f60c4bbfcb211f3c83ec76d0ff9e87b76c5068492428a5c8db5321048737c4a3ca806a813e8458a556

    Download Submit
  • /data/data/com.lovebizhi.wallpaper/files/mobclick_agent_cached_com.lovebizhi.wallpaper
    Filesize

    87B

    MD5

    e557f3fed6f818aa92a655e24b24494c

    SHA1

    00fb747e9427691cf38dc0b83154df7a57ad4c0a

    SHA256

    9d384822af8476a93945c0f86bef39753fa5aef1c4ee4edc955985bce8b56f72

    SHA512

    8fd5b67b4568418c77c465a2dc84aa4bc5a7fb0649288f070a095c8e09051c6b6a1bd61f84ad0ca0f73e4e55b56acd216fb265c271d5ccad7dbeb33c3dad76d8

    Download Submit
  • /data/data/com.lovebizhi.wallpaper/files/wallpaper.config
    Filesize

    512B

    MD5

    c7947de510c7cad467c8610f35e077bf

    SHA1

    92dfbd4b2a60ca3eb1315c4105c80c1fb5536874

    SHA256

    1b4eedc30090b9ebd73b4abb7e56414b12006e4e86af5ed12968b407d2e1c0eb

    SHA512

    0b315c53fa4ce4d8aca129f2fac23838d5b9470bd89526602c00ad805d07743551296e303fa4f791bde625521de7c424ceff4273a8f1d5ef56c989c1138752d0

    Download Submit
  • /storage/emulated/0/LoveWallpaper/settings/wallpaper.config
    Filesize

    28KB

    MD5

    0d3e99204c6401ea499fe9e6d9855497

    SHA1

    09829f00ca458eab7374d5079393a2cd69a2348a

    SHA256

    63ad014cb50908591939d6a1536f85eece807425af4f4e8a1f9b9eeab13cc5ca

    SHA512

    8d9a50aa9abd17e508ed3ac35a3033e8f9e550d1088baa951f53e6c4697c5ac026d22b90e36e27341d64baa3f0202bd89ca97583e99feb25f8c26b5776c59c68

    Download Submit
  • /storage/emulated/0/baidu/.cuid
    Filesize

    89B

    MD5

    7b2a7e0f2cb554b71b5a928c96fbf55d

    SHA1

    ddad36a2c6c72c6b88d9c9555e534ce58457d13f

    SHA256

    fcf2de9ed6d811f309c9e49fc7e96169949eeffe64f8a612e802311d66f959ec

    SHA512

    557b533189349519ff69ba1c8bdb1f6113749270f538a7f74c95b233f238a35bf7df09744391b197f944477b43bc80b2bb328ec17f73476616e429d3c288eb47

    Download Submit
  • /storage/emulated/0/baidu/tempdata/lcvif.dat
    Filesize

    96B

    MD5

    7b8f21e3fc73b519ffd0b9eaa5b1c7c1

    SHA1

    a02912020acbc212bfd0232ac68ffe9d8108115b

    SHA256

    7f9ec66a1db21da25068ef47312bd6b4f55cf170794214900960ab33208da1fc

    SHA512

    096c5efd4315eee9b6f91ead1014b58f2fdc808d4a12b51c66967e4241b2db983f38583c3ba1da93df9b5bd322eb234825a7f85c0d5420dcfb2fc29448e4286f

    Download Submit
  • /storage/emulated/0/baidu/tempdata/ls.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit
  • /storage/emulated/0/baidu/tempdata/ls.db-wal
    Filesize

    52KB

    MD5

    944d860df86cafcba85472308b3bd7ca

    SHA1

    5a763772969a31f584ac1a16f8fe8ca57d1df3d7

    SHA256

    bfe8d427ec48dba480030fe336f4a36aad9227d88963cf8177c46366ccee1bd9

    SHA512

    dacf45aece0d1863cb6f6f7c5a76636c238b93ab650a14c0b7df9601e2d89ad85d641f82809ff0790c6f0f1a6b8b16f695c8438341abf3ddde30e9d18c9ab3ba

    Download Submit