Overview

overview

8

Static

static

6

66ebb77832...18.apk

android-9-x86

8

66ebb77832...18.apk

android-10-x64

8

Analysis

  • max time kernel
    64s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    22-05-2024 10:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66ebb778320d4eda88f5ad4bf7843202_JaffaCakes118.apk

  • Size

    7.7MB

  • MD5

    66ebb778320d4eda88f5ad4bf7843202

  • SHA1

    c624e17247f0dbf9015c5a512b4c3719337b31d4

  • SHA256

    2951769929610fb5851799fce3cdbea8d6080cb07fde91ae40df8e29b8fa9e0c

  • SHA512

    6c98f73011dae065d23ba5cf153833f6be50985cf7bab67db3ef5d5c23cc5ed3286f876380dc2a1aa53f4c0270c1a3d8ed3be0f93260e2c22dc6cb87ff038fea

  • SSDEEP

    196608:TGnp/SVYuMWV8V7RI79bL2eheSPKQEUVW+cKrmaG2gsH:TGnpMLMNV9IcSyQdcKrHv

Score
8/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Checks CPU information 2 TTPs 2 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 2 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • cn.digirun.lunch
    1⤵
    • Checks CPU information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4263
  • cn.digirun.lunch:push
    1⤵
    • Checks if the Android device is rooted.
    • Checks CPU information
    • Checks memory information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4325
    • /system/bin/sh -c getprop ro.board.platform
      2⤵
        PID:4383
      • getprop ro.board.platform
        2⤵
          PID:4383
        • /system/bin/sh -c type su
          2⤵
          • Checks if the Android device is rooted.
          PID:4419

      Network

      MITRE ATT&CK Mobile v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/cn.digirun.lunch/databases/UmengLocalNotificationStore.db
        Filesize

        4KB

        MD5

        f2b4b0190b9f384ca885f0c8c9b14700

        SHA1

        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

        SHA256

        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

        SHA512

        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        Download Submit
      • /data/data/cn.digirun.lunch/databases/UmengLocalNotificationStore.db-journal
        Filesize

        512B

        MD5

        37288917e49b413897c6ddec54c214eb

        SHA1

        9257af2e277d86d38e52c502838aa16d508cabde

        SHA256

        89203fde8a6d969e1dc358f4bc0643cd552c85bde4e24ee75e87ae98d71d0261

        SHA512

        dbb0ef14d34b7163e446e859550dd52f1ef84f67c62ebcc1e8fccb9c8bdf7dc9cbd38332d97cf06e036caa899cf1ed28e5cf77a8d98fbbbf941e020da96bd96e

        Download Submit
      • /data/data/cn.digirun.lunch/databases/UmengLocalNotificationStore.db-shm
        Filesize

        88KB

        MD5

        12d42b3ac8b84333e6245234b63257ec

        SHA1

        cf56c1ba1b85513760bb3772ff4d5fd8fb7c7e85

        SHA256

        4772de3fdd6c7b9c40666ed4d3875edc046e7141c83918c095c944469dd13b9c

        SHA512

        8885625aac6f6427dd32a5b41fcbde3ab413a818c8350ba484e8ae89825ae4686197036243b4e6b6a4d36ef1c46931abf2780a8b60a686519c6279b8d78a021e

        Download Submit
      • /data/data/cn.digirun.lunch/databases/UmengLocalNotificationStore.db-wal
        Filesize

        40KB

        MD5

        8e7f41230af67fcd1c0742d9b18dda52

        SHA1

        88da76bcce7d4ba2335ef03419819f70e0442b71

        SHA256

        c1e51e90859bbe81541551455911ed733dd0ccb4ff825649455d6b8e18090e05

        SHA512

        b49e8845e7045c3401b00659d03825b69c8c8f117872140c73341f2eb07131ea0e8e42e19478cc4d819292bae027e559ebff91193e6e954741ff4c5032375055

        Download Submit
      • /data/data/cn.digirun.lunch/databases/bugly_db_-journal
        Filesize

        512B

        MD5

        b6ec8220ea2832241d1f43ab0daefdd3

        SHA1

        123981a5ee7f11b86f23bf92b86b001b9784c148

        SHA256

        dfcf253e7e10407337c701129cb47af6c7cbafe801916d395aaa6aef3ec4cdc0

        SHA512

        9ce48f9c70ed3012b8af6afd2f59c5663977b574005f71656c66c64c215094c4f470871edbfa66feca658d5d4c02eae8b255995bb68183f9ddf2cb82056f474b

        Download Submit
      • /data/data/cn.digirun.lunch/databases/bugly_db_-shm
        Filesize

        32KB

        MD5

        bb7df04e1b0a2570657527a7e108ae23

        SHA1

        5188431849b4613152fd7bdba6a3ff0a4fd6424b

        SHA256

        c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

        SHA512

        768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

        Download Submit
      • /data/data/cn.digirun.lunch/databases/bugly_db_-wal
        Filesize

        56KB

        MD5

        b6d657f11276fc80ee9621853483d706

        SHA1

        7f7e7caba1848dfbb1edf248abeaadb9ba428336

        SHA256

        e39b37362dbdb03637970281993a80ea793de7d0470e4ec238304c73c82e0dc6

        SHA512

        ab7db4e75188451e90497b2679058625a5d6003f62cf0434bbd2c34b3924498410f99663b1401140293e9fa45e38993b10d65b94cd6b03b2e3d2f76fdee4060f

        Download Submit
      • /data/data/cn.digirun.lunch/files/.um/um_cache_1716373177590.env
        Filesize

        578B

        MD5

        caba1f2ce1736d6664886bc982953236

        SHA1

        f0051293312b49b9032557445b74f0109081822f

        SHA256

        4794267d43b17c1e47b3fc4fbb340e3cf8bd53c396b847b4fc4d313ce046f0b4

        SHA512

        a1cfff2b63f47b6fae5646ee621f39b8909e2e5c7c2dcf0ae47b4f4081dd458fe485da62867432648bdb9721d54a4e6f3b45fa703a0419373708afdff12da2d8

        Download Submit
      • /data/data/cn.digirun.lunch/files/umeng_it.cache
        Filesize

        310B

        MD5

        d42976cd59585a0c7ce44838b821feae

        SHA1

        889ef77e008d67c01742eaf0665934d204b2ad7c

        SHA256

        4618aacd7ce0a08c913ba54ad226b09ca2c7fcf4242527559d117b584671fd2e

        SHA512

        bfd95bc712ea2c24ed0ec1e1c70401508191b95fc2fc7701e7f03b93eb37880277ddd2bc13fbcefb6db7fd1d3ff4334f976b662a608817a3631e26e91b5506bc

        Download Submit
      • /storage/emulated/0/.DataStorage/ContextData.xml
        Filesize

        111B

        MD5

        d6e412425f3d0eae5be8c3ed8a546026

        SHA1

        8876243d786bfe404d79b227bb217d4775b6dcf5

        SHA256

        434bab35303d4adad4ba92002a3ebfbc2bd5e524f21e9d48ff7592adefff6510

        SHA512

        56ea0234046840aa7e03701ad66ab15e4dceaa3bea393089e7c0f96234c87f8d79322e0b6b99058613e2f617fa0f58f6c029560dc5a1f539eaefe32c4a5f8dcf

        Download Submit
      • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
        Filesize

        65B

        MD5

        9781ca003f10f8d0c9c1945b63fdca7f

        SHA1

        4156cf5dc8d71dbab734d25e5e1598b37a5456f4

        SHA256

        3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

        SHA512

        25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

        Download Submit
      • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
        Filesize

        111B

        MD5

        fbc2eb159118eaa957a757dcd324623f

        SHA1

        95ecceade9aab8eeebd77e9b66f5fbfda17b7ffe

        SHA256

        e9ccee3b4e99c01d3d2daedc9bbb9f2b2e55ca1dbf9c8fb792b8524fd255a155

        SHA512

        6aee93416f4a86fac2229394681bff008242b4443c4ed4703d0ffea051887a4f92b9a4ad1745e3a8f5300f95d36b8e7ebee878de3c3a1a2ae7aff82d600d8f05

        Download Submit
      • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
        Filesize

        167B

        MD5

        a2f4f6058f0c2e4703ed32fc66f51932

        SHA1

        4e05d77b383f05dbd30c96da19c19adea1099b1a

        SHA256

        6ce5ec6aa6c26895af185c09df514545f756f140111f72d403eb0a21ad262125

        SHA512

        e72bcf94eb9fdadd26ef3f8781283a98a6462a94484269eae7ff3024ad62fb3417253d441f802384a1f05a2e539bb408c4ad6f180e63afe86db9cbcdd40f822f

        Download Submit
      • /storage/emulated/0/cn.digirun.lunch/tmp/db/law.db
        Filesize

        12KB

        MD5

        b4a82d45d497994608be672810a8c27e

        SHA1

        1a2c7899d0835d50c895bbee633d4fd935c3ce35

        SHA256

        f1135c2b65c53cfdaa4b2638bbfe7968bf81f1dea77f47e2ef9df478c070f0db

        SHA512

        a27bda0d2e47de92e7b984d5780b2766f50370ef5849011e4e7ac7d27806a9c0c28b25d2fea46f97e3756c8b6745135336d0a23b84442450c5520194f5ad8b24

        Download Submit
      • /storage/emulated/0/cn.digirun.lunch/tmp/db/law.db-journal
        Filesize

        512B

        MD5

        9c5a21570df00ba2d56fceef47e3553d

        SHA1

        1eb6d6ea9329e2f6eb458224eab600c6d7c7daf4

        SHA256

        0d237058434947c2f678e2280e07c606c3b9ffe9972f6793c2e73c3b1c1d7b56

        SHA512

        5df49c475bcb1d0c322562f2dc5d602a055cbc0e763427c17a9c7a19c668dd40a5db3abe46046c64b9e9b997ac3d9442fa7c6a6e164179a076511b42200a3617

        Download Submit
      • /storage/emulated/0/cn.digirun.lunch/tmp/db/law.db-wal
        Filesize

        16KB

        MD5

        2ccef37621ddebf8c726c819d50bfa64

        SHA1

        6a0734581ad078e26254f9659ad14ce3bd00871b

        SHA256

        69a6aa14999e8101535536369fe71d242658c62513bc25960eb7ff7e3ae0a0fc

        SHA512

        f84d65fc10212a8e6f9b699a90e3e29eba42182d4250c2c978a8694dd83c67f8dcf8dcd4f7568c1df1ceefac958ec766f31843dda92f852c2e4e5c358813b2e1

        Download Submit
      • /storage/emulated/0/cn.digirun.lunch/tmp/db/law.db-wal
        Filesize

        4KB

        MD5

        6ef2ce337581988ecc4b1958537e4ede

        SHA1

        3e2fa9e20fee431583e56060af70848b95c7d6c0

        SHA256

        aaaa57fa0ea9b42819c7c57677e4d05b52519e81dce89cde318cb65773341b97

        SHA512

        eab65031b0e14e4787617270e51ca98b97ce9af66f37c9ed27c2e5afe9d654535e824454449ff1e8d04d22a9791826a6e019408cb3f6f0ade7f3c74cf13cad10

        Download Submit