Analysis
-
max time kernel
176s -
max time network
184s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
22-05-2024 10:49
General
-
Target
67011e4d3d29a465b6f3ccddbdf440c7_JaffaCakes118.apk
-
Size
12.9MB
-
MD5
67011e4d3d29a465b6f3ccddbdf440c7
-
SHA1
1ce4eb32c75f862cff91870253dbc94f887cf621
-
SHA256
0c17c267e6af757129c5423da0c5aedb2ba54901820b14f546a82007ce5b3e5d
-
SHA512
9476d3fc08f9e4989508640ada257c84428246e41401194ba1de1c37cfb8de158707e9594b7621f720f36e2bf301f7024a5a5ea410ab399e0d518c567b7573ea
-
SSDEEP
196608:Gh5N1+xks5SHl/ilRwb1pRXKIVmLFdMLW4UnxNfF2+kQQ+bwPZC6Iqi12BCWyDRO:Vv58H1KIVmLFeVF/QqPZnB0kPahe1
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 3 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 3 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 3 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
org.unionapp.bzjxjy1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
org.unionapp.bzjxjy:ipc1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
-
io.rong.push1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/org.unionapp.bzjxjy/databases/cc/cc.dbFilesize
36KB
MD5ce6135aa1b1fe4f2c2db2a546d2a5558
SHA179b59582154017aadab783dc266fcb158c252940
SHA2567b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA5122839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4
-
/data/data/org.unionapp.bzjxjy/databases/cc/cc.dbFilesize
36KB
MD55d7ea1a23af19b4340cc8d90f28297d5
SHA14cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA51233071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b
-
/data/data/org.unionapp.bzjxjy/databases/cc/cc.db-journalFilesize
512B
MD5b428771602b248ca6b7c5c8c606b8636
SHA140bf91ff40a01eb3497cc4665168af20ab80f848
SHA25631f5a7d74acfcb75e0882f2c6f2029d67b40141385dfdf41d1ea638db61c7275
SHA5129603dfa2c5fc0a03212530dbc42328742859edde671979f4c68df3ae118630cf0c0a6273085450584e0591adde7021880045ee2a1e08b27b3228d0d29547255e
-
/data/data/org.unionapp.bzjxjy/databases/cc/cc.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/org.unionapp.bzjxjy/databases/cc/cc.db-walFilesize
16KB
MD5569c1df21df0a154211ef2fe5cb080f4
SHA1f24190fbf93bab92015fc6c8d3ec87ff440b84fc
SHA256aaa0167776de2b0fea35e0d4b49cd1fd3ac547e215ea1adf8a490161c5687ecf
SHA51230a6d2b9d9ac3295b0c26ad9710c05e49de97fb9f803b60bbdc21ea6cf5645ed00b255d8c3ab0f5892efe1273ecbddca77147891400cfcdb137ec5484898cdda
-
/data/data/org.unionapp.bzjxjy/databases/cc/cc.db-walFilesize
48KB
MD534a3d3504e7c88d69f4563e78206e2c0
SHA10ad1fbe2ad64fb49025119e847affade5ab4264b
SHA2564e8dd93d646efe1315ca3e1ef35219685418f20bf6d73ef9f0209b8a0ef1aace
SHA512ec519823f704713cf8e739a7064fbfdc515eb31cb0d4d5729e69a84d4b8a352483c0cc3a4c1b32b234c3fa119f8492eeb11cb9e85eee770168f4fedf05a4d7f7
-
/data/data/org.unionapp.bzjxjy/files/.um/um_cache_1716375128111.envFilesize
1KB
MD5163059ff65b93a10ddbbf7ee9ada18aa
SHA1d7d98abaea1e07d1e15d7668a10ead798e70052b
SHA256a68ccbaacaa638534b1b24860b03dfca2cce6768d8f0043715c0c0e4a8d4a85f
SHA512b751f4fd502dfe21ecc1318585c4bc89f80756ec25c43682b1cf8876304d6c7f9465c37a50144667bf5145c4ca6bab7ce82827865130a4c6810ae073006a3e82
-
/data/data/org.unionapp.bzjxjy/files/.umeng/exchangeIdentity.jsonFilesize
162B
MD5a9a72d3c5b28ea883a48d0d82f0ef569
SHA1abdac90e16e8ebbc090c802833437b8b6c594b94
SHA256db0eb2a72531cb97abe1f28434701fe07c7351ad5d9af134e0e2b88645472221
SHA5122572792d7d3d1bbc7a8529adec0ac07fd618960a1c8127567cd1ad6843f831327f472d69f32bfac9b8d071b294317b8880e900391a85aea6133c1048d0f07723
-
/data/data/org.unionapp.bzjxjy/files/exid.datFilesize
57B
MD5695f216a9730f9d61d5418f3724b1905
SHA1e25e02675a22318861bd407ae9af5c1ecf663e2f
SHA2562d2e19e4a9183d14542ddb9ea06239e88015542f1790df67e30e53ae95c60424
SHA5122e07c0c87a4df27b82cebf3548496ca6b86c35a36aa3da6903901725d419808a93a938c4f7bafb16c5520ab9c22a6bb81fec71ac7cf479a41917f118ed9bdb74
-
/data/data/org.unionapp.bzjxjy/files/umeng_it.cacheFilesize
498B
MD56e078e252479c7fb5d6ec81defb3fca1
SHA1605b93aed0d1a6d0c5a3db71d337b1952eed0ec5
SHA256eda0b2be13235b59debdd499f26b43ce60ec7e9c96dbafc3ce1fba5af2622ae9
SHA512581c87a95f1f7815b56d3a4a18684d58c59e6bd0f877ed664b9b787a6adf4ce73a5b4d62f8d1aa978f6316f4e447a874c2d86757a6a0b6593a00537fd657cb3f
-
/storage/emulated/0/.DataStorage/ContextData.xmlFilesize
111B
MD52d2a39965a7b2ddaf30e722edcb92248
SHA14b964a50943a6ec825e9c67b45fec4a0d79d1887
SHA256ace9fc06397631c6ae4edea82f187d1fa2e3314fa40a63c707e7c3d8537180e3
SHA5126329752c744caba3bddeedfb0ded9bf5cf6a9fbc91c25dd41dcc08ce84ecc892686a730103507f8f7ebbc73de50ac75cee0ee3e4fa9e0b4e4ed1fcd31d863e5f
-
/storage/emulated/0/.DataStorage/ContextData.xmlFilesize
213B
MD504dd09e7f4b0d15ca3cb5d0bde1410db
SHA1d83acc613b641a766fae2549e20d3894ef28e61c
SHA256cb4c0ceafe3eb6a5b2f67ef326de703f14e2caad975bd93ec3bcaaadee3bc27a
SHA5121e9defef6ea3a946a3950dd6b52913c10da339835a1c8b80bc2521086a5cf661bab3ddb35860de4bc4cb69a0b0ab49ef3bdfc7d522f98ae703725b5f7e72f4a2
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
167B
MD519aab9ee7531d3dafa186d1676c30203
SHA1ed3891387faf47a826a94d670d6974bf10147711
SHA25617ef38fb62b54348c7761e0742bb557f0d41fad19f187f930fd6703556c3fd07
SHA512c6a59f9424c65dd7618dfd5de043f048bf3865c475cdb07040f36932eac4671617045504161b80b24378038f613c36a3ce854bb924745a4a50dcb4573d696dae
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
111B
MD544814fafb2bf8587b570871fe981e8b2
SHA1a70fce43d6af6b2d09578d6182ddda4e1312e840
SHA25631beb50ce88a590732429c07d75a9cec0d41b94b1913577f0063e0610e924a50
SHA51226ca3fb6d817c9c086c086d8f89bb01bb382439d94cd7ff8137adcc1041e2c06ee354c0910072a86500b2807c80192f99c45ad9c886216a27d500984a42f1f4e
-
/storage/emulated/0/org.unionapp.bzjxjy/cache/image/journal.tmpFilesize
31B
MD58c92de9ce46d41a22f3b20f77404cc1d
SHA18671a6dca00edb72be47363a7071be65cf270373
SHA25668bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA51230f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56