bc4b2ee7e4922979805b936274967d1e6a89721ad0439e77173a1cf12f95b435

Analysis

max time kernel
106s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 14:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6789e1240e4107f60f3cf28904b94a7d_JaffaCakes118.apk
Size

12.8MB
MD5

6789e1240e4107f60f3cf28904b94a7d
SHA1

dddcef550cda21c7b60f144104b1ed7607c11727
SHA256

bc4b2ee7e4922979805b936274967d1e6a89721ad0439e77173a1cf12f95b435
SHA512

34b05a44f7cfedc6bae376400c084ee2eb4eb4181aea4d02c0d142c2e6e9a1f5de8398a31139a6608f4db59c8f319cb5614f5669efd67d9abe07413330b44a39
SSDEEP

393216:/vCl5ubMYBNtr9gXTfJzilTp6XyKc5e4vKjI8QD:/vCl5EdBNl9WTdilTpmXseF7QD

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

system

description ioc process

File opened for read /proc/cpuinfo system
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

system

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo system
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

system

description ioc process

Framework service call android.app.IActivityManager.registerReceiver system
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

system

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo system
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

system

description ioc process

Framework API call javax.crypto.Cipher.doFinal system

description	ioc	process
File opened for read	/proc/cpuinfo	system

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	system

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	system

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	system

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	system

system
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4245

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yyaq.safety/databases/bugly_db_
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.yyaq.safety/databases/bugly_db_-journal
Filesize
512B

MD5
f1bd327c1f3245624f86549ac908b7c4

SHA1
f25db33242961b99b996d64851c4dc056a599dc6

SHA256
c7aa08ddd29bec7e6ff27f8b589f64c2e4d436cb4f904dbb436882640fd64dc6

SHA512
569c590aa1ee44a3461dfd9a38c701e1b1443c6fcbc033a939acb865c220d28e8847b235ee317bd0702ba47f856ddc9c9565a3a83b581c5121fa6a63aa634596

Download Submit
/data/data/com.yyaq.safety/databases/bugly_db_-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.yyaq.safety/databases/bugly_db_-wal
Filesize
56KB

MD5
c72e7f4a04c57803c5182bd9e38228b8

SHA1
c8ec8fbf17df0643ddb71d11f5e7118b1636a210

SHA256
d36abee3c028310da79d358482f77eff770844fef10f92742d268808879fd2c4

SHA512
c285fa712130214b5b76560c2d5e6191859c0237a149cca98156d34dbb0c69e919c3b9e2eead5fa25f155a3ab06e3c1ab38829c79e8ab0d0464434e2fce9f13d

Download Submit
/data/data/com.yyaq.safety/databases/safety_user.db-journal
Filesize
512B

MD5
fea01b0a31aeb7cae6b7d6e461db174e

SHA1
e2ddbf1eeafce69f98a3db68e4c9da04127c4a0e

SHA256
d532a9f4f60b82d04b495b103eb01fb292625690b7c24c97d66df6444fe683a1

SHA512
2accc48724b9ccac082f02ae53090b18fed46f818ce84bbd79dab630928dd3cdf51676faebd2803425d3212df0dbfc2024413bfc0a792ca024cde43657f06c30

Download Submit
/data/data/com.yyaq.safety/databases/safety_user.db-wal
Filesize
32KB

MD5
2cc606fa9e1db8f00e815a1e0516f754

SHA1
95d63c59b6be5dd92317e03740664da1091d31e8

SHA256
5b4cd57961b1de4a180f310f2dbccf590a1a6d07c95a79fe956eccff869d8a81

SHA512
bb13e1add2cb6b4c08504933740b48d36abff96cf6ce25f71c9d32718ad372254b9676b6ece4b19ba059f77734d9a0a489cf04d4e564a9538f4ba094a1ca4532

Download Submit
/data/data/com.yyaq.safety/files/.um/um_cache_1716387280190.env
Filesize
677B

MD5
d05d944032c845a2440bd643077e6c61

SHA1
1d0ed58fee962d96552327532971a7d051926d94

SHA256
76276a2aab8ab91305562682de9aa3d3c010a45c0bfc1e995a949bd3725054f2

SHA512
6f174095a520d30df2379aea4478573c20f6a15154e265daaac5779fe37b6118c4a8db47fc97a3b6a5a193da171442b494b9d0a61bbf8cf0472ea55e650b72e7

Download Submit
/data/data/com.yyaq.safety/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
32c3efc91afeb1dbf5eb14d2b41207e2

SHA1
d914e037737a47bac013d4b61302ed0c20de6af2

SHA256
bb9e735bfdf4e26528a7d93366fb5e8d1b5c76a05757783e1f5bf183d86ce5d7

SHA512
394a6d0a77f1aa97535e6509b341f7a9abb42353fb894a461811ce5f960fb65a0bfa53a244390cfb6eb75b58000dcb9d935dae2213298c61e082391c8af97490

Download Submit
/data/data/com.yyaq.safety/files/safety/sound/danger_01.mp3
Filesize
426KB

MD5
54d0c7610c43062128270842ccd95a90

SHA1
96a76a8f8bccbf0c1e08fe890092549b8d07bf38

SHA256
72aa00430f50ce00cfbc52fe7fb17d7b69a2206c363f88ddc13e655c8ce06baa

SHA512
242b86e1682ac49a920e357ff75a3d0615b9ef94965a83a46a3e7d3dc4fd6200008310e2e00212a94d8f1f38308ea2d182b58a1d6ecf04a675bfc15b15430894

Download Submit
/data/data/com.yyaq.safety/files/safety/sound/danger_02.mp3
Filesize
164KB

MD5
5138e81e63926a090615343d0a829345

SHA1
84356e4044a4c4ea2b4e53f3b2eb82d19ea02d68

SHA256
4c2cb8d67d9afa2b6da4928505cd1384bdbfcf3d47c13c23aa6c87913dfd3344

SHA512
cdfa56b59a450bfde067d6018187832704960ec1b6fd5dd231612f1213c6c2d43dd15227602f0ea861d287943e85fac09f8683168fbf354576b6891c621b7d06

Download Submit
/data/data/com.yyaq.safety/files/umeng_it.cache
Filesize
415B

MD5
6a8af73748844095526fed15a46cb88b

SHA1
3dc6fa7bc65b970cf81239d2f86861f586beb26f

SHA256
bfce81eb4160bb04a292a29fa93ba5b322aa590c454188acf49243bf3b9bb724

SHA512
85584d7935c37a51c6288b01eb2444d73fb6d444bb19e245cd9d0770a1b633165268086272bc817be2cf983da722cf65e447860b9daf9aab39f18b42f7eedd50

Download Submit
/storage/emulated/0/Android/data/com.yyaq.safety/tzw#aqx/log/20240522/000.html
Filesize
82B

MD5
3c247f1d2786e44675a868882faaf1f8

SHA1
5673c89b0fead8a685768d7868c3e852818daf3d

SHA256
6a482dc91343202bf996b8fba2fd0a84cc8d56f9cbfc1e6cf277c470cf3d0652

SHA512
4c024b793f3c7f11d65bbb2bb49c31b93c99a40a1e7e1c68f7d16fe6b40f5a2aaf2f7cd1dbf32086560c4214f9cdd20790143e9ecab86726b8821ceae9a5bf74

Download Submit
/storage/emulated/0/Android/data/com.yyaq.safety/tzw#aqx/log/20240522/000.html
Filesize
113B

MD5
5e21edb34585673ea84eb85e77fc5ebd

SHA1
aa2b3d8988b97e077f9f8c2aecd5c32c17f30ca7

SHA256
7d12cf0fcae79a3afe91f1591682371a705b80c7559326d520252ebe35f8ef28

SHA512
52dd94e58ed379d435cfe12710ed462cf40586555b227e1f9dd3ff65190a376f7245477ddd01e8d54007e308e0aa365e41eb93531078e749a66ca8009ace90cc

Download Submit
/storage/emulated/0/Android/data/com.yyaq.safety/tzw#aqx/log/20240522/000.html
Filesize
904B

MD5
9f41feb7df875f276b2b5f121f2db01f

SHA1
c9c664b9ba1317aff5b33644e5d48f68cfbadd59

SHA256
0f8ec7ff4733046a137717ba5ddbdaa1e90e938aa116668e57ba4975757d3e88

SHA512
1343e9fb16ac284f7efc72934a62eeef58d556ef4f7b178b956a9dd84712e1eb36283a3f7fec965e52516cc0fc41d0e6fe871d9ac68ef2a6d67b4fcb47935607

Download Submit
/storage/emulated/0/Android/data/com.yyaq.safety/tzw#aqx/log/20240522/000.html
Filesize
172B

MD5
b1f2e69114283d087f2d55729cc82ecf

SHA1
4d55e4856db894f50be002157df774fbfdc60cc9

SHA256
393f9fc73520dc1e1b6c43cd8dca399ef4ef1ac873e65d25595f71da36f24b6a

SHA512
14374f1278a636e883185cbfd72823322237cb57e8df205718f48c5e3fd7694b8ed3a7a2d3bfec16140c1e7b9607495992808d1a17774c4a5225937a929c4a75

Download Submit
/storage/emulated/0/Android/data/com.yyaq.safety/tzw#aqx/log/20240522/000.html
Filesize
85B

MD5
a64dc7e78f9f2b0d35665955bc148ce0

SHA1
4d9ada1ffc3499b95fdbee289958846b89e9ba15

SHA256
e94f4cfecb9937b7cf5cb9e5e3a32c6f942a12e4ba270644c7e6c2986e0e4105

SHA512
1b291b3baad13512cc9e2ecd2f1b331330e79973095a6d9833657efdff75ee6e625f70c09f055b0fc13127feddf481aba77862f6b62b94e2ddca98d36caa23e6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads