bc4b2ee7e4922979805b936274967d1e6a89721ad0439e77173a1cf12f95b435

Analysis

max time kernel
106s
max time network
132s
platform
android_x64
resource
android-33-x64-arm64-20240514-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
submitted
22-05-2024 14:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6789e1240e4107f60f3cf28904b94a7d_JaffaCakes118.apk
Size

12.8MB
MD5

6789e1240e4107f60f3cf28904b94a7d
SHA1

dddcef550cda21c7b60f144104b1ed7607c11727
SHA256

bc4b2ee7e4922979805b936274967d1e6a89721ad0439e77173a1cf12f95b435
SHA512

34b05a44f7cfedc6bae376400c084ee2eb4eb4181aea4d02c0d142c2e6e9a1f5de8398a31139a6608f4db59c8f319cb5614f5669efd67d9abe07413330b44a39
SSDEEP

393216:/vCl5ubMYBNtr9gXTfJzilTp6XyKc5e4vKjI8QD:/vCl5EdBNl9WTdilTpmXseF7QD

Score

7^/10

discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

system

description ioc process

File opened for read /proc/cpuinfo system
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

system

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo system
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

system

description ioc process

Framework API call javax.crypto.Cipher.doFinal system

description	ioc	process
File opened for read	/proc/cpuinfo	system

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	system

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	system

system
1⤵
- Checks CPU information
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4317

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yyaq.safety/databases/bugly_db_
Filesize
40KB

MD5
434c9b1e7b2e785ea2ba627e29fde6fb

SHA1
40995892997c660951a8f2e2cd0690e1f45e8463

SHA256
4b12d68cfb685f6a4cf414a83c1455d035f49e83ea2c8b002c46587aa6c810e8

SHA512
7df8248a3104db82089e43be241c950a5e7f4acb556e70d714a1a957c75c0abde84b1b5c6c17e88ad26f2efd4a3097a4455fe17ebf68d726ede1c21c391747fd

Download Submit
/data/user/0/com.yyaq.safety/databases/bugly_db_-journal
Filesize
512B

MD5
775b032e0c22ddac649ef6a7aee9654d

SHA1
ac294a146d83c3d1444eb813915875bb14fa3961

SHA256
5fbd92c235d1df360ff454ec586b5caf4b1b82f649a850842c3a0b848da98ca6

SHA512
e30f0f4a50d80cc3b5f36a2a06bb694443eb67454145631aa29d0c253bc7647bf40acf171443e19f77dde726c048a0a34ee527f8db784390e95a85a5cda19129

Download Submit
/data/user/0/com.yyaq.safety/databases/bugly_db_-journal
Filesize
8KB

MD5
42ee108f1cd729ae2206444f9106973a

SHA1
21ae02643fbb9078ef63966caf4013b328f09399

SHA256
85763fc0c256af537ed6d8d9e66c2f7d2ae6bb9f81de4866d671face2e0961af

SHA512
75b19499c6b5ec6654f437be749d7a6dab0959a0a11789625c2c76891aec829e3bc722dba7b3dd7b4dcb00ee9b24576a74c5232497f22c102dc4e9fa1d64f952

Download Submit
/data/user/0/com.yyaq.safety/databases/bugly_db_-journal
Filesize
8KB

MD5
065e03b0dbbdf11dfa9d4576c7dfb04e

SHA1
fa7956f289fe86062ec5a375b9008f18e893db04

SHA256
105e706d50e508ab81ae43a945e3d9cded260ce0ad673729fdd6c259247742c4

SHA512
fb1a9daacff0336d6b2586fd85e75666a59784b1e9f8a20c88fbafb6cdd29f4cd2c071e92d63972acabaa8e0fe26d7bded27a7e0ac3aa3bb6b292e772f0d1a16

Download Submit
/data/user/0/com.yyaq.safety/databases/bugly_db_-journal
Filesize
8KB

MD5
20013bc2daf294d72a07857cb018935d

SHA1
7d7c2fb5c1c696b000e082f2fb67e3daa2b2358c

SHA256
13798cd4b4f8609562fd6ba80d2e6179c9e0b93a516c85c8532247927a374f67

SHA512
816a245909c0ac83c3b23fccaead29e4fe7a009bc7172439f15a6b59eac6f6ac760302a4a0f53850b792c75d011c961f51c91cee164b06609e2cb3823a4e6260

Download Submit
/data/user/0/com.yyaq.safety/databases/safety_user.db
Filesize
20KB

MD5
458158f0dbbe6baebacc691dc33cf7be

SHA1
37ffc4ba76fd6c6b091495368c47cfba09e11b9e

SHA256
1f74da2b8630f48cd40a987c4fdf9ce572fe8c033a46ad89125ad19eb9bec39f

SHA512
88319a1ca03fb655fcbbdb91563e323741cd4944dd3c5d238c6bbfb442eeeec345f051e3ddedb8eeb9b0c51c7e3ad317d1d536da7d5551223b001c655a2aa671

Download Submit
/data/user/0/com.yyaq.safety/databases/safety_user.db-journal
Filesize
8KB

MD5
bd5bbd38480e2f7bb38f7d587b198bd0

SHA1
29417898bffd14b96a89d2ac2a74dad56c2ca085

SHA256
f106c6120f87e8980929c15676411dc144f296477df5b9f4f589ac2ea2137144

SHA512
1fb42094a5ffde565700db3b87ca796f90b1c76f0c600d88dfd12709e3d246028877623295aef033301662fb2810636aa2c6759ea14436252167e6b0cd6eea68

Download Submit
/data/user/0/com.yyaq.safety/databases/safety_user.db-journal
Filesize
8KB

MD5
47b9b9d86fb6c3ec3a79c01b734066af

SHA1
d92c66ba16cfbf345e28cd660bfd7258ba2f5462

SHA256
669fd6fea30f1b29305dc9cc5ac9d5e6482e416a204529515ecf4e6b3d2c56de

SHA512
90815a1d8bfb77bd944f16cc2d1c898bdf740de23f9cbbafafd36f452bf7918db2e7881026605b01ce03d39b8014c009e7dd9b4e5f9c8acddffd5365cd10177b

Download Submit
/data/user/0/com.yyaq.safety/databases/safety_user.db-journal
Filesize
512B

MD5
0d410ebc7d2096cf9690ce159e767fa3

SHA1
88339132f8ffca11e6149f22892d93ef76035e9f

SHA256
42a3b46e8269fc84d8f5897a46ff910e0b07344fda5d8b481846da7a96c9fd50

SHA512
3a64d69eeaf55a2337d9df230f3e9e4009573a1dabb37d2e138c8621cd46a2131f4e034917cfdd374f58ea31f550763aa695ad256669eb00f7a71fd06cb3a65c

Download Submit
/data/user/0/com.yyaq.safety/files/.um/um_cache_1716387283018.env
Filesize
651B

MD5
52d4d10bc5359e2ebceb5a787822d830

SHA1
36d2c3f71bf4747b2e3ae58795ad03af91260351

SHA256
f989719af4fcdc161918b1aee6fda17282b0c09f2976bb02f3b719d179cca095

SHA512
62ceaeaf499ac77b361ea6092fbfbce58bf14d97c34fccee7eed28f71b2d5c0397edd8ce5906be3e54c1bf1256451355cb8890bf2da7b3c0956dfc75ea89e7d3

Download Submit
/data/user/0/com.yyaq.safety/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
18bc216c07048d66a2f7c0b32a9028ee

SHA1
4f1aa3ade16cc00a492d80189356e6423aaedef1

SHA256
cd9375a0d4efefafabd7ca485a8a74c32f5843f817b4d7da3b887692cc788c67

SHA512
680d2d4ba9f05d386ebf81b3434df22b4c0e51be4d3d7044f4599a01e0f243b0b78bf23701786b77c1ab4c93bca4b63f710c60527b40a74475e9326e4ee00d8f

Download Submit
/data/user/0/com.yyaq.safety/files/safety/sound/danger_01.mp3
Filesize
426KB

MD5
54d0c7610c43062128270842ccd95a90

SHA1
96a76a8f8bccbf0c1e08fe890092549b8d07bf38

SHA256
72aa00430f50ce00cfbc52fe7fb17d7b69a2206c363f88ddc13e655c8ce06baa

SHA512
242b86e1682ac49a920e357ff75a3d0615b9ef94965a83a46a3e7d3dc4fd6200008310e2e00212a94d8f1f38308ea2d182b58a1d6ecf04a675bfc15b15430894

Download Submit
/data/user/0/com.yyaq.safety/files/safety/sound/danger_02.mp3
Filesize
164KB

MD5
5138e81e63926a090615343d0a829345

SHA1
84356e4044a4c4ea2b4e53f3b2eb82d19ea02d68

SHA256
4c2cb8d67d9afa2b6da4928505cd1384bdbfcf3d47c13c23aa6c87913dfd3344

SHA512
cdfa56b59a450bfde067d6018187832704960ec1b6fd5dd231612f1213c6c2d43dd15227602f0ea861d287943e85fac09f8683168fbf354576b6891c621b7d06

Download Submit
/data/user/0/com.yyaq.safety/files/umeng_it.cache
Filesize
350B

MD5
8491ea473bc817aee79695b15f2d4814

SHA1
3fa1acc6934fc62228d108b092641b1f0f043af8

SHA256
5207a34649d1828ce2864d4ae4d9d4b47db5f923e20e6c55228577592bca8fdb

SHA512
00a22b4b18e788a0681c9fffcb3c31e479fa400c014c223214463ce3056639ef288e4ff4acc9e219affe9b9652e876ced8630c5ab5e4fac4582f98e655d74668

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads