b88c39332d613ffd26bab2956b3a3d62e849dade997a6fc8150e9abcc38e9101

Analysis

max time kernel
167s
max time network
133s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
22-05-2024 17:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

67f970ca675155ef32b991ec4dfe05ab_JaffaCakes118.apk
Size

13.3MB
MD5

67f970ca675155ef32b991ec4dfe05ab
SHA1

52fe9c41155c04fb32a12b8bb82e9366c6422002
SHA256

b88c39332d613ffd26bab2956b3a3d62e849dade997a6fc8150e9abcc38e9101
SHA512

195ebde871ffda5bda22d65e984027ad3d3b3ac13b8c94e33a204e8c07d7a1a067de10153f21b712bd5337fa91f52a594adf1e608ec25da9f1d09bdedd332b70
SSDEEP

196608:HJ2hdTHQdeedXNnVM5SvTj0QCOWR3Of+KelA+9xkEytBB7DYqd3sfiEtUI1sdau/:YPraeOM5SvTj0QWqjdw6BDvd3OVtOdV/

Score

8^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
collection discovery evasion

T1430

T1627.001

Processes:

com.iyuba.music

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.iyuba.music
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.iyuba.music

description ioc process

File opened for read /proc/cpuinfo com.iyuba.music
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.iyuba.music

description ioc process

File opened for read /proc/meminfo com.iyuba.music
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.iyuba.music

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.iyuba.music
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.iyuba.music

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.iyuba.music

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.iyuba.music

description	ioc	process
File opened for read	/proc/cpuinfo	com.iyuba.music

description	ioc	process
File opened for read	/proc/meminfo	com.iyuba.music

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.iyuba.music

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.iyuba.music

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

com.iyuba.musiccom.iyuba.music:push

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.iyuba.music
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.iyuba.music:push

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

T1421

Processes:

com.iyuba.music

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.iyuba.music
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.iyuba.music

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.iyuba.music
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.iyuba.music

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.iyuba.music

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.iyuba.music

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.iyuba.music

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.iyuba.music

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.iyuba.musiccom.iyuba.music:push

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.iyuba.music
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.iyuba.music:push

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.iyuba.music

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.iyuba.music

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.iyuba.music

com.iyuba.music
1⤵
- Requests cell location
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5117

com.iyuba.music:push
1⤵
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:5289

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.iyuba.music/databases/UmengLocalNotificationStore.db
Filesize
28KB

MD5
04a8ed516f52959448be8041698aceea

SHA1
5e7faa4e7a81b0203431fecf2acd3e54a5dbc75d

SHA256
0db2003af40f81ceeb29f92cce88fc2bef961f5e3b5630da1d38b882a1bc95a2

SHA512
607071bc76db4e6986321181ad4e55a421e7e830e65bca7adba953445f5d0e97c484c980adaa179006a9f94b38fe64b7a2ba752e78cbaebc7da736b1b35da878

Download Submit
/data/data/com.iyuba.music/databases/UmengLocalNotificationStore.db-journal
Filesize
512B

MD5
d9a6459deda295cc7643baae62e3ee64

SHA1
d70ba3e55881ad3fd5d6a9571046016cb825cb1a

SHA256
d28938ad86382dfbb294576652df5970c920d242db1779af3a9d86bce04bdf2b

SHA512
ed4dd85886cebde06c9146b0c1f08d4bac5a2dd0f8f65dd3b2809008e5c61a81f9f9af3f3330ccb07a29b811c28fdb2bf2fe7b262f4806023e2c2ce674e296f2

Download Submit
/data/data/com.iyuba.music/databases/UmengLocalNotificationStore.db-journal
Filesize
8KB

MD5
854ab8bf753ffa463e2328f5e29f0b2e

SHA1
4b69a159034f56ca65cf8a0f6b5b2032d2f37c68

SHA256
a23985df5dc67a480a90d9b2a7ca6c31695770d5098eedc82259a1766bbcdb17

SHA512
00675106065c04a7fe4fe59a979a367ac40bc05baf53801781cd81ffc8afc70682f66ac1d2ba93701057b74a27fa61294c11159a0c8ab8f34eced3b49754ea12

Download Submit
/data/data/com.iyuba.music/databases/UmengLocalNotificationStore.db-journal
Filesize
8KB

MD5
6a61576647b9cbaab8230c9c3fb839b4

SHA1
4a93ceb1ef03dc0a15b9dd627729d339db633a26

SHA256
6a5218b36575c952a738abe24b8779ed4af381bec2ae6b10500fe242efcc476d

SHA512
468a5bbc70b8f9221c0073149eaa9b30422a2c4c59d6d31a4e158802c00b3f71407b52f52fcb03eea91a7adc9ae31290e0a1d23766b4d89293ff5c2d573b1dcd

Download Submit
/data/data/com.iyuba.music/databases/cc/cc.db
Filesize
36KB

MD5
e51faf65073879786ff4e279cdc496a5

SHA1
63cce265af4ffd9f7ae8a7bf4d43008211ced6d2

SHA256
8fb017c5b854da81a85ee2f24a41c7fa86010feef1008704eb922949de366f20

SHA512
6a15b98ade0dbf01a75b1f5a4022c44f8fd48aa111ba4a53596c8e2835792197a34f0851fede5ff9c75299acd42386ec3cc72faa0a49d08c0d41f7d2de715b77

Download Submit
/data/data/com.iyuba.music/databases/cc/cc.db
Filesize
36KB

MD5
67c12933d1e0e63d9801a6aa43092ce7

SHA1
b6936908554e4a1986b8eb08289e2d3545e8ff74

SHA256
abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40

SHA512
db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd

Download Submit
/data/data/com.iyuba.music/databases/cc/cc.db-journal
Filesize
512B

MD5
399951864fb5be560fbab2f03e02ddef

SHA1
a371883e809c12211c0eba9a531fd60211b9cc5e

SHA256
b57e7d0c6774ab84676f9cdde6b97c851a12ed70402e90f7ab50e4e12ebc9114

SHA512
78b6d33880777057f47b23294176a25555e4c2cea6322a9273ace98558b3de774250bdcbf19e9b56be5f7f78a9edfb2e9d979fedf42ebad342a6d62da5602b91

Download Submit
/data/data/com.iyuba.music/databases/cc/cc.db-journal
Filesize
8KB

MD5
5e52cbdd34a1905e828361d5e0b5cc59

SHA1
2096d2908fb0a1531467a0ddd6710f1f23f37711

SHA256
dbce44add3c6bf2f70b1f5f881d8687a68cdcb23b4123bc5dcfad39bb0f9d2e1

SHA512
52237f991ddbde5adc2c5dec2dfecbd55fa3c0895f973f5ee370289ca251c0f466c88cbf08d4a2935f305a0affbed3adda278087d4853bb9312c701a81715878

Download Submit
/data/data/com.iyuba.music/databases/cc/cc.db-journal
Filesize
8KB

MD5
a103eb8f57f4e0138ebe33f2887a4be9

SHA1
80142c5636f242b7735beb7ae21749ecd06bc034

SHA256
df40768cf23c14f43a3d1e57a34090d057bd8baade8aa3201c30a6cf453868a0

SHA512
2d2d855bb585461974459cb68980128cd6deeea641de549ee485553111c2d4902eb757625d0f60ed59f936942bc34170e1fd0c580b013c12da632efdf4fecfc9

Download Submit
/data/data/com.iyuba.music/databases/cc/cc.db-journal
Filesize
8KB

MD5
5a63e3d0892cfa423edd0f7bb767059f

SHA1
446377613d7bc38b2b78c1b0846355f24bcecb16

SHA256
50f7a2605813a3d24c4812e3f1cd87f2a6ca928202cee2d9780d5353af6894c5

SHA512
09fd5b6a1ba55f16fedc1caa93e897a73cda2b2a14b9437eed4b8c0fc9f7edce09ef9871859944653db90d353d77d31ec6c0be438660a53e73e70a7fb87722e7

Download Submit
/data/data/com.iyuba.music/databases/cc/cc.db-journal
Filesize
8KB

MD5
3593f651ba314361d567a904821cf4f5

SHA1
977e0f313c690468b851eedf09e72d59245d3f1c

SHA256
c98838139a3154643d0442f271c69845023e560de6cc313e78a6206482dd018f

SHA512
9f0bde09ac0affd7be3d7799f676fb0a793c63f52effaaad4450c9760cfeeeec781b3bf1440c154a391d619b28093fae5b3db1bc91b1c3a055e88e595ceaee85

Download Submit
/data/data/com.iyuba.music/databases/cc/cc.db-journal
Filesize
12KB

MD5
d321294d028f674d6c0e503309b84e0b

SHA1
bf1673d2ad2a355e2e7bcac7aeb3a82bc1393832

SHA256
e0262e95ef2e63703f6e4b5b93ac7d3d00494499ecaa2f74be200c0221f1f5d7

SHA512
561d9e6b6abe450cd02bf5b0dbd71288275cb98bd44ec53a0bbc30387f312bae8597af4eec2153a2fe8955178234960471622b8a7c822ac65a01c9be38bcc2a0

Download Submit
/data/data/com.iyuba.music/databases/music.sqlite
Filesize
6.9MB

MD5
11ee939a16eff5437ee4c2513c5eb6f8

SHA1
3f369f0ee942ed6220f16071f541c4a35eee80bd

SHA256
e967867005227baed2e2fdcdd87a1a3230b6c3bbe396fef058271b43906f2f8b

SHA512
429d3982a57d61f8d145cfcb05ead6f569c4274c9ca48db708927361dd4aed2d58b9f33ef2c91b652be53a851ffb1bc13ea250b35007ddb82c6c549f4a36c4eb

Download Submit
/data/data/com.iyuba.music/databases/music.sqlite
Filesize
6.9MB

MD5
4c1af77ac30f9cda66d2fb9294f4b097

SHA1
7ccb32a7178c5e3f42d3bb1df653ddefd902626f

SHA256
272af800b029917687ef7622ea2c791d494cb9ab0a1fbc23eb362743ce6077eb

SHA512
1fd319ca4d4ab0fc4f0528571c0f4a751c9cd980c64cf0eac418780be3c4464482d9c99b2b533ba98a4e0e9bd9093ef36686da55757fe6555c011e9bdf92e255

Download Submit
/data/data/com.iyuba.music/databases/music.sqlite-journal
Filesize
2KB

MD5
f6fe33fc75dfcfe97b60a5f68c7dbccd

SHA1
faa3e8791cf0f31a143b69b039835844017a5ccf

SHA256
0eec7dad2e2d4b087c22eeb3cc0d35a1bfede58d78cadd209ae88f29c89379cc

SHA512
f9c16c4547a0754b1c3c3e144b415e1f098368b7b63fab67cab1dbfdbe0fa5d6614f1219957be28022a54102b3899e3c48457a2ae40daf62c0e23a9a1da9cde6

Download Submit
/data/data/com.iyuba.music/databases/music.sqlite-journal
Filesize
2KB

MD5
3537d55356561400bdfc3d980911c01a

SHA1
295cae6cddf0914085b5f0b983b449ecf8905a78

SHA256
7769f03578d14e2f4274db69385297b8a4fff332c43b30546356b903e96a9367

SHA512
45ee3b802be0a4b3a86f701f0d51e55bbbf3bd6edbc8a1913e2f51c99a29b6480a639febe81710e80688ff5dd5546b07963ea87b5abe25f22ee73c0feb1c8536

Download Submit
/data/data/com.iyuba.music/databases/music.sqlite-journal
Filesize
1KB

MD5
7e629b41673940b356f04f89896afbad

SHA1
ee0375adb8abe461bd0c7cd5edb3f7540ea56dd1

SHA256
7ab68b09c107373f271f6f3aa65105e1524472c54150685dc2e570b74afc9398

SHA512
b733dd2631ac3659e0c26015fc98753f811e32478ac58fa68beeb57795bfb373ac9805afce1c41571aae7322e46c33586414c5ddf22e9a5a5b9954855a8519fb

Download Submit
/data/data/com.iyuba.music/files/.um/um_cache_1716397561592.env
Filesize
1KB

MD5
66904a5d1780025f54b1e2181968e694

SHA1
536fa775d04d78d68c03945778ed3069763ffc40

SHA256
23ca4b76078602cc60e60691fa01fb6d17d2ed3f12639cc90c18926b0246d737

SHA512
5be44fa4cc794e8d768267909cb0ca78794a7b9e82ecbd7ea8225643005a10fb7fbc67d2e0bd279615dc2576d7967c91ed02a62c31c41e237019f32df78148ab

Download Submit
/data/data/com.iyuba.music/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
9175711a01db6d43fd527dd486c2c8ea

SHA1
523bcc2c27160fa27b11b6331e3cd4ee47203d85

SHA256
f03dc27cdebfde84b3860841ae1e030a8fe01b375685ac157b25fc83c07e21ca

SHA512
3308879350db75d0dfeefa164e2d022f75f77c98ca5f857eb6ca7ddfad330740d8f86e7b8da00ee175b00879f4714a125236ef2fe422d804d6800822cebb0a44

Download Submit
/data/data/com.iyuba.music/files/umeng_it.cache
Filesize
433B

MD5
5c18ef580f0a83cf1e1225637a050b81

SHA1
eb287fafdeccaeab0795bfadedfe43156fccc1ea

SHA256
a66e233b92bcac7828090dc6877c91e89fddfadf3425a0423aa82a90ef7a2855

SHA512
3164659ff7fa7e13bdad6b1918800dbc592104c42be272a8fe46f098a6cf3e010fb1e0577e47d315908ba95bc51a2177bf62d9ea45aa1c2292b2bf6d437b4d52

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
b60322b2826893e6ccc90de8cec688fe

SHA1
6d7d047cacd35e053fa6aabde1bacae0be1274df

SHA256
112848784c557be9d601287040a032916bb3c8bc14a0f1dcd57250c9c0354c6d

SHA512
2da94df5b875dfb2748243e655c9f09cfcd1af7597ffb98ed9c9fbd5b8a02d091f4d465849ad3be356d0f8b9c2b8251b772ae0f5a61c1befb5994384607b3e57

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
408B

MD5
34db274e06fdd594a8809b6d1cd541da

SHA1
ce56217bee5a037f3f5fbdfe5dbd07f7351233e1

SHA256
c5ae1386a52fada17376245d8e1fa58b65cdd55450a03b36f240d2382150dc18

SHA512
9e03749c7285961457901f8aec77928d8aa5327012e9a0f7c65b8ef668845ce234abe2cf8f2a7bd3fb7ffe6f5eb384e7d605e2c42fc0fb08bab0686e7deacab3

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
60b88e2a6aa88bb868d99ad1b35076b9

SHA1
62b685e3ebd170333dc47613e48d63d527cd0e9c

SHA256
03483f600f78a6ffb9bf14fbeed4ca5e74b564f55556ff85a8707c2b466935e3

SHA512
ce33dd393d0630479a25337f54274bff3f60136eb5e250f12c14058e07f7aa3dce46b9e071a190ce62affcc4a160e2da7cf33f72eba9d83af26a261a5139a9fc

Download Submit