4524fec99dd3f08fbfaea1bc9830dabbba3d6851fd2f2b2ee9756781d0668774

Analysis

max time kernel
167s
max time network
147s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 17:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68030a01de4d41dc4269d083d923e192_JaffaCakes118.apk
Size

10.7MB
MD5

68030a01de4d41dc4269d083d923e192
SHA1

1bfc039bbf615ff1473962dcc65b4a68554bad35
SHA256

4524fec99dd3f08fbfaea1bc9830dabbba3d6851fd2f2b2ee9756781d0668774
SHA512

3cc0ac8516747b3e7b4ae03445153fd35c95ea4701d3434e5c59b872e4d041fc377a972811096e0efb14bf8024566e276e3d32d86cb387f7eabb984e1c187c16
SSDEEP

196608:eauSYBMwoa35YXuZLOt4fyXSgYUDe4lf0g9yarrbTGAki6JV71+vHS4r9rea1+ZK:9eUw5Zw0i3WAki6yZBiIN9DjhLXks3

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.yiwyxb.cp539823

description ioc process

File opened for read /proc/cpuinfo com.yiwyxb.cp539823
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.yiwyxb.cp539823

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.yiwyxb.cp539823
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.yiwyxb.cp539823

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.yiwyxb.cp539823
Reads information about phone network operator. 1 TTPs
discovery

T1422
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
evasion

T1628.002

Processes:

com.yiwyxb.cp539823

description ioc process

Framework API call android.hardware.SensorManager.registerListener com.yiwyxb.cp539823
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.yiwyxb.cp539823

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.yiwyxb.cp539823

description	ioc	process
File opened for read	/proc/cpuinfo	com.yiwyxb.cp539823

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.yiwyxb.cp539823

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yiwyxb.cp539823

description	ioc	process
Framework API call	android.hardware.SensorManager.registerListener	com.yiwyxb.cp539823

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yiwyxb.cp539823

com.yiwyxb.cp539823
1⤵
- Checks CPU information
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4315

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yiwyxb.cp539823/databases/RKStorage
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.yiwyxb.cp539823/databases/RKStorage-journal
Filesize
512B

MD5
c371873bdda22fc5cab98b24ce954812

SHA1
2deb9affcbf2a0a86070bf57a43eec26e6ab8065

SHA256
8349e2e727de572e90a999b19ec844ce716b21bd3cdca698cae3eff21b7312ea

SHA512
e1f8b7de07c47cc2046b0f1dad7cab1efb5effe99c060c0ac06b32fee15761d2fded31b3994a2e9fad433b6e352cfd02a161a493d909aa99013c1d7f29097ed4

Download Submit
/data/data/com.yiwyxb.cp539823/databases/RKStorage-wal
Filesize
72KB

MD5
625966826bcb81ddc8a8bb369835d56f

SHA1
19d70111edbc75a4e0fb670378a85d79da9aab8a

SHA256
84a60cc93d83a1dbeaff33486088a049b17b29477ac009d8f739a4c87b641e70

SHA512
ccbe0d6a179fa4ec689d2fc58040f948ac286fd69bbd16da31343b9725298571e600a4510287a3ba2db879a3b9640cba792d5639d83ec3a9b066e6ee6a88ad6a

Download Submit
/data/data/com.yiwyxb.cp539823/databases/cc/cc.db
Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.yiwyxb.cp539823/databases/cc/cc.db
Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.yiwyxb.cp539823/databases/cc/cc.db-journal
Filesize
512B

MD5
9938ae9d083ff12ee5e0fc622b2b623c

SHA1
4d212f11fb971ace445beebc059867b375530328

SHA256
1e87175cbe45bfef0080bb03e28daf5da872dea3b3d47b641181ac45e944790b

SHA512
648aaed9cc5e3cc2397ad45d1803ad7da2c1c64c2fc65a83679bc973c9fa90628f6f80442e694623793f4370c8009da2e442e4ec0580c46403187bbca15812af

Download Submit
/data/data/com.yiwyxb.cp539823/databases/cc/cc.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.yiwyxb.cp539823/databases/cc/cc.db-wal
Filesize
48KB

MD5
c1651cadaa9c4b30e951921e0d0f1d35

SHA1
32f31218ccd62ac8e83eb1a14f08d895ff60678d

SHA256
06d208227dba275fb6f4876eeba1bcf0a0717b69ad02b19ee3c881d6914621e1

SHA512
f21a31184ddb5ddd76f3ec1555eeb97c5daddcaec2b1a076552d33686b0ec932c9225f52fc36d0f4fdc45d826b9c447391750f59e61a0a409cb04dde88dfad65

Download Submit
/data/data/com.yiwyxb.cp539823/databases/cc/cc.db-wal
Filesize
16KB

MD5
d80439d76b6d1c4ce9dba7e0832fa6b6

SHA1
b1a861bc436a5f5c72367971d2d97d320f9ea29c

SHA256
6a171004c58b7da50082854884b0973b7f9ec8539ebb0982a26e1adf977fbb8b

SHA512
02aa54f7b1b71eac5042d6b74d3aceccfd8d26f6780f07c85a6f47f8cafdf2c496ad02d8884637c880dbba965f4915f76cebd04314a4c194b3772dd063983eed

Download Submit
/data/data/com.yiwyxb.cp539823/databases/ua.db
Filesize
32KB

MD5
14ab91a228d8a9b6db77b972a0c7eb6a

SHA1
065f480cef750332b3e90ffb8393f7b04ed55618

SHA256
9090b35a020a60aa73d3e37101a9963bedc544a03447fbc9c6fe943762444c4d

SHA512
cae6ab87294e58155f6dedc524a4a423b64bcfce49702ac73a07bbaccc8eda422c4c5abaf17da66bf48171cfb390d926bb01bda8a4e8a11e6cbcfa23b181ac2a

Download Submit
/data/data/com.yiwyxb.cp539823/databases/ua.db
Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.yiwyxb.cp539823/databases/ua.db-journal
Filesize
512B

MD5
685f0bb2f5ed0d1ed08ff5297481e570

SHA1
37bf5873ae4b13dc64d698af40ff38c98edab9e5

SHA256
236be8d3042ea4dc8dbc5f0b80886a2870fd7361af0ef9a1f1d6c03f71d178b3

SHA512
91b4bd092bb85ae5b2f081ef467157dd6c7d579406258a5314886b112f36acb76e78a5af5b63fd50e37a5dc20ad911915dfe46b9af213beb75ed3b072bf337a0

Download Submit
/data/data/com.yiwyxb.cp539823/databases/ua.db-wal
Filesize
56KB

MD5
c4100065fd794f1b98e8c4f2a985e1d1

SHA1
f0292be9aae7835629f73ff2465708c2f9ddb07a

SHA256
13ce9f06feac629f2dd5d91c35c559cd18fcec620461f0375ced06fb5b9d983c

SHA512
4d09bb670f2490eabb47f02938e876d6f8e85bb4566e1951025ffce710d17a6c513bd25b8b7a7901d7701f95ddc532a89bdb6bfbeff1a153938e299cbf699363

Download Submit
/data/data/com.yiwyxb.cp539823/databases/ua.db-wal
Filesize
8KB

MD5
b07a3d97bb84d96f858bfda4e97ab6b9

SHA1
d334379ac9a0b64f1e4380e75511a0688ad3df4f

SHA256
6be09ea6cc89105cdfd0368782d98820705d4193661295c4077b2ce567edf997

SHA512
8ebacb73944a214ae94ba9a76ec9c75a786957750e09d3d56dd834e7e0a30f62ecb66b45ca55c541c7f74ddd9c8c0b48a5008cb848c6508e1b8c0b692c9fe2cb

Download Submit
/data/data/com.yiwyxb.cp539823/files/.um/um_cache_1716398575907.env
Filesize
1KB

MD5
7a2c39a07088341d0fbdd9fa7fb9be77

SHA1
86d1dd708e2f603d41e39600d1eb394f8b0dcec6

SHA256
2742e4f0bd44dfd69372416787f0affbc72cf1c043e56ea8f60e8649b1b83a7a

SHA512
c5ae913d70696a41ba3540d1e8633bc0baec79ff016dae88b626ab8ea871217693debd17e4cdc5af93d3e04920e76b7064824b4b9fbf6f0e08d290c9ffd8bd02

Download Submit
/data/data/com.yiwyxb.cp539823/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
dd177b0e37d17e089a0cb81c6f36726f

SHA1
a3c57bf9de822d559b53acd814dabf6c490799f4

SHA256
f43c53417641846f34ea07078bd088c74ca6c010bfa15f5e087fed9b53958dc5

SHA512
b2d431be93733354f068395204122f959ed39f7bb2a093e8a4d5441aa2b91b1893ecccc819621575b29844d1b10041eb67d1f5f9d323b36b9e2a844bc9f82bd2

Download Submit
/data/data/com.yiwyxb.cp539823/files/exid.dat
Filesize
54B

MD5
ced22573e95b4dd8fef4a345eb0f3ca7

SHA1
e1485d3e216156ca277d9fe585958445f85b5079

SHA256
8e16393356e0cb9b73f31fa3825646916246abd0e9d3e92c6cc052e677460b50

SHA512
acca9034f4fc30007eaa99a2be3f047c6dd1277351a751f049368a337fb58f19cc6e278ee47cec6f71de46bec68f086770ab80fc454c5092c0a156ba3a6bbc61

Download Submit
/data/data/com.yiwyxb.cp539823/files/umeng_it.cache
Filesize
415B

MD5
7a81d12b379e51df778df43004046e4f

SHA1
57108e3cc9e9b5dd99042ac26c4532eb2f59b9bc

SHA256
60c06cab7dd97b31fab82c90a5acaed15b9fef78adffe6b0845339a662240ef4

SHA512
dfe2edec961cd2f12e7dfa5cde8870f31b8e98b43fae2b209c37c9600997f2ef6fca035b65c12682575d4b2a95c0350ac67225e3ea122a387e0b14655fe09569

Download Submit
/data/data/com.yiwyxb.cp539823/lib-main/dso_deps
Filesize
144B

MD5
594030f361088c72f93024d31e6b5b5e

SHA1
e105e83c71f5da29d272caee1d29d2a06896a097

SHA256
1a6c18f0ec9dce5ca96277bfab526d3da5d64dc16861b63ab8366235c1494dbe

SHA512
62827dd6a731eeda2fde613514b5ce609192703fe7b9506a2dcd0e100677bfb82ff1ad53f76b2e2554e259ebcd8118d5fd91e8bde5bf61c6f9a7d728d6c76188

Download Submit
/data/data/com.yiwyxb.cp539823/lib-main/dso_manifest
Filesize
93B

MD5
f049019de27a3a937680ead2d2ab0491

SHA1
da7e30a8e411aebc0174a4029287a911bd8ab260

SHA256
055b4a2335955bb0b7fbf290cf19489b457757b0f5ff4684dce994a88aa9df03

SHA512
04089120a08f9e18fc528d84f727349c5197e6a6dd494921d7e293e6dd5824d56a10eb832b5d058d6fb8dd555c2e645c00f338ca9ca7734a6b9f70ced405e2cc

Download Submit
/data/data/com.yiwyxb.cp539823/lib-main/dso_state
Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/data/com.yiwyxb.cp539823/lib-main/dso_state
Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.yiwyxb.cp539823/lib-main/libjcore110.so
Filesize
77KB

MD5
304c4775c940633d9bcd763ef3c59ff6

SHA1
88cec29d0123a91bd5fc01adf460d75137592998

SHA256
718cdf15c87ac89607e548ac80b4e22499afbbdf5f5df77aa8fb3e2776e719ad

SHA512
8265e7dfc99e7ab6195d879a6fe3ad0cd5e33919d75c6ecf33d38d301b754a2c576bcaa73e56c8b305838f726577fc042ee7e8ddd88cea05e25eab4fec82cc43

Download Submit
/storage/emulated/0/JXCP/aff/com.yiwyxb.cp539823
Filesize
6B

MD5
ba209a2699b853b528fea5cb32b048b0

SHA1
220ed47185ad439c5674588abca6ac01cfc3d8dd

SHA256
5b1950d66bbbddb1c323de299c90c6b5d216633f7f68a3eebcb2f07e8b0925bc

SHA512
70154632d40e1d4650cda5a149712c8cfdbeb1b247ca2cc4784ed575bdf7af645a69bf5a69b36dbc6fc5863c99c774ed9760cc048420a7585c5f7dbd5247ae40

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads