084e4fe454b83425feaea2a1b067c0eabf27c7a36cc56d27000bdfef0a00c24d

Analysis

max time kernel
179s
max time network
189s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 19:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

685a0fd0b0f15322f19822dbd7e54086_JaffaCakes118.apk
Size

25.5MB
MD5

685a0fd0b0f15322f19822dbd7e54086
SHA1

7b161150ee57fd0c2a9c5132497471724a092769
SHA256

084e4fe454b83425feaea2a1b067c0eabf27c7a36cc56d27000bdfef0a00c24d
SHA512

6181e505af3c97332bb98f39f75c63cd92ca0c1ab99cf1f21b26c36d9902ce8f340a5a86fc523725cdb259b83af4f31054270d3ad23de18d2eb53e6a99a40756
SSDEEP

786432:vB59S1fmvPgDLy65xjNQrrxPncnYSD/fXmchgJUREvH2Q:vWfcYK65pEllI/fX9gJURcWQ

Score

7^/10

discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.cdel.jianshe.phone

description ioc process

File opened for read /proc/cpuinfo com.cdel.jianshe.phone
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.cdel.jianshe.phone

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.cdel.jianshe.phone
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

T1422
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.cdel.jianshe.phone

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cdel.jianshe.phone
Reads information about phone network operator. 1 TTPs
discovery

T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.cdel.jianshe.phone

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.cdel.jianshe.phone

description	ioc	process
File opened for read	/proc/cpuinfo	com.cdel.jianshe.phone

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.cdel.jianshe.phone

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cdel.jianshe.phone

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.cdel.jianshe.phone

com.cdel.jianshe.phone
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4527

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.cdel.jianshe.phone/databases/personal_clock.db
Filesize
24KB

MD5
c3cf2e981677364c1c898b2d1fe66757

SHA1
25105cbc6ca40b7eda7bb992c1268a67491e6944

SHA256
1817d849a5859eb631c00723bc08550b0a62307f327fdb82d1f58ed131cb0c8d

SHA512
ed3fedebd2af13ee81c6fade663c53d8ef43ef64eadc9ae6fc163eb3dd721b28f0be9a7f9f64f92214193a84192ab56f2724e6a70b616be377696c755a980867

Download Submit
/data/user/0/com.cdel.jianshe.phone/databases/personal_clock.db-journal
Filesize
8KB

MD5
412540f67910bbcd38fadb936361efd4

SHA1
11087356f6f71b2aaf08c5af0d7b5fdf317d3d56

SHA256
32e2f273a256226850302361b64f151ed5e92bccbb4dffbf1e166ad68bd03a63

SHA512
e301b0dc9f3c10f315cd8717cc58f30ff9d62ab22ffc4891eeddc4a9fbda24e144994c82b580c234ef0ab40094e23f26991f342f0cda2ffcb24b1551943f64ee

Download Submit
/data/user/0/com.cdel.jianshe.phone/databases/personal_clock.db-journal
Filesize
512B

MD5
4fcf163983a170e083261ffa3ea46331

SHA1
56a4d717428055c788439cfd5ab4d07aebb7d5ca

SHA256
ef30617a17ec9cd1efafe34ca1f23a8ef540b289a0fe7386b147fd75fc37af68

SHA512
cc1ce79e229a06213f7be829cf6f786778425095ffa56ffae2f60919079e33387ccc8e7b07f3428c289b4254ee2c938d8454cd902a276c416803b5c1173f1d54

Download Submit
/data/user/0/com.cdel.jianshe.phone/databases/personal_clock.db-journal
Filesize
8KB

MD5
4563edf59aaab1afdad2bcfbac475022

SHA1
eed46173ee16f0dd030028f53eb096230237c756

SHA256
66ed51c9f441bb09c0dd27f8a8406e22e3542ea014c1946d75247b9cb122cb52

SHA512
d9323126b7010ef77c68d83b54607bd4ed9ea7687c19f139cd3edf45b740cb7c37ff6d7297963bf34dac04ee9819523469131bf5cb1d424dbfe72c20eec9f98a

Download Submit
/data/user/0/com.cdel.jianshe.phone/files/jianshe.db
Filesize
272KB

MD5
6b8121cd253fe31c653efc3ad0a1a9ca

SHA1
dc8056ada702dcaa144b727f95acaaad860411ef

SHA256
fc28556c1f792e9b672ec9a3eb1367480745ef95bb0e2fa5be33d4c31c8fb885

SHA512
5bf0b64912a7d5aed2c99dbc9c6038bc64ab41c2fc063f3f80f9155e7aca57aedc09fe0a60cb40b0358f91fd83a48ccb42f7fb45efb72b5b00d6d837af84c5f3

Download Submit
/data/user/0/com.cdel.jianshe.phone/files/jianshe.db
Filesize
356KB

MD5
91223cc313b57c557cb6e855e882ce4d

SHA1
33f509d8fae22b1aac4ac634657e9136ce64a595

SHA256
269023fd34e7322f7610685b8cbb86e19239560cc31869c9ae5067e1eceb4120

SHA512
a2e92d0501686d61cb21a92daff4e9d5c50bdfc99e877b10d0a1100211401a050e25e655b1ab708154f147a026eb2130b773dc840d185f3ba17dfa4af44c938b

Download Submit
/data/user/0/com.cdel.jianshe.phone/files/jianshe.db-journal
Filesize
8KB

MD5
a2b0e75f39eba4f0459b6cb2573d024b

SHA1
b590b1d2398c8ed947176bec17c462d44e05f7a4

SHA256
a4b7f2571bd6d3e99f3716e4a7926b137bf75a3f246f816e8b37cf6eb1125822

SHA512
2a1ecf26c8c60e4c8c9fd26c1028a9263b6ec31d4836262b323d40df2d37c383e24542ec5ac41811d82648004c3b704c0e282ea9e17a50d24c3f1936f72356d1

Download Submit
/data/user/0/com.cdel.jianshe.phone/files/jianshe.db-journal
Filesize
24KB

MD5
d0220d55f843b87ae418035e267eafea

SHA1
d3dc5a42ebbdaed14e8fa73f3d21d317c2efab1b

SHA256
cf44fbf5bc63c01aa8359e917c5226f4ea21ff064295b847b7f854134c13af3d

SHA512
86978d17a86ed021e62d4999277cff0f9a0a632bb4af1d637c68602fb37649772b034b096fdc69e0d1aec4bc1feaf237b4560ec550bdade7ce9ff517d5e75762

Download Submit
/data/user/0/com.cdel.jianshe.phone/files/jpush_stat_cache.json
Filesize
140B

MD5
ddd190501980b1c7ab7483a3046ce1e8

SHA1
e04db32a8946071cfaf16b357b17c7bdcae67913

SHA256
6a4812960763fbf202b67a239dcf9c34b990d30fae0fd1cd996639fc73145ae5

SHA512
5b525eae9bf229cd2f733a46345261eaadda41de12a931306a841aa439872623d9816614177891fa4c1a66015779cf23f36d5dd41713d692c85a88d3cd79b3b6

Download Submit
/data/user/0/com.cdel.jianshe.phone/files/mobclick_agent_sealed_com.cdel.jianshe.phone
Filesize
527B

MD5
a47bc4acb5d23a973c159e518cc36c72

SHA1
27ea6d35a6d53c7398b76bfbb09c875f2240e1a8

SHA256
4a5cae126c7430512f92fbc8b6ed49ab8894903993499735adb53795172b53e2

SHA512
b563bed2e3c3abbcf1cd3b2af24600f774fe76577f63ccd1659abb861480c5537275be03aca5aa689c18e0d5199911de8c58c7771039136eb6ec28e23b467ca5

Download Submit
/data/user/0/com.cdel.jianshe.phone/files/umeng_it.cache
Filesize
148B

MD5
60576cb7949d4b69087fe7a64dc962e8

SHA1
aeccfe09414fa23d0e60c9c69daeee62057e370a

SHA256
4b99813f63d74edf750fbce5d2b82e9f7af1a26fc7b5c1f0f5353a2d991b3a99

SHA512
c2dd374b6cb47107004f19311059ae86f372d737a6486defee16e0026f61cf740e6065aeefaf03fb6c00f4849b7f9af7dd540a468e374a1494f28d5ef9c743fc

Download Submit
/storage/emulated/0/com.cdel.jianshe.phone.txt
Filesize
10KB

MD5
4337367f287cc81fa74125df5cc6e652

SHA1
1dd5547af5822a5a483ff6cf5b1a5b7b0eaf874d

SHA256
45f667cbcebed18e413848b75da4764219a147860d423a8b5fe33562e54ef413

SHA512
0c1fbf29b8b6be55783fdfc4fa4794677351881de6356457d029cdc9c8ef1b23fac203b80d5aef633edf4d4bef5c5aef2571a9f20205b70bf917078297801e05

Download Submit
/storage/emulated/0/device
Filesize
16B

MD5
49f639e0ed0462aafde55aa92d0c1f64

SHA1
0ca43e7631d738e69006bb66151ebf3ebbd92dd7

SHA256
39006bdd759dc9edf2c7637c9832e49508b1317310e11f259add862c2eda7791

SHA512
ffec56b0fb32ef31ee06e465a95f26daee63cd26a5dd5b0f7e68c3146de4e3a5988695b262982f9845241e0eed13e866c9e771515a859a591e5db3a92541559d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads