adb35383f6d2a1e288c73ed9afe3fd6a3eb3ee0ec8fc7361bc06c96ba0f96eeb

Analysis

max time kernel
63s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 18:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68430a5c63996e472656ce399282bb46_JaffaCakes118.apk
Size

9.7MB
MD5

68430a5c63996e472656ce399282bb46
SHA1

595ac58533ae198acf23850b2c576436dae32026
SHA256

adb35383f6d2a1e288c73ed9afe3fd6a3eb3ee0ec8fc7361bc06c96ba0f96eeb
SHA512

c3b23f8e516a1f2552a83bfb1a7bff6c87bd40ca0dcfd471696639392c3dce6f45f3440147955d74406de9a35a3f08703399070bb0e4e78eafe6aa00178fd56d
SSDEEP

196608:2FbKNN00Yxyg9KgOSdahjFJSNGmgUd6u/PMbuiU0dKgrbAkRoU612HXO4dsRzgdz:2FbKr00Yxyg9KgOSdahjFJSNGmgUdyum

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.kuxun.scliang.huoche

description ioc process

File opened for read /proc/cpuinfo com.kuxun.scliang.huoche

description	ioc	process
File opened for read	/proc/cpuinfo	com.kuxun.scliang.huoche

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.kuxun.scliang.huochecom.kuxun.scliang.huoche:pushservice

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.kuxun.scliang.huoche
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.kuxun.scliang.huoche:pushservice

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

com.kuxun.scliang.huochecom.kuxun.scliang.huoche:pushservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.kuxun.scliang.huoche
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.kuxun.scliang.huoche:pushservice

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

T1624.001

Processes:

com.kuxun.scliang.huochecom.kuxun.scliang.huoche:pushservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.kuxun.scliang.huoche
Framework service call	android.app.IActivityManager.registerReceiver	com.kuxun.scliang.huoche:pushservice

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.kuxun.scliang.huochecom.kuxun.scliang.huoche:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.kuxun.scliang.huoche
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.kuxun.scliang.huoche:pushservice

Reads information about phone network operator. 1 TTPs
discovery

T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.kuxun.scliang.huoche

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.kuxun.scliang.huoche

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.kuxun.scliang.huoche

com.kuxun.scliang.huoche
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4328

com.kuxun.scliang.huoche:pushservice
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4369

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.kuxun.scliang.huoche/files/.FlurrySenderIndex.info.AnalyticsData_6Y8QR9VM9D88KVN44DC8_170
Filesize
42B

MD5
96e03e871215885b71f2c2ecc3e8609a

SHA1
ac2ae7900545116b5a6c6bffe8363dc3e8be7b11

SHA256
e6785b94da77553972823d753b5eec8b2bea1f50c7bf22c07feb49523095285f

SHA512
f013132eb88afd3ebab7e174277eaeedbe0cc7bd17cc20d8d76a09e2764ac943de3d24bf92e99c305c5744ea975282e04e938d0b313f40fd172e62bffbfe2e62

Download Submit
/data/data/com.kuxun.scliang.huoche/files/.FlurrySenderIndex.info.AnalyticsMain
Filesize
44B

MD5
220fd7c44afc47bba85b390a24013045

SHA1
e63b52aec44a74584221a38602e7d1114e6009a0

SHA256
a38c1a0cbdc5edced8d204b4f5cf992067ab1d74365d9f23142ec35956f2b4e1

SHA512
8defdf17151c771207a7e3e5f2b5bd8c89ddf9fadcb13416f58064c4ecdbdcd6c99b18dd2648a6ee7888afd3198b61e5ff0469974d194a3748be92c8fb48a7a2

Download Submit
/data/data/com.kuxun.scliang.huoche/files/.flurryagent.-5ec3d985
Filesize
58B

MD5
54d458dd8db9dd14df746122d7f6fb1e

SHA1
6d46823fdd500f46c1f8fe991e52e23d3a02c442

SHA256
87f8eadc41f549aaa72cd76d1267f8f47e83c25cd491cf2cbf098f0d5ae467b9

SHA512
8a5ea710f8f5c96a8608920b76e4b66de8c09252e349474c6dc42cbe43743696ec134dd65404bf6d7c8b0160457f91349e7b236e470a6329bf716387b8697699

Download Submit
/data/data/com.kuxun.scliang.huoche/files/.flurryagent.-5ec3d985
Filesize
172B

MD5
8f83af9b0a4dd86e58e8cb327b76b367

SHA1
502518a386eec6238ae2414b646157ebae4c293f

SHA256
ef9b566815abd6e02e080c07768107b781608d14a0418a88d12e32f0fbb56613

SHA512
49d9f89a3c05c17b501b7869dffa77690b3799cfe7ab13069d2cd6805ee246020da85fb0cd636df1ed2d15be6b5e2565946fc0597740276b2c2446b378b9733d

Download Submit
/data/data/com.kuxun.scliang.huoche/files/.flurrydatasenderblock.76134053-903f-4dd3-83a7-66270c216ae1
Filesize
288B

MD5
0a71d909fca5a5b8e56bb5bb4cf7b673

SHA1
768099d1ec917a86396db6b4f5fbea7461df8fa4

SHA256
8cfa6168ff6526b3983dc4e25c3f63a02692fb0931c555cca4844f51b7f30faf

SHA512
4cd8c30809f7783ccd2bb4e1b3db562efd87271b8f95ea1d822dafd8787c19faa45fff7c0bb3f7fc79fda89b0fcfef2299bab6df7bdffb3a835f6a3d5df2abe6

Download Submit
/data/data/com.kuxun.scliang.huoche/files/CMRequire.dat
Filesize
1KB

MD5
25e57636aee83606d202f04f26c2913b

SHA1
1ef0ade456ba38aa31584d0fbce647d0ba74b399

SHA256
89c56da41f0046c9e733fed330d2636d623510c217f72c2d025df3343dc66783

SHA512
3a8d294b8be98abe4d18116cbf7c16d44a541d1d20dd4dfbbbf3bbd8cb7997abcbaf51790bbc1978135d888c4e89868a9a2575d9cfed65a331969de77ba07326

Download Submit
/data/data/com.kuxun.scliang.huoche/files/VerDatset.dat
Filesize
172B

MD5
caaa975d7bf4952bd5dd695ade33f1da

SHA1
119373fbb2db036712df72ec9b26c0c2840dfbb1

SHA256
d0f94264a6b5c355dbf5c0516202c732bcae471a2401542b2ca43307727a0d02

SHA512
db2acdecd236eab67cb67151032f53e51c9c04e754f3c21d74e05cacb1ea5edecbbccbd66ee760624b9cac97b8dd77f568324e8abc2b9c16aa73131db81c8b06

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/h/DVDirectory.cfg
Filesize
69KB

MD5
4387420494429045bbddc8dbc8036a57

SHA1
d00c920c88acbd73b1b09c4e36f947fb1cbc43b0

SHA256
c0def80bdd08026af800c61c476cabc9f1cda4d754e5e7a30d8dcd6ff0ac44ad

SHA512
200d360e00ae1d6f95f6fb57b217da7618a0c60abb8e17e5d2d2a5bd19434ce7ab001dd195f57bfb7c9f63a1802fb1e4e9c20f94773a772474c63485086b7ab9

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/h/DVHotcity.cfg
Filesize
1KB

MD5
64f064a4742aa3a40f537edde8d6b3d9

SHA1
f84045d96e72582238d8b35e6d508ea9129ae348

SHA256
905d87c66b14980402afdc2736b80d8fe108246e44f76e573291a852bd105a63

SHA512
5f0df60c3bece73b319b4e7c057ee8a218b0b7a9f710bf9725845fa621a4f8a53bda2d55c962e940f01ae6a81cd76af55116be55c7f196ac2dc09e86ae5e73dc

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/h/DVVersion.cfg
Filesize
93B

MD5
fb6694479700218b7eeb8e595dec6b83

SHA1
5ea06f1b529de035fcd8e4180c58f84c9d4eb49f

SHA256
ee862c09ac9d43be689d03a6bd29005dda386de845690f7cd369ab8ceb723514

SHA512
630c010a78772a3449ba0667121c743e1994f09be3b75a668e50d7340423414efb11528072efa1d630e2581ee45c49f03ddbea5d2af6ae68dfc1ee95b3ded652

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/h/ResPack.rs
Filesize
448KB

MD5
fc611808bd9b0edd8348d92490481ef1

SHA1
602fece48f0aac9835443bbe83c19ffc91fccdcb

SHA256
92dd9ef7734a6b9b68cbaac963d52dba9bb1a12ead615f860177577d89a40130

SHA512
309a1b878cf62e232e8d15bdd6ed0e7cc0f3122e6f70851a8b93016a31b4d40e99413afcd07aa6301b85c44689b88f33302f3ecc7ba7d4efddbad0b3c4a7c8ba

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/h/mapstyle.sty
Filesize
99KB

MD5
042f8bb92192b33fe881cf680db79d5f

SHA1
17b1ab10e0ffa30f3534d3f0a0240a631222ba54

SHA256
6f4205cb972c0c49c9480951e4d2decde58df5c7555be18b274507dbb25dfc1b

SHA512
4cc20908f12ec0b41fd1ea1b6e0f0ffb3fa003ab6f574a6b40f3a6ae2a7db07313ab57a9714d9891f3b798046a47e6bdc0da9ce1f4f91b7a966ed96e9b7d885f

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/h/satellitestyle.sty
Filesize
107KB

MD5
24b50fe4886b6d6f4011464e9a6238fd

SHA1
68b5c9b9345870b4f4d1b6a09258840ecc82382b

SHA256
c7eba9052ab1dc3c1d70541270688d63a7cfdd6cca9b0b5d62f5872413974dd5

SHA512
96217a781d8d23c298372ff7d005bad7e4d9528ea607bb28148f7b249be028ed0b5f0c1456aca0d78ce06335ba252790ada81135810bd5861bb74e25499aabb8

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/h/trafficstyle.sty
Filesize
3KB

MD5
1e4b535871c4feb2010b614713def5c7

SHA1
4c5dc67838d12b795b6882c6dbbcc6767e42184f

SHA256
efa3ec85127a21a8c8a74640acc5fe1d992952964d4f257682f832f63c2ad3fc

SHA512
0c5443dbfdafab2e6cb7740587f48ca9a2c971b93afafcebccd17691edaa7c7fb75dfd1b6c939dd591a5aa65977f55e64b6c3690ab0a660432269fc43bf3133c

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/l/DVDirectory.cfg
Filesize
69KB

MD5
200b74c3ebb374f1e2ca0c2d77418cba

SHA1
23e52a22fcbb020f4613811bde49f145657657fa

SHA256
8c0ad1afee4e26ed64ef30d34e612edf1e9a3ac0e78e426dab3ffbb803bf7f1b

SHA512
d30e07942404993b6fce92e411208e6c971712bb2efde6c0817c6e4f46dfd53bcfe2de7ffd374bba7350ee83d0a4ebacca0f1ce27480c2ba6649ef9d66f8874e

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/l/DVHotcity.cfg
Filesize
1KB

MD5
f389dd3b20a99988cafb81fa9833d51d

SHA1
601208ba2cf437be2490ce14ed3cf4cc3943a7c8

SHA256
dabd641f5931761bc3f202daf16e560c023b86314123fbda7bfe9428debc8db4

SHA512
0fc49984da0a3a681ce08a91ef1e849c122ba9f34dff29b1c3f952eb82ca90f3b6c6f4d0f47e537cd17c00b5c2f89eea411f7a2f3f9b2d674e205b95cd438292

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/l/DVVersion.cfg
Filesize
93B

MD5
901e9e58cb056bc895fee4f19173ae4e

SHA1
d5ca46f40f8b5e833a8491d8d2fdebcd91e33d4d

SHA256
cc73778e36a6677cd6de7ccfb5c605dfe532acebd039843d82ef3be295b73567

SHA512
5891cdaff2de481f98b0247748c036447bf73b0f1b1186e6cf2b05d27f39826da496d87cac93feef142f3c47bd6f37753116b18194f49064b3fc9dd6fd3ecab4

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/l/ResPack.rs
Filesize
372KB

MD5
8d183d412478e62d2ec90152beeb3a0b

SHA1
55fbb0b0808fa25deafc3de9fd26dcad5f5ec278

SHA256
9d26787a9fcc52d18ef6fb98b6bc4853107258ad235351116ec8ae7ee908185e

SHA512
9e71ebb78bd03da1a11d97ff98a3c64c1d1ddc4e1009b1ad847168f31c44eb9b4dfa1dc62cf2b020db8a10b6f1037560671ad3c07e218b0a910b98648078e074

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/l/mapstyle.sty
Filesize
98KB

MD5
affb6ab297e0a28c70e290bc7b0f79fe

SHA1
994cfa22aeebba487dd7fa4ff81fcec17d011801

SHA256
6e0e16c5ee516f49c30e9db4d470d57c964dfc38516f3b7ae459ceb4411a076f

SHA512
b94d1c81b7419dc75a158f0ba67f129885fd60438f8b31f97d5ae2a20d8069f5d60a3e5de9090493e503b41c78a981b38433b8d7c99ffdbe0a0313a79b4be2a2

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/l/satellitestyle.sty
Filesize
107KB

MD5
9f7410e1680f5b7cc5ee5b306e1679f8

SHA1
28a8c4bf92e9347b536eee59b314dd4bdf27644e

SHA256
110694528641874bc9b9dae26d83e701b36e18996fb91b4d249a08931942e73f

SHA512
297ceefc94b84092dc7c039c2cba110dc97fadbaac5fa6f2d73cc5ee1ab557813b5cea43574a84478d443097890df3ed85ead0e90851d24cd47c81b2aa022fa1

Download Submit
/data/data/com.kuxun.scliang.huoche/files/cfg/l/trafficstyle.sty
Filesize
3KB

MD5
ea1255472c3feae81239f87996544ac9

SHA1
9527474aeb5833e4e268aa55cb233f8193624bb7

SHA256
030529b5a75b50d5b4cbffb5c170f6ec5a9a00695dcdcc8c9918909eb5ee4671

SHA512
e8658bb8b37931b349dfc9e911fc6f483dd08d659ac917526ed05cc70271b97c13def353ad841436696c71a2f8794cac5d8035b0064d99d590c9b4f2db2b6c67

Download Submit
/data/data/com.kuxun.scliang.huoche/files/channel
Filesize
5B

MD5
bfe279945c6109d067bcd295b5189d86

SHA1
9969230fa9c65716f6f82a97c9ba7c7007609014

SHA256
a89151ba4b5ac0f22e96b71b963db927791d3808f5175f06ae4a60de5891bf0f

SHA512
c843adbb98d263d02ce3f9d3d9c684b9cfd8e61e8b155d8349317f122fa9089119e8eeced1a0f0f134db68a0b88ce095273acb863c86c1be6f9b8e4682eb00e9

Download Submit
/data/data/com.kuxun.scliang.huoche/files/gaClientId
Filesize
36B

MD5
18ab0bbfbb9023b2c27b8ffad072b91d

SHA1
2c4b290a9b4b358e3ab34ada9964d194a88e328a

SHA256
82aeddfdb7a6562aa4ea1228eb4d61aa0f69a556173a139d3b9c7ad572780d51

SHA512
887be4dad3a1f4a041fcabf2caede4d867d29fff425d50b06d1173c64a847bc2ccff4d4051368b840d1fa4246c502dc2fe19d99421963a11fb150d7cf73e951d

Download Submit
/data/data/com.kuxun.scliang.huoche/files/imei.dat
Filesize
15B

MD5
748d9beeaa1899252a7365b780b95fb0

SHA1
2158cbe9044f2b138df0094615afe6616e526c9d

SHA256
59290d2d5a77605f8140feb82e44e8438115fb2f93dc56ed4c225b88c21baaa8

SHA512
cdeb0c4cebf1cc96ebda6940763a940df76120ee991bc7f003480caf055a970f16e4a19ef2ba2c56fa056d539b981e16542ec7239a7b91dd3828585bc2d1e440

Download Submit
/data/data/com.kuxun.scliang.huoche/files/imei.dat
Filesize
303B

MD5
1181da04d4c396641944329cd3686ce2

SHA1
c5b039a55d7c7d535c22b13b6417f1fbe70f3ec8

SHA256
da8297095e1d9e86392987680dfc78d46df0cbbbf434dc554d4599e0b8a35bfa

SHA512
eb160e9c10749f5bf2171484e20809d22f89e0d98be7e49b5934436a3ccd2706666947a3616fcd0a947b4e94e2bc1e7115dcea2e3b1ec652ba0bbdfe0d1a17ee

Download Submit
/data/data/com.kuxun.scliang.huoche/files/mobclick_agent_cached_com.kuxun.scliang.huoche
Filesize
201B

MD5
468b1f3407c5a510a3fb0c2f135389bb

SHA1
4d4168996fa835ade6c2def5afd7cb162ad53b7d

SHA256
803296075392c56e3731eeae7dc5842eacf7a139e0b9d040aab1264f918896cb

SHA512
5d991d2168d6b0e98ca82769b632c703ea80d1c180cc2ef254aae52187202b78d0d27efbfc681b1e5afeb9d94e1ddf5e4ce41b1e02efc3617e5289ffc036fafd

Download Submit
/data/data/com.kuxun.scliang.huoche/files/ver.dat
Filesize
6B

MD5
76fabae8a08fe8991ef3b5f87490cf25

SHA1
e948d7ac877bf74a400a10511ad0da7b2f30b086

SHA256
7a4bdaa71c635e520749e1fef25711aaee6965f9efc30d5acdf39618705acd9b

SHA512
c9e9f8ff1dc2bf7ddfcde30b27c6bf63a64f22b580cf304671b1c2378f25223a77a45e3730f57133a3c7e3e774216cdbca23f304c148d747afb21f9aff16595b

Download Submit
/storage/emulated/0/baidu/.cuid
Filesize
89B

MD5
36b4e437a95d559e1b5c7f4b465db33b

SHA1
fc95efafde8aad0dfaed77566c8899bcf3ac9f0a

SHA256
46200d597139d2c500ad32584291edb681775b05327c964c182223c71d6a4b08

SHA512
0cc9dc474e7c615e533f525cb5ca25413ad975285fe592ac5cd36fe0a18103f3d2454d473d5ab4ec0b78108730f63b78d5f15ba9a866cee6c566680bea594bc0

Download Submit
/storage/emulated/0/kuxun/huoche/.cache/kxhuoche5.db
Filesize
232KB

MD5
96a31eaaf79e3ddb4e4d4f03b42ee2b4

SHA1
cd4e8a87195a30b4a2c0d6ed60e17725f4b74cfe

SHA256
d2df2f1ad66dac84405128c2023ab804ecf3cad85d04a821bc0b9a5dbb9a539c

SHA512
f53fc91e702ad865dbdb6d9ccbafdf863221f9fc914ef5ebc71446eea2d2d8172d8744b4b3c7a88b590e02e2e34acb12e99df1dc97f0f6a7a80d2bc00aeac128

Download Submit
/storage/emulated/0/mipush/log/com.kuxun.scliang.huoche/log1.txt
Filesize
254B

MD5
98ee3cf377530394362b7c7e77f7b362

SHA1
bbf27c4dc67b82351afefceadb375ce089241a3b

SHA256
904d1bec8232b4e4a05d55a10239ab62a5d0da513afac00b0947038a442a6a14

SHA512
5dc397641ae5ce7f20b40363cdde9681751b48bc198ddd91c12f44dab02059b60687c10bd647cb603e6ebff108dd467507ac896b1f4781921612511be0dc95e6

Download Submit
/storage/emulated/0/mipush/log/com.kuxun.scliang.huoche/log1.txt
Filesize
218B

MD5
621c4ce912341fbc0408a3b85872325f

SHA1
b625bf20821db6f7171ac17f856f4b0a8dd453bd

SHA256
a5493ad682330c96ff5f8cff039b7beb43d5dd10f486ec3f3b16bc9ae3476786

SHA512
3313a7c247379b696d95939c1b10d468c4bdf9756bcce2e94cfde0dcf8cc88da86fce305d039b744cdf556835340b7db3193afd3352c656c9511f4d5805e608b

Download Submit