fc432ea7f014b002ffb5e308bd87783899c08487c82b42587c27f20b43f28cbb

Analysis

max time kernel
104s
max time network
187s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 19:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

684ad038367ef7b3e95957d3864c6960_JaffaCakes118.apk
Size

3.9MB
MD5

684ad038367ef7b3e95957d3864c6960
SHA1

aef34b718d1e0ed3cce21f878278750b6c4b9534
SHA256

fc432ea7f014b002ffb5e308bd87783899c08487c82b42587c27f20b43f28cbb
SHA512

701896b9449bd4e010ae87db40794323b16520949c99d242a00f211f7797efa7571a89b3f7ed5c239e00192222f2ea4c324893ae4f3f2a32838dab3b3236484b
SSDEEP

98304:494yyr/ILTDSx1wX3uSv8JzUEpb9D7xrWjOZX6Vwo/fR1:PILTD74UYx5WjUXByb

Score

8^/10

discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs
evasion

T1426

Processes:

com.momo.wy93sy

ioc process

/system/app/Superuser.apk com.momo.wy93sy
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.momo.wy93sy

description ioc process

File opened for read /proc/cpuinfo com.momo.wy93sy
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.momo.wy93sy

description ioc process

File opened for read /proc/meminfo com.momo.wy93sy
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.momo.wy93sy

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.momo.wy93sy
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.momo.wy93sy

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.momo.wy93sy
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.momo.wy93sy

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.momo.wy93sy
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.momo.wy93sy

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.momo.wy93sy

ioc	process
/system/app/Superuser.apk	com.momo.wy93sy

description	ioc	process
File opened for read	/proc/cpuinfo	com.momo.wy93sy

description	ioc	process
File opened for read	/proc/meminfo	com.momo.wy93sy

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.momo.wy93sy

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.momo.wy93sy

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.momo.wy93sy

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.momo.wy93sy

com.momo.wy93sy
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.momo.wy93sy/databases/UmengLocalNotificationStore.db
Filesize
28KB

MD5
10f8ef8c6cd206127ddc67b48854a613

SHA1
8624b3791b3a4129f33cb5990d343b40c8a3c32c

SHA256
dedc5a592efd506995d3d076f80943561b24d5657ac1563ac78206137a25de84

SHA512
e0a74999bab1c92110af7ee84733c620679fe55c2dc8bd0d154f28886221b3c64bef1a5738f29bea3f07ac163dc3c7133037a0ab1252efd7155788c3b0dda143

Download Submit
/data/user/0/com.momo.wy93sy/databases/UmengLocalNotificationStore.db-journal
Filesize
512B

MD5
eef8352e8636296a51891f3b12c58318

SHA1
e48e9157ec7d3fe23e82e06101dc4fe8d1b0ed60

SHA256
e3a5e0cd0d0868f49182343f48474320def49f335eadb1a081bd9b062def3d47

SHA512
d50949267ff1c2f1051ccefe524d95856850579f6fa4420c22a52b0aed08bf2168db9427995f7152a365536f89d3e9221a5db401eb20943a67315cc257fbe13e

Download Submit
/data/user/0/com.momo.wy93sy/databases/UmengLocalNotificationStore.db-journal
Filesize
8KB

MD5
b5d675640b88d5cb665b28614d20eacb

SHA1
ddb947b7f1537877919f2801c7ecae408b882040

SHA256
67226bd3559c74441c8f818e81a50242bd71798bf752e53e72397619b5f743db

SHA512
72a502704485f536c2bebd056bf36781b147f99cceb6ff50c9f6518f1d0f4b6ff8ec1901ca47486ca5cbdf31ecb51d94ee51ca24e5e7ba1302d2d13d97720891

Download Submit
/data/user/0/com.momo.wy93sy/databases/UmengLocalNotificationStore.db-journal
Filesize
8KB

MD5
484ab41c48198eb4614f6ff3aee5e3b3

SHA1
d0f4c96976318c7cac41db28aa7f5584999c4a51

SHA256
12deebff0c3070bb84a6aa811f255f2d9bb6d4b94cc9f0f321992191e36e3d5c

SHA512
867b6c321978dd107b6fecb72c0e920665284be2e9b96c6bc6dfb5b6a735a996aa062e79bcaf2c886a44694aa147da988f9fd0225662516e9b96298f8672bca0

Download Submit
/data/user/0/com.momo.wy93sy/databases/bugly_db_
Filesize
32KB

MD5
cc9feda3f8a1669152de45c6121a5694

SHA1
d1ece99d2759eb91caf17d7f49fa31c4531af1f9

SHA256
e27603d6c52d69cef9e0639536f7635c3edfe8540801047de0c17c9e5aa5b24c

SHA512
766f57465be8564ac01bc36a29883f9060f887e790ea0e25d5098ffcc83eb0827b379f7eaea3b7b0133ec16503f7ed15ea95f474cdb2c03fa0234057abf5742e

Download Submit
/data/user/0/com.momo.wy93sy/databases/bugly_db_-journal
Filesize
8KB

MD5
3c556c8b86b34957b8caa90f044a0659

SHA1
a574d2f314e12f8bd1c92eaf633ce90a0a9f6ae1

SHA256
1c685b4d0b925f2fd0a470d2bc0400b34e118d3830d7df1f2aa4edc80814d2a5

SHA512
0e03c278cdc4db567b2711ac941edea4b244af21a2ebaee32ebf78ef098e279edaeffbe42b6228e2cb7dce3e9d1d0ea7547b56a7149dbf3634531b42b72d2670

Download Submit
/data/user/0/com.momo.wy93sy/databases/bugly_db_-journal
Filesize
512B

MD5
d02f19127bb94b7d1166d6d06a1f14f6

SHA1
4c6b0f905f4e239f606c08f2ff5c0cf5f94f436c

SHA256
25b080d748fe4fce4aeed29b92c13e7169218df04c791c533834314ba860d8c4

SHA512
9d1aa1a46f72e7aeb1ed9758329d939c1ba1423e419f3fd70a29150939c3d76244631671c75776ebb6a0db9431e7fb15668dfe8d2b41b9b56f2bb2be40424ad0

Download Submit
/data/user/0/com.momo.wy93sy/databases/bugly_db_-journal
Filesize
8KB

MD5
01f5940df7b77a5ad8bda7c4a8645e0b

SHA1
a3395f8d1260606e3be4af6def0fc7ee9616ef8d

SHA256
1b1653ff9934705f5350ab7cee33dd851b2ef687248253a97b68dab211523512

SHA512
6a5635fd65cbd2cd1ed0bb0d2557481b2a927c73196927c2f857b7a5aac3ecee46e19ae3f7063656f4e882dd6c519c2de148f1bdc5a1f9509c4f684a0a83ad2e

Download Submit
/data/user/0/com.momo.wy93sy/databases/bugly_db_-journal
Filesize
8KB

MD5
d47c5e8de712e39c00835bd510e98e8c

SHA1
8da48e6c8d536794cc699af76a57cacf21c5aaad

SHA256
30530edb82f243e9eceddfcc8b4811e80a618b55fd08b2b328eba8c32cea4948

SHA512
e51ad43d3425d07556ea9afb6b4b6e842b0bd866d098aa054fe48d817100ad32eac06c8054866484c5a8518f17b5a9e8263ab4be1d99b34b88a8218121f3fe7b

Download Submit
/data/user/0/com.momo.wy93sy/databases/bugly_db_-journal
Filesize
8KB

MD5
4ecaeabe8fcee887129d587c3a5f1c76

SHA1
3ffefb398d1212eea33c559112d850668519a848

SHA256
9734d6a495b2d3bc54d5b257d99a3f10c9ffb62325d5fc89c1c714ccd44b7ba3

SHA512
b4abcfcb810653fdf5fa85f2b0285b5059a9e5670583416b68bba75cdfa06fae4bc601906673fcce8637fe615f1db27028e0511f01ca8916ae5f7cdf84ba2f1b

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
9baaa63a56147b70ead7f15a0b0229b3

SHA1
311ba3506fb19b7c670941e04bfa2fef8171621b

SHA256
db57b135d9b3978a793321dc7b105359485412488b03a2d03f9c9e242da82309

SHA512
7ee09ac39a97d106080b14419d36c3f39b31cb9686a9b24d78997b5288d63366b2c52f938d4e72abcb8c7cd65653a23d7f89db898a7f60704e6d167c41fa3c52

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
408B

MD5
80d0a6cbdff48d9d86e5c4a9a76e979f

SHA1
342de508a80865f39bd09222b679593b773f5042

SHA256
740a6a7cbbd6a03739555a655a50c28fa49421d3842049fa6410fda578e68874

SHA512
c2cdf9336a716861343d62927086bdad45afe56b8b6e11fe1ae5ae8092e95fd20260b184b8b5391c16ee57c623c119a9fc7de250d699e5de70905ff127e660ef

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
730abaa039cebfb4c645832895722188

SHA1
6151607364b881a71c60af0c7f69a1e33925aa74

SHA256
adeb1fee86a9388885cbff2e327cf96e6589fff772d22f7a0b0fbc4bfe5cf508

SHA512
8e85e885958d57b79feed6228e9aeaac68b30ef30610f2125554c31524506ce20319ab1f69fd81f5522b33ae4d2ed75596371c50aac09d7669feed6dae602c23

Download Submit
/storage/emulated/0/93sy/SDKSource.txt
Filesize
44B

MD5
2961e3a4d49449d2d76724b88e646c3b

SHA1
b9104a30fe190aca70d8fe12688000e666fcadca

SHA256
0ab3cde2e5975b2f741954126cb7d2f26d8a1f546dbc4bdc2ca716a6958fe71e

SHA512
6f5fc6872af460ba9473edb66db9ff78cb9de4620a639bd41e40a23483e0b189573e9246c44e844e5d6942937e89ec16efaeeeab624fd417d37a360c8e412031

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads