0e10015cd8b3912a824ae4a5936216dc083433692588a0f30cc286101fe3c304

Analysis

max time kernel
137s
max time network
142s
platform
android_x64
resource
android-33-x64-arm64-20240514-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
submitted
22-05-2024 19:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6864f9c0e1b8bef65f623362509dd0cc_JaffaCakes118.apk
Size

19.6MB
MD5

6864f9c0e1b8bef65f623362509dd0cc
SHA1

67b8460580e0b3de950ce9865cf7705d16b09b8b
SHA256

0e10015cd8b3912a824ae4a5936216dc083433692588a0f30cc286101fe3c304
SHA512

bd1fce5ed2c7979ace710c7bf7b9d29855b5681422b9e1b56e4e70a921fc2b94028033b29756f6ccfca955eb712ff66bda3a9af0ae03f684f82043b08b57ed97
SSDEEP

393216:Ta8j7/THaFUW6cvsEWKVCMWhDT9qPS5Zz5JXlqehY8L/cTD:O8jXHaFUsvsPKVAIqfztq58Dcv

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 3 IoCs

Runs executable file dropped to the device during analysis.

evasion

T1407

Processes:

com.duwhauho.cjwgoaugocw

ioc	pid	process
/data/user/0/com.duwhauho.cjwgoaugocw/app_mimo/mimo_asset.apk	4299	com.duwhauho.cjwgoaugocw
/data/user/0/com.duwhauho.cjwgoaugocw/app_analytics/analytics.apk	4299	com.duwhauho.cjwgoaugocw
/data/user/0/com.duwhauho.cjwgoaugocw/app_analytics/analytics.apk	4299	com.duwhauho.cjwgoaugocw

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.duwhauho.cjwgoaugocw

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.duwhauho.cjwgoaugocw
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.duwhauho.cjwgoaugocw

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.duwhauho.cjwgoaugocw
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Requests dangerous framework permissions 1 IoCs

Processes:

description ioc

Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.duwhauho.cjwgoaugocw

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.duwhauho.cjwgoaugocw

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

com.duwhauho.cjwgoaugocw
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Checks if the internet connection is available
PID:4299

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.duwhauho.cjwgoaugocw/app_analytics/analytics.apk
Filesize
1.1MB

MD5
36e6ce6a5a4e2b31982e3f8208a1af0e

SHA1
a7418ca9cdc61749e4c39e55cd4e74a0871ec196

SHA256
ca10a9f91f5246c09ab701368126bf842e33e62c0559328b34fc91295c13d298

SHA512
ee5022a46bc98db4be250a219a805073d5e558e5f3377de5d5becc5c3584f20988667af5e209dd2525c40c9fa70c8c7fac18eaaee98957b79d96b20a901ff100

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/app_analytics/analytics.apk.tmp
Filesize
545KB

MD5
4f6ba7835b8b8aff7f7c7a97bc262b34

SHA1
2f9b2433c46ed5ecd9c1d8dcf708d07340eb146c

SHA256
5a0062937d99f0b85e6fcfdb162ce6224ed0635cbb8cf6e3ac253d57fd8ef97c

SHA512
14a0ab2048b3366bf3893eeb3c8f978deadb1d28bff5c1918976db49dfc62307eaf7fcfe843d0f3696d175df7710defe120273cefb6221ce2612b14839536f40

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/app_mimo/mimo_asset.apk
Filesize
390KB

MD5
39692de7ff0848e54bf6ea1ce9ece672

SHA1
bf6299d772f195bac724f738c49cdac0c538abe4

SHA256
011c400d36773b3b475290c2d1af5a829c0597c24dfbb10e12222611a4e1300e

SHA512
3ea7d8e4a85e1b8b7759984f817df7c65656d057e31b11ec1a970e79a99b775fca5e5f8ef942f99869a14b58a91c1a5838b5711ac33f915cf8f7f77280bcadc6

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/app_mimo/mimo_asset.apk
Filesize
664KB

MD5
b29e22fce48fb0eabe12763e8441354a

SHA1
484b1154fa16a63c980631d74dd240376677f50d

SHA256
15fd755bd4c20c78a13e38bd3337bc5a80686b43365a346706858b9b817795ff

SHA512
2d0ec43846f67918fcffb5fac4ebdbd6f4e52592c5e36133e6e97ca26db1985fca04608d0fe8555b3e44c6dfe1db46b85b4192866f21e476188b03569307c53a

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/app_mimo/mimo_download.apk.tmp
Filesize
400KB

MD5
3e86b24cfe8ea3644e3a6bb2f3bc75a1

SHA1
7881136fb412166d04ad5b6c4fdb9550a66fd99f

SHA256
1b01837a2b9004309bff95248adc60d39ffdadc90e52ebf645b2c5ce76f28bc7

SHA512
40ec714867b4a3e0aaa920abb648f331ce43e8bef442e782eff5ebaacb1052785e681c23b85f6ec50bc4e57e5b9924e61ca4fd72589f810ce8c670b5094b612b

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/cache/uil-images/journal.tmp
Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analytics.db
Filesize
24KB

MD5
5c38da01620d975a07e313c033f6879c

SHA1
bbda2008ea3468bcd57ac6dd83a82e7a929e8d8b

SHA256
57902c81c2e2977e82607eda9ebeffb6a1329304b3e0ba83b79925b7d70e8ade

SHA512
4c1f198c3899f29129654d4c2524f31e2d3c69d7a6efce9098bd4383319e4d8ff691cf3cab4cc903b8c6ec57d9ff2599e310fc97528ba9dd1426dea415eb2c03

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analytics.db-journal
Filesize
512B

MD5
51716a4b7f785f6126593893e848532b

SHA1
fb3d84f4cf7308723cb5031993c7bd6f31f7fc04

SHA256
91093b976497852075b69fdd616b29e6206a376c11c363bce4cbc87d0e9a941e

SHA512
2c01726173985ed18c4d7427f2aa068155ba6917c2ebbf07fe64db41a4ad9f0b7bae7fab469294ea2d5f709e30390841368374790c8116c91cc9f1abcdb0ebe2

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analytics.db-journal
Filesize
8KB

MD5
cd5b87c7f314a235bc5b3cc645bf262f

SHA1
96e688dafab6cdb8c53ec9401bb3fd72e48e450d

SHA256
e16f5064199e62471123d5d94e0d1123e2ca052f0da6fd4192e8af5ff78318bf

SHA512
754fa6dacb0a76a8a3ec7712efbc1bf459abc29c5510b1fc9e437430d2712062439ac45b3559537231e609e789937850e0ec34c0d87abb1ef35a0987d8ebefb0

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analytics.db-journal
Filesize
8KB

MD5
2d45014c6c480bd1ad10d77f1e61cac3

SHA1
26762fb7d71e2a5c4ca8c0d2a18397247f6e05f0

SHA256
0c8fc85321ca780ceb5fdf014c1eafc502ba7f271ea17383fbe1937c9ac61de5

SHA512
8bba8649ff13fcb69181fdda9cb31ca8740e3ca30260f181dea51a456c4ea49a308b030c0da20c8313fc123d558915afb9e7e3b779f1dc5c76be616057edfe03

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analytics.db-journal
Filesize
8KB

MD5
15d1939bfa577001ffe61e8fc6af034f

SHA1
f3c5ec1a98a36405e37ee1a412773de286ea0d2b

SHA256
06e66c48e2a7a0cac133d9476fddd2f8976d4fd8f5ab4fb6cbfb83c0a85bcc77

SHA512
de1e59b3bd1851f2076c5ad460f84ba41091a487baf4391395648a9b30e453603cad28667b0f7972c3ce5bd86bda1bb96637ab715bf8c4f2efc6c33981ce5c37

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analytics.db-journal
Filesize
8KB

MD5
fa46053de304e6c7d94b4051fb45336e

SHA1
35c385a2c3b33cbb2c7daea2abf772edb4c7d852

SHA256
89979b247a9a178122719d83bb632f1508e790f55a2c86a5120557c21506c734

SHA512
7adb370db5564f5556e262486fdd4ca80917cc2bf030348fd20f0622427f7dc7c95a9e6c6d8b5abcce9742a4c579fd8ed88b166aa6f6a1a3e57b0ed82d099500

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analytics.db-journal
Filesize
12KB

MD5
aa98d9bb7a3bf9f450c63a3eb501b246

SHA1
2db3be5e9a53581b4df0b0c0274371cb16e00a0e

SHA256
b2ea10496d2b38a4993fd9d37a5de56d894cf382d82fd25051f8da2e9d7f4ebe

SHA512
3d8981da41ad1806a6a6e99ef5c19ef2055564a9935cc7533c7728d1c02795f69bd3effa666782142940092dde912fe3e4e90e48c874499699cc07a24ae54c0f

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analyticsv2.db
Filesize
16KB

MD5
bf74424d6708c396c24435c44cbaef18

SHA1
24bc6c55da2b7dc7668c73799838d5b8ea3b5e1f

SHA256
4d7d9b2b40d90889934e578b92875e2193fd54852e4fa7697e52345d492042ef

SHA512
ffeed953ea34b3344ab12ef20562e3b574d1b38bfca1b94a418831a78a6076f107b6dc897d1a1ceba41ded6e1cdfb56ae88634c1ea64f2449d3c92bcb215e648

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analyticsv2.db-journal
Filesize
512B

MD5
f68d9d9c7485c8c21b8bf09f0cd1901b

SHA1
c2fbb843993ec87ab717ca5b754d1602a8656311

SHA256
181d78c6432babaf62648993a685592a78113ac4d7b65cc05a8315f0112e3b7e

SHA512
d7eb6a34e577e58906070353979581d4191b8e940effe17b032eb419b258a41d8d9595b3775d0fa0a2525f429fdef6d5e3c90a48c5ec8c0690cccc8f486c84f6

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analyticsv2.db-journal
Filesize
8KB

MD5
7ffeee901697dcaa7c1bfeb0ed6db2b9

SHA1
abff39558e17e4553583ed262f9e8c106176f17b

SHA256
0b610dc503e8edb1a258eff81863e17ebb54d5bde8a905c1a92089ecc0b57479

SHA512
8bb645680e5fa661dbca1079ffa50eee5b35324c1a79fe3ece190684909a6a5e580c613d4436108382d6b59d39827213098f379c209cc6b832a4a23d061e8de6

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/analyticsv2.db-journal
Filesize
8KB

MD5
70d5407ea2895180f8798342e369776f

SHA1
0e65c4782e8e2a68c2eae2d492c5c18d2e6c46ea

SHA256
9e37d5afea77f9e1a59b586633e52dbe0f4b20c4649672e5282fc9de2b3cbbe2

SHA512
9b454868c1bccd88b2c8da8d58815b59c94a755810f8f05fc1ed77565339a6f85f5352adf5e4995f6989e0e136ca56329b006c81ecd4019688365342a8e40ec5

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/reportServiceDB.db
Filesize
20KB

MD5
39336595e412657d0c3941cccad33105

SHA1
c0756e10b5264cfff670aa462eb8230058e946af

SHA256
a29aaec67b9617f1dadad382d6b93052636fd6b1b8f165d18ff7bced5daa33e1

SHA512
9764433249ae96b0df248c8cd40235d27a389bea50e92e26ca750f28ea11e3ce7782ffcc893dda0de398f5b7e58b4af6401f92fa13d557c100d5f7c897d9307b

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/reportServiceDB.db-journal
Filesize
512B

MD5
eaab6af8de8c21fa1ea9c9007d5a3723

SHA1
c52065a85bcaa330684d88813f2a9d437e00a126

SHA256
d5cca7d90fb89d3cfc2cb2ded3e0d67afb8fc31be7a4431de6c7da5de537f527

SHA512
07f361bfaac1eb994e8ae9cd6511a200a7b0c21885efc7819e909a3e703c037df472e1ce10a68017b50e1603129e76c07d4f9c56bdc2c5e72118b1aa32a795fc

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/reportServiceDB.db-journal
Filesize
8KB

MD5
3931e005a5961428efb282e873b37558

SHA1
9dd00f07d069a38867500070f78f6f187efe26b3

SHA256
2c75e67829e0a68b388f52e5a0101c1d91d54205b91eb06f028f853a56815dd7

SHA512
dc8c798435b89ba552168fb6d66d91a839d6735e48949ad297b68e715a816a66d19c338da4cea7a1d9ef9d80cf4b73965fe8e9688a9a0e975dd9f88c7863c90e

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/reportServiceDB.db-journal
Filesize
8KB

MD5
1e6ea62109cbb8f9b26e93632eed8994

SHA1
9fb4f6c6198776561985210167002bdaa9cabe6a

SHA256
62a52a0a6d7869eef7aead4499a1ebf77fdcbf8a05fff0390e16b2cdfcf42490

SHA512
1f6b5762eb7f32ac521bf2086e055128bec377ca81570feeb54c62a5142fb40d8eff20b917d801f489f1cd95802161e0fd1b42f2677fb7a8b38d33e69c80212d

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/reportServiceDB.db-journal
Filesize
12KB

MD5
225e98f6a761d85490fb3d1dfaecd131

SHA1
8ed6c82350f109d996d522de707d4e99761d8c59

SHA256
774a8f431350e6459c172db8d2d0ce5c585f401e18b82c5a75a68edff58a6ff7

SHA512
f548de6dc5802e7c8238999c0c67493829b38d54c92f86a2308e185a9f34cc8183a6dab3bf454e211a7dad5a2e92ac2ae0761e2683681050bbc28164cad04638

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/reportServiceDB.db-journal
Filesize
12KB

MD5
92da07af0a6ca3ef8de47525261163a4

SHA1
558a90c55096299f1ddfc2506926c5db20ea1d74

SHA256
5ee08148d5dda32d2c1d6e2501fb04e9884fd7208b08c3d3191ce4dd17d671b4

SHA512
ad5eb555a7b24ac23db933e2df49047594905fa3cb28908aa398206d6821ba2a99cb41523fd5e6826b2fb8b290516ec324b36726ecede386801efbc911275469

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/reportServiceDB.db-journal
Filesize
12KB

MD5
660577f68bc710fc7c8bed849875b87c

SHA1
2e2d15db7845a8349fcd52f48c6b107d264f7289

SHA256
c69be25cc67d72ff70642b985b1871d0370e44bfc76b0f39836790c682762d77

SHA512
4e963a1d9a13687c3f69bfcff5dc245aa4d29a7f5e5936f5bc0f09f7bc3e5f2034a0fe871a45d0e56b7543767703870f0dad6adc6bb0379a00984162297d569a

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/requests.db
Filesize
16KB

MD5
11536d4b7b4f66c56ef30df3042a8bef

SHA1
0379cf3c132927b7aca9502f91f46ada0cdf34bd

SHA256
838df2ae027cc8a28af7cad8d8014f6d4e176daf1dcf206065f8a5006369a79b

SHA512
c93f53ea61d9ba16826a0b8842a36dbe6637f9922689f6935b2f5546a76bd876f5b8886c46f74ab115290ab4cfae8165762470abcea071cef9778d0cbf1effca

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/requests.db-journal
Filesize
512B

MD5
db25bfe145f97e12a539558627f55154

SHA1
32aea0393c4c66b33edd6638b09d3c8bf3fc0fd3

SHA256
fb709f09c99a187db1dee534fcf1623106e114cb389ce68df65ea5f52fe4f0c8

SHA512
1372d72666771991e112e599495410a2c8bc6e75f1857d31e982ccefd715a07f14b5b6de12ea8a5c5c6bb2c86b27590c122a3c38ff965ce7390bd3739ee018a5

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/requests.db-journal
Filesize
8KB

MD5
c1730d97c6e18efb405d69e49f0c6994

SHA1
89b1338ba498569ff7481be4f8941780c5bc2dd3

SHA256
2aa8db02e20f69936aaf9a82d6472fbd881442f449ec1fb3e787c924ab0aaeba

SHA512
9926393ab5cbf18d4fe643bd64d0d0699def95b346c88804bf7af043e654a19fd1c24de334f510b331bd1f9c460650467579c63ebe73f0f4fb046d25a79d1edf

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/databases/requests.db-journal
Filesize
8KB

MD5
0cf2301ea5b5dc570440799ed14beba9

SHA1
6f94cc47358a2b5a15ccb599f8c3742edf96ed2f

SHA256
2d92089fbf49239fabdf33f359360bef9a2aaa2c28887512b55a7b3424c4dd9c

SHA512
5b0da3356b93ecd58faeff6156d8787a423801d04583a22e7ff247db46714832d08469c61f3af2cc7c305363beb01e8bafc38b41e7ab3f4ff3e745ddacf59119

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/files/54db829f09424caad69f7fb9350fa48d/policy.cache
Filesize
12KB

MD5
f0326dac3bd2b30f8d216ca46622eb2e

SHA1
e34cdf9529a96288d206b07c5078afb012be5b7e

SHA256
c59de2f2197323aae35f444e18f7f5d7ae2967cc486b0297bceaf329ef8dfcb7

SHA512
b91250a4e5cc4c2464657d7d625a3d19144b321fbc091041bae340dd8f7a27712dbc0c5961d50bc039471014c568fb06df9b8305f20e4ad08c65894e56b4c49b

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/files/54db829f09424caad69f7fb9350fa48d/policy.cache
Filesize
12KB

MD5
864af04b99366f16beea21a543233d51

SHA1
15babcff8d82e0cf87491e9689c9720f29fa2791

SHA256
5a573ed2c188690f498b64bfbc39bdf97ffaa5bca12b7abd5805ade09d7b9141

SHA512
7640a582f41e00d14c0dc2b0c29f062eac25cdfaff3548a7d88eefc6ca70cac023e009b7ffb473df6facfb368271d103c52a78805faf363799bcc1fb1917ec4b

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/files/5a0d76b426bd66bf94b94e19a8719e41/policy.cache
Filesize
1KB

MD5
4d4dc628d8a3facc8c167ffbbb0cab59

SHA1
6f28c74730b309c7536866b5aaf04fa69d95b105

SHA256
742d07ce2cfa3958c889ad99e422f8eb063b824071fdd072e56a6de5c8d325b5

SHA512
59843b5081a0f9dd353159ff0dbf07572cb44ecf0393798558f2f1fa054129902e8dc2da88db38565ddb34fc6857ecd338fc4f24f6c50992be638793e5554bad

Download Submit
/data/user/0/com.duwhauho.cjwgoaugocw/files/a194a0a7214f6cbda0672045c51505d1/policy.cache
Filesize
13KB

MD5
04ecedd182ec514d1a60d8d2ac199148

SHA1
3cc41071881e11ef4a5e8500ba83eb91e0502aed

SHA256
690fff1587a5f29c71dd12bb95f7c8d0d25518679ef90c9a9adf8c69ff5f18bf

SHA512
27a2e1ea979a0c3568064028558da583b72cdb5133442cbd5434c497ba0d2ba7a0a0445dee5657c4ec277af119b820371e03ac4c799eee93731b12379c491837

Download Submit