8d7cf3a1d4ef5f42415b4025855d17a3f5197c17e48ab825fec0f16cb60240d5

Analysis

max time kernel
138s
max time network
176s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 19:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

686e617c0e41f48c009ac1b893fd65b0_JaffaCakes118.apk
Size

8.3MB
MD5

686e617c0e41f48c009ac1b893fd65b0
SHA1

641a95f5c72452cd04dab3aa63a590b422940b35
SHA256

8d7cf3a1d4ef5f42415b4025855d17a3f5197c17e48ab825fec0f16cb60240d5
SHA512

7d700c5585770f0a2b48c668c531234a007c020af083f5863a3b3e66edae77da269ad3475e955d532c082f50525eefdb51a16df9e36002611ff71dbcf92e13e4
SSDEEP

196608:siAlHvmjctmtCiPAbM4NijLMqfGiE02pMTC025RrHU+9ckMWV1TmJJ:sPtICPAhvMbiQq65UQc3MIX

Score

8^/10

banker collection discovery evasion impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
collection discovery evasion

Location Tracking
T1430

Geofencing
T1627.001

Processes:

com.luyuesports

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.luyuesports
Checks CPU information 2 TTPs 2 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.luyuesportscom.luyuesports:bdservice_v1

description ioc process

File opened for read /proc/cpuinfo com.luyuesports
File opened for read /proc/cpuinfo com.luyuesports:bdservice_v1

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.luyuesports

description	ioc	process
File opened for read	/proc/cpuinfo	com.luyuesports
File opened for read	/proc/cpuinfo	com.luyuesports:bdservice_v1

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

com.luyuesportscom.luyuesports:bdservice_v1

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.luyuesports
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.luyuesports:bdservice_v1

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.luyuesports

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.luyuesports
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

System Network Connections Discovery
T1421

Processes:

com.luyuesports

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.luyuesports

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.luyuesports

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.luyuesports

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

com.luyuesportscom.luyuesports:bdservice_v1

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.luyuesports
Framework service call	android.app.IActivityManager.registerReceiver	com.luyuesports:bdservice_v1

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.luyuesportscom.luyuesports:bdservice_v1

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.luyuesports
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.luyuesports:bdservice_v1

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.luyuesportscom.luyuesports:bdservice_v1

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.luyuesports
Framework API call	javax.crypto.Cipher.doFinal	com.luyuesports:bdservice_v1

com.luyuesports
1⤵
- Requests cell location
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4242

com.luyuesports:bdservice_v1
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4278

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.luyuesports/app_sslcache/www.easemob.com.443

Filesize
5KB

MD5
2ced87a36180205279caa6c2277643a6

SHA1
67bd593a86a2f453bf61c3269df57876fac9f1b7

SHA256
0eb9d3bca9e9da9cb789c01cb909720277e769d8a82337dde65174c2db72cca1

SHA512
541f8ba4a454850a596bf2eb2dcdd004ea8455a0c46a05ded837f934a0c2dc39048af4fb7e9563ec9ee5d9761a41b866f805e0dd6a1f3a83832b673bb170b28d

Download Submit
/data/data/com.luyuesports/cache/com.parse/applicationId

Filesize
56KB

MD5
86104487e76511b2b6adf9f597c2a7a2

SHA1
7bd50fec268fb1f08a8e68f15018669a54f08220

SHA256
6f6be6e52c0cc8ce2e753368eae5f3bd8cb015148f708c6a690a6d49db4d96dc

SHA512
4fb9745200e0c93db54bddd8d28591417db884f66374a7ec6d834b41f829846e8b3b0253a36204fec60de25637ff9e147c030c3c013883bb7875090f8074ba2f

Download Submit
/data/data/com.luyuesports/databases/ParseOfflineStore

Filesize
32KB

MD5
a8d71a448af6b7c4ce7909fa3d40bff1

SHA1
d166e65a0dea1bae1ae8cdad35c4decf9343e1b6

SHA256
c96800afa57d6cfa2c71286d2d5ce79f820a47952252029dfe89a7b124454703

SHA512
9af0e829cd33a55c801114dd2e25d222b278a5f484e5030b7b68e52f4282ab633db51fb30ee95ad005ccb8de205533b5bee98f6e272bf00df59bcecf12563db9

Download Submit
/data/data/com.luyuesports/databases/ParseOfflineStore-journal

Filesize
76KB

MD5
6e31d3cfd01926235bbaab3a2b734fdf

SHA1
c24bbd9ffcfc31624c0b942c4a5dc9765806534b

SHA256
db73e7a90da578fb284c7daff49b74c2468d03a5307c840363165a3fb396fc0b

SHA512
1a276415b750d0f90dfb20cff5e58743fe7330c5e8788f4114d80b22cc8ecc25baca81cee4354c76d17cd5fada293d3b35a228fa156e5c4ddc499b8958678e78

Download Submit
/data/data/com.luyuesports/databases/ParseOfflineStore-shm

Filesize
32KB

MD5
af0561636d181a91da91516441b1cb64

SHA1
ad20c5e42526e4d53209497d3227eaaec02f3cc5

SHA256
6ea7eb4eca4c2fa72eae9d8d8c1ccc91722c6d727aa3f29659d3c53a39f7e093

SHA512
4eac9ec4b6152599deadcc17e715bf36ee6b9e8fce7cb6fda8ae73ceb179fea3a87d10172fb60a07a5afa97430b43b5caee48e360f9c4a3dd3c8341a7ec57718

Download Submit
/data/data/com.luyuesports/databases/ParseOfflineStore-wal

Filesize
44KB

MD5
166fe3c892dd3623dc0ac52808a7ecbc

SHA1
59e954a3a59d7522d2bb000879986fee79c61258

SHA256
3a4ec257b6a963a984315d22e3b965e223eaf6a04619dd4dd9e92a6403f28fc5

SHA512
e1441f0ff1ff63cc71e8c7c9f37606ab3ad56a994bf3931744b166e162f86f8e32cf8952b664c8e6bbc8ad9cfff62a40ad642aa264869f3672df9e57f76f484f

Download Submit
/data/data/com.luyuesports/databases/datacache.db-journal

Filesize
512B

MD5
94d699a12ed9ebfdd6aa4a31dacc5f36

SHA1
865f649204108cdf84ac7c724e9b5eb7198f0119

SHA256
34fca78a5449ec1a895230361ab63d6a9f1832e959080287cdf4d481b4d5a50e

SHA512
f5f3502e416979f7eed779046081c2fa750851e4042cc8d1767829310bd226838ea520ff511b8598cc0f94b8fa025410da9e14e0a32c474a639e60336e1b9dd7

Download Submit
/data/data/com.luyuesports/databases/datacache.db-wal

Filesize
48KB

MD5
085d01e45fa926e5ab44c0ba26762df6

SHA1
b0ad1f71b56dab9d91431b84b77fda806b6107cd

SHA256
5de8f27b6e17e99c5f12c6b9feab8beaef733d9e12779da42826c1392708c36e

SHA512
3dd928b2fd6d4688d1a8788a22f19b00c3335928a89a67e9ae9867a89555e615bc153b09d7681052ccc5fed5b8cb0286e10d09be39129d1d455231d5b4a19012

Download Submit
/data/data/com.luyuesports/databases/dynamicamapfile.db

Filesize
24KB

MD5
7460ea3f1d4c504294a223fd0676aaf9

SHA1
fd7445dc4675a4a82d8c0bbf3aadb9a86e7314d3

SHA256
8db94f6d90b99003333cafc632cd777bf5586c7a2aec2fefa06ba99d0e2b7b98

SHA512
27f1cabd3d878e14428c4938e3e9e2f1b3e0605c51d7b031385b03732b414655505fc572ed81060f3724a2494333fdd2060f047d5c3372b173bc0abe32e29da0

Download Submit
/data/data/com.luyuesports/databases/dynamicamapfile.db-journal

Filesize
12KB

MD5
2a341f5b9363d924e91623b27da1e437

SHA1
184b13094377446fd6d8b08cfec114da9d063944

SHA256
aaa157395b9506ad9161b6bfd27928e6e4fe3d4741dbbb7d7777933e3e9cf9b8

SHA512
a40a5a081fdf485d2267c9812f459857b40d3ef90dd740b37512e7dc27112f835e6c438a7ae1a178599fe2390002a4b2814868a525543187923702cfb2a1f725

Download Submit
/data/data/com.luyuesports/databases/dynamicamapfile.db-shm

Filesize
32KB

MD5
9097628a197980ae31abe57e77cf0724

SHA1
4da6a2c4199f3baae1d6906c06b10d4d68b7ab55

SHA256
131ee855323ae3a92dffbfb63ab5cc0d66ef4d09c98e900f90e187a85ce6c5b4

SHA512
5545b7d1ffd5cf13b5367e103cca7ef02ca3b2871ac987a6d3f5c278df8020111dce3880283095f4fda8e5108eddd61184d5567888368caaa6496c6279b0d18f

Download Submit
/data/data/com.luyuesports/databases/dynamicamapfile.db-wal

Filesize
40KB

MD5
d573dbb13c2b7d8d7696baafbfa1aad3

SHA1
2e08c332cf3d884894aa163b751d0554543b850d

SHA256
671a6219796a82368253b92a06658da1dbc0e3564733d68226440f63331a96a5

SHA512
418f1ea91c31daba1f09ddba9968cc12263c823d9a8d8e6c87fae255752619958becc517e9985d4689b20132d73d11b1885a8fd217415d40dde30ed84846a9da

Download Submit
/data/data/com.luyuesports/databases/hmdb

Filesize
12KB

MD5
3fe30614d7e0d11db870b4624f6c50e0

SHA1
053ff0fc621ab40f2afeddb3e7b4a73ee41ec533

SHA256
67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d

SHA512
c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

Download Submit
/data/data/com.luyuesports/databases/hmdb-journal

Filesize
512B

MD5
9e8a8f82ea00c27ab7e4963431919f76

SHA1
b14f46462c1c1b9508ccd4a69090cc6240521b8e

SHA256
39e532fc18a156f1ee95b1987089ad26f1bda459512b385147d64f9f7c6f28f6

SHA512
463c9c9adb76f5d7c930cedae296f7219ed2c4190acfc8a6dfca74f75bac31a5a39f8191e1b6ff8f0a68b8cf4417eb874fc92d7884a7a1bd14b3e8ea84a99fe0

Download Submit
/data/data/com.luyuesports/databases/hmdb-wal

Filesize
16KB

MD5
7beec17d7cb103f1ba24418b6990b08e

SHA1
8cf2d69be10d3d43d040703e64c777045967afa8

SHA256
b78f1a525bdbdb34e73b0a2888591310b8410d91bb749067acb3df3abd1e9784

SHA512
cad8ff32665b97c9fa72721a851e917dba12844720714f16bd7a2c35115cddd608c6039df3e2e175c783a81f6dd27e9789b993538b8ef9634ae74da1e61dd2bc

Download Submit
/data/data/com.luyuesports/databases/luyuesports.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.luyuesports/databases/luyuesports.db-journal

Filesize
512B

MD5
9927a0ae58eb585279521adb3ed45fde

SHA1
b7d714520be90f0822d49f85c01782e6f0b55847

SHA256
0138291a7dda5dc43585c2894a9d7000a8a98eede9adc2a3ec8ecdb76bcf9ae5

SHA512
47354083196fee04316545ed3457204669684faab41601bf4cc3eed6a8699958f47977626cd9489cb3d1f3a859fecc7752993cb764d3aece2ed29a5d3af03b4d

Download Submit
/data/data/com.luyuesports/databases/luyuesports.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.luyuesports/databases/luyuesports.db-wal

Filesize
36KB

MD5
5f6c59ecdc387e0f8e1ec9a4cd8d284d

SHA1
69934863c3f29d8e3ed5858e0b8de2f01cd3e9bd

SHA256
3c87fa21c0f7e282a49410fa8c7b66042e6315df1f809b537ae793d829f4e871

SHA512
f5a519a9b77f7338390e06b91304266f9198650304224b0a391a2d5303fba4a48e9651c57e3918858685bd9715375cb0342565aa94658291391d56963947aeb6

Download Submit
/data/data/com.luyuesports/databases/pushstat_4.6.0.db

Filesize
24KB

MD5
9be0d9b798230fc25941c2e05d3e9e79

SHA1
a309b59dddd024ae8165799836afed07f434d46c

SHA256
2c7044e07aa871bb2d97347843ad163972bb98bee026da087e5351ee9167129f

SHA512
eaeecb70c0523c53f8be4e15635ee7f5ca93661681be11300ce2c3203661b481617eec6c8731170d5c66cdd65ab2d74ae66386e663f37f67dd8fadfab19e7bb5

Download Submit
/data/data/com.luyuesports/files/.um/um_cache_1716407979910.env

Filesize
707B

MD5
b89e917c6283fdef1cfcb3a984282b84

SHA1
fae66531ae1c1e8cb47d02bfebb8eff016a14cf3

SHA256
20b159f6dec1a04089b1e000d553a8890cc7a6dfb3925cc46ebc7e9cee42cdcf

SHA512
d3e83a579760bdb99a43a21087433ec732df44c97de941bcb72f6ad5a20fc244c65147f8d926d362b173deda30beedb85a53db74fc74eed1f503d643c7cf6fb6

Download Submit
/data/data/com.luyuesports/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
75ce67d82663aa1abdc7bf996531e2f7

SHA1
7b30e93d8bafc3c383f9a1664356fd97cda6b6c3

SHA256
7073c283f76cb40c7bbb9cc56028afa733feedced911ffdbe3733949850cf42d

SHA512
422cbb0718506419ad55b6276a32a60d7e7e62a46d1b15a2350cb0454242e62e56cea1b9fbb63ad4d1ebb9c2f7fb1e6971bbf83bf67e62e7058415a78b5d0319

Download Submit
/data/data/com.luyuesports/files/umeng_it.cache

Filesize
415B

MD5
88ba826c3a4a9c3c7259887b209ccc0a

SHA1
f250973b31cb797df4db97cdda531818c4ceebb3

SHA256
046daaa1ff8c6c960a18bd05963c8c17299733eb69db230992ee4887a197c574

SHA512
d78bc04399f6db6d055e476e954f081b20b17cb26a0850bacdd5799f4ee43de81c1d55d8c315309ee158b939348b008c8eb40f8e283ae89ddbc7e7a03467be48

Download Submit
/storage/emulated/0/Android/data/com.luyuesports/moveclub#move/log/20240522/000.html

Filesize
172B

MD5
51953e129207920f17d2f9e9115b2260

SHA1
ca8f74bb9435a0ef1152fa7235f3332002f7c9cc

SHA256
8397e305ea345944066d14c3b29b9aef3749c798859380a25bf159135dd34e71

SHA512
99705674531a430435e6e959eb9e43478b693b52e416ef9202af7c51ad52c06b885a9dce219536a833b76e50b13461da265498f16ee098506bef805c9c86bc67

Download Submit
/storage/emulated/0/Android/data/com.luyuesports/moveclub#move/log/20240522/000.html

Filesize
85B

MD5
7ee36817558cd74e85fd009f2585a25e

SHA1
7840a5eba33ad978c16159c052ac000b267722a8

SHA256
28ad9a37d230411a3d863d2d98fc2c92b435d0ae933df895e304a84ebe49a25f

SHA512
2f9c8b817751d7375c57a4b6d2f524dd29393d0ce74b4c8bd9b19720745c7f42be6ae7289f16cfc811939ae7f754bce013a4dbeac4b0470c6a155fe818bc86f1

Download Submit
/storage/emulated/0/Android/data/com.luyuesports/moveclub#move/log/20240522/000.html

Filesize
82B

MD5
e5734320c0b99096b06a1e2e09fe60dc

SHA1
495ef8f693321194ea76664ff727964458bc94ee

SHA256
bd666e4623e3345cd5285bb5c58bcad1f5d2fefdd0a56c561c0b92c0d7bddab0

SHA512
6ddcf4ec0dbad2b12b06ab2a20f51e929be28b2b5f3d9200f65723603ec90e04252a9f7ad6ce79f2be126aa02f57ba84b8b1ddb1ab02977579dd74b7ba1f0ab0

Download Submit
/storage/emulated/0/Android/data/com.luyuesports/moveclub#move/log/20240522/000.html

Filesize
113B

MD5
4460858c93fb3975db35b08c65dee1c1

SHA1
a8d9ef11e6eb2585399214ff5867b0a4c6b19d31

SHA256
86773512dc31e4ef2818ec3a264e87c2bd212eb6e1ffd7a6a0f6ffc470a28fd8

SHA512
e6d1027ac4474295f8d86144739f3a4ff495e87ab074900ef7c811f16c29914d8cac2c1c8c3a4a7c6162c1be5309ad809abb1b67285ed197614211d2913fbbe8

Download Submit
/storage/emulated/0/Android/data/com.luyuesports/moveclub#move/log/20240522/000.html

Filesize
10KB

MD5
6de8ee51c1732b6004a4156bfd7befa8

SHA1
e4172ea581e3d1af819cbfb4580d54c227466eba

SHA256
1575585c3ade179d19202776375e85baffab0e71d42eb23f0c4a849a5ba8d659

SHA512
434e37dd888d8d65f9442483b4beb692ea255b904b7c3a554321a8093d8138bfabd86970470598eb60278f4b80b740265349e6a2189a5d07cecbe7805df33c31

Download Submit
/storage/emulated/0/baidu/.cuid

Filesize
160B

MD5
39e674b82d300d37477ffcb62e41c44a

SHA1
32fab3e0e2c80441410c62e46ca64dc58ee88df6

SHA256
b18d7a6062932ce82c838a3a1ddec3ac45bad2f8843fc34e63b8121a73346c6c

SHA512
523994273e3b197b24ed87ac292f4aea3eb011e82f465f9fd6a793d94080819ec243f9db940022f16cd434107f566f6418ae4843e4393134df019cb7da51c13e

Download Submit
/storage/emulated/0/luyuesportsCache/other/datacache.db-journal

Filesize
512B

MD5
79f7d60e7d528532cc45ca1596a8fb81

SHA1
1a6d30ee026aa349cfcb3f7fa8e1615ee84741fc

SHA256
fd457a5ff1ef0ef800f4dd59be04ed99f8a7d0a45fb783440e5f2d90f25164f4

SHA512
52727e9f8805c2c3f242f9c7001ed9f7c9278fa32637ebaf3b99449c69ba1e954769b4a1985a4f704cd819d5646cc7bc9fc65f6e49e8093f53d998e98292b343

Download Submit
/storage/emulated/0/luyuesportsCache/other/datacache.db-wal

Filesize
28KB

MD5
e45435dbc4e0886e530824cd2aa71331

SHA1
e683e7b3d8701ea94bb25036d18c24ec88e36da1

SHA256
72dc4053bc5dc101b51bf16f49f8e9d3bfe4c8aa460c5328f64641f023cf4323

SHA512
c4f0271b6156e71e72991ed70b6fc0b3e94ddaa4d3410d197e0bf8790d2c37b19ec6fc1f1da97af5244618f03a39b3be2ae2f4e85448c7716960cee93fba9c9d

Download Submit