2de760a7bde3dc6228735b7b45e19b4e2e7ec517515e9be76c55e3b074df1a02

Analysis

max time kernel
173s
max time network
184s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 01:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6940a315d81024fb3a2d0acf6dd4a7be_JaffaCakes118.apk
Size

30.2MB
MD5

6940a315d81024fb3a2d0acf6dd4a7be
SHA1

9c973a68428b0ac9996e0533d178f95f3329757f
SHA256

2de760a7bde3dc6228735b7b45e19b4e2e7ec517515e9be76c55e3b074df1a02
SHA512

fffb36fd01cf06c7c5b2804f68f35b276fa4a4a695095e4f24e8ef5cce08f5ab980122dc3e103177bdb36fb7020dfa7afcc6b02a33ff477e958a0d3c26dcb621
SSDEEP

786432:Nt2T5wiAPqHGLIE/9oW4B7iZKeKdIlT/kEmUx:DEdAPQs14xiZsE/kZm

Score

8^/10

banker discovery impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.netease.cloudmusic

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.netease.cloudmusic
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.netease.cloudmusic

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.netease.cloudmusic
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.netease.cloudmusic

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.netease.cloudmusic
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.netease.cloudmusic

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.netease.cloudmusic
Reads information about phone network operator. 1 TTPs
discovery

T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.netease.cloudmusic

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.netease.cloudmusic

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.netease.cloudmusic

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.netease.cloudmusic

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.netease.cloudmusic

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.netease.cloudmusic

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.netease.cloudmusic

com.netease.cloudmusic
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4272

ping -c 10 music.163.com
2⤵
PID:4459

ping -c 10 baidu.com
2⤵
PID:4529

ping -c 10 m8.music.126.net
2⤵
PID:4602

ping -c 10 m7.music.126.net
2⤵
PID:4645

ping -c 10 119.29.29.29
2⤵
PID:4703

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.netease.cloudmusic/databases/cloudmusic.db-journal
Filesize
512B

MD5
2948d9375f85bf4be56986525deebf39

SHA1
5ad62a846d8b64cddefc2016bbe03c4b353fcbe9

SHA256
ac3993435f99ab641ff4478a80ef7e5bbe7fbddd4a92b91a1946cdae0a10d696

SHA512
e665e9b8b7e8882e0e372ac14b7127af59925788ef6172a0ed4ce8f4e87a1ae31d41cdfdbdf3feed00f8bbc433f44dd1f531f7bb3acd5d31e8faa74279ab182e

Download Submit
/data/data/com.netease.cloudmusic/databases/cloudmusic.db-wal
Filesize
181KB

MD5
2ceecd1350f971545ac8a1465f57bce3

SHA1
926774d1ba3db7509eb6a85d07233d0e7a87f813

SHA256
ff373d58be02189509a786b6892e4b155fa51249cc508e7465d7d7d3492d7112

SHA512
9b9a5cbb021be32602fff8cd7ee235d22475eae89bdbb6f7cda916db3151ae502978e5e4c8fd8bf100fcdcc386f6498bd508f663f2c4f154ca7efbad55cfc103

Download Submit
/data/data/com.netease.cloudmusic/databases/mobidroid.sqlite-journal
Filesize
512B

MD5
b08d110060e23e794a4b2554fafd2bfb

SHA1
ddb3022243fda5423b6df5eff07a4c636b19371b

SHA256
a5eba1166ced0813a0ee6c6d2941957311d10d92d925d8de495cc5d75989809f

SHA512
3ed5b4b9377ab85f396ddbd970ae6f1ef6693e662255166ab23a246351ae2753310ed02c79acb3c6e5001d4355c108c4f505ed2898a768640ea4c167ab992458

Download Submit
/data/data/com.netease.cloudmusic/databases/mobidroid.sqlite-wal
Filesize
84KB

MD5
99a5e33542faa08a211e8c3b655366ed

SHA1
7cef63ffb5ba90b30b174908826d037a4c19ca53

SHA256
7f89fbc61bd91bc1f56a5216a7f07c153dc3f99239c30264da3212b5e71da413

SHA512
24096a34aed6771492d4b36502843bf452f2c43aab447aa7636b1f7a93c43351540050a1e6e2c480f07aa890ef90e24b87092e80c2c79bb9aa5969b5b40d84db

Download Submit
/data/data/com.netease.cloudmusic/databases/netease_apm.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.netease.cloudmusic/databases/netease_apm.db-journal
Filesize
512B

MD5
f0f6c528c88eecb1ea22bf4d6770016a

SHA1
f6922d6a6d8065aad50b6dcebba34c7ef6246d98

SHA256
eb64004dc7938ff3e007a1906505ad23a312f8486667b16bd27dc4d155c45850

SHA512
6974ccc50d493dc2b76222a208f6707126590ce94ec29ec68e3a994b7d54a605c0964f159e85de5ef6bbdaa8fcdc7ae3b243dbc8a28157d69ad470144f6080c7

Download Submit
/data/data/com.netease.cloudmusic/databases/netease_apm.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.netease.cloudmusic/databases/netease_apm.db-wal
Filesize
136KB

MD5
6dcc3a23b95dda972017005146a691a0

SHA1
5663b655ec21420c114484b32cffe9dadc0de596

SHA256
0408e38e37764bdcd32683c9d6467b320e8921bf29c7f55f70770e29fd560d5b

SHA512
756189641402f937c624ac2ee47f02072e79895c2b595f4198a5ea42c1c7afd76bd6864dbe384ad6f7479e049c4ad9fb5890aead38fe2e37da1a12f4ff4dbac9

Download Submit
/data/data/com.netease.cloudmusic/files/MAMStatistic/0
Filesize
4KB

MD5
f96d211baca8b345975229af7ebe4e43

SHA1
ddaf2dc30e3328c8b60c54b100b99bbe8f384609

SHA256
c598b63e4b3763471ef9a6f2ca2e76f1557f59a45eec4ab8faed7911942032d0

SHA512
59b654ca3caf1d39e2c808b666fb06655d5267db2d62a831df9fcf5e7e0a8043d281e8b885601309896982418f9a25ad22730f6b273089f4c8ed8493b9a498b3

Download Submit
/data/data/com.netease.cloudmusic/files/Statistic/0
Filesize
1KB

MD5
e4d858c98b05c72a0739870a9143cb22

SHA1
d59dbbe9cc8ccae9882e4f597e6dd5b60bc484b3

SHA256
3d623c3da285cfcbcb2f75005d87171ba625b69c091bbce73cabdbd7cc9a431a

SHA512
972037c40ef771ae4bffa3d83fc2a7e01e63140d3c5cbb9695e163ccbea29c87df53f9f382a35f4a260359a0257ca7b0a884f7da8547999cd022c16c7d67d449

Download Submit
/storage/emulated/0/netease/utils/wu.dat-journal
Filesize
512B

MD5
499d5e6aa45fc85d78a106b73839583b

SHA1
c84ae9dd22a5b8cb82ef1b149b4c091a53705b01

SHA256
3097602d7db7f96e7e4be6475eaac8cdca9ed0ec18d1d05a55011175daf580f8

SHA512
e477875c4d9f22b97a0e07ca81ff24ec2a4ad0b26a7798284a1310af24bbec442472e07ed5a0e9c257aa8c92cfd0abff368d214a2e29d924435c698e370f0203

Download Submit
/storage/emulated/0/netease/utils/wu.dat-wal
Filesize
48KB

MD5
5db333bbd33ec6bca7ced07e3ce5510c

SHA1
1df2d3b611aad52fdadccf2d47d9a4506857bcae

SHA256
dde654d547bf05db1c29043bb8e8768f5e7388146d67ef8ce1e4a6357ba6ced3

SHA512
7161fa116abcabcdfa1edff58a3f6a9c73ea85f02ceeb98e19fd389ed1c3b14c6540ed1e521e1af6a82657dd4f93365f92e35e904403f409b7bfb1499c1d2e1e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads