9931de2d577ed1cb239f8d12c22016dd3884de1c5f3c9c74acf3d6195e57c622

Analysis

max time kernel
105s
max time network
179s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
23-05-2024 02:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

69605fc1b20557dbff811105a44f3527_JaffaCakes118.apk
Size

10.6MB
MD5

69605fc1b20557dbff811105a44f3527
SHA1

d9e5573f539ba5f1aec13293b7ab688670a03074
SHA256

9931de2d577ed1cb239f8d12c22016dd3884de1c5f3c9c74acf3d6195e57c622
SHA512

222aa7ec7a6bfd198d2ec09e524f8af1910786a2d05a96912860ce6f63fca5105c725fac1f6b508736950952bf07b1ffa74920257cb5e0bcf569a055e409afe7
SSDEEP

196608:DSJ6XVOzAg7btuWle7cPTtYRvQygjKydd++zMVBCGwz:DpFO8g3zlwatwvfgjKyf+gcBl2

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs
evasion

T1426

Processes:

com.shopapp

ioc process

/system/app/Superuser.apk com.shopapp
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.shopapp

description ioc process

File opened for read /proc/meminfo com.shopapp
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.shopapp

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.shopapp
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.shopapp

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.shopapp
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.shopapp

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.shopapp
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Checks the presence of a debugger
evasion
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.shopapp

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.shopapp

ioc	process
/system/app/Superuser.apk	com.shopapp

description	ioc	process
File opened for read	/proc/meminfo	com.shopapp

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.shopapp

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.shopapp

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.shopapp

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.shopapp

com.shopapp
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5149

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.shopapp/databases/bugly_db_legu
Filesize
116KB

MD5
a8c1f105ec83b6ea4b2ac416141fc3d4

SHA1
a844b4ad85e7f8e2c9fedfa8695811f268129a45

SHA256
944423ef3781db43dfe98c65e02706eb4efd43341dc780bcfcb3bdb08de693dc

SHA512
6ee15a127bc7bbbbc40b51f5c9724e3e4e4bb355dd75ff9dfd5322087995af9a6289300bba6c57062dfa4a13c149a6408e54ef48006f57135d7faf95f4a6ba33

Download Submit
/data/data/com.shopapp/databases/bugly_db_legu-journal
Filesize
12KB

MD5
8e199269201fdea50335d8bae07252e5

SHA1
4fb3e4f5c1855e3b4030c92cb0fa92c7743d1203

SHA256
f680026cbe88e4b380755f7f313a98dde7ea19249504d2d859d30fd06da40cec

SHA512
a1ddc933c02c0dd6c0f08364da0086e54eb0fc7fc820f7668a4381cdea95a7283c8303f2923c17422e697e6954943ccf4877f9f04df0c558494ded989e5edbad

Download Submit
/data/data/com.shopapp/databases/bugly_db_legu-journal
Filesize
512B

MD5
0cf23b56b9a2c607573efc1c6e607cfe

SHA1
d2e89cdd0fd8247a67791a128ae02a706e119400

SHA256
66b3f9033a5c8aa5df44593b1bdf644756e51c5ca6b4658303c67d8326011aca

SHA512
4903144a93ec3ef4774b1b814f51df3cf0a65b29f8ca539f3262487b8c8baad5975d777956d406b2d8b19bc5b82825f6cd1f4d31cafc397565a3cef7eda6bfa3

Download Submit
/data/data/com.shopapp/databases/bugly_db_legu-journal
Filesize
8KB

MD5
0e9f646a07815bd6ef77a5201545747f

SHA1
4d5f479ed8c146bd1c01975ffeab017ea7fbe49b

SHA256
83ae1aad1a87956978cb5cd540a18fa0b11d234b5e30789e53220cc40dc48726

SHA512
084b9beabfb78b1c4d0de1e004b7d6cf7cbfa5dc618f144ecadfd695fd9d190c840eb4c8fa893357af66683734deff1f61f2c35ea071a1dc2887b07972f10128

Download Submit
/data/data/com.shopapp/databases/bugly_db_legu-journal
Filesize
8KB

MD5
607500b4f7f805550bfa1463167542d6

SHA1
3c986004fa5333d57c1af12ffb259693be6780ad

SHA256
12b75abde056933eb315addd84680e75dd16c0504c7a54a52594948af079b24a

SHA512
eb48b8fd1b7b0c2694b83d0cfea3f51b697c8327ceb39499c33da0d0647f1d9f671a88626ca4714fcb165a11e74060a1c9d299e73ef896df02fce8d5281ff8c7

Download Submit
/data/data/com.shopapp/databases/bugly_db_legu-journal
Filesize
8KB

MD5
ccc0c6ef45cfa32c1df8af1c20e4a413

SHA1
ba049c47cb7adb62e67453c5a9a00b8b3a835ffe

SHA256
82d363b2a27c5e1e9218607801d7ad2c9409ec798845a40b9874985a37d4ae31

SHA512
30a5d77eae634de8b241353909c386582bf5fd9d407f649b8df008612e6dff0a394f717c0590f2c700450ca2a8328a17edf853e8259a9cfc04bcfd5de4e704d9

Download Submit
/data/data/com.shopapp/databases/bugly_db_legu-journal
Filesize
12KB

MD5
88cf15a5501dc6ceb55a14039a18e3a3

SHA1
e80fba113b2cf4653e2e804ea405f817f1f742e8

SHA256
68e3d101179ac5aa4d9d13c70ca6006a4dc30f51b464eb38c2d3e56a3ff7a10f

SHA512
9e523d9505c56c9d8f1d0a117a2306e89199163b97526d5b53e9851d5247773ce13df9b75f8da99bf81d9f3194d18535564197c8b5ae466c433168b9bd7b462b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads