f0293533c990df530b75c66e11db6fce94feae729a5982f0bc992c042d4f7b22

Analysis

max time kernel
57s
max time network
170s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24/05/2024, 23:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7022b82e185b9da8edffddb2806905ab_JaffaCakes118.apk
Size

1.9MB
MD5

7022b82e185b9da8edffddb2806905ab
SHA1

0c64fcc82deefdde6fe7b2de3106c72aed788968
SHA256

f0293533c990df530b75c66e11db6fce94feae729a5982f0bc992c042d4f7b22
SHA512

6d51abfc4c7a4d5afa66211a14c3e3409bf8b51083686672b3fed93dafbfb37a186b35ed61d515188cd151bfebe8cc1f63f512b0e77cf2b7c8a977e0ccbb0213
SSDEEP

49152:F0BrcY5YMRpcRqp95q0qHenswOjZ4XsUmCPzNRRNYe4T93:F0YmpcRqp9kfHeswOjCXsCPzNWTl

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.huarongzq.dzh

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.huarongzq.dzh

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.huarongzq.dzh

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.huarongzq.dzh

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.huarongzq.dzh

com.huarongzq.dzh
1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4329

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.huarongzq.dzh/databases/AJZQ

Filesize
20KB

MD5
3ba0e0c0853eb0a14bc26104275969b1

SHA1
b67b5f01349bc58ecd29af2cfe978f675975b3b0

SHA256
02713419ada5a6fe52f8f1e796d99b3ed714e13681caae41d6adb5a26abdc96e

SHA512
0d7ca4b1fece21424d90f87719ec6a899511e85cef5977fcc4fd819284c6eebe9c6f267f68a4ccc9e01aa4c98e2c69efed47194f3612be3c3d20f7a90b9b9a8a

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQ

Filesize
20KB

MD5
9135a4c99c4ac37a360d67253930a240

SHA1
5c5902acd9ca35020aef5cf8c0136f0ea32948cb

SHA256
d91d49146460f8521926e707dda932e9db79fbd3608f253e2933716b7cc6352c

SHA512
fd8ecfc50ffd4711986edc20801ae814286c651d7cee0ff51d8fad3114fa77d51aead67a7fecda5249dd94e5efa092e533e706755faa94380a9924938f593292

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQ-journal

Filesize
512B

MD5
b7805843d76206673553dc7a103bbbf6

SHA1
f5ac1fb71fffd3cd0eb035b8e18c37a7931cf32f

SHA256
e90655bd2225a4a73a9a85461772c20487dee7d6e8fba7c92e740e1a6ef60d9b

SHA512
373fea044c288d63e753958083f40e2ce102d8d7c38a6ce293edaba71fcefd87112b16814e30901d39ed2886381e76e43d416e87b01242dee88f536eebfaba06

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQ-wal

Filesize
8KB

MD5
af49540d1ab7b5b4d55da05856174917

SHA1
da29d95983bf8eb1465cf0629eb31f62eaadd53f

SHA256
95e12f57f16ea87da69b845e0b9fce8a0e10d8b18a9fef21c551a01fb21a26ee

SHA512
f27f1f8a38d48f496d4a4b87953bfb47604d84869b52018a7bcd91db4235d0482b2da3a6b6ac5247e1e0d3d6e20a09e973af94e7fb7f5ea408b38c106417164d

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQ-wal

Filesize
32KB

MD5
8d0562505c94cf3ddf6fee61047555f6

SHA1
a824e4c2a5889e08c8031ef7e1f7389e2353be9e

SHA256
ef81372d7d17d04eee33d763ce88e6a7b9d4f7c98824ada18ed2957247744a6a

SHA512
9aaac8c2ca24e548bcf0a18ed4d2a807896d44b5b3ea2b5868ed096e7943de08e7bf2b216b94087f157cded0585256b8e80c0689736cdf4bdda4535ac3f49e8e

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
4c2ffa4c3f25d7f344784cdc27d1d6bb

SHA1
ab6e059b828eceda404fd7bcc1098101fa370da8

SHA256
5086347e58781a6c3aa8eeb40861d8089d1131fb35bee41d6305c51454e62fbd

SHA512
05fb584840ccb3c1745bbfe429536974b0a408053152fa8ecd58356659c4c40c07a76b38f148be7597c37c627a83e8d14695f1ddd46c32b32e3fed17312e865c

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
555bd73afde4b6fc2834ca615f586a13

SHA1
2e4cb6f91805bd13fb0d8daf475b00807960d75f

SHA256
b4ddeceb4d45505f48182415f4b67d9400125decec5f90848958ff217b49e906

SHA512
211a224a3ac7043d7480b507171a4c437cff6ef43fb582f38c9d10fba172189e9dc45f9f34c4681352fadc98952be08dd6a64fb2fe292869daa9d004765411f1

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
0cd569e93500cd9d55f3f95383f26593

SHA1
e613f19127c7a02154db27ebd0094a6b43a510e8

SHA256
175a5a34ed257b3337987e52230df13d9f9fab841f4067f3970e81ff60ceee2c

SHA512
169a24a03c37f5ca207437d5c7786cf02979bd1c8ca3747ee2901eee15dd34828f3f58f2a955bd655a03e9d09414b7f73b77bcacbc5c2228b519fe1b1acece69

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
a4e2a8fd26c225d05e3f3a66166ae322

SHA1
b8593316f5a76add572e63f9572fc29aedd9788b

SHA256
62d82b59a93b24cc9da3a47e75c5f076976eb62b22a27eb23a084ca88a87fb4d

SHA512
df01329019716cf53d8a3999bed2693ed8046b529ad62bd9d26d2a3392a142f4545fd8220853eb336eb02a0df9363b22d07b05cadd94af7671c4a21354692da8

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
7468779992307344c1437fa68fbb5049

SHA1
929e55708bd76445f319446c4077beecc55a7e37

SHA256
11a6634c1ac3a9d6aed51a34d1897c8c385be8400d7d6e582c1ed656a9e2fdc6

SHA512
bef83d1cbf3a71f526289ad1bd9c0b137754f04077d8c1437ce8d6d249a823ce3293c5f5a705585188ecd5bdd5764d938ec064b5b28be6628152bc1fe1750adb

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI-journal

Filesize
512B

MD5
3516930cc7e58f375abd120abdce3be1

SHA1
9cc611c91e046cccba6e40c534c36b12db54ef96

SHA256
dc52ab5d20a9e4e570b991c1908f60e890974f30a497938f1ebfed7598aec665

SHA512
ba70e3574ee4e862cfc6fc46f55c9f5bfb91483bb91da064a002b9ddc9e4dfaeb461e89d349e5f57978df7bdaa1ab97410d47aa6c3c103978ad16616c0287742

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI-wal

Filesize
16KB

MD5
4512b8ea022dfd586421f2ea2e426aec

SHA1
a5c33370fb6ef3108e6e433a882c00734081e591

SHA256
0feca40e79f6d51b9495dcecafdf1ecf0d522bd76dc236b80a54ca15dc49637d

SHA512
786e90c159c5aec9ad0174ed7778eb01a180dcac15e298a6019d2acec4ad2237ed20fb0dc16113c398bf6f3971ccc1edd8fddf18fc7f83137ef89f63e75e7dc8

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI-wal

Filesize
8KB

MD5
a0d95c164413504971cb8a39c670729a

SHA1
21e69195a44d71928a97ae1fe55e267191022a6c

SHA256
a281820b779e82da6c6bc3796f90dd70a215b59b347e62f95266f38e738cd081

SHA512
9067f1111ca5d6dea2b50183a1e486de39029bf6c9c8fdd25f62119354d4f675e2800e50ab49f1e62da130fc491bd0b5c805a74b6341d2fe48e5ff5b5f6257d8

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI-wal

Filesize
8KB

MD5
d29321e073dfdcdeead8cecb2e6afb42

SHA1
ba68b92b0ecf2675860a4c3aa840ec3224ee18ff

SHA256
10c9a795b949ade1428e1cf1eff84c1c415285dcf557bd000ba683825783464e

SHA512
e240ab20c6d106290a24f31f8d269cb764bc2a34e89f8cdc5102ba314c27f7f5843de1570fb9362cc67a644316604472d06adbaff4f87d264fe26d6a0282a7f0

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI-wal

Filesize
32KB

MD5
5a1464824e7b11d8be3074b162afedae

SHA1
39bad260cde5f03533a00083536000025b0a0660

SHA256
ac0a9b3aab2241c0c79c8ede4d171c6391aa28cd3643b8d425abb88b6f1481bf

SHA512
981a5ada36cd60fb98652d893bda924f5a61a4158ecbc08b6a6f84b41a118df081528f73b69f020a2769b43314197bc00a1366e398f8e98a8499c130f063b84e

Download Submit
/data/data/com.huarongzq.dzh/databases/AJZQDAZHIHUI-wal

Filesize
8KB

MD5
16c7419efba3a60b74b53467bcd5eae5

SHA1
fe586b8bee47d1afa6dfebf6382863681b820db8

SHA256
959e6cadc7a7da29f3515585eb4e7959737bc90ee7029d2a3ed0e0db121b7679

SHA512
db77d70e8fdf4935c645af2e16545f4636427b89a0f12d8583d01efbc07ef6c9db99fe0fdfcef38ef63573797ade99f8e27d462c7ab14a8e7554bd9f6dec9c4b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads