f0293533c990df530b75c66e11db6fce94feae729a5982f0bc992c042d4f7b22

Analysis

max time kernel
176s
max time network
178s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
24/05/2024, 23:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7022b82e185b9da8edffddb2806905ab_JaffaCakes118.apk
Size

1.9MB
MD5

7022b82e185b9da8edffddb2806905ab
SHA1

0c64fcc82deefdde6fe7b2de3106c72aed788968
SHA256

f0293533c990df530b75c66e11db6fce94feae729a5982f0bc992c042d4f7b22
SHA512

6d51abfc4c7a4d5afa66211a14c3e3409bf8b51083686672b3fed93dafbfb37a186b35ed61d515188cd151bfebe8cc1f63f512b0e77cf2b7c8a977e0ccbb0213
SSDEEP

49152:F0BrcY5YMRpcRqp95q0qHenswOjZ4XsUmCPzNRRNYe4T93:F0YmpcRqp9kfHeswOjCXsCPzNWTl

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.huarongzq.dzh

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.huarongzq.dzh

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.huarongzq.dzh

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.huarongzq.dzh

com.huarongzq.dzh
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Checks if the internet connection is available
PID:4571

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.huarongzq.dzh/databases/AJZQ

Filesize
20KB

MD5
510120c5dfebb809bf833dabea674354

SHA1
1ab2f5a9f1e577ee8215a22b273669aa2098e939

SHA256
673e1cb3645d208e77edcecb9902f15334eb3645a8b0663404e9ea31c06a7a26

SHA512
5fd6254bce671810342b3fdf21fd944a4da79d00087dba3415f85d593535b1a0dae650512e6677b7c21e6bdc65fa6411b52027514b8a2cc1aecc7cb75df1b36e

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQ

Filesize
20KB

MD5
6d4221978d319084fa16cb4ed76667fd

SHA1
9c945774ec6dd429664bcaeb1835d334d464ebab

SHA256
ea8af0795bf958b22deccf6dd8872488f824451f9d2bf0f6783c78379fe4a3d3

SHA512
6d19727ce6638dbe5ccbfcfd4c6f4df4f5496ce4eadb601ecc8bc6c18a2aa82c619f34e91d3e5a263ea137c473bf0050f1cdf2390506c94168b364b34db8ba99

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQ-journal

Filesize
8KB

MD5
31106c9996c1fe04587b00267af5d9dd

SHA1
6351be716b5f08476a91577b77a79e11ba989af8

SHA256
d548aa7b7a470e9ea62fdee186efbb0074c46fc3da8ba981e68bd13722f8383a

SHA512
924e3124929f9105a0d81fc07cfbd087b6e2ba281913989b9f71ad5fe7a3d925ee998a1008c49def6e1d1d104d15069fbd30cf657cc1941faee792abc6166af7

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQ-journal

Filesize
12KB

MD5
c6cbbfe05a0b36fc87d12822e0c1316a

SHA1
136dc274153baae0b49e76a39aaef035bf8849d3

SHA256
fd99a7c3f62d339a867ab9971f9593d0128ba4c56b732f2d12921e72d38c82a0

SHA512
e84fa244a2b6586e6569b79470393dc75731a5b0e523361ba784e6108dc10db1d793f4d09d25ed9be19a8134f223ae9459d1b373cf11cbd4ad65de5ea669f0e5

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQ-journal

Filesize
512B

MD5
e2441d93402126ca1ef9a71902fc4c2d

SHA1
8866708505b1f949453357168ad81e54c9c7554c

SHA256
274e459099e3651cbc10c566a511fac1ca2dedd4b51b2cc3563526ff38c3a020

SHA512
4e354a4dbe7e51e00fa31336684e46e30fab01850c83ee74cb1efb680613af45c4da40dd136c186883a59bdfa57e3ff97b2873d0e2dc1bcacdbe85e541f2f6fd

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQ-journal

Filesize
8KB

MD5
21bcdcbde617b44747d5e5368ee692d3

SHA1
51bcf5121cc6b855bd9c9789e11b88c69fa829b2

SHA256
702579e5e12b9c60e05582098166b7548f5b8d1b86863a0c4aa859eb0eea5046

SHA512
8a034a67863234a2aa77cb69b49a5bfc1db5702c25e63f778490eb1d33b48690bba4354c00464254ab689f9a6362ce7cf337cb50449a18839eec973e4537947f

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
4b716ded2ae77122467f1831b650e7d8

SHA1
6ec6e36c2ce0b25bfd223f35e8e5fce72e0d7c7d

SHA256
c79f48ab4a8492ed1d5e17bd3defa9d60b06dcecee80eb800a9a9c3f5d49d09d

SHA512
1d3ebc37957f196b326310f6c7e93e5f93c00abaa0e4c594c2d027d6c7df5e287d90ea14c2cf27e9efd45ceedc878dacf5ff2174c7d77455ab11fed95fa3b020

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
107c394578a4a372e8c22162364bf36f

SHA1
580ee76ee5e17aee43a0f54db88f42676ace20a7

SHA256
e5a4673f17732281237701b534bf9a1d0eab5f747efa7d5ae97c4d32a2fb1bc4

SHA512
042027f04badd8d1e66616cd9c554f3dbf593c9068c7229a2462195018270a69d930ba2e5327d959a704a4928953c3ba6d3e496bd7ad3052ef88c1a6d746d19f

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
3090d39cd7a60d8e865fddd83526e4c2

SHA1
5675a5f7d772125202b6b67e5e7be6a612090a40

SHA256
f64099138159c65d5d83b25767340f95a1a292e8545d736d9e938c4e102353e3

SHA512
824fb119e81e75e36ce5d6747e9bce8e533ad00389789dcbcce5cec919dbb18f79a5c92bb2662300e1c3f6e1c992ffff8c30785c05fd0c15a4819aada95768c8

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
775c686cdb036ce782a6e5959df8064a

SHA1
b8f8a81316cd5bbb576fd51b7c8465e07345c1e7

SHA256
ac4086c6149c6622a312e875d87f4c63d83b2cd45951e3f4423cd41a8fcdfe76

SHA512
f17c45d55339d979a3aa8acc852ab252b07ff040e3e5cbfaf7ed729b925a199513bdc6194ec9fb9d5c9539968da5619b53630288f866e4b7ee2bf671cd13aba9

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI

Filesize
20KB

MD5
44f87262679d2c0719cb93ede9bde26a

SHA1
2def262c31af6b6dccc048b392a1c8c8a290a402

SHA256
44d8f148f9cad31673acaeefe120dd4d7c37067dc5b6fcc1fd221fbe00b75130

SHA512
963571445c653794d8585bbddcbb79b12dc0ae7e6cb72e7e01a35964c0bbe362a9cccbf59ad061ea975a7cedbf01f67e026a73b346e506a718210cd170f80fcf

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI-journal

Filesize
12KB

MD5
75ba39464ded8a531aaf2fad5373db26

SHA1
3b0913f9ed29b0e9856f203c69a5f4fdea08e4bc

SHA256
95bae54e26fdefe477dc3b7a16f5fd4cf71421ef2aeecf6972c1fb62288ebcf5

SHA512
db11da51b50636046e8ec224431916c1b93d4939b5721000d6cfc3656d7e1f00d0cc63189791a28feffd1c01ba31adb54397e8858b19efe4d4a6dacc27218d54

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI-journal

Filesize
12KB

MD5
f9bb50f89e812be343da02f8e003f978

SHA1
f4b203bc2d3e53d1a478dab26c712a9ea8fce846

SHA256
47a3f66f9d297fe054af6615b7b01322224f8352dc6eae8c67531006996ca78a

SHA512
fb7b1582bf977a31aa9d8bdba39cea51bded34af3b42279124f069c5e2cadd4669f4f3c15435969119e9945ade237f0ee7b0d07dbd6e6083d9ff960b8571de54

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI-journal

Filesize
512B

MD5
77294e95e302c472060bf04b54f16dbd

SHA1
bfcf96ed3c96c150dd41692171003b0420bf17b2

SHA256
c1f163f3edcad9411d3c7225c5f6fc085e658862f407b3f8c1d4968d6c7b44c6

SHA512
5de5271aa996ccf82b7930bffa54e791f7932ba61c03189f4b7726fc656f78e20169058775e7dadd2a617bd4ed1de3dbefa9be9ff07c48af4634908a17210442

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI-journal

Filesize
8KB

MD5
ed658438f7086693a58e16a0922b9f6c

SHA1
96b3cb6add8da5f879cbeac84b82f395d13b0221

SHA256
27546e1cd53c613a9bcef8817e006f5b9000413927c6d0675fa4bf43ded65e11

SHA512
5175cb2c71700ab16aba6e78285ef8834a2e8e8152de337d760fcf2a2b6943289dcdd79356261dfe133aa1bcd3cc5b70b7060d5e347b862d931895630c440511

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI-journal

Filesize
8KB

MD5
20c4c3921601fbb4292e99a147edce46

SHA1
5eac8f21587d76a03099a6fd843a08f85c5bd87b

SHA256
79dda89ced153f837a40a8f17dcb5a9f26ce165868495017da1c2547958d978e

SHA512
d27185168557d33ee98dc6f9b0fcf6f12fdfa93c86002e7ea7a9790a74edad5c79f0554894e695ca67ad6ec13da705327c8dbc2d969f977b56ba589f3d3d278d

Download Submit
/data/user/0/com.huarongzq.dzh/databases/AJZQDAZHIHUI-journal

Filesize
12KB

MD5
f18f05fb8935caab53a457e4d5c4bd72

SHA1
53461f38da0817d6f62ab1f793f94fa5fefa5698

SHA256
484e7bb742245cb0031f02775582586b5b7102843d98c0d1ad36fff10e7cb4b1

SHA512
0a548d061a9b911499b3a385a257f83f03a3fad72f8aa43b853759dbcdbd147b4145215916f2bf6714ec05ba0f8dd99f87960c01115f6acbfdb72ad41ea473e6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads