2c3be1db019077e19d3de552e00eb31c8e87dafe3b45dea59e5bf90220403cf8

Analysis

max time kernel
171s
max time network
180s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
24-05-2024 01:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6ced0f2f4b81c1cced1e09019740dd04_JaffaCakes118.apk
Size

29.9MB
MD5

6ced0f2f4b81c1cced1e09019740dd04
SHA1

589365b6d03f50e77e21fff18ca6fa58fdce13e8
SHA256

2c3be1db019077e19d3de552e00eb31c8e87dafe3b45dea59e5bf90220403cf8
SHA512

42a86a1a41f96ee1b21fb47f706ccdb40e5c6f9d3215dfb1e55679f172c187c29d3f635383a46b2fec817969352cba5a3f80753edabb4708b23c2c6ee6ace96b
SSDEEP

786432:PdyDnDAvW52MPrOn7nyDNLJD4NQr3tS2H0Zz:P8jDAvWbrOn7n+NlD4NQzf2z

Score

8^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.ragaman.rideup

ioc process

/system/app/Superuser.apk com.ragaman.rideup
/sbin/su com.ragaman.rideup
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.ragaman.rideup

description ioc process

File opened for read /proc/cpuinfo com.ragaman.rideup
Checks Qemu related system properties. 1 TTPs 1 IoCs
Checks for Android system properties related to Qemu for Emulator detection.
evasion

T1633.001

Processes:

com.ragaman.rideup

description ioc process

Accessed system property key: ro.kernel.qemu com.ragaman.rideup
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.ragaman.rideup

description ioc process

File opened for read /proc/meminfo com.ragaman.rideup
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.ragaman.rideup

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.ragaman.rideup
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.ragaman.rideup

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.ragaman.rideup
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.ragaman.rideup

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.ragaman.rideup
Reads information about phone network operator. 1 TTPs
discovery

T1422

ioc	process
/system/app/Superuser.apk	com.ragaman.rideup
/sbin/su	com.ragaman.rideup

description	ioc	process
File opened for read	/proc/cpuinfo	com.ragaman.rideup

description	ioc	process
Accessed system property	key: ro.kernel.qemu	com.ragaman.rideup

description	ioc	process
File opened for read	/proc/meminfo	com.ragaman.rideup

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.ragaman.rideup

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.ragaman.rideup

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.ragaman.rideup

com.ragaman.rideup
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks Qemu related system properties.
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ragaman.rideup/files/UnityAdsStorage-public-data.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.ragaman.rideup/files/UnityAdsStorage-public-data.json
Filesize
111B

MD5
346eddd0c588305a1462766c0273cf36

SHA1
b5629fc1803403a73e78c49af221f13c5be2a803

SHA256
f18ded3492ea261f8ec11aa4ff40ef28d9fcef2efd8a687cfdb80138af4eb833

SHA512
c1f668bce7e6677e1000111b31f66d536a49b93ad9764a026b045d333b9381f2b3d42554f6ea22008a76319ee375c03459b871169087428ea84bfde2b9f456e4

Download Submit
/data/data/com.ragaman.rideup/files/UnityAdsStorage-public-data.json
Filesize
272B

MD5
a6fad4595020a9c562a0fdbebcc18404

SHA1
c993db84ea156d3bc39dd4274f529c9c419552b5

SHA256
9498eb129f354613418b4ded72aabd53a0bf619bb470b3cc0d37dbb0449f2e02

SHA512
5d654b09d25780ccad65bd2ca505cad4f0c9ef5af1fe35b57392ad951e5c7c931e53aa08536bc7e391686669ba454a87e5f2ef68c12661d609ce4fa775fdfe26

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/cache/UnityAdsCache/UnityAdsTest.txt
Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/cache/UnityAdsCache/UnityAdsWebApp.html
Filesize
1.9MB

MD5
64422fdcd23be491dfdb527ad240749b

SHA1
d7b1f65529f271af72d4a96d35dfa6e3beb98a81

SHA256
13dbfa5fa1d031e92e2edd8ccf015e83679a0314e03c10f52369e1e48f9781d9

SHA512
f954a4afb943c6d8c6e6c07cf5315bbf97065d9777dea4610ee27ff9230b0664c5ae5f6fb01b24c4b607cf7584b546bfb22ca15cc616d2ea1dfcb01f7abb31ae

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/cache/ga.sqlite3
Filesize
40KB

MD5
150932bdbb7290325a213a3bb81dccaa

SHA1
b60ce98cc2ead24beab41454c49573232cc2c7b1

SHA256
c48ccb6173ae48085cfb2de941932b83f420b8307550b9c95985b1f2dc3ee119

SHA512
90da8caeb3473f1ec27786921e98b8b44e6f8e810ae96ec3673483d6cce6a9e9a1daf78c5519cc2e6e92ae47f9553c9577a1adf5fd6d18479227bb264bf14acb

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/cache/ga.sqlite3-journal
Filesize
512B

MD5
c61938727f2ac8195efe248f08fd360f

SHA1
1dfaf9ce2e11172b6094589b425eca7f07179186

SHA256
cf1f9768401ce2d0800679f8fa46453eb966b01d49e84c81dd1bc8e25e7a20ce

SHA512
33e60398ff86e64939b9365da6ce5ee42a21941989e9c24153148f292c5fc37d0c808d7a610dd809516a45d11367e39ad931b823f166957e6fd4a1b6f3a291db

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/cache/ga.sqlite3-journal
Filesize
8KB

MD5
65728448c56f8283f25762b226b784fd

SHA1
624c31fabc79517e7ddd41cc707a31ddaa4420e8

SHA256
5c88069a37f785dc89246d91fe68d8bc16b2b94a64d866aece5b6833bc361a8d

SHA512
4b404c21ea89df5b3d140568ca319a8f4f773f32f3b6b6a467aa6afba9646bc582194102e517402b244c431356ac1af4e0ec8c58f4e1f16790bec648bf60392d

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/cache/ga.sqlite3-journal
Filesize
8KB

MD5
94ee4985f01c0089e0657ef2e2cf2bba

SHA1
907ebea210505d2ff53de114551de1bda4ff32ba

SHA256
b1e03e24ac30c7540d1c5c9e8c18167cfef4090425082fa3a9031c80a4d6c007

SHA512
3362b86440491dc1b8461a174dd5362471545369f64d701012153f4106e16367c71f226f0c93c1796cd571b43558b915f6ebdf31d8dc3647d9b12caae0bdaa8a

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/cache/ga.sqlite3-journal
Filesize
8KB

MD5
4b02b71ed5df61494a5a3c344a2d2c14

SHA1
c9fa3443cc65d71825d493d18b148ae2b7b67ce6

SHA256
887ea69db156537d51f6db632da7922fabb978c8f2de8ec8ae8eee41096ec586

SHA512
1ebdd95b72e56f8d130382dab442f539e98e5aae98fbd1842163470aba70ac8e9a160a76521ba5deb3c39671acba0d9139b15380ae73d2995d66b513511f095d

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/cache/ga.sqlite3-journal
Filesize
8KB

MD5
8b5ad32c93bf88a6675b50e9107abdaf

SHA1
2a8d4960769a6c622b7d7bc988807e35cad4b44a

SHA256
2f5a3df2f51e331153808665234d4bf49c478ef82fa0bfdb3a69e4e81dcab358

SHA512
141d0d7992cc0c006220c168c614565e5f35f9d02fd71924b6245a9d1d3aafb3ffc1f8d849a6c275b2d7da7964d72bfa8089a6db59a057a2fc6d6d898403af05

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/cache/ga.sqlite3-journal
Filesize
12KB

MD5
232dfe9612804e76866a1ecfe49c3637

SHA1
5a42bb76c6de713ddae575b2e0f803f5906c44d1

SHA256
ab823b09ec29ba2d47d540e16c7ee70d2504a1b25a819cea5dd9d074bcdc1c79

SHA512
7b94700de67e5a74eb5331248b48d6572b43a114ba8bdd2896b51af8cd21e189967f601a0435204c479574f04e532ece57f796adca12bb50b5a53017c86663c8

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/files/Unity/c57fae7c-0956-445f-a04f-943322909883/Analytics/ArchivedEvents/171651430500000.2eee8d29/c
Filesize
1B

MD5
c4ca4238a0b923820dcc509a6f75849b

SHA1
356a192b7913b04c54574d18c28d46e6395428ab

SHA256
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

SHA512
4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/files/Unity/c57fae7c-0956-445f-a04f-943322909883/Analytics/ArchivedEvents/171651430500000.2eee8d29/e
Filesize
110B

MD5
4f13694c1fb97b467c38d597011dfb2c

SHA1
c4df4e68f493519365c1ea24c0f06622bda62a30

SHA256
5145c962ec35122a0ad85c3220efeaa914b2df1bbc258944b6fbaff28046a160

SHA512
c7b5a43cc4a47a3b523bc5a0278899f8b1f8e2cf4d114eda8c45a1e65b6f2dddacfe7a5cdbf5831511091e3517468e9836cbe099dc9ff03398e836a141a0a537

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/files/Unity/c57fae7c-0956-445f-a04f-943322909883/Analytics/ArchivedEvents/171651430500000.2eee8d29/g
Filesize
1B

MD5
c81e728d9d4c2f636f067f89cc14862c

SHA1
da4b9237bacccdf19c0760cab7aec4a8359010b0

SHA256
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

SHA512
40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/files/Unity/c57fae7c-0956-445f-a04f-943322909883/Analytics/ArchivedEvents/171651430500000.2eee8d29/s
Filesize
355B

MD5
17b7e5fbe31b5613c744e7f0a433ff0b

SHA1
39cbb1c4e73c9e67bb4213dc9ab4d1df684ec8ae

SHA256
d86cc0bb54688ca610344395462164edbe72589a17c41e31652db79d392eb5c5

SHA512
3b2c6e876c502d16a91a094384b707cba9c850d43384ba63cab5cf51a33dc7ddadfba460dc46872a8f8de5818471a0c75c5f14eac0498ecdbe5f6eb4433dce29

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/files/Unity/c57fae7c-0956-445f-a04f-943322909883/Analytics/ArchivedEvents/171651430500001.2eee8d29/e
Filesize
132B

MD5
d9a78f80f2d0330a65233981a82fee44

SHA1
b9bd2b7da658aa1a4fc8e235b1d59794c9703f3d

SHA256
7ed9ecfb204495659ae5df573deffcf0aa2402a3de1d42023cd6defb722b6eda

SHA512
3c6f0a79d55dda4f54aef78cc4e58a9e4959251dcb5fa43e5e2380a46d5ae5f0ac0d4645480bc07f836a251600c9a32b4d02cd36916d0ef56344cb2300995842

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/files/Unity/c57fae7c-0956-445f-a04f-943322909883/Analytics/ArchivedEvents/171651430500002.2eee8d29/e
Filesize
156B

MD5
f532249436908641b374f85943fc28f6

SHA1
7cbc79f2a11efde8afaf9a2f2fcf8a5d25cc7157

SHA256
6e2d430a57e2b8e0152aac40af699f65d7da0996daeae0ad12622c2f2e01d027

SHA512
75b3c35b8a6a9065fb18da31c423373fb7f14da063077d72d1c5ce3be3d3f0261aadd4e3bd5957a602e3857f255d2308845f0c958ad9c294e907677e2b0287fa

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/files/Unity/c57fae7c-0956-445f-a04f-943322909883/Analytics/ArchivedEvents/171651430500002.2eee8d29/e
Filesize
1KB

MD5
31ee79b95aba7b68167b8f7b11d5d5ae

SHA1
7ebc18458ed8b5a057ea5a77e3dea09a9e8a855f

SHA256
a314129351c3e4f38b77b1a7c78e80856b761d855d2030b895b08e185f7ecd7a

SHA512
001a648e14198d79aed24f950b93d4340fadff4d4ba1c97d0d5e9b116ef4eeb4d6d5c4cbd1b578b091182da42b8ff5f1dd87a422683145ef034fd2ee9d9af2f3

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/files/Unity/c57fae7c-0956-445f-a04f-943322909883/Analytics/config
Filesize
293B

MD5
8673a8ac0b06a9d056d08d62f857ba4b

SHA1
a351bea1932270bafbe468584058fef20dcfc31e

SHA256
83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96

SHA512
edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f

Download Submit
/storage/emulated/0/Android/data/com.ragaman.rideup/files/Unity/c57fae7c-0956-445f-a04f-943322909883/Analytics/values
Filesize
133B

MD5
15d0d3ff96227a8f35e8d521b5bcde21

SHA1
855c71b3c03d7490ace80f6a0f08e1dcd3805b67

SHA256
46b1c985523c0f911352f6f9d50a65948598a53ed22673e29bcaf4c25cb766b0

SHA512
6bc472b154e3397b7b11cca342a9b7c976575f3c95d7215609fddcdb6f10f5e6d35e3701f96ad7af312587e316e2d543b616f460effce6fddf39dbf00ee991dd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads