f6692c2aaf199bce313d88a25867e5b2345dd797cc4cd55dcb632db3a1403b3a

Analysis

max time kernel
13s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24-05-2024 04:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6d487c0c213c35bc605d5750fee2c9e7_JaffaCakes118.apk
Size

28.5MB
MD5

6d487c0c213c35bc605d5750fee2c9e7
SHA1

8c2b67716f97d47c481d689f624827483228d43d
SHA256

f6692c2aaf199bce313d88a25867e5b2345dd797cc4cd55dcb632db3a1403b3a
SHA512

24aca1e881db32d4bca12c339f5355a6c971ce58e4fa47f309f4861f81e32662ddf5f807f4f0e295eb45488d61c31102a6da1f92d02573e9f2b3a90209ddfe11
SSDEEP

393216:Nym8o8pBtfb7SG+3eXiwROLDW2DWWHLe3hickZ4ic5TJka2LUyLt7P/hPxwykowK:NHifbp+uXlcWELcYhGtsLFPAK

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.xzkz.forum

description ioc process

File opened for read /proc/cpuinfo com.xzkz.forum
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.xzkz.forum

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.xzkz.forum
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.xzkz.forum

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.xzkz.forum
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.xzkz.forum

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.xzkz.forum

description	ioc	process
File opened for read	/proc/cpuinfo	com.xzkz.forum

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.xzkz.forum

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.xzkz.forum

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.xzkz.forum

com.xzkz.forum
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.xzkz.forum/app_crashrecord/1004
Filesize
223B

MD5
266ba0a8786e0becaaae1912bfef9546

SHA1
d53883d63f4628b0da5f51689f876c0621688211

SHA256
fa94d8dd29098cb14413bff79107864bf9cecc70376119c88f463434a8e9e916

SHA512
d8fe1348efbd1b2837a692b44c04cefa7c4024cfba307585f2991dc5bc6baebecb5f2cf84c486b028b4345727bbe7650a6a58aea48bf37f02fa05b84d7fcb201

Download Submit
/data/data/com.xzkz.forum/app_crashrecord/1004
Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.xzkz.forum/databases/MessageStore.db-journal
Filesize
512B

MD5
bb873559d5dc8634f512605838849ca2

SHA1
1e106a8631d4528f0710f01c76b0f3ea9a1be04d

SHA256
ff917e73e99706627b98a63c6d6711b10aaec2654e1958fb61aa7ab8d0ee3a44

SHA512
f5466f64ed1ff66d2e57a828e5e398886fd13f25c9d5f9bfa97bf1b3db768a88febf0fd64a0f340caa2ef0c42d1afb5e2668840b49aeb8f8b7449a3340a256c1

Download Submit
/data/data/com.xzkz.forum/databases/MessageStore.db-shm
Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.xzkz.forum/databases/MessageStore.db-wal
Filesize
48KB

MD5
b299a4bca2e91ac9df4b29d1b286b51d

SHA1
14ed8c482632749f4119a2f17be5c6dc8d735e1e

SHA256
d523204fd600cce8572955938e16585f0de84b61dcf3ea3d5f2bb0d19d09e91b

SHA512
bd74b6c0d0c4e1fbda35b83517ca734277600d7f887bded8393f6fdde23cf500b49c40f009a0921aec834c16468a505653f8c58623a679443a5c0e8117ba19a4

Download Submit
/data/data/com.xzkz.forum/databases/MsgLogStore.db-journal
Filesize
512B

MD5
0ccc37e701f685e24aed8532ac5e20e4

SHA1
13fb33fe2e6f8d593d63ae43c0703b3e04311656

SHA256
43bc001cdd14f821cb7d262d115105209402501ad5f28eacb5ee94b5d7541e0d

SHA512
fd1ddd34eba6d95e33e707cd9edb9f97cee08e4da3e6131d7675deca69fe6b737b4cb032f0b2b207841f9ac4d7dae421fdb7276d236fde0ad52fa8ff323b0c2c

Download Submit
/data/data/com.xzkz.forum/databases/MsgLogStore.db-wal
Filesize
68KB

MD5
dc2c677c1b7fa6e03266e4c6d62acfea

SHA1
43b40abd6166dea85dd82f290d9916faf4687e3f

SHA256
86975bf0d9ae7082eca13c84d003d5d6066c5c865d08b2dabc91901e347eeaa0

SHA512
606c0c3f1528beeef057caa616acaee189341b3ffda42861ff61288844b7547a61d5ca17a6546753e21a01876e6f9ebfbbd630b47550ae567e837c034c104309

Download Submit
/data/data/com.xzkz.forum/databases/bugly_db_-journal
Filesize
512B

MD5
dad3b058465b528aa3846accf2fa321c

SHA1
38055b44eb9e3a751b7eeaa6d6cb68d40d745b28

SHA256
38e130f4827ce3c391d465690d8f8901ca1549974b213bf61eb409fef0b0409b

SHA512
eaac1f2c94d48b953b08c064ba64f5accf6fa95985a7ff6046c7528b64390bfa6802ad82fdcfa4f22b21c80367c0540d641bafe7ef877969c809b26dc696e2c7

Download Submit
/data/data/com.xzkz.forum/databases/bugly_db_-wal
Filesize
68KB

MD5
784c5833e02730633d0a1b0b40827de9

SHA1
44363b98f87d14d7f3f4228e52e10d24897e4630

SHA256
17bded61cb02b1eff9a14725ad9bc71c8e5d52d312274e84bc90703ba7b56b56

SHA512
00284ee8ddce5ef4583b5acda6028f3494595403dd249606f9a9149ac337318e9c98a4e529c312f68abf8fb56f884162a3ccc97c90987a9dd1eb0a1b1396e37b

Download Submit
/data/data/com.xzkz.forum/databases/qianfan1_5.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.xzkz.forum/databases/qianfan1_5.db-journal
Filesize
512B

MD5
abbc1b398e5df0d2519a55a34e8daa7d

SHA1
f97069bebed23e3f9327ffe83295ec521618f38e

SHA256
71e9117706c3239645774b1880953559cb1c3cfee5b1a2f8ce7f4d15842be84c

SHA512
ceba217cfcb6ec36eeb5fcfbd8f690586cd7786c51ad117ab728ea1d474980ff7f6013fbbee49b29b8b21b4720177ea7584b430ed8292fc4ba60c08d7c357b34

Download Submit
/data/data/com.xzkz.forum/databases/qianfan1_5.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.xzkz.forum/databases/qianfan1_5.db-wal
Filesize
136KB

MD5
08cd2a5b4d5de222e340daf72892e5cb

SHA1
5a16b90676d79c4107999efcd4022175c3bdf352

SHA256
369a6721331c2de8c2fc5eed1d70f528012b2874fcd42ddbb18eb8485e61ad62

SHA512
344ba11f3386892fdf6ec06402234a4bc2431a7ffd939577371f7571de284ffcb19fc0a88ff0e79bb4d4a399991a7bf28dee3ba4e530ef7c41ad5776d1cfe9b3

Download Submit
/data/data/com.xzkz.forum/files/Mob/MOBLINK_1
Filesize
16B

MD5
3ec9271315af53d18d13c16defb3c857

SHA1
b58f72ef7275a9c6542f0894f9675aeae72a0da6

SHA256
111e6180c9267e12608478837c017ae3038ffd9e4d8653b815e5b85ec4d174ac

SHA512
20ae2db8b54aa047268370fc655f7308af57e18195d0cfc962342fcc6cf68e67430cc88110bb39a3a301f5fb62ea48b26801276cfb70e2c878adac4ac9dfc3ae

Download Submit
/data/data/com.xzkz.forum/lib-main/dso_deps
Filesize
272B

MD5
c26a8bc7aa9ffeb229c0205b135b67f2

SHA1
acbba7993aeac15b70bfa595a6f55c1ff12bf492

SHA256
43d897fc70f117708d844ccb90aa7a54f6d64a5e708afc30aa2ad1095784f40e

SHA512
a8ed5b86e9f806aa0da164c77032dac951b4a74f89c1a2c906ede638fdfb281dfa3892e942332cbebb71d97d2cb6b4a496f3b1878afae494be00b4ff87116c19

Download Submit
/data/data/com.xzkz.forum/lib-main/dso_manifest
Filesize
5B

MD5
c06857e9ea338f3f3a24bb78f8fbdf6f

SHA1
c5a0a2529d2deb60fec041b4fbd722a2ebe31702

SHA256
957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

SHA512
29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

Download Submit
/data/data/com.xzkz.forum/lib-main/dso_state
Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.xzkz.forum/lib-main/dso_state
Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
fbb6bbb725218ae5701f9e06f1e4efa7

SHA1
d550994fedb94876a4577459af64dee5690cd8bc

SHA256
c9b3e6720e396afd631eabe9d865397eca6df7f61af301ca58c81535d8dab4da

SHA512
4db343b8b2d0bb7c42af6762cc057132f7c2b0c948ae0b392944a592be5c3f2b0b78d6ecd7af055e03d7c1f2944027d72052cad12cfc08f8cc0ba049cb6b2f4f

Download Submit
/storage/emulated/0/Android/data/com.xzkz.forum/qianfan#kuaizai/core_log/easemob.log
Filesize
785B

MD5
b8652c9feab289140a37dd8161090e8c

SHA1
47f8e01a3cf219445f13238cd3bee508183cdd29

SHA256
cd83fd445431212266bf800c259c0f7c2ab56ca5defde3d2da0d2bcddcfce120

SHA512
47a676b2b0771220f49c3edd6444e0326b94aae29ff0883201ca3037967ab3889ffdb999a5d827bd203c77234488e1f913c2ccb36f8cd821d227d9be780db74c

Download Submit
/storage/emulated/0/Mob/comm/.di
Filesize
57B

MD5
70a42cba408700f9a6c01c7941a8829e

SHA1
eab01cc2c0671538795fb0b1146017dc099d0984

SHA256
499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

SHA512
8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads