Overview

overview

8

Static

static

6

6dbe032f61...18.apk

android-9-x86

8

6dbe032f61...18.apk

android-10-x64

8

6dbe032f61...18.apk

android-11-x64

8

Analysis

  • max time kernel
    5s
  • max time network
    159s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    24-05-2024 07:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6dbe032f61ea2c0c4d682546ca422c2e_JaffaCakes118.apk

  • Size

    12.3MB

  • MD5

    6dbe032f61ea2c0c4d682546ca422c2e

  • SHA1

    53d3135157c8df3fd1b21772d3b14f60933356ba

  • SHA256

    4f77ed49690a79ba5485c28df81beb3745b8bc6fd639758c4492ae249214f160

  • SHA512

    c40f8a0a24ea5ded7aa431ccad8d8269e7ccb6e7aa93839ea1efd2dac24d3358def3ba4b575137d90750fc3dbbc4cb47ec50e3f6e372335d4d4283169e8e31dd

  • SSDEEP

    393216:CngAj10YFvySZ7EEHmM8RuBApMmbgeAEbw:CZj1RFvySZ3HsuB6seAEbw

Score
8/10
bankerdiscoveryevasionimpact

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.estrongs.android.pop
    1⤵
    • Checks memory information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Queries information about the current nearby Wi-Fi networks
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4521

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.estrongs.android.pop/databases/notify_items.sp
    Filesize

    36KB

    MD5

    c388e6ea4913a44f8ef65eeb0df9b5bb

    SHA1

    e213ae5692e7bf8d0372bbdb3a9a6348571d7cc1

    SHA256

    8a1cb734e2533fbc4f98cdf31116048942a849ea9e6e3e3ca26be5c69e9af63b

    SHA512

    2206e3fb4ce249af932f7714d664fe32a57fffa1c9a9390ef3f5208037e1cb5cd871a24ecabb33a3b338fd845caafc4b76a9afaa3292f084e1046076a1f905c4

    Download Submit
  • /data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal
    Filesize

    512B

    MD5

    95709f8300f7963227d5b5859ae018b6

    SHA1

    60fe20148d4f6aed21f13e227d6370285426d1bb

    SHA256

    172586ee71808d6c5cd4d8699387ab40624a55933954f39add97e7ef9c3641ba

    SHA512

    8b2e83a9f75e05a44886bdb40c616833884531c86b3c163aa8205b94c8fb1998e9ef8e0a8ec695c5d994a6ffe47adc34e9f9a0d7c3e52ae99608c239088e2c07

    Download Submit
  • /data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal
    Filesize

    8KB

    MD5

    80631be6846ca78c9a5e873151247f1f

    SHA1

    e4728451dbadf828eb6901c621e3bc8eab8a96fa

    SHA256

    e52e9d4dcbd2cb49ca37f5fc65ae1c824ccc2dc2f0fa61471867d4de38a09e05

    SHA512

    2390538183a54079691ac6cb6c172bafaff86b97cba93bef230aebf11c0f76f52ac09cfec9231ccf04133b21d1ba58458029363c4b1875772cd2331901dd90b2

    Download Submit
  • /data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal
    Filesize

    8KB

    MD5

    4c9ac4531bd8820b8729e56d16dd3349

    SHA1

    c55f6f18fbc71bd20e1c5245fdfc54b239b5f2e2

    SHA256

    104adbe94fd7eba6781ef8ef74630d15c1362cad48eaac4dcd13cb002348141a

    SHA512

    e722231e27f3915299c400ccc4696f682ff4e0c39e928ce1307bac2a58ee3009d4db323c824918618024ab40e0311f938fd0c7c41c0e2b2ea02a60ea3cc6e1e6

    Download Submit
  • /data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal
    Filesize

    16KB

    MD5

    50a33753a62467400c040a3560184076

    SHA1

    7bfd762484be18f9ccaa591aefc6a23f68c41e63

    SHA256

    ceb1b460baebabe8607a5f2bf87a09227120cbb7d2950d193e3ff014d4a84110

    SHA512

    b5c8215c7c56f8894bab9bf00e08a5bd2f1d3245562934e3dce260cb940207a4918e1c9c0eac51ef79bf7ee206de6da257c4c6a970135d32d9a104da23d02a41

    Download Submit
  • /data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal
    Filesize

    16KB

    MD5

    abf73d9768dd6a41824b9225ca0ca948

    SHA1

    d68a9ce10657eff31ec0df05665938c41e8389fb

    SHA256

    4207744a3a371842815cec6905354f4de3b5bccdc3f058c669aeaede31ce841b

    SHA512

    edb051d72c173a57c088b8abc5da906c6bd609c99ad1b21bf5695a44d8e79bc9efecdb847849710f87fa0e61d83a7cfc6edda63e45405f7f0ccc15be7f1da2c7

    Download Submit
  • /data/user/0/com.estrongs.android.pop/databases/notify_items.sp-journal
    Filesize

    20KB

    MD5

    674966b75f38c0104c95a2cd62df600e

    SHA1

    f8bf46186dc574430ccf48effff16ef788f5dc53

    SHA256

    619e60c416c9197b8d571344f2e68b2512b82761443bd021f565de0838241d85

    SHA512

    b303cafc0670664c105dc666b0cfdfe3a7ca94a63d891a99b3dca24064122c70d4fc9210f084666c33563ab7dc459dce84d78b7740c3a6f6f3ae202e3e4b93c6

    Download Submit
  • /data/user/0/com.estrongs.android.pop/files/__local_ap_info_cache.json
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit
  • /data/user/0/com.estrongs.android.pop/files/__local_stat_cache.json
    Filesize

    540B

    MD5

    a707272ddc7a23689e3ebd55d236bdc7

    SHA1

    1cae3876d78070f16e066aa5b1b67af33db25f33

    SHA256

    09da780832ec208f3784e160b827f6609390bd5e1dfc8b5cf2afec739d687001

    SHA512

    332aa0b6b2c8a459c1ff592c08082ad1565b3378af11829ff1effa9a8420acad935901dee70dce7e418089a581096ba9e5cd431752d2103b65384b42791949f9

    Download Submit
  • /data/user/0/com.estrongs.android.pop/files/__local_stat_cache.json
    Filesize

    622B

    MD5

    e698970dd78c25e3929010ef23d198c0

    SHA1

    9f23613141bd2078f47764e9c55965c0e7698899

    SHA256

    8ab972685be194036c880d8052521ce7e2a658458b87fbe90185b899dfca5e5d

    SHA512

    8d541fe8e34569bda87582b642be864eeeffc52b871d5c47d203dc9ad3bfe5bef516db48679d6fb0d9775b453d5cc41e25a03d2375a992b75ebd10721ac23e9c

    Download Submit
  • /data/user/0/com.estrongs.android.pop/files/__send_data_1716535633493
    Filesize

    576B

    MD5

    c411273c4271e96d41042ffa01fa4ffe

    SHA1

    d7ed3292f450d73abb8fd697b8200d4883c7a564

    SHA256

    c7322316283cfc883f434a80650b429fda5c833679e89f68ceb3d29b2e4b67df

    SHA512

    0df9757086ecd2a920de41049934d7b8ae6579017c3c20b269cca762a1216a4f917cb04f5c52d2bf18993436252317446dc0dd73cccd1a73bf4d7f31d94be971

    Download Submit
  • /data/user/0/com.estrongs.android.pop/files/libcuid.so
    Filesize

    109B

    MD5

    570e82a63737721997be278c5c4239f6

    SHA1

    a89f277ac3ee9440b3f6a19fd0ef8d9344a48af2

    SHA256

    1343b864aae678343eb02d8b214d356efbecf1d253be5b66b3230c1210bca3c4

    SHA512

    1ac8d53808287e3f925eb9901241a6f5e1c28f5effa0afc08140b8e1966040d7f1317bb68cac19dd5fd68b445b2d2af8938781ee92eafa9b903ee7a8a941b22c

    Download Submit
  • /storage/emulated/0/backups/system/.confd
    Filesize

    24KB

    MD5

    5ba8172059b1385bd3c8fed16dd91543

    SHA1

    7a9abd5be7fa334a203359f5dc6f986460f124a9

    SHA256

    144b82e2730266a25c0e9b35f6f6c7420d9344d6386be59a30791a2bc455fa2b

    SHA512

    2c46d42453dc740b74b0d99c1de26d389db4e8829bdbcbae11489b934fcef281daab7a5e53c6ced0c997711d3d5d08b0006e3ddcbedd26bb4f68dcc97f51ab99

    Download Submit
  • /storage/emulated/0/backups/system/.confd
    Filesize

    24KB

    MD5

    058e1c7502a974a3bb6a545765265c1d

    SHA1

    622f5fc1527164b52a71f8e9547ddc3c11b524db

    SHA256

    ad1c4425908d34bf1f82d532378496b86524f7349e93321767d16c365e97458b

    SHA512

    937cace9e00e2fb628f8f102c1e1264d343c0210d85bed5c5763ff7b559e9d9c04b30a6cd588bfdc8154c0f14bac1dc7cc30873598b7940686cb99f862a750dc

    Download Submit
  • /storage/emulated/0/backups/system/.confd
    Filesize

    20KB

    MD5

    9d73df871bac42a97c9c7fa5fce9dd46

    SHA1

    6c8cbbeb4e548aa27c2414025b80d4bb4d1b3882

    SHA256

    f28f2c419c15e644f68dfbd92fc222caa883e64c32ab6e0db7ae650098c84d4c

    SHA512

    600dbd8d41585116f1998df8cbf08ed66cdc25c9c590b55f6fa4065708bcfaf79bf631f67c74f40e5b17c98257304cf56956b1e14441abe9252e6982dbc0aaea

    Download Submit
  • /storage/emulated/0/backups/system/.confd-journal
    Filesize

    8KB

    MD5

    b63748c4ce2c31cfe1fee3d96c0c47b4

    SHA1

    954b5d61938989e20ed34d1ef1b0311fc16a2886

    SHA256

    0e6926af29cb2069f31ba81d3a6350c931a71e341d0d7a79b8954f7ee24021e2

    SHA512

    eaa050e8e799052e8349e8139571a96993823818aad3515364ac2be991d74015d7edf399f3cc9dfe772b2215a90911c66ee37495c47dbf11bdf79b4643f22f9a

    Download Submit
  • /storage/emulated/0/backups/system/.confd-journal
    Filesize

    12KB

    MD5

    ca824a77317d698580c47f1bede3f730

    SHA1

    41e6d96868b33177ed77aae9bb539e212e7c4160

    SHA256

    7aa353bcaafc5a2cb82c4a6bde3b38556dfc6f826170a1969f666175c5ba471c

    SHA512

    f8767175194cc9701ac0235b2d7f9e6c6f7aa865941d2f90169e2ff4e68a62316f575b8b5f5c3bd7f5583f3abbd91f2596cf2e13bf3582b6bf5222002693c57d

    Download Submit
  • /storage/emulated/0/backups/system/.confd-journal
    Filesize

    512B

    MD5

    bef121f8628f5b708a524eb04aa79494

    SHA1

    86d2269eede57891bbaae1cf71ecd7d002f59bcf

    SHA256

    c8c105eca25394d53d2da44cfcde6ff0c6c823d3acf1858b06b51876474a456d

    SHA512

    6c831686ac0c7da722944f303f7f539747753b896cf086607bd9f097260ad3416741ef79ceddf1917cab6c094ee255b6328ddafaa31016b6068e8c5ae910d723

    Download Submit
  • /storage/emulated/0/backups/system/.confd-journal
    Filesize

    8KB

    MD5

    d376aac5ad65e1e223558d3ac5dc793a

    SHA1

    045f8cffb9b8f23f566e3f1d3862357e9795c146

    SHA256

    0601e73b62a1514d7569c9158a474b5484c4c679f38fc65bb36b9367721e918e

    SHA512

    ade80953ea413bd580457211ba63a1127bcfb0100f1d837ea0c245084db8fb3fe29f0fe2c1183809695de958659dd5473ca105f64fc6ce22adeb2ab7262f4cce

    Download Submit
  • /storage/emulated/0/backups/system/.confd-journal
    Filesize

    4KB

    MD5

    016422c6b1908140f1f25f75f5762fce

    SHA1

    f07351784360168b360c5d639ebf259b37d7c221

    SHA256

    2a91f4a06ccf4b24fcb0f62c2ac7e89709d0d5b1ac1a7cfad1d48d6b9df9b2ca

    SHA512

    51d8d2b0cbabdaa8cf3f49780b08df5f6cbab72a631a875e6f9baf9be48156812cb1ddf42f37fd115fdf81bdf8b259b24ab717c0cf2d585679e819d1d01fed4f

    Download Submit
  • /storage/emulated/0/backups/system/.confd-journal
    Filesize

    8KB

    MD5

    118b8ff47336cdb6b0ba30ac5c6e535d

    SHA1

    baa4b70a123d79975e394a44b4ffd62045f487b0

    SHA256

    702e65d94905abb176b4ba9e7f8ea588079a46ffc46ad643fc6bbb03f12327b4

    SHA512

    5dcce073052a62cdc70f173387705714d1e23a061d36d92c9891abf1ded2537894e96a60fcfbc3cc93e2c6f63a5c363e43b8dbcf69805d3873f973f5e34a2bc4

    Download Submit
  • /storage/emulated/0/backups/system/.timestamp
    Filesize

    25B

    MD5

    4ecb18b49d5558853e682359ce32914f

    SHA1

    c2949c77c3b0417562d263489fb79fd76313f0b5

    SHA256

    4e39f1310b533b1f043597eb374cd6c50e682d4d5b257681ccd7d53b9d9e1535

    SHA512

    4886050e42036b61814bf55d3db31990cc2e7fc1e434fb658cf4a444144d72f982c0fb3cf22b6674adad59abc84ea17669c28c882e97d2348cf55b9f2e6d0179

    Download Submit
  • /storage/emulated/0/backups/system/.timestamp
    Filesize

    55B

    MD5

    b243ff16df35f650fd0882c79bb6af71

    SHA1

    9ababddb08f8327c7b2ba47644824713a7af9bec

    SHA256

    5d997aa7e5f5fab64c12368d654cce41f4e0ddebb48a6320b8dbc18963452c35

    SHA512

    124c53978dcdb86988e8f9022714d1d4587211e5ab1054bda9d39465a11e0fd6e898e7ad3cf0ea9178bb8c9d33e0b4e6f22eb39d008269b3fd0e26aa0c28341e

    Download Submit
  • /storage/emulated/0/dianxin/notify/.cache/846b/network/journal.tmp
    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

    Download Submit