Analysis

  • max time kernel
    123s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    01-06-2024 03:47

General

  • Target

    89472a0e2c72bd040ae1324005d35927_JaffaCakes118.apk

  • Size

    31.2MB

  • MD5

    89472a0e2c72bd040ae1324005d35927

  • SHA1

    ffcd088fc7275dc92eaa8cf6d6d398a27e6746f2

  • SHA256

    6bd7e2a5f2d902275d81f0537ea1af67f3ee9ba4f9f324f661120bf41615d60a

  • SHA512

    f99f1b67697f8f62cd76102b01913d520c557be821c840cce6de08cdd9665476fad16f0f85b6db678f444b8ada25111ebeb58056b570fb4f11291d0a0d5cf919

  • SSDEEP

    786432:VyQMTSBSMK5OOaDSf9q3h/Q+VmYEYAXGmWa:VQTcDKJlIBVXEFrH

Malware Config

Signatures

Processes

  • com.bennanan.zhaoxiangisaopgwte
    1⤵
    • Checks if the Android device is rooted.
    • Checks memory information
    • Loads dropped Dex/Jar
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4657

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/app_Parse/applicationId

    Filesize

    40B

    MD5

    40c8d22e93e466b98e76537bab51ebc4

    SHA1

    91d736c20368b903957f8da9e7afc5eedfabfa32

    SHA256

    6ee5bd77b0b3de536386b08f461fb0e715fc8a806b5cd4af94dddff2c3772ea9

    SHA512

    9befe41c17d6d576c013736f84a0fb96ebfe402bc3dcb1857e9a174544e5efec62b747467068f47da2ffe5197b5fb1b2d7c230ee3849dc4823c7391fa55f69fb

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/app_Parse/installationId

    Filesize

    36B

    MD5

    fec3a98253913f684eefa51b6dc3e906

    SHA1

    ff2d9701ac9b5aa43f876ed88dc2c04d983bc5a7

    SHA256

    5b31d57c36ae032d5a29d5a2fbbee744533c9328eb1505d393ff01985f9d9a34

    SHA512

    cb6b7b9dcbb6cc574ea8de12c24a606564ce1d78a9df7f96ddd731d7ee537d1501023a790542204493bd8e79a259c7f892e3e26c75f73ada51c8e50cd7c16b6d

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/0.db

    Filesize

    20KB

    MD5

    1051d2bf4b014ea25378fb836f5e8cea

    SHA1

    9dacc3c2bdd415bf9c628660c95bd2f0fdb688b8

    SHA256

    f2c0d80f4e72893322edd46984ef4462b5ec0b7e8ccf4c651ae2ca698bee74a4

    SHA512

    883b5ac3d4e610744e8dedd2a7fe99d422a62a3b6b97eafd64d6b7201c3d3e8c57d0785977d5d4c0c6d9f6db9f9bd40d42e67872a29d400791145f06ea15b221

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/0.db-journal

    Filesize

    512B

    MD5

    7b607c87fb5afd8cdae6e8b87eee6bbe

    SHA1

    e88684116cbcfa9364beb9f2ac8d37622eec2b3c

    SHA256

    d1f23ab47043301e1a01cf49c647f315d9edb4f6afa93b3dc0b6518f407ca367

    SHA512

    92b033318732f230ef67d8ba39924ba656110e34f0e18e5dd777f7f68e6020c98b51d43efa221e1217a62780678660718c0751e8810426a0cc888cc34b20f7a8

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/0.db-journal

    Filesize

    8KB

    MD5

    ada58fc64916db3d3dbd56409e7f1c2c

    SHA1

    54f36b6638385ddf4d66fd8acc216f44bcfc88ad

    SHA256

    73e8208457ce936e854dc03de434af7cee8918067e841871e7ca4147d0a0814f

    SHA512

    a10ee9f0ce0ddd46fea0a07265c4d887004fb41b01496439be7484bbb8c78fe9c3564cbebd104c0b21f056552a006e7a684d153ca68b6c9907ad2fd33258ece3

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/0.db-journal

    Filesize

    8KB

    MD5

    5ba4580dfd6a718e7f6aa8d3356b7a64

    SHA1

    6e5b386a736e9aab6010a2e6b2c4aef1f6f3eb96

    SHA256

    abbca6109d03f76d0327175e513a7032f68f1755985915356f48a4a7288c8fea

    SHA512

    5ba473fe4809d5588f06006880bfdf8c759f0e9792031120fce5b713ff2889975f89c71f95fde3c8368fd4872b33e093ad5a5d7d76227dde32383fc481c3b8f4

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/commments.db

    Filesize

    20KB

    MD5

    811136c742752f9db7d861e25f2338fc

    SHA1

    03bb54f0642a5fcfbb1e74b6f0e35c2c34f866ed

    SHA256

    b24ffb84f61bebbf2db39310fa0c2bfe98634bfaa6c3092e4ae8784cfcb1f7af

    SHA512

    c969eca3820eddf51975ff04409ccb3b8268cfad96e76a4e3566a744b0ac0270da8480b583c7dda51dd38b71d9bed549a13f7b4d778eed989fa01ffc7f0c8b43

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/commments.db-journal

    Filesize

    512B

    MD5

    a9de4476939cceb9b2bb09ed40db2e4f

    SHA1

    8d1acdd27210d1f0cbe9d10cc508a9ce6026c43b

    SHA256

    7de4a920023153bc41db707658a9a8b2bd3622ed4831f0a519f464b4f6a2ecb7

    SHA512

    a91131304aa92c55c2aa0148e31c6ac0d76cbcec68fa984a3fab62785490f7d1056d900601068600c9163295e7df52628dba18016022e3ab25aa517b2911ddc5

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/commments.db-journal

    Filesize

    8KB

    MD5

    07ead87596a77f0e879325d49bda940c

    SHA1

    5ca87e92c719551269caffc523a14f6b97318f70

    SHA256

    3412b837bc1e12f88087856595c21419b878ecd518ec440a789eaa97822080c8

    SHA512

    c5e66b87f8d1e90ff5a316f0b7e5af5029b9d86221d20c2ed7cf1bc6078dea4d6c01358b762fe251acbccd3c679bb47c83c9f89f0a1987a95b9c1dec03ce8347

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/commments.db-journal

    Filesize

    8KB

    MD5

    72aa837d04b9abde6548fe159787b81e

    SHA1

    91297124eb2b32846ef9f1e9f368470c7192ea10

    SHA256

    ddcd190398d4326ce8fa0cf7573f9b09a8fcca615edb0411bbdf93df672b2b08

    SHA512

    b7335f9ae11e83ab17d8c38bc8ce0b3f8f19cb84ac1e3fb7dee0433d856fa1eaf00d5afeaea8803af4079d7a7defe55516e9aaafa997b33fca6e3b52b4c478ea

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/commments.db-journal

    Filesize

    12KB

    MD5

    d85e7dd9e6b319b32d1b46e7ddd39b0e

    SHA1

    56fa842404e1f78b753b3b44b227411db82bb743

    SHA256

    b427047d0ff6f33df94f54880349c2dcb000bcaa6cc81a2acaf4da74aa183da4

    SHA512

    7746f9836384950366e7696fa2a9cdfd2c91711bdc7a3e6259e67aa1516ab597434fbcdd8146579144d7c92eeced14997e284770708507705854b173611d473a

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/commments.db-journal

    Filesize

    12KB

    MD5

    1ee4c865bc4455dd242f2cb50a1e0f43

    SHA1

    a591e3f33d8dcaad382626032bdab98160a021cf

    SHA256

    3f2d738e2069295a46f4b518831d2f36b6110816b9429f928184ccea188afb83

    SHA512

    dbd643cfd23cd5799f6f218bec1776f1a02fbc5b497abbfee040dc287aa5f811f1466abd4d2bda31817d827b41d90c0969d0e7aae5033e41ef2c9375e548f1d2

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/databases/commments.db-journal

    Filesize

    12KB

    MD5

    deaab972d92cb3f7b5055fc7aff2aca4

    SHA1

    0d8edfd424e773ebaaced96de9d4d2b6eda52f33

    SHA256

    d891099e840b87a63bd61334e3998af5ac08ab2e33f595a33d9c7faef4101be2

    SHA512

    06357605c7ae66fb16b6f43646277e1f71cd689a1447276dbdb972f26ee59b057e397d67d036034ffdfe40dee514621204aa0dc478f88d68203f3ca462f73b4c

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/.TwitterSdk/v/com.crashlytics.sdk.android/665A99E10160-0001-1231-F58ED1B366C7BeginSession.cls_temp

    Filesize

    78B

    MD5

    6276a48c2b4396cd86108a630dc96a38

    SHA1

    4e7417fa1c95cb1c87de0b3ff1493e137ccd0a3d

    SHA256

    2050df3aaf8982d956553b14e1415d4d1f97c74d34c51aab158d81aa5787eb99

    SHA512

    aabadfddfaff8125fdd62e7b9180d16d81a849e85f4291cbf9bb449e6d3d207df32a2c743c2f74856076ab5e166c846a439fd88a1550d8b0732f812eec9c5e7b

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/.TwitterSdk/v/com.crashlytics.sdk.android/665A99E10160-0001-1231-F58ED1B366C7SessionApp.cls_temp

    Filesize

    131B

    MD5

    561981a2915e5b5f2d30e897d84addcb

    SHA1

    919f00d3e315d55639010b38fd3127a44e56d3c3

    SHA256

    88486ddc2546a1de517dc137727eb4a77ebd90acfa89f277f41eadf8ed85bd4b

    SHA512

    960fb04605a6a4ac3cddafd35f9d014f961763b591fb22198768957ac132bc6205234caba7dccf119acac37d44e7d2fb80657986bda9fa31823de2677aa5a938

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/.TwitterSdk/v/com.crashlytics.sdk.android/665A99E10160-0001-1231-F58ED1B366C7SessionDevice.cls_temp

    Filesize

    101B

    MD5

    6d714a5eb42eeaba7c23d4e146469ed5

    SHA1

    a7a230be1b366e47733d62e0d584ef484f21373b

    SHA256

    89b2dd253fbf6624a7fd9170a016c1b6cfca6e977cc8973d15aa5d23060ea639

    SHA512

    998cee982171fdc710da034290a3ad28d4239774fdb9a75943324083051519496f7814654be3cd93aeaa3d4e357983593608f5a619080198b8385689cf7c6a9b

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/.TwitterSdk/v/com.crashlytics.sdk.android/665A99E10160-0001-1231-F58ED1B366C7SessionOS.cls_temp

    Filesize

    15B

    MD5

    b3d9541cc92a9153d14e5160f8d8c008

    SHA1

    2e1ac80eb381dd82a03795b682f92020348c0113

    SHA256

    1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

    SHA512

    78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/.TwitterSdk/v/com.crashlytics.sdk.android/session_analytics.tap

    Filesize

    2KB

    MD5

    1a8be97e2fd2d142e9f342ed5630620a

    SHA1

    872cf15746701e944b0c25b39bf18647691d8d0d

    SHA256

    55751042dca905511a52523b138470d61f571d4491c2d1311c30014357fed5b3

    SHA512

    8a1c935514fb0e6cc8f57cf38a70ef50a4c8ccad4ace1cf551b3ae9d98716e2caa4c2731c269425a10d505920a0e89c7957fda22a502ff7bc4e0ba5da55c718f

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/.TwitterSdk/v/com.crashlytics.sdk.android/session_analytics.tap

    Filesize

    1KB

    MD5

    1fa2441b4d45c42ea142edf9f982c5ac

    SHA1

    28a6c74620a3aaa39129f44f720630e19b9340c7

    SHA256

    ef98ec6306b45847553b074f755e79ae3145375ddba8fff3069ceab96c29202b

    SHA512

    bff5be51fd8bc8289baacff4e15d9d2ba1345cd5cdc69b325818c35ce4d8599eb7fecf6ae7d82d1e52eeb29df50939c3d654ae99e857c81c9d6e32d8f7087762

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/.TwitterSdk/v/com.crashlytics.sdk.android/session_analytics.tap.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/.TwitterSdk/v/com.crashlytics.sdk.android/session_analytics_to_send/sa_f7286608-6fd9-4b53-84af-3a70af451997_1717213665604.tap

    Filesize

    391B

    MD5

    1eeb116a8dac8b37378156e9b5ee040d

    SHA1

    2b7a775a227c85a86ca85eb39e5a57f505eb503f

    SHA256

    b93fadfcd3217401891017ec8c8108c872cc311252db268577bd335fdae72098

    SHA512

    586c7b952bda5f2241f01c9db8877be4159838f088f5c85e6f5f9f3311a7f85a2431624834b9b042a294717f28d24d37d04ec5eb3777edd26877711e5b126817

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/17172136648451.jar

    Filesize

    67KB

    MD5

    3eb25d946dbc148d72f07cdae3a7c0c8

    SHA1

    fb7f2fd3ee9bcbd2ff29564623fef5fc528062cc

    SHA256

    ed777d16c2353b497c57d6e92e7aa029771b0961d07cb44dddc6814703e987d1

    SHA512

    cc249d7ab567a8e5c25874e027c3fb019a0a60623961197843e56d6172bdd782e6a522f092d41905187f37cb8dbcdf345c1b7aa0ed6bf0b79d3a811410a8965d

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/17172136648451.jar

    Filesize

    139KB

    MD5

    8ae00b9335817d085441caf5cfb54f65

    SHA1

    623e17da298ca9c0044c295be9f8d7702ef84480

    SHA256

    2106565ad1234144c2143fea33c571f1bf5ff788fd5114b0d3e6316042d94e1c

    SHA512

    9b5e4b9b90067bcaca12798ffc379e12bf9ca3a5990a86fe009792824340289e3da5a3c442baed1cdb2e512474c0c8933fe0d5d41ec0f6ed34ea1418f00b51ff

  • /data/user/0/com.bennanan.zhaoxiangisaopgwte/files/gaClientId

    Filesize

    36B

    MD5

    ad2c0bbcead60c09e55baff67e618a87

    SHA1

    e22a33c798e5d7bf2faa955866fb16429a111207

    SHA256

    095ca96ae75c51fd79cfaf078ce4a25222d4baf77eb9d06a4a5b0922c5aff67f

    SHA512

    d97bdbb7c14029d9b08b3393c88e3787e7b40185da7ce669596d151e0b42e12c912fe78f33d9f12251683ae0c8e42b20a3de771908d0f961f38a8977b0df3f9a