Analysis

  • max time kernel
    178s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    02-06-2024 11:20

General

  • Target

    8de6580c8b890804d8f83bf9bede068e_JaffaCakes118.apk

  • Size

    3.3MB

  • MD5

    8de6580c8b890804d8f83bf9bede068e

  • SHA1

    04b5de28b425952a982a4c94047c5ff0e404f71a

  • SHA256

    cb699a4b8132ee3791dfe7b6746cfdb44d3289d7aac6f48afc6185360ecb1aa7

  • SHA512

    59740fa62332ab2df0bde8103dc41ece2febc7287759d045eec73115f12151ec1f3b7c90f8faacd2bf2152541f94fd5380bf31f04499f7bb1dbaa04d7242e1a3

  • SSDEEP

    98304:yP8Q6cvYj1fScdN3f4mB5pq1+nDsxA1rY1CG7+AHH:3Q66YjRNph5pqgDsxA61om

Malware Config

Signatures

Processes

  • com.lyztjdb.bt.qipa
    1⤵
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    • Checks if the internet connection is available
    PID:4598

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.lyztjdb.bt.qipa/app_tbs/core_private/debug.conf

    Filesize

    101B

    MD5

    6276166988a33abf6cb34237f184ad29

    SHA1

    5da2a5ff24a70e8c96d410349c483dd17b470767

    SHA256

    cb3c1b6dc7b20f0880e1018c9053b1e9a14ff0cdbed2f9f5473c01cbd2759205

    SHA512

    97c4f71f320b24ac5e12370e487a0c4fff621b612c3bb5e9baf3994696ef5a48e40c2d50b3be6843fc8c652699a84741c3a4ef269c2a05816254f99742254a89

  • /data/user/0/com.lyztjdb.bt.qipa/databases/xUtils_http_cookie.db

    Filesize

    4KB

    MD5

    b9e10ce4641ac1eb042b25c43bc3d8f3

    SHA1

    85c15efa83a28a083b900375dd8d8f90b307f22c

    SHA256

    fb2d2d7f4ccb2251604003206df006b69f41705f0b265ddec061ac6beb30dd95

    SHA512

    ae8944f77dc535d10cde4970cd9966500686c4aecd3411d9eaa5d8d5d548e36a9e6be7225f30fadcf0d2d893fe976966ead7ea391bd89e2bcbbc55feeffa7ccc

  • /data/user/0/com.lyztjdb.bt.qipa/databases/xUtils_http_cookie.db

    Filesize

    12KB

    MD5

    171aedf968e17a2744d2585715606cb9

    SHA1

    bbeddeb3b89fcf809619c35b4a318a80e7d5b029

    SHA256

    d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

    SHA512

    78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

  • /data/user/0/com.lyztjdb.bt.qipa/databases/xUtils_http_cookie.db-journal

    Filesize

    512B

    MD5

    87e3a2945ba04e6162e02fc715af242a

    SHA1

    7881aa1e2922de7447e98d2ef9cec5983febe010

    SHA256

    746604e61a6448c4e51678a663d28699b7c7cc0ffee1e996da9e28c7790b345d

    SHA512

    ba489935c4d602b2238c8baa8f4390419c77752cc59851397653bbebe81db60622bafbf685d2168586127c3cacb8b8bac295efc17fd280bc48b018d55325d229

  • /data/user/0/com.lyztjdb.bt.qipa/databases/xUtils_http_cookie.db-journal

    Filesize

    8KB

    MD5

    5e5f62dc7ec5077a6e53accba6828fad

    SHA1

    8366f85c9cec4186c94eead1ab4f173d30f0924d

    SHA256

    d6a6a4776d96a49ccb8f452a491ca14100bc91233c362c58e4d5b931ac7cd255

    SHA512

    aa16c843274caeb7be98da21e6a807a985ff6ec3e84554887f67977ab846f54621b299b3c2536a4564b4a5ef74b27a134712e4843679d18a4bcce809e9997ccb

  • /data/user/0/com.lyztjdb.bt.qipa/databases/xUtils_http_cookie.db-journal

    Filesize

    4KB

    MD5

    b4d244c3867083e906af39e72dd2c5bf

    SHA1

    9bc87126ac427855c7f5188252994995b3156618

    SHA256

    2b8be1d4276a406961e05c5d781b35db72eea124ad0e915c3407c6602c06cf9b

    SHA512

    6330b4d1193ef33af93dff285e4cac9856ad7d7307f376ab9449f238724a866302398f6c9f9658684da29a4f04ff4817352f856f30fc59588fa76086ce0c4a76

  • /data/user/0/com.lyztjdb.bt.qipa/databases/xUtils_http_cookie.db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/user/0/com.lyztjdb.bt.qipa/databases/xUtils_http_cookie.db-wal

    Filesize

    4KB

    MD5

    df8dc10113fa47e2bcbf37d9071b2513

    SHA1

    71e28015d31db171bf2dfa69cb0f4aad4f845a4c

    SHA256

    f1a9aa80aae51813bbd9813fd9600978ea3d6512ac5d44f7d847e1e604fbb1f4

    SHA512

    872c2c7d9872cfff206033935a90511ec8d6fdeb3daffd54766feb25d3657066c016de36faf6360ac2dc10b2eba9660845dc422d40c0e5af6d5b0d488f7f7b6c

  • /storage/emulated/0/Android/data/com.lyztjdb.bt.qipa/files/tbslog/tbslog.txt (deleted)

    Filesize

    8KB

    MD5

    385e9cf6bfbc9ab3f481b1ecd422f393

    SHA1

    d522be7d422fef4676582662981fffb9841f55ac

    SHA256

    b2b82f6f9eb5da6dc9a7efcc485a8370d5afc2cdaab4f7618309bff8f112b915

    SHA512

    0c257695e7c46901162c464c131154fb3d33ab40a78e4bb37ba1d104eca4f56bd4d191709a99d17437f9f659d543b5822f621e2b6af2cf4c018219a51917dbf3