Overview

overview

8

Static

static

6

90039ee130...18.apk

android-9-x86

8

xx.apk

android-9-x86

1

xx.apk

android-10-x64

1

xx.apk

android-11-x64

1

dongniwrapper.apk

android-9-x86

7

dongniwrapper.apk

android-10-x64

7

dongniwrapper.apk

android-11-x64

7

xx.apk

android-9-x86

1

xx.apk

android-10-x64

1

xx.apk

android-11-x64

1

Analysis

  • max time kernel
    174s
  • max time network
    133s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    03/06/2024, 00:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    90039ee1305a8852ad217f93c63ad10b_JaffaCakes118.apk

  • Size

    4.4MB

  • MD5

    90039ee1305a8852ad217f93c63ad10b

  • SHA1

    0395a81cd19850f9c3ec3b6bcf3e030dbc5225c1

  • SHA256

    20448decc196848e8158834b8e4b9d2f4515f72660ade08b47f7850126087f70

  • SHA512

    5d5e13473c91815f9225e042768ff0adf812fef5929d0071a55896db73b8a2631c0cfd190f9ae00a840745fd592bb02a4de47e43da2ab46f5663bfb529720ae6

  • SSDEEP

    98304:UP07vMl6yMoIaKuYil+PRSMOeFiuBPgQgVA9k8vheUcR:UfgyMTDP/Oe4uBl7he1

Score
8/10
bankerdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 2 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.supercall.xuanping
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4321
  • com.supercall.xuanping:dongni
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    PID:4352

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.supercall.xuanping/app_dexxx/Feichuan.apk
          Filesize

          120KB

          MD5

          a12716a839d2bcff50d15b127ad2958e

          SHA1

          966dfa76030dfb35e59629a112688f3dad4a3014

          SHA256

          798cb6019445bb881b6e0bb2694c65f2f65ecad2b3d4215f3fa38f85d5f86244

          SHA512

          b09719b8ad4242252ae81bf8cd707f9c84eaade08f301e04e00f0727b7a186e9fd31a0f162675eb0cafb8ea4f13d640602a2166d754083e23da6de4b76dd8292

          Download Submit

        • /data/user/0/com.supercall.xuanping/app_dexxx/Feichuan.apk
          Filesize

          123KB

          MD5

          8eecae33dfb94cf86de1d49dba1475ec

          SHA1

          b7e52d4353704e7164c3e46cc3e57aa314950d21

          SHA256

          08c725f80788b4769f7d9fb8ef5317e4a576d467a9b91119645c1495742b762f

          SHA512

          e1d7eaeaa0a66f9eef5cbd59a3b029dfcdec40c222ad8d550a4ea52e1f1ef6ee9e5acf38c7d152710f41125d4ede3fe824b15c618442eb81d3d39b503783fb9a

          Download Submit

        • /storage/emulated/0/Android/data/.class/android
          Filesize

          33B

          MD5

          3d01a0cc7abc4fc30bb3e60da34f59ef

          SHA1

          a77628ffc105519271a9bdfc24bc0ada1aadd20d

          SHA256

          687bd1f19832d515445c688a6acdaf9212540c0b08796179b9a1b27497f45e29

          SHA512

          6d3fffcd24d6a65a48a89313861896434f7dcf4dee695dc84f3b55d6c19e457a7a68dd6f5e464acb007d16922b44192f994e24064d69062c36481f2cf80636fc

          Download Submit

        • /storage/emulated/0/Android/data/cache/AppPackage.dat
          Filesize

          20B

          MD5

          06487a12d67c556e96e404c6c0902236

          SHA1

          28642fc8565880f6c90fbd8eb9b313e8ef839607

          SHA256

          7d71c634a24931694c5f039e8655652a839537182743314dc27f4c9a0192bcff

          SHA512

          bd3b35661a56df804a5b81c7615cc5c952f028e5ef43211fb175fa17cf305b257f54e8d2aef17cdc40194891a046478baf565c00735b960b2473c6ee049a2a49

          Download Submit

        • /storage/emulated/0/Android/data/cache/CacheTime.dat
          Filesize

          13B

          MD5

          acfed9196dcad7b76afa7a223dab6555

          SHA1

          7c5b92e5be02b31b7738f2818c9fa8afc810c223

          SHA256

          8f747e847bf64ebed07b9aeb17774fbdd38082431e06240139363d635a366825

          SHA512

          641c610413558965c40d7b9054f8156f04311c78ba4be073c413d2c131c208380d691c74686ad03e62345b614799980da4233456ecc5f1bd1700fcb29f1ce95e

          Download Submit

        • /storage/emulated/0/Android/data/cache/UnPackage.dat
          Filesize

          23B

          MD5

          32e8d7bf9a1e97396be515dea05e2704

          SHA1

          25a35436abffa0289d753cd21f8a72771e90c41f

          SHA256

          fdb3a5f5b099c67460482966976c2094109197c5e6c89972d72c04a02201f92c

          SHA512

          bfd97e8fa085512434f87889ab98ba5b9fb33a40df09db2533d808219eba3e4df4ccd424637db17d7b15bd44c7ad6178af3b50ac851f833a3c54fcff032af91f

          Download Submit