Overview

overview

8

Static

static

6

905af64ac8...18.apk

android-9-x86

8

905af64ac8...18.apk

android-11-x64

8

Analysis

  • max time kernel
    9s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    03/06/2024, 03:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    905af64ac8dafb6656a968900fd26677_JaffaCakes118.apk

  • Size

    15.2MB

  • MD5

    905af64ac8dafb6656a968900fd26677

  • SHA1

    5a93ae750945b5fddf2509a0f143c93e006c1636

  • SHA256

    92dcc36e31b8d743d53be8e25e20e0c87697f85a3f067f6e42f88a0c5ee093f1

  • SHA512

    e73f2cc1a87c8b55513d86220ba39b9bb3606eaa15fa3e0fd5587efbca8806e9faf9d8e92885f17d4db14d968ef2b08490dd6c6bafea90fdd95d70efa091acd8

  • SSDEEP

    393216:BeblTbwaJkgRlonedGvce90EDfpsh/T45nNQ6Pe5DbuJ5:cIvISneIXa0xs54LQ6PYbuJ5

Score
8/10
collectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscoveryevasion
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Requests dangerous framework permissions 8 IoCs
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.sogou.reader.doggy
    1⤵
    • Requests cell location
    • Checks CPU information
    • Checks memory information
    • Makes use of the framework's foreground persistence service
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Queries information about the current nearby Wi-Fi networks
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4283

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.sogou.reader.doggy/databases/MessageStore.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/MessageStore.db-journal
    Filesize

    512B

    MD5

    f4f7744cb3aeb96a8c6efe030f814245

    SHA1

    7a38f41b1a735a17515d45a599aea923600be34f

    SHA256

    9bf1ed8a4d353cf9659a5d3ffe3cae1793d7b461728197b7fc9e2a7e1be8ac63

    SHA512

    b3289ca1a71639945b47204c76c9e660522cb3c6934746909846061820bd669e1012b48a19e65122655434f71eba34eaba1aea611da592a171c0dd6532655064

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/MessageStore.db-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/MessageStore.db-wal
    Filesize

    56KB

    MD5

    a794a40ff73e603c7409fd0568e9bb88

    SHA1

    3b9247f45c4432a3bc6ac3eaf9fdb51b8b140b2f

    SHA256

    13170f8eb956f3a4dea848a91060d2530d10c62c1b8221338c0f221c24bfc895

    SHA512

    4aa75a5849a94a8fb6c3be3bc35e371e785e63ba104258098c463d173e2e6d1a462ede663a0b181b33f13ac6dfda68ce36c1f27260e35c4686d3a284ed3239d0

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/MsgLogStore.db-journal
    Filesize

    512B

    MD5

    453e00aa1e2854ab0c8f90c7857cd9df

    SHA1

    e1df7a72ad0c9ee3728b551cd5d0bd4cb327bc06

    SHA256

    ce402d827918f2cd8c4956975d0465e36cfd2f709b0fcb5b5d1172f60450d737

    SHA512

    fb075e37a71df92e35aaedcd18b5a339e411dcef8f2d4743d2851f527660c31ac2f9152b4d92d571d0dfc0d348cd7265f30c35552056636138e89628995149ad

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/MsgLogStore.db-wal
    Filesize

    68KB

    MD5

    d91be786cf489a8a9f957a213cfd2509

    SHA1

    6c2fb09ce6921e544305d1ee5b0bd03788a84d37

    SHA256

    c606c5c6c40b31418d8e437111c78585be163253bb7e60d9dfc93fceb8a292c7

    SHA512

    d75fda023d8411db77d112757eaabafc5dad1287d17b9752775ab74c78a2a2395c6b2409f03a6b84278ffbb8bb584e436cf882979d9bc206c6a7978e8ab0e400

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/accs.db-journal
    Filesize

    512B

    MD5

    5c55e6e13116d9deb5d3c3a539e53bb8

    SHA1

    aae8e288bafa8c9d7775c4f36562c358ee04b179

    SHA256

    402e307da75ac5c5d68fa246e456a758cd53d93e69f8eacb7d959fb667df0b26

    SHA512

    9047c550eb1497d9467030c4ed41cc57f71e6c94b7c1008c6081f8737dbd0fb026bfcd140f36533b681597f74748ae28177c9413ed2cbdb72fccd4e2bf9adcfa

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/accs.db-wal
    Filesize

    32KB

    MD5

    1f7d003d4dc1dbfe208c0da6266cbe43

    SHA1

    d330bbd7e21d46d82bbc0f3a7f3172944b23ab80

    SHA256

    253cf6d783865d1010ee9e56c79dcb8458c7a0f792ed48cc0ce2114d4e9581e4

    SHA512

    04ecd8f1cb333973e1c46cab74213a2fa5eb6559e572bf8e808a3bdc342fbef7b604f309fd9f5414dc516a694a9017397437bde3dac0adca6b721f535f16bb92

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/ua.db
    Filesize

    36KB

    MD5

    0adda9c85a5e4808f5b1b74c0a8591a5

    SHA1

    5048107883ab1e345af9cf2e6849ce46e0e612bf

    SHA256

    1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1

    SHA512

    646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/ua.db
    Filesize

    24KB

    MD5

    52807e76b45a9d48bd291887e088491f

    SHA1

    de1aab785da81e5dced3bfb3c42eabc6cec90abd

    SHA256

    ee02e751d9753e85b858257f31581c0c91fd72ea89036016a08b206ef6af59c3

    SHA512

    6721735b8a1fb34291751e7c21f8402f611c19c9825fadc68d7a45d6ed4376e48a10422539850fe5477117273c79814ee0d6cfa2f0b4f547ce1d394e2c15febd

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/ua.db-journal
    Filesize

    512B

    MD5

    293188ebacaf333c3435bc4d4e8371c0

    SHA1

    aa8deedf1410003a11e54a1750db94028918b788

    SHA256

    884b8add2b1eb6e4ee8f7ea2c978d550248c6639acbea36b571d2398bfafc6be

    SHA512

    a23d52edfc175f63867b5420b9d6fad1bbd2941cc711f0c2823ae4d7f54a915a66d6fed6c1c80b301b00679ad83025d47339dfa7e45492ba0bb0e17c3363bbb5

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/ua.db-wal
    Filesize

    48KB

    MD5

    bf14e1075797f7108b29fc4e90912eb2

    SHA1

    46166bd0255217c51f5fc7715e80da5e08a24af1

    SHA256

    d5cd10624bd513df389971f69e3bf9a343f8528d038311616e09e04628f9e725

    SHA512

    f42f4e86b5a65acb82cd97e5fa29b56c8b922ee5fc8530c0d12d5f1115d59e59eb9a67828672fc4197bf3d847f8447412fee2ed1417f4fa4914f8fb39dd7fd4a

    Download Submit

  • /data/data/com.sogou.reader.doggy/databases/ua.db-wal
    Filesize

    12KB

    MD5

    2f30f63595588e6e955329af3a66f5ef

    SHA1

    38c714c9a3ecb3b85bdfb293964103ffc36f60c4

    SHA256

    04cc3df5bccc2ca4dcf5503f71b562e0740c5ad1a84701c1f4e7d8fd248b432a

    SHA512

    202a52f8844ba80c864b01e37c1d3199ba6d33e49ce64d12c162d092baad438bcf711a26f75306524c5d842f9b6e89cdb65d3537f28a883ca4d2270586718b1c

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/.8a388bbbec3f4ba84ca33aac30be8894
    Filesize

    36B

    MD5

    39d45992d3be89f34bb3d2d11ce7cbef

    SHA1

    750564d3a99ac0fb2fea4c93436084ea6193ee43

    SHA256

    61a2f79d850d1ebf05f695ee4a2d3dc688395a3ed814436e4cd709759f4baaa3

    SHA512

    6294cabb471cab8b8effb693283e8eb2c185533adbfd649889d008d2ad073cc9250c7f966fb7055d536c98c3924956b61c83d409019ac00d020c4c212634d349

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/.envelope/a==7.5.0&&1.1.00_1717384260075_envelope.log
    Filesize

    1KB

    MD5

    47b5f82d68ab96718ed9d4a74412c276

    SHA1

    af849cfdcd1374819547f97e87d72349e5667c3b

    SHA256

    36a2718e611f7b8fed7af42b23c84ee6b6cd73dce7342c8b4274f332a27641c6

    SHA512

    99cfc58d6da730204d1f57b1ca63771a939ebeee596c15c08613cd289a792e84592a2c8ae577c4052d3ecaadc2910a034852b86bb59cd4fdc381bfb285765e1b

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/.umeng/exchangeIdentity.json
    Filesize

    162B

    MD5

    44a2fb40104a211d9418f03d35f06560

    SHA1

    1c7b1d4e55f716323918cef7c1da06f37f29333b

    SHA256

    b0158ac6422c039bc5106f020cba508fb043a3468ee3f1aca208271c47850d48

    SHA512

    4d69c9c5d0360abe331d0c9dfacbe58acbede0defb824f16eeb8e4b68395da980bb073693d5b03c6da3e280d078b4fbf80d5e3a841f0ce54ef1f712d5eb375a3

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/INSTALLATION
    Filesize

    36B

    MD5

    1ef6f07c81c64c219a875059dd8f3d8f

    SHA1

    0ea5018e7dc7b4e89b838ddb9256b4525eb2d25e

    SHA256

    07c537375a97f11c491d98c9364bcbd03b799f1ab0d8a9a52d018b2b14ca3da1

    SHA512

    47d2f6fa54444c5aacfad8b7cd74befe40ec75a218b377c2c2078ac692e92f32788de35a0794d53c72a6e2efc5f7d4e40cfe37319ad3a67c0003422247869a04

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/exid.dat
    Filesize

    54B

    MD5

    2576df7dada36fdfd942e020433840e0

    SHA1

    6714f37985c89fe7c9e70a54f70816916ccfad23

    SHA256

    66447aeb362cf81b6dbb30d5853198ad19fe20414efb54962a7642019d633ccc

    SHA512

    fa02467d10c23c5f6a8a32301bb282871a90688de313b8f2ec81328787d5b1d443e8aa371d80d1de4c1d383ff02a4f2ec3ac8d988852407c2d70c97aa87045d4

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/flow/flow_pack.apk
    Filesize

    434KB

    MD5

    b22ae64d580c84b3a85420684f9bce3d

    SHA1

    84e99268f72f82c4fae8313d3f6006191f43804e

    SHA256

    5523c92840d37de85e38388df46ed1c33f9861a2b20997aed2d562c9cd397f3e

    SHA512

    a8f9cc568e2b5189d1051d72ea50ecf5bfda3a3301e1a168e0723712f477a60d7ebe685c222da818c7c59c8068076b39403b5263e92fa3c2986893cd8fae2262

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/fontConfig
    Filesize

    813B

    MD5

    32a36d1819ed91fce52302e18912a4be

    SHA1

    e2ebf4e9886898eb155b543315b91ecbf2ffeb83

    SHA256

    4c1f64181bc961eeec7cebdbc192d22b5628743c0cc5f721bfaea044db60a051

    SHA512

    d2d7a3025b4187689bc0d0a6fc6ceb710a700484bea71a9fd117938a0ed7769ff77d31b50eac10114152fbfb6bc79bf95fc74b4a7e44c4d76d38d52ca8b139a1

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/hid
    Filesize

    65B

    MD5

    85664b1c5fb92b2de60a0233e5252ea3

    SHA1

    dddae71d4533eff7942bfe13d1bf693e62b86f1c

    SHA256

    75787e04ecb1b6a074f715f06fc96ac9359bf91a307886853cbba5566279e152

    SHA512

    7fc2d2094e98d9ae7778c185ac9393bca02314935f36885b7835720e89b3e8ae65af39033b394f25ca20f46a439cc069c0ada7fa6b272a1f391a1a296fad4203

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE3Mzg0MjU5OTE1

    Filesize

    1KB

    MD5

    62db5f99a1ff9cce8a1623b7d3eaed16

    SHA1

    75d8a60ee07ec29ea38bec5109a1c583f88797cd

    SHA256

    3211f5243d01669a8469597c9322e313950ef51bbaeb86c746bf42bd91f90565

    SHA512

    bfd2ac8f7f30f8c4c31cf57b219717324485b2cb6bd00e33ff741e9aa712a3d57fa8753045ed356c61d0f773a6ee3f3f1fac5614b937c72b6ea3cf8803fc7c5d

    Download Submit

  • /data/data/com.sogou.reader.doggy/files/umeng_it.cache
    Filesize

    498B

    MD5

    95a5e4049b9041baa6c7d4ee1f92255b

    SHA1

    a3becb2103a55e06c9f4a0f0a69b42f9a2a44eb9

    SHA256

    333f61f62bf976cf7262f89fea8bb9e2c466c3639bf6cdfb79522660442ede45

    SHA512

    f3f409c874b0751d957419538250b7422b222c2d3dc76c49eb003e298be68c6566eac6a558d649156ecbc64e6460c90b5b71f930f3d882572e4dd1582827c605

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    245b85e96e97f0e8dbc9c0fabe3b3697

    SHA1

    95b709e871758085be719e2e4391e24acad82373

    SHA256

    e4e68d55cd0b2f059f5ea385ea71f6ceb040a8eb95d9867e99e11c9c84aea01d

    SHA512

    bc68c14bb3cae30ccc4f9dd61ac06472d9fdef3ec6c36ffb0ce01209d2f3368b8b3a4f52d020c21e1dfe7d5bfc6618d66631a6222b7b1ff5bae9aeabdc33f6ab

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    213B

    MD5

    ccc63c2547f15099251d0a0b347f1779

    SHA1

    4fae68cae567969064e3efff983a854171ae8d18

    SHA256

    203136c56dc989f3ed98e6629c1486550f2e7b8486205a6fac2ec92ab34c42cc

    SHA512

    973d7706569b059356c3de9ead329989db821f69ad0e00b1bb80cda4ddad787ee4106f44bacf381c72b222afd0621885db9ca8890623fe771f6bcc73ced7dc6c

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    61a55830256baad3f9026b896ecf6708

    SHA1

    e598d87193f2cae2b6e111ff0d311f96e55e7805

    SHA256

    bbaf9a36c048f0d259fb0532b06f12efe9695c5bf98b3da14ebb1fdc74ee7328

    SHA512

    49df979894897cfd24bcf7dcb120ffe2c6a61eedaf6049b02085d4d72c14b57062be484815fe1257b3116a642c64f9234b60e6fd6949f78958e28de4338bc7d7

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    167B

    MD5

    0e4bf943e0a6e3dd29508ae1842634e3

    SHA1

    a02bfb8667ca1a2503909f1fa295783a7c890872

    SHA256

    42f9cc4607ca178e1f86452bf15b8261405a4bcf50118fff3af03125aff52359

    SHA512

    75c0eb3924bd7a7d508b23ff537229dc2e696e9dc94e1df4d0a83cb16607cd34716bf6badde668ffc338d31e8d1f4e6c87c1f81072c7ea2494121c6c9d640245

    Download Submit

  • /storage/emulated/0/Android/data/com.sogou.reader.doggy/cache/uil-images/journal.tmp
    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

    Download Submit

  • /storage/emulated/0/Android/data/com.sogou.reader.doggy/files/tbslog/tbslog.txt
    Filesize

    1KB

    MD5

    32f85c6a577e418b1a941882c52a018f

    SHA1

    4dbc31c37a243121c3e8ff1b7921c423851e7c18

    SHA256

    05b9aff5df19ca32a3d1b3a1937e7a89e0d082c9611f0f70d3eb355d9049691b

    SHA512

    b4c9778c38171062214a59ad762e8c1e6b0e32b45716a48a0e893f881af337d8df7834067854cb47ef6b06a8403e5366751d892c5e85f2b1a94be0b4c7f1ac43

    Download Submit