0e5ecc9da8cab97c51fb6a599e82a6e1c0f461fa43543faba74b0ab8fff8341f

Analysis

max time kernel
127s
max time network
161s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
03/06/2024, 07:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

90fc919ab5e4e05335504ca51fff848a_JaffaCakes118.apk
Size

30.2MB
MD5

90fc919ab5e4e05335504ca51fff848a
SHA1

2a9e33c69a71e28756a6515295eb735004c3fe3d
SHA256

0e5ecc9da8cab97c51fb6a599e82a6e1c0f461fa43543faba74b0ab8fff8341f
SHA512

3cfbe1de7ef3a2606e38ba0f7b281a67a3bcf5938b77f2f5b5c885a7de3ab8ab6d6965fb04f6e1e7566e90a136b6d2c3d37394a0d37afac6cef5d93ccf9b07b5
SSDEEP

786432:gWgc28+g9Q0DwrOWpBrTpfnAMmmrMl8ykZqB+fZV:HcgipJ9vAMmmrMl8/S+v

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.paypal.android.p2pmobile
/system/xbin/su	com.paypal.android.p2pmobile

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.paypal.android.p2pmobile

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.paypal.android.p2pmobile

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.paypal.android.p2pmobile

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.paypal.android.p2pmobile

com.paypal.android.p2pmobile
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4353

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.paypal.android.p2pmobile/databases/com.paypal.android.p2pmobile.appconfig.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.paypal.android.p2pmobile/databases/com.paypal.android.p2pmobile.appconfig.db-journal

Filesize
512B

MD5
43c4d642af3b1299ed88b078560ad71f

SHA1
5ef101756b4ac204aae9c03bc748a00126b1b51f

SHA256
0d1416f4ffdc344009e72815cd2b355e58b35c687fb1b1cf78b9cbd92ac62ca3

SHA512
e3b32796223f452e4896ce6565c831b8730b896724e6304adfbb19f8a1a01459f900b3ba9ffb48171e7369b5aa7abb320f2403882cd3bbba19b949be9cb7cace

Download Submit
/data/data/com.paypal.android.p2pmobile/databases/com.paypal.android.p2pmobile.appconfig.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.paypal.android.p2pmobile/databases/com.paypal.android.p2pmobile.appconfig.db-wal

Filesize
32KB

MD5
8830cf16b3c60e0683ef79a92fcb46d1

SHA1
8f98260852ea09c9ea9270b9c58d39c9cb051a5e

SHA256
f06308a504ac3244e9c12abc55b3941d0a856d2229d8262244ef59c2670d8914

SHA512
171cb4bc8c7fb67136f7b14f0bf08ed9488af80efa858754064e460d60d183d92e1448c6b01e4bbae3806cb205dd158ec45f176282267f443ae95fe3d2fc062e

Download Submit
/data/data/com.paypal.android.p2pmobile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665D73E002FE-0001-1101-1575B553B71EBeginSession.cls_temp

Filesize
77B

MD5
d9c53883de5301adb35fdeda67c9c3bd

SHA1
fd6a5fc84657b2645f3abcd6c764a3a7cfd4b350

SHA256
bbe57d37eeda8b5b0a5f51352f6975c0bb1cd90d3d20ab19e8b66e3db0e56452

SHA512
8f8bc4203f848ba72818da3607eac443cd0d3d901dba6b4f72fa97adf863fc6a6f315b4a4919f19f04818c58460a14b248a6abdd0935aae940a0d6d6a763a6b7

Download Submit
/data/data/com.paypal.android.p2pmobile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665D73E002FE-0001-1101-1575B553B71ESessionApp.cls_temp

Filesize
132B

MD5
cd77994a40f7afda144ddcc05e98ca0f

SHA1
a2fc56f4e4ec753c448a93b051a4e9d54929fd55

SHA256
43c2213b166a70adab4be3b95834ad44b3b2fa5b8f8e456d9fe216f02cb10487

SHA512
35cf505e4a7842eea2013ea7a336f2383e1811ec61843eca6db63e2f0341eb2faec01aef6a65ba46be0e90cc7fd947b381292dff1b7759d6b9fe82bcfa5adaf5

Download Submit
/data/data/com.paypal.android.p2pmobile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665D73E002FE-0001-1101-1575B553B71ESessionDevice.cls_temp

Filesize
144B

MD5
1f1a20b0eebc14f3cd1fb10af50893f8

SHA1
4d7596cbab7fbb1902c98538ae2741c9fad01460

SHA256
64ce5343904e9637510fac505391441cf9f3ef5f5f18f7ecceea2bdf2ae6fe51

SHA512
40dd4996c9cea10acf36ba5e57ca4f1793aa52a72301d384e3175e9d1437fc3d6fe83af36e32a00d071bbe0809a3a3e36119361d4875420be7a4fa620386c0ec

Download Submit
/data/data/com.paypal.android.p2pmobile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/665D73E002FE-0001-1101-1575B553B71ESessionOS.cls_temp

Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.paypal.android.p2pmobile/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
496B

MD5
d060c45fefbd0c9130a3887ee58421a5

SHA1
5f4c8192a37c7f50ce2dad0856c936bb9e2387e6

SHA256
9c8c24bd6a7ee06c082c688c8f0f6504bc74e7e61c9ab3e0f883b4e5bbec27a6

SHA512
cec3d9acb19eb8020229356d9cc3512a3b27e81ef8341c8e560fac1dc7f914bd51eae6953f79d1e081e4d93f2f622b063a7a8f15ce0461d7d28590d08a9298e8

Download Submit
/data/data/com.paypal.android.p2pmobile/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
3KB

MD5
76018dd9560f5fb22019adeb60127efc

SHA1
f72d95a10fa4502f841b6461b951508720a47343

SHA256
881e18f37c173c898cda430f5f8fbaee0c71553997104dae169c2421f0bb5319

SHA512
37736c01783688b1da5d6f84cc3e7f1dede41e77822f7aad375c23e3f04b051c6ae8da6a1b68b3c9e613d718c83891ae54d244c4539ea1d5a0b73ac7caf20303

Download Submit
/data/data/com.paypal.android.p2pmobile/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.paypal.android.p2pmobile/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_8be76383-8232-48c8-bc28-2b0cbd660981_1717400547566.tap

Filesize
384B

MD5
fd3e525dd7549ca7cd408c6d1ab73dfc

SHA1
bd28ce431c812ba6982e359200ea26523ecba394

SHA256
c647ea70fe52686f5bc2e34ede0e8799878958d34ee31c2ee1d152b78d0da0ce

SHA512
2095694e26f93744f79a6bd9d8b0d3bd2ede0b5aa7500cb949be1e03c787c086b3fe369e459243d97fc2fc817fda14c3d7209cd2d374f4fca5a5b41e67d146d6

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoActivityState

Filesize
297B

MD5
2a5761ad19459fa6cf73d4641f8c8d39

SHA1
3e58f3dc500d41b57e0275a29dfd4d0b7b4b267e

SHA256
4987f8a8525e13509ed66fad693d10a4ffda87dd9e3cef486a7d5519c3b682d6

SHA512
1db1594af2aec597d525c35c17d48305e8e3e3dcbd6312a6ec34d8eff0e1190edbd6407709b670554d9f4c4f1355d4a5f0cf3137bc553d2e63a4a7d75cf58640

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoActivityState

Filesize
297B

MD5
23565fba7896cad61ecd4eb96a4a0916

SHA1
c28c7f2acdc02f1f689cf859718d0dc0dabe758b

SHA256
0a24326291f63580504020a2fbd88c9b93c769d87b944b24e98c96b1f0db6bf6

SHA512
98af571b2e04f938aacc2f48acda3b715ae17fb4406aaa39d8b6a22da374c261c064e41c0e0c3b850ca2cab6fdf8c0cb13d179f01a47c9b5364ff83213310d65

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoActivityState

Filesize
297B

MD5
cac6e48dd269745172ed037d9b7e3539

SHA1
620118d930086b18dc04e84c8e9f2183055e2c86

SHA256
885b9fdc41e45cb6517199b78daf148579c0e91eb2ebd88cceca284f02199dd6

SHA512
80d1f6c993d3a045cc706ad6b0116b8aaff483cc8c7f60cea2adf1ca63cf7b29b9698c4b6f8ef9458d9e839fd05615840817550ab43347370b31d7edda77246d

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoActivityState

Filesize
297B

MD5
68bf420e40322f39c866d64a06b8b5ff

SHA1
6d38b03829919ce1473f34190c553be658d6f6e6

SHA256
48c6c8a19cf29d7c234da142468a918f26d37328b6c91104066f3544ef99231f

SHA512
7f7e664e15fcf868d61c25fd801356ec1aef9dd60bfe9d96a9fafa0254179b3c73eec65781d61e18b8585ba6edfdee210ef183d796fe4bab68780721dd307168

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoActivityState

Filesize
297B

MD5
cfa054b066d3365a957fb8356fd40579

SHA1
adb129bc72c830e3413f6b33a89b3499f8c3dc53

SHA256
57ba5b69ccc2cb0f5c6ce77b165813ec9550725ffd6e9d84caf022bcfa464bec

SHA512
8a142849d47856d2bdb0d6a6b9c096285d27d55e9067ac41e3bf00673b39c52ed07377ec4605757de6821af5e543d574cd735310902a5c83c6b9f3c874d97e85

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoActivityState

Filesize
297B

MD5
2efe41559a29b689c673c245dedfe7fd

SHA1
93b7b5516f82fd3315aec7757ae947731a514f2a

SHA256
82f159858b314b63cf454ecf5cb62664d04a4b5563c2f990360c83ed4d2615c1

SHA512
552b3bf9a4c92730fcca261cf23b05fbd98f5ae09ce258d7635d2a4a4766d4fd27aaeb2abe43956757bebcf8bbecaadccd040d74b28a0f0b467ec4a50da093b4

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoPackageQueue

Filesize
2KB

MD5
ebf6f743c57ffc4aa7e725791a53f83d

SHA1
b63e4675d90b8d469fa2a9efa8ad19007d75214a

SHA256
cc02a2d90570ad256fac123b0db66ce99636519b24a2bc0646b980758af68a71

SHA512
f6d1ee68154f778fb1cc25c72fad8831b0a67489970bb35fe150e9477a13a1a8f0969b75029dc419b72c9307953d32554a47e6176f553d9a1d20f749ea3918b3

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoPackageQueue

Filesize
2KB

MD5
2665c22d9bde026e3fdcf4444b0a85b3

SHA1
411bbd6ac4ad27c445c2a65f625a4b4b75999bc2

SHA256
33d965f41de137b40cf3176c7313a4b4ed90523142de091d6f557f9de7bd5b3f

SHA512
142485854d8559fa185f91a3581214b1dd49e5acc2b33cb8c736d46d403cd4e52b12e8466c590563e8070ed5c07f33b92a7108ea37ad0dbdbecac2dec8d7b0f0

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoPackageQueue

Filesize
2KB

MD5
f04a5693fb414dd569d6b39ebdb1476a

SHA1
565678999739aa537b70e215d780ba346ee90dd6

SHA256
68a60402730b9a3c192cdafee11533de90408e0b1f5c59eca73d35d92ce447b7

SHA512
6eb405608ca095b3fc82ef7331f7a2490977b74b10dd70b1c21f89849aa6ec82797739cb8c60a3c731ef94b7d0c09675e12be7e4eb49848239041c633f740e1e

Download Submit
/data/data/com.paypal.android.p2pmobile/files/AdjustIoPackageQueue

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.paypal.android.p2pmobile/files/CONFIG_DATA

Filesize
3KB

MD5
5f6ef5af562f1adf3ac7b924e8e8fcaf

SHA1
80eae74a41b495af0ccac7d4f5081b96940d2c44

SHA256
53ad16c256c796a8a5edd6be849f0f8d0214c5a37bf8311cd07c91916e823138

SHA512
1297d50bf1c55681b5a99e48b4cb62da6a092730043b860aabd9ed18f615681d445cda81664983d1813ad321bf6f3647a2431c3417765279c900c7d662c7a67e

Download Submit
/data/data/com.paypal.android.p2pmobile/files/CONFIG_TIME

Filesize
13B

MD5
209db0d11f40c9e544ea463d97523b75

SHA1
a93a02539f0655db7a6778b8bfd1a4d8647f3efd

SHA256
997ccd5a03325b52a5e05e13ecb94279fbbcea74edc6d6ad00c01d614059ae76

SHA512
541ea0cdd53fc5ed73e3f2bbdbb762ac539e9529782f70c0e8f523dff3c0f89a541b5d7f5f3a7d6ec4fa01efe5555aecfd3f230ce5dda9059e43ba449a81b077

Download Submit
/data/data/com.paypal.android.p2pmobile/files/CoreStateData

Filesize
168B

MD5
7e7df8d66e70bf73097cac3c3d512bf9

SHA1
39a8f3e7ccf0901922ab46c54d714581e9af421a

SHA256
47d8bce10adb0dfa20d5f1983e5671ee6a25d1b59efb7e8b56fd9c23606fba1b

SHA512
56830eb6937ec497756b8ecffa313561418712d2760d9136051dcb4619b7c946cb10575d25e686d5f680b6b6185cfa1c3a86c06d38a9fc0956f2f0725a1bcfb6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads