Analysis

  • max time kernel
    49s
  • max time network
    182s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240603-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240603-enlocale:en-usos:android-13-x64system
  • submitted
    04-06-2024 01:05

General

  • Target

    933a80a5bed9442e26c924b9702835cf_JaffaCakes118.apk

  • Size

    31.0MB

  • MD5

    933a80a5bed9442e26c924b9702835cf

  • SHA1

    dbdee9269147de30b97931587791076b25daf6e6

  • SHA256

    35de678d878131d2cc49e8e47c95b00959a2ba28965ebd898ed2cf9593d8f2bb

  • SHA512

    f5e5e11d577c2e7c5b119b1e16b29545aead85cd9b6aeb4b86e5454e2bffacc16107be243d51265dd1dabb52a68f7293c7b7d9a6dc37ceda156a7d12bf3c36fd

  • SSDEEP

    786432:18kvvjaolYeiUtHXnRfYyPuN1LWcfvkvV:18kXjVti4tYyPezvk9

Score
7/10

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Checks if the internet connection is available 1 TTPs 2 IoCs

Processes

  • com.suyuemobi.zww
    1⤵
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    PID:4253
  • com.suyuemobi.zww:core
    1⤵
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    PID:4306

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.suyuemobi.zww/app_crashrecord/1004

    Filesize

    226B

    MD5

    bf76821524112a74a54df8e2ec291ba9

    SHA1

    5bc93b9f38e9006f925937a29ef331788ed5dd42

    SHA256

    041f2ff0c329959f1eca2e8ee87baee5d443338e556daa1600505c1849086d1c

    SHA512

    0b0cf73e6b7bff983f086089bd1d580e63243467e92cdc4d686fac7742d268e545fb122e07c3cc7d3457295dc069ea398481f290e70b3d7773b32c3b64f892dd

  • /data/user/0/com.suyuemobi.zww/app_crashrecord/1004

    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

  • /data/user/0/com.suyuemobi.zww/databases/ThrowalbeLog.db

    Filesize

    20KB

    MD5

    b249d45262863dd03e0454d610bf9a9f

    SHA1

    162bedd75d61afd2b34206d8faf857e409af15d3

    SHA256

    a0da6eb30919b02be8ccb83a9d38d1b0cfbece15284443d438f9295309b7ccf4

    SHA512

    acc59ff84ada4ec0c22766088961cc80af79940cc55d0fd55d3ae046aff70f5fdf2eef6d225fd4f74de4ee0febaa1b32351e08fe16d1de655808b9d70e7f0a5e

  • /data/user/0/com.suyuemobi.zww/databases/ThrowalbeLog.db-journal

    Filesize

    512B

    MD5

    2b1bb358abbbd22170b1b6cecbc42d92

    SHA1

    6642a60be3025274efd1edad66f40d6f10ba2f0d

    SHA256

    6027722c3ec21a912fadc6f9e0ced88354fb1a2c6dfa0eb6d46fa26195deee54

    SHA512

    7deb035f6cf79e0fcd483d5a568b41b833a53196e9c350a55c2c33e2a95b821a92d5d18f9cbca7a1d23c2ce2abb93b2d3aebec8d269c5987b0a57f74253871e3

  • /data/user/0/com.suyuemobi.zww/databases/ThrowalbeLog.db-journal

    Filesize

    8KB

    MD5

    6af29f2a5d47aa19450d43aecdf876f1

    SHA1

    b605b1f560bb4807a033b4ce60a0862f008fd154

    SHA256

    e767c6e9725500d62c4a8f559679c9fd3c6c7e5fd7c57d6ea9314607267222cc

    SHA512

    3541b2b89a2b6ed8855143462089ff7195e1d6b54c3d7bef8f4295a4529eadf5ffbfeb36546d6a0bb418bd7f6b5a0f1a0a4cf70c576e3a959b20059aeaa944bd

  • /data/user/0/com.suyuemobi.zww/databases/ThrowalbeLog.db-journal

    Filesize

    8KB

    MD5

    d1c3fab111272f155319bd6ce8f701eb

    SHA1

    21fefe6807ad4297fff930668c6a00d22b476ce0

    SHA256

    ad00ae20b4c9c70ea8918a99d1c1d50421962a3da0d93975ff2ab108d4e21465

    SHA512

    e1c1be96cde7e9d1750954d98655225e5e454ecb1c4d3c32d89d21c9babdc38c8d34a996aa4dcc661fb3de488dcc728eaf647f0c71b6b76f20a8f58b95711033

  • /data/user/0/com.suyuemobi.zww/databases/ThrowalbeLog.db-journal

    Filesize

    12KB

    MD5

    703e87f9b5e00a53bbfaf2e973260d8a

    SHA1

    5685b64929150ffd4f280f55ff6d416f29f5104c

    SHA256

    2d4ec557fd0de0fb0867f001cfc45ca0f959a40cb0017982326f82ff3c0c4c54

    SHA512

    a644dc9a10b3d13fec288a00d2a10c151539a39f1dae3d86f5a42cb39c9f818b3e1e97b5f75699e2ef29f8fe5078ce4eea7ea1103eabf135412dc7554e3c0b03

  • /data/user/0/com.suyuemobi.zww/databases/bugly_db_

    Filesize

    52KB

    MD5

    b18f6a91ea4914bb11e752e6992755c0

    SHA1

    0cfa533909aea170c3c867e9e63a8b7961ae29e8

    SHA256

    6f9be97e57bd2b48728831c9bf34814befbed2021f0729fdba235a787da6784b

    SHA512

    bb501d696ddef2e670cf9a148477bff50da74f50f7ed72fc551870cc4a853901bd4dfe77c17389c3ab009d47b9bbf6d99024c9e3d799cd6eefa60179593a2c37

  • /data/user/0/com.suyuemobi.zww/databases/bugly_db_-journal

    Filesize

    512B

    MD5

    e40ecca83488cb10ff1e96143149fc8f

    SHA1

    2eb8eeb8e3c4d393218717c864b827a5674fcbdf

    SHA256

    231c48ce1b07f249bc5c23dddafe8ff4b2a763511948e882a7bd81a0b1f8d063

    SHA512

    884baa2572acc9b1cb4260f654fd97d1cb284ea0eab30ec92709e75d696ee472b03ea6c3f62624303e369a6160298088f8c50bb0e6624949f806cbc6a5db976f

  • /data/user/0/com.suyuemobi.zww/databases/bugly_db_-journal

    Filesize

    8KB

    MD5

    06d0ece27fad0fb2668cab9d94d9fbb4

    SHA1

    aa3fa6583dcd23e798997d6e39abf40d7dff39ef

    SHA256

    3310a06272cab2f0804cb782891175ad0f41df6fd6c5493428c98ffac6c80eec

    SHA512

    47514ffb7b7658151c7b0414befad2b7790b4c71c523a73d2ac71d808cd36294938dcdd6bae8cba7bacd2b39754b225081a40828901f6dabdcda9df439c0cbc6

  • /data/user/0/com.suyuemobi.zww/databases/bugly_db_-journal

    Filesize

    8KB

    MD5

    b906778d63daa71e9b3e79de46f53470

    SHA1

    ca4a22eedaed29bfa7021abd34c64f2a21c394fc

    SHA256

    1f9291b4cc12dd118caaf98952026e6a7d94b4b3aabd4ef7a54c3c65c572fa8e

    SHA512

    37e7745598b9d90525cfd220bb710ba7522b26a053f7c23e1c713dba6cc20a4fd6a6243d3c63fc6cf5479a49613de57a7746c126772fb47f24252b3d4d072794

  • /data/user/0/com.suyuemobi.zww/databases/bugly_db_-journal

    Filesize

    8KB

    MD5

    106ecfe7c63295b619404ef4f51cbc60

    SHA1

    ecc5ae592e60c09e5f639559cad9615bd6088e09

    SHA256

    f1ff3838b602e4c20b5da35378440e51889b143cc2998816f895fd731668e519

    SHA512

    79f64206af4b6ebffbff05c3870ae770528e3f39af8d4c6a1f0f065380b9cdd17f24151f0a2bf208a4023a64ac659e6827d40fda1a68fdd4bd1d8922bec04cac

  • /data/user/0/com.suyuemobi.zww/databases/com.suyuemobi.zww:core.growing.db-journal

    Filesize

    8KB

    MD5

    ac0f59a5ccc41ea9b70e32c4a18418ac

    SHA1

    e29c9666afd9c04e66bb6c268ab1fd577f897983

    SHA256

    f229b6244c6cebeafda2cda363a510e011afaf6add9cc8563cc94e5a1517d679

    SHA512

    1b295bc5576ab114f3079171c2c34d79a8395e61fe2b0492507b13d68292a97c661f65b134ed37f2ce01eff8a4e405cf2f13451aa81cec06aad69650608ead29

  • /data/user/0/com.suyuemobi.zww/files/Mob/share_sdk_1

    Filesize

    23B

    MD5

    8e24e79baab91c4d0604eaa9006a0cb3

    SHA1

    e427afc94a4b957a7096f73e395a10ea404c076b

    SHA256

    65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d

    SHA512

    45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae

  • /storage/emulated/0/com.suyuemobi.zww/nim/log/nim_sdk.log

    Filesize

    95B

    MD5

    c8bcec0371de85bfa976a1eca24ce265

    SHA1

    e234d758bdb3faa0d589afcb433837fe518215e3

    SHA256

    151167fd02f9ccd0d58825cf0aa47a9f25957af92f9b76108fd45fc73b063f12

    SHA512

    e3c044fd8454f22ce74ae5e2d0bcdffe087aa64986d92120d0e1dcb1163c75436516829183ce8f2fb97d6b879777ee6d94c2d70909050245934ec4ea42af404a

  • /storage/emulated/0/com.suyuemobi.zww/nim/log/nim_sdk.log

    Filesize

    146B

    MD5

    9e13e6cdbdc89478ada7c1e34a076b66

    SHA1

    100a4727b85e8655476ddb74eb721013007ec6fd

    SHA256

    685b61596d861de2b166d30edac2a57b95251d5d87bfcdbcbc5ed38aa16054af

    SHA512

    993981000389d77ca31c13cfec1df2e3b1f674b59cd48ce94e1eec6a59904f57b65dd30a40d095378bc2914d2ea26c3aa8914ac5e4eb43bf20d955d27d636817

  • /storage/emulated/0/com.suyuemobi.zww/nim/log/nim_sdk.log

    Filesize

    112B

    MD5

    e7f3bd89c9e37d4a4848ae7e68cb4ac6

    SHA1

    cc5569dbf68c5e8f0c2f1d5eb1eacb9ba3c482cf

    SHA256

    cb854eb4ad67b32c6aed5661fc9d8c1a9e4023bd1915ee57a89222dd632ffafb

    SHA512

    5ebd2e0f2d84c9273df7f050e00d4581bc7eb422a110917f123701475448aa5b118d9250d18d70f55dae070cfdf5fad994adf06b980a1ad01a39a4247e3ecd35

  • /storage/emulated/0/com.suyuemobi.zww/nim/log/nim_sdk.log

    Filesize

    20KB

    MD5

    25855523e489c8bd1285f23eee5d81ff

    SHA1

    d55475e3aee57b194f2dc309e2207c89d05d0a8b

    SHA256

    1804a59383536f24ad1353feef38dad6dc89f218f3375df88f28394cd181f83c

    SHA512

    126ebcb3353d00cbabb30337a096866ca6135e9287d814b00da54ac76ddee93a6d185f069657f7d8767cb0edaf5cfcde1230c5b32e83d7608e21d7bc79c4dc55

  • /storage/emulated/0/com.suyuemobi.zww/nim/log/nim_sdk.log

    Filesize

    512B

    MD5

    4b81cef9a3fb9421342db9e4554f6f68

    SHA1

    ea218c7349cc8061407dde5c54d7a035beb30553

    SHA256

    7e9073f9778a937688aa803cff2175d26c73202514d70e36427051fa884847a0

    SHA512

    5e9f3c18a699e6da51072eee2e02f41519919653255833b6fd6553b0798bc0ac1e54ea89e9813a6d371e677e3756e3c057007e8339215fc2513d522685e65a0d

  • /storage/emulated/0/com.suyuemobi.zww/nim/log/nim_sdk.log

    Filesize

    8KB

    MD5

    12c17228ed64cb015583437f37500750

    SHA1

    9c15e450bdd89ec1aa40cfb48cc5192518452b83

    SHA256

    bc89c6610774929251fcb87290ab7105c4606817ff0e8d231c8b925465c685c2

    SHA512

    01cfa964c5cd7722db51768d3335d2c47d04a023a0d6b01268888b7f58daf51ed51eb228584d650375d9923b8bdc0a76262297420edc1b8d01b07e259f599867

  • /storage/emulated/0/com.suyuemobi.zww/nim/log/nim_sdk.log

    Filesize

    78B

    MD5

    ad9729ed79d2e02dd22f8bc62169c527

    SHA1

    d3f2ec5f68e5e13852ad686058e8600804ec928a

    SHA256

    76689c87f395b83ab3ce7d1a1df990e09f28f0f7eaf68baa71ef8ef52a037230

    SHA512

    bf266cc34bfe56c619ec68ba575786a8f676bf6aab46719d420e88a552442c8fe4499964e5dcead6f59215b7952fd0fd08815ffdce743c96b42d3a73ef8ecd1a