Analysis
-
max time kernel
178s -
max time network
190s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
05-06-2024 16:53
Static task
static1
Behavioral task
behavioral1
Sample
98ae96626f355c416b2ea127a1235ece_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
gameCenter.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral3
Sample
gameCenter.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral4
Sample
gameCenter.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
98ae96626f355c416b2ea127a1235ece_JaffaCakes118.apk
-
Size
31.9MB
-
MD5
98ae96626f355c416b2ea127a1235ece
-
SHA1
39076f788c740a5fa2a8eac05a30c03ab60098eb
-
SHA256
13c6c54e99e15f0590596891ae32466ee38ab9508691b0d921f5ae1de0778b2b
-
SHA512
d452f43f757caba5ab4b38b903fd34d66f7dece3eb5e7962258fe9bd61dae601046ff0cbbcc4d2bda5da104d0b911f0dda1ce2c1acfa8c3ea7e2f12bf978895b
-
SSDEEP
786432:ePMiNAyvf6vK4t30/UwoLST8+PvJcxoNo1NGq86blki8iWbk6OWDnKn:hiNINtkJxhcxIo1pD8pk6a
Malware Config
Signatures
-
Checks Android system properties for emulator presence. 1 TTPs 2 IoCs
description ioc Process Accessed system property key: ro.product.model com.duowan.mobile Accessed system property key: ro.serialno com.duowan.mobile -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.duowan.mobile Framework service call android.app.IActivityManager.getRunningAppProcesses com.duowan.mobile:com.yy.pushsvc.PushService -
Queries information about active data network 1 TTPs 2 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.duowan.mobile Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.duowan.mobile:com.yy.pushsvc.PushService -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.duowan.mobile:com.yy.pushsvc.PushService Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.duowan.mobile -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.duowan.mobile Framework service call android.app.IActivityManager.registerReceiver com.duowan.mobile:com.yy.pushsvc.PushService -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.duowan.mobile -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.duowan.mobile -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.duowan.mobile
Processes
-
com.duowan.mobile1⤵
- Checks Android system properties for emulator presence.
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4273
-
com.duowan.mobile:com.yy.pushsvc.PushService1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4305
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
512B
MD5774ea812bb31961741effd24cceb460c
SHA1fc436fd01d242fb44e6df91a08280a5c2d3a3b81
SHA25699f993ca8aeb632e6762b2491cb461afaba476fc06093ef05a22a2ff06458eb9
SHA512c83c79b097fc7c4c09ddfaadde0cb84418da87e7ea9edb1fe4cef0d2018f075ce85e49d5d6a9a170693c5547e026309c5085c14469dab9b7bd1bf1d6fcb669d5
-
Filesize
20KB
MD592e974db4fbb7a84694330e28eb40e18
SHA10afcc0882de95d80f85cf72fe57924df659e7783
SHA25625f1bbaf88373b0838d04ddd5b089665bf9286a3df78b57d475ff8a5c17fab1c
SHA5125681084c13445346a3a22af531d859671fd3d75e2ba4afe8be0f2e64bf7a730703924781b49b7749d3d7aed93cf52378ee5b5dacc54ff47606184029fcfeb9f9
-
Filesize
512B
MD5ca40e89ebc49d90469087b7e847649ea
SHA1a726f2987a4dc78f4e77a007a68cac4e2cca1264
SHA256e138513ea7567380d556cec9ae08d0b783f04d3ea0f558eac32259ad04a5854d
SHA5122644b6cdbe8fd62529d4bf3f39ca423627826540b07a212d2722d3c3e1aa124993a88a21f88a15bed2cf5fd57cba740635a6ded53f4c94e6589841fb3803b150
-
Filesize
512B
MD5ab56d6652f071583fd8362c888243f34
SHA1cc4934863a94e7538d4dce6587516cc3c8a1e25b
SHA256929376cd8160e588951badad2288a5c43cdcee0fddfc7d295747ed66e9b4287f
SHA51249de5400a47174072c2ec75bcea34700af941580f7ee034baa860f76b53882b48a45b913a926290f57825e72b583c1d7bf117b2c2236770950490d66280b4636
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
48KB
MD53f7b0215381feee755975f1f4653c28b
SHA1f4f0caf6a41494b6a71dbd721dd5e0f28b84acaf
SHA2564a3b9697d7f3deca4e7599f847049bc46a1765e4dfed8175829ab43918b8ad4b
SHA512313358d32dbf63a1f5dab3e961d0326d06f169fb275bcc59b4e44e91110d29ba12a57e3e81d9642be635c67347a1e3ac5d51632a1471f2e194f43e3f834ea0c1
-
Filesize
512B
MD5649e33c100e992d7b3738a57a165419d
SHA1675578dea23041c91dbf1a84030bb2e702d61eab
SHA2567852eea26a9a5f95c9836eb4e84f18c1a75f10a9f9a4cbe57812fedb606b268f
SHA5129029b10946e542aae9e8ddbed39c03cdffac28196fa1d15adfea0ddfa69e31308bc0dc9d441f95da47c6038168cba65a85b6f478b938553bc4e263ea2259c660
-
Filesize
40KB
MD58502c3b97fd1ef60b38ad2c75d3c743b
SHA1f0122acff7c1d5e4a325ee79423a6d258b75f5a3
SHA256db9c077919b704e0203aadf6273af5b439a8685dd52c345714fdf63d37e7b627
SHA5124fb1a4f7e68d2730c341f90beed957142f21967e99b0bdd8084ab0d0ae496ef2cc95751c14b569c535f0a4072c89106fc30d5e7ebdd4a357a14ba2b86ba62cea
-
Filesize
198B
MD5e463bb47566e24cfdcc077cb9e1b2809
SHA1f034f23d360765e7365d3f45f38ae00caea79960
SHA25660828e5dae63f0daeb202a3d0081c28ba701264dc1518f8ab10eb64e362405eb
SHA51216a851735b8fc2ccc3e7fb1467a644736c852feb0801cc83d34bb0f329ac6e1098a551c711fc359d1a63787120955a1a2a15b0e148c853bbf3b703363ef2b8d9
-
Filesize
900B
MD54a2aa91e02736116bd83213679c7e1bd
SHA124c0b91ab83289f877329ee90b508f52c35f4d01
SHA25626ebe08b2c777000c58dbd529e5a8857226f7db15cc44f452343692aa898d7a6
SHA5123c70e552050bf15fdf623bab28fc9ce0a0a5a6fe135de970c571c61228d451d5f29101a2b060fa0d2d5a18ac6e2dab69b7ee2050562111363779abb266a6bbe0
-
Filesize
1KB
MD5cd934485facd46632424d9be9ff32d84
SHA1525783a005db859ab33e46f01b8e65f3059f319a
SHA2569a54c5bbd0fede59e84c64a6463f5c6e9b93680ebbf5f237a00bc1b41e31ff23
SHA5128de3b1536b75eb15434de8f47bb14832be4441dd482bfec882bce1b3ba56cf76861ddd30b5d4e747b5b2eb986ef16b1b1067a4d2cbd3210afa22760264874ee8
-
Filesize
1KB
MD57f2f00ab066280391d72302bae7c7274
SHA177050627418807b78b76f8b7bfa17e8652ac28ae
SHA256082fc82b7c5aac646cc8570835faaff9eb551a553891d1659e27491383a3ac55
SHA5122020e19bf0ad326e85cccd5e4cd34ccc7bb58b67587c793ae363f204eb17d0352ea02f0cfa4361ecdf4a254ba5b55e5ccefbf6bc89c9f4080834717fcbbe5d09
-
Filesize
2KB
MD50474a2a6f4658ac871139af01f8d9fa6
SHA189411724faaebd4e98ae8eee397076c9ee2c71c8
SHA256ae052216291b2f90d5d4a0f0c96930b5bd8f2a696546f30f8039b0ce6368efea
SHA512643bdff5e4d43d07c70a8555f71a9f8f083d0a05da1c51ef415af5a71e4856d877f212d2abd826f476fdf50568529b2f8c4ce9cb89c471b96b15ac306dc2cdbf
-
Filesize
2KB
MD52713c07d21ccd94a3f3eff2b78a51542
SHA106c9d9545b8019b311fefb1db862a02ff5e8c80d
SHA256b1d52184f3c52e88da4fbd62063f1916a6ee46a386cfae0d68f8f1832bc221fa
SHA51264f56e92fbc217c7d95b840817e5d9aead4c113dd205a3055dd9e2fe06f9312e9041ba5914741e84cf88734a24c6c45d91c63e82fa33bd32d9048c643514f6f4
-
Filesize
3KB
MD53a977be15f2f5560d2fd35a0e0384092
SHA16bd34d14608f9397a34eb62e0163966ad95e8986
SHA256fa4641c7676b85d56a96da2644460bae8ab47377c05d5ab03a226b5724eb0d94
SHA5122ba2e133d0cad5bfd60370a85a6cd28ae28d0dbcf6b299f2d767895ba818bbb42511579ed04083738be58dd34243621ba632b3d5a3921e0524adafa975e76350
-
Filesize
32B
MD5852b0b54fe8abd02ff6c1d5c64880a9b
SHA1d6dcf5e93e52607c61c9bb2f82fccd12d905021d
SHA2563a731f9edd97826cf7caa3fdea3104088ad617543e6166bc8e498ff36092c216
SHA5126dc967fdcdea218a9cade71235773164e3b2ac8247db4b456d0320442a8757f2a30494e8dc28283ab8ff56f59f40edf84c0bb7ff53986c2417a038fe3889e9ad
-
Filesize
48B
MD50080960bd8b83ff4af7537c925a4dbb0
SHA16f0e283acba5dfecff351351a2cd657434b753a7
SHA25681a6fcdda49d1f8594ae7e762b330d9d554e0c6a3ab95ef2c5a94806adc9d8dc
SHA5120c74591eb7cd78a96ccc7287ea0c72f6deb063f296ef5b983a9f8ed4087df8b586c779b73e81472edbde8987d3a1f82f59d36e71f06f10bc424e1de2486fe053
-
Filesize
357B
MD552794b05c7286dcef7e30503a9f702cd
SHA1bd2224279ee456da44f415dcb641b501431311b6
SHA256bf33b4504e8d50c1c676b91a2f730282066ee09bd54077244a63a4910d9222d2
SHA512d7d0f1ffe39227a163766b5b4b55d140aecf1508afac417799227c10382e87f4285ea40b83ab10c5dc9d8e93d461555ed41fa752a6cf7fab02834f78616353ca
-
Filesize
456B
MD51aeb232922640cb790b9eccd3c22e485
SHA1a69df31de2eb41a77fc7e8bcc9a619448cb42844
SHA25627d86ced2ffca8ceed80a0e9e81fd499f386bb079c743a646229532e1e8c86c8
SHA512855862bcde22917ef903ab588eb1ccfa74e17c7e64cf1bb22cbe7653e84707c785d20cbbcf8546e51db71dc2370715f1e374e0490723281d619e2604a014ec30
-
Filesize
107B
MD5c9383021bd97affc44be4db7018c4d7b
SHA17e680409d1c86e35149bebc22f2cf8c484f0d23e
SHA256b7b7e032170e3190a84359e5c37adede1d58b6bf4c455ef0c01f73335709bb65
SHA5127303f068da97319891e2d25c1c737035f1cfdc365d75d954102b612000e54d7e2b5dfafe10bdf909563e2b46ec3ff9e546423bff6f0aa9496880eab1c1c36a81
-
Filesize
40B
MD56b33a15c9174ebc013496b33a21dc865
SHA17031b5c8c0711658049de428daf029002d1e0492
SHA256b47ca03086754464912eff23f88cad3a1845b210b498a82412d555dc5fd8610f
SHA51266c177fe8dbc0cac84a685b936c3484c13e0bfe04b9703620f4daa36e335173ddd259f7a0327105c6fa56c727aa17eb6cac93a7ec30ece0f2c184957a259516b
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
63B
MD57921a225bb384552b1fb92f9d8c9666e
SHA13b2bd9905adfc7c36e8f9ddb6356c7da6dbd74b8
SHA256482a5ce6440281ca34f797e9ec92296c94e4473b77c0175b382397027a73b8d5
SHA5129f0bce5b8dcc1e24257ee6e7ec7e21ba1d7dd8822f2132ac993f29c4f50903208a9ce079034a9839641ad2a39c83b634e219a1b778b1cdb966e082e86ed6b33c
-
Filesize
59B
MD5272a5ce2fd31c8ab20ffd0cfc47d71f6
SHA10548d09533434b9b2fca9e0eb2097b36dbb26d84
SHA25610336f380db73cb24451d8fb058fb6ad7032839f28d4e5d2c5f91d21655b5698
SHA5126119378332b1cc2d7c1fc17d1d49b13f815068e2afeb535c6f6e231f4824b4170a53a9e8996e70bebc4720f0288c02f1dd8b5e60cd76833b00e15ac7c0a4136b
-
Filesize
58B
MD534f5a92686815c04fc0f8ffa1050f98a
SHA1e705fbd0410e61fcb602c4c714ebc5c87cb30b14
SHA25635f9dee6d86f9f9a75170fc30ad84e821dd8aeb629f41fc9b1474ae52fa9e888
SHA5121b3402ce9d83f8970cfd26c1f1ffc7f2455b9e71ba9a15959838b0948972482101923cf1bab6552546bd4553a99cee8eface1abfe981144af994f20c8a35c3b5
-
Filesize
62B
MD52f6f8957a15d308fe5dcaf71915024e7
SHA1ec610867e82a16327711ed2d45e0acda2a639248
SHA256477c828383ac40fdee2e18b8ee506a39af6f6c9838107eef0570b73f79165210
SHA512d68bf3c6fbf404924c9b0bf30fd79eab762717dd165f3694f7184fba84c71c605a6a1ce68d314ff9b47cf47d2c9ef54686ab803eaad4a29fd8656131cb93d6e2
-
Filesize
59B
MD5a6b7b07f3eed216eba346f1b22005e83
SHA183c46dfc81954c63fb13619af80b2ac3d8fd27f2
SHA256f6e76729d80ac52f11cfcab4516e09d23b74af97b5ddd35b1804755974a16f61
SHA51201b1ce1395bacb3a8a50f2e1c57694960899392656009c7245473907eb2fd7a76f9bc0a6cf94600301294e3ab10fc56e587ea568606ede0eeeba2a3a48d0ad91
-
Filesize
63B
MD502d3c01f82a0914d79323f1894af3e41
SHA10658f92df7ddd39a240c5a1fd6492c5b77ec466c
SHA256946ed8d220410310e6ff25c3c1f0cc2823632242756af0a7bad421129c8a32ba
SHA512e1e09267fe911d72f7ab4cc39d17a166b011d8a673edf72ee89a2e726b30a8bfc156cdf13e556ccc05efcb2b84f3cf7e0f2013f501b00f6a3569ba86e86807ab
-
Filesize
93B
MD520d307a6925c52abcc31fcd746971ab8
SHA1971347b14e83b7537dd98a6c135b448783201c6b
SHA25664aa975da15b6fcc9f78dfb9a38471d46e6696f5e5a5a28e5491a5518147578c
SHA5120c14c393c62911eab158cbcc3dd95071759492bf560b3617c22dab86d462f132a961809ff5d05ac7f7d7f150f4726a9fda1a84a6a5c0ae60b291d7a6905df831
-
Filesize
233KB
MD53f2f4a82e6744d2c544c64bd61db7f78
SHA1b36882c5f27db6c9658ea3a8ebb0a22abf74bdbe
SHA25618aea47e7c09a4f9522fb31f62684b4f0dc75133d9b892610cadddcb709d91c3
SHA5124e248e7ea35e3a983eee8195067c5c3deb59d93fd12096d35c2ad4e024be0fe3cc9bda1faadd46c60ac2a548616279a66fa7a79540c925ab79a8498f021d853d
-
Filesize
2KB
MD5481b2382b808be959e9d225dbb7e0d5b
SHA17f6a7009a9fc7ae21fa5c01ba15e1c059bff9e74
SHA256a048a27b215eafc2f093246a08e098ea56ade4f99bc652fcb41ba25bbe626b0e
SHA512ab81d521761a11b3651997e4dd341945627b06f664272105a1cf64084cbc26569e5b629251be51db144eb3d04d0e6fe293d39db2f5deef0738212cac59836aff
-
Filesize
32KB
MD51a45dbfbb16d7369f7e9a5e6a2502c55
SHA1f5efa9429a467c7ee225f4fda0f14291351939c8
SHA256a6812a8ae156d3737cf503e6873c2a124cbe120b1f6e45f7b69069e4e283e34f
SHA5120954fb3897fae851189776783bf76c1fad5ec4f89402104b1412251d15db6f0dbd6a4442d4fbcee4635dccdb04633c804f25d70e0ac9e515c26b9ec0ab347572
-
Filesize
12KB
MD54fd37147ddf132f68e510094559a930f
SHA17470d1ca00cd8834ca58e9544b79a589b988b92f
SHA256f23240128b4c71e18814d730a94868deb0632e44805e600df174e84ccc1ff600
SHA51260eac7f4a7ca98216192fa2d94818913d6313600f7c284168c49a1014a73d1701de57cbf70a0f1ab8bc742056b3645128e10439407a1d22a97736895dfda13d4
-
Filesize
7KB
MD56c53927056957e33b813130b3a7e24f5
SHA1f0e7a5e9f604169dfa09fb7f70255cbacbe88c0c
SHA256678ca7d96f0413dfeb1c8040f4bcf277b6649b255cf0d09009225a3a6f5824e2
SHA51206332ed797a271fdb0c6d844892aa410ca20cbff0af731e1787da34e16c82976f58990a26eeb60f22bd06c551c04d28ad7361b763e861bc8a99fec2d24da5692
-
Filesize
248KB
MD5d09138798a4cc6ea381c11d496e38262
SHA16c25ba78da76d6f61b1929fff2eb8b62fa0f46f9
SHA2567455b84158afe032e0dc87ccfdb642c205d56bf84d8348e43649a3e20d37782b
SHA512ae0bed49a4f5ffad7e7a6718783cf157dfeaae15f151d0ffb2fb9f8c47fedbe326df8715c2c4e556d42d66929f9184cd31820e7f62d7af447aa76e7726e52235
-
Filesize
4B
MD5b326b5062b2f0e69046810717534cb09
SHA15ffe533b830f08a0326348a9160afafc8ada44db
SHA256b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
SHA5129120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de