Analysis

  • max time kernel
    128s
  • max time network
    148s
  • platform
    android_x64
  • resource
    android-x64-20240603-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system
  • submitted
    05-06-2024 17:51

General

  • Target

    98d4edc8c4f13bc13689ba11c721c66d_JaffaCakes118.apk

  • Size

    10.9MB

  • MD5

    98d4edc8c4f13bc13689ba11c721c66d

  • SHA1

    767e02818b31b5025972c3f49632c01a66f4ddca

  • SHA256

    407c990ca67690cd5751c27687ff1d10a23e954e1b3ac9f82a07de61c303acad

  • SHA512

    ba286e587df27d9b96ef4614f819fa27470411ade34284cf490fc767b6cac5cc510807b7c6bf305d677785b7031edfb7c37ea89aaecbadc0d2b0c2748f1c5d87

  • SSDEEP

    196608:dds9O/xGXnb1C0ayoo5SFhZWlo0WuSYBMwoZV711kMe4lf0AT9CrTL1XZZLOt4f4:psfayoo5SFhSWeUZqFw0AT9CrTnHI9

Malware Config

Signatures

Processes

  • com.yxxinglin.xzid510028
    1⤵
    • Queries information about active data network
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    PID:5222

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.yxxinglin.xzid510028/databases/RKStorage

    Filesize

    20KB

    MD5

    54f008d498ad6d5b380f1d40c5c1e264

    SHA1

    50d65b2057d0bc26243426f219876b19c688ea25

    SHA256

    06246f3875b8aed8af0eaa4147bdab93afe3a31666c06e94000011ed5c47c97d

    SHA512

    0f5e65fd15a00d7a544de27138359d6559780cdbf547f4f6cf85ad81be8e0c9d81b4c51449c77186113780adbfcbf44c0104189dcc11f8b92b317e81235c54b8

  • /data/data/com.yxxinglin.xzid510028/databases/RKStorage-journal

    Filesize

    512B

    MD5

    569e80f4c620ed4ed19e9a9d67e48f37

    SHA1

    c8ff682651378b7e2447bfb9eb467738f64a53e2

    SHA256

    acb00871e334374f51ea4d901a5e765593f71ba6d8d598b8b69c9632ddc0668c

    SHA512

    d4fbef4e0ca1f5441c9aeda1d452c002d92de58d3fc65badab20b121a0832ada904f30fe004a0005a6394b36c7d38e8848de7b0721de03cd8f67873e1518b281

  • /data/data/com.yxxinglin.xzid510028/databases/RKStorage-journal

    Filesize

    8KB

    MD5

    1e2d6f871916620301863dda7581204b

    SHA1

    838d740496e1d87d7d033cac2d6888ab240784a4

    SHA256

    ae20ef9eb92633ce3bf7db615f9ab4ea4e466a5708aaee4a6bd221723c9b45b7

    SHA512

    531892e315af5345817751ecf2dd65fd83e46a7eace853122bfd83a61ac0d0ad7a5b0ef6870ff86a725d31db19b98778e6ba06a30353e54682ccc1853bcc6ed2

  • /data/data/com.yxxinglin.xzid510028/databases/RKStorage-journal

    Filesize

    8KB

    MD5

    adfc75c7ce8e8962da626db1a0ed6dfc

    SHA1

    591c9ef9226e02636f836cad31dc9b4165d785d6

    SHA256

    f1c505ed7cfa22514508c7457fc48d5a9612db5ad330427b5588556a76de2e65

    SHA512

    46fc32fdc44aef9c1f9b97a3b752ee0824152ee17867f8407bc542dbb41f8e9dc45fdf4b72967879515d686ddc608bc35f5f5b376a807c0a3ff37c4813491eef

  • /data/data/com.yxxinglin.xzid510028/databases/RKStorage-journal

    Filesize

    12KB

    MD5

    9382eb07261e82da9a38abb58c2faf03

    SHA1

    e0bc8ec0b9fe2a24472f042543eaf9d696a3b6c7

    SHA256

    950bbd5c0b9b7c18e8cb96a917f68ad9d2e95886b14c82e59944e4303e9c7055

    SHA512

    9964f19666b16195cb503008f59e7d524ea245686d9ff77cb12bd85f50e57d023cf598da0686dd789bfe063632b7994a215b5a0dfa71a1b070d3d3da01ca1627

  • /data/data/com.yxxinglin.xzid510028/databases/RKStorage-journal

    Filesize

    12KB

    MD5

    1a7cd788c6a7f82e1ad629e4631f07fa

    SHA1

    77afcaf455fa17028669a9e6988555ce0717d210

    SHA256

    e0b4c3df6fbb8c2c29a40f0ec4622b423d0d67acba5b24a19d0c4d05ca95e324

    SHA512

    e4bb44e93b606ee33d6588ba9b27010a25666ea3cb790a56422e745566afafbb8f3f4ea1cd354d49c87e5079c4167912ac948a48766622de4126a9e2056553a1

  • /data/data/com.yxxinglin.xzid510028/databases/RKStorage-journal

    Filesize

    12KB

    MD5

    95c69c8503cc6e7b626f00bdeeca1cbc

    SHA1

    f5eb23e3dd6af8c61cff394c69ae9d2b14e1738c

    SHA256

    bd5385621f2dbbddfa640e2f91db761da532a5f81773a2b1b6138324add17a49

    SHA512

    5c88a462588d5928d52a7cbff7456843f08d79fb4dd899050d2780ffb9dda8ea2f0a1ade50ae64e5a349c72c49b883444c85ddf90ee54947601e9ab5d7ba78c7

  • /data/data/com.yxxinglin.xzid510028/databases/cc/cc.db

    Filesize

    36KB

    MD5

    0908e924aa236931dc7166fef6e00862

    SHA1

    7782648d6d8f6e835bd47058d4852932c096a467

    SHA256

    38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f

    SHA512

    3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee

  • /data/data/com.yxxinglin.xzid510028/databases/cc/cc.db

    Filesize

    36KB

    MD5

    67c12933d1e0e63d9801a6aa43092ce7

    SHA1

    b6936908554e4a1986b8eb08289e2d3545e8ff74

    SHA256

    abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40

    SHA512

    db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd

  • /data/data/com.yxxinglin.xzid510028/databases/cc/cc.db-journal

    Filesize

    512B

    MD5

    cdb03e9cd664f5d26013e1ce05fc69e3

    SHA1

    a6132eb67d45f7129509fdb04e089b8e3571a9a7

    SHA256

    d35aa1600cd511b333e4bef1f656d52a391a51407d722ac514191182f30e35c7

    SHA512

    7e013ce7af2aa4744f3adc3b432a72e51e163beb627e06a4e2a2bd1edda823263df511ae3c35a822424c22a979fe0def808b516a7e2f2f01e87df5a6aa3fe483

  • /data/data/com.yxxinglin.xzid510028/databases/cc/cc.db-journal

    Filesize

    8KB

    MD5

    127193a89423ec70ea01a8d6e25caad7

    SHA1

    9fbc32f604e3e43ff6c611dbe80de30c83c87272

    SHA256

    4ec6db20e3f879d38906f8d1384c63c77e1f8936b0eb61cff420cff89c065810

    SHA512

    daeec771a1cb48fff7345cac77b1683f14a79e66c1aba3b993854c9eb4f16d0e8ad5bebf0dd09b70ac6d72fc917c182be824087b06438f10edd55c75f8cf82c1

  • /data/data/com.yxxinglin.xzid510028/databases/cc/cc.db-journal

    Filesize

    8KB

    MD5

    56db8861f60b32d1dfc97d8145b92e0f

    SHA1

    3b4f46edf749af188bf32a3606fdc7d571ae25d9

    SHA256

    fe098a8dd89f4a39ca336f70cdac64a7ea38385aff215fb87365a6249e644814

    SHA512

    5270390f0181d87b653fe151d8a058490ecf775639a20cb0f7745adb7b68876b2e1955163f8739ba726f5684611d6d350f8bc0ce611adc76e346696120371bd4

  • /data/data/com.yxxinglin.xzid510028/databases/cc/cc.db-journal

    Filesize

    8KB

    MD5

    53a0756e60d7f36191cc568237ae95c8

    SHA1

    fb64245daa4d1b00924a20be39407afe535770b7

    SHA256

    fc68b204e1d827e2443422b8706f68f5aae675c1fae434b43d66ea304096c471

    SHA512

    bbcde7ab010aab82923a726cfbbcf0d3ea5b9b60b308d0f61bc2fcff292bcff42b55102efe75f4eb040c1a41c0007855f48535717bb0e3a1dbe83b6a9251f297

  • /data/data/com.yxxinglin.xzid510028/databases/cc/cc.db-journal

    Filesize

    8KB

    MD5

    44ec7bb98e940c4205dcb67929c3bc96

    SHA1

    14062c6acbe3ea5526c9e776768c45932ee40afa

    SHA256

    8e83d18c8b3e3fed0455902816cc0ee80d453291ecb4434cb9ede666beb324a0

    SHA512

    4914252adbe1198bc04ff312e852900311ec5f2ec04601aa83a7d63d50a3177bf769a0ea0b8b17e719e2ef5cec6f833a5e052c7386f178f0112c04c6dda22c4e

  • /data/data/com.yxxinglin.xzid510028/databases/cc/cc.db-journal

    Filesize

    12KB

    MD5

    3dc33684286789b7f80381240f3b9298

    SHA1

    26b7332e6d29e3ec7870e47d2ef9041539138e6f

    SHA256

    5ad394ad4c4312e02af3cf83e5834bdba2b46c3de8e082cafb3fdfe28d99f4a4

    SHA512

    d84817b6a3b0fe2cf6fcb61cc8ba49aa7e6c7aa33924d499153673c843193936269a841784cb608293160688b4a87d90d6281624366548c011c5d8e428e04280

  • /data/data/com.yxxinglin.xzid510028/databases/ua.db

    Filesize

    32KB

    MD5

    74f34674d7f020b020facdd61e2e247a

    SHA1

    e77e9d48e3c7dde5570177a364e9460a837d5d8b

    SHA256

    9715e09018130d6b97c002ef6fdbdac61f9e1ec6f7dd8733b601a0b6ec1409ba

    SHA512

    04510d8e8c00695a270557fe46cae7941887c409ece436f12e9d8b5295a0c1f27c381ee912b958a883a5a1abfd51733e575d2e16537fcfec0cd8af73f655509f

  • /data/data/com.yxxinglin.xzid510028/databases/ua.db

    Filesize

    32KB

    MD5

    38564ad4c73e5619bc2264b0c44997a5

    SHA1

    e55f6fe1b20347ad4cd58d77af0b0feb149f63d0

    SHA256

    1820a909a310bf7bc4ddaab6c8be3954dedd53612749f7bd08fefbef31670ec8

    SHA512

    30d84731a3d8380e63bb73227623e86bd779476474269f252abe546028531c77658573874444e66b862ea049724e93a9344b1d4fd9f26c0fe02a79a4079a9a7d

  • /data/data/com.yxxinglin.xzid510028/databases/ua.db-journal

    Filesize

    512B

    MD5

    e215ed8f0b6690bc7650512d369df435

    SHA1

    f9e923561438ff974a1469fa0503e5f6d0948e8d

    SHA256

    5130674639dd7412acffc0c0461d0069439c8cbf5e42bb9b6ee7269f859c4255

    SHA512

    ff6b3cb1a946f14fcdbc34c9e1abae4c55198243f351f5b7d48f41d4a86d8583242444d02133b3a814b0e9e4e23cef71472cbb4b40132cfd8fe244b3bf32fbda

  • /data/data/com.yxxinglin.xzid510028/databases/ua.db-journal

    Filesize

    8KB

    MD5

    2c513855b40bb7df12462eb53b5a72a3

    SHA1

    7ef9603c82153d7ab13ee6107a5eebc331c5f3ac

    SHA256

    b46242d0f0c55036184207287e8fcaebaca6a6dd3103eda44fe9626a9f4fab11

    SHA512

    dc8a70301d3900a3b220a4a55d568d8ce6ca279c8c4120ef406bdac845cc32bc88803f8c19a7e173ec315465c7c6d088b8c23f60c085510ca10f881478226b4b

  • /data/data/com.yxxinglin.xzid510028/databases/ua.db-journal

    Filesize

    8KB

    MD5

    32594df1c3d978b527c8fc0b57125608

    SHA1

    190cc0d47bc03b53730f4022547e95d30707cfb3

    SHA256

    15b399e64ea956894edc6e43dee77867124521f90f1331f26c4fc3dc2322d232

    SHA512

    a2fc831b779c9e6fd99d2b33cdcf5647a648780723ab4d5253d34fcb6183cf3b5ad1684833df1c4482c85c1b1e6c1946fba508856e345d350ace9dd963128612

  • /data/data/com.yxxinglin.xzid510028/databases/ua.db-journal

    Filesize

    16KB

    MD5

    030cbbccc40c008ab92021f6f08e29cd

    SHA1

    2c8b3d4704de45c05932c2cd0cdf2eac3cf73de1

    SHA256

    a50db9b7bef67be8eb9f8a72536062a8349deb05bf0bb5358ac73cced30cfd73

    SHA512

    b42558b81136c02a5ca827b0d80289c87f01f6d591ae15d721a1ed020486d00525502eeea1131c1b6cacacb93da24abe034ef1bb86c4d3c58c0b526d3fb3ee17

  • /data/data/com.yxxinglin.xzid510028/databases/ua.db-journal

    Filesize

    12KB

    MD5

    90dac57a7d9a36f5eb7e6d7dcbe06ae1

    SHA1

    6ae90d0f3da0c10967874aefcc9b33a1c81d35b3

    SHA256

    11b458b1e027b2b00fd67d8e8ad0d7f67d1ec0422863c898997a6c2acc13bdb0

    SHA512

    a67135ac1a374f6fac9ec27e8f878a9435bc90eefef16191999d9d3f3bb40d4f10245ffa40dc94f2c29a02ac144fff828c0bdb6edd3b8726fd4f69ad572b760d

  • /data/data/com.yxxinglin.xzid510028/files/.um/um_cache_1717610057176.env

    Filesize

    1KB

    MD5

    eb3dcbc1e36668645a506fde4bd5af33

    SHA1

    45284ca397ccded625a9adf6bdc45700473fa1a2

    SHA256

    66a342c219a79e8afe51f168285cdf7c3351d2867b82e6b6e0b51815bc0aa453

    SHA512

    8c53f27fe0566c5aefabb5a57eca6d9cf113d3838175a5be715acc5531af225c43e7c42c4a8a33eea5b43bf960394647d9d260d30922741c4f348505e85637b4

  • /data/data/com.yxxinglin.xzid510028/files/.umeng/exchangeIdentity.json

    Filesize

    162B

    MD5

    02bd016c9f24e6c96c606637cb6b29ff

    SHA1

    911dd95869399b884a14ef02b8a4bcace21a5e54

    SHA256

    56f51e960fe07fe932745f46fa5ecba0600f2566111a336c6c123b6e72b026a0

    SHA512

    0e7bfce01fd24c60bf4706d5905f8e2b491b12772ec9813f45a3fe84f485b413cba6ccf6f028561b8a22114844f3617930a8ace818482898d7d6fd9166c32ec4

  • /data/data/com.yxxinglin.xzid510028/files/exid.dat

    Filesize

    54B

    MD5

    8eca6f1cafc0b3b293d3d25476339bf8

    SHA1

    f0175a2a6c166ca6be7bfaf3a01e0073a28e765a

    SHA256

    cf0563c7683abbf91edcb5b3f5ed516c6c544d2f4e05534757730a157e802095

    SHA512

    76d0158b3d5861de62dd477f6421f0f60ae102752e43a45cbc26223d3d24a405db768562ed8c8c1fa661ef6634ab36763a961aec534c297dcfb8aa33f691c098

  • /data/data/com.yxxinglin.xzid510028/files/umeng_it.cache

    Filesize

    433B

    MD5

    52555f0f0dae310082bd538c034d1183

    SHA1

    556eb656dd543fd913371f19c1d763ffd0a036c3

    SHA256

    1a7d772801fad8031677481efa3adcc7be36108fd3510d6669fd7dbca4ec1ade

    SHA512

    228e692660a81e32fd0411b0483d4ca53ecfc4d850fd1f2303d69e0d53b65f18992106e39f97ef6d03accba417f3666ac293a402769b180683f50540176e3d0c

  • /data/data/com.yxxinglin.xzid510028/lib-main/dso_deps

    Filesize

    156B

    MD5

    38891086d77c253b1361a5f999a1cb20

    SHA1

    9b38a7d5a47071e2678523b13a34ecc075477307

    SHA256

    0c9c6e473b8aa6cfb8c222b8faac0c66372e260c5965ab8e241972f2dfd1de35

    SHA512

    c3df408b31a807e82c77b50b3a06f2cd3ffa112d6b5438a69408741b856cf18014c81d8f613347f6c9e3f56cf814eca655b05aad7ab559b02f40135ab97989ab

  • /data/data/com.yxxinglin.xzid510028/lib-main/dso_manifest

    Filesize

    5B

    MD5

    c06857e9ea338f3f3a24bb78f8fbdf6f

    SHA1

    c5a0a2529d2deb60fec041b4fbd722a2ebe31702

    SHA256

    957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

    SHA512

    29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

  • /data/data/com.yxxinglin.xzid510028/lib-main/dso_state

    Filesize

    1B

    MD5

    93b885adfe0da089cdf634904fd59f71

    SHA1

    5ba93c9db0cff93f52b521d7420e43f6eda2784f

    SHA256

    6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

    SHA512

    b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

  • /data/data/com.yxxinglin.xzid510028/lib-main/dso_state

    Filesize

    1B

    MD5

    55a54008ad1ba589aa210d2629c1df41

    SHA1

    bf8b4530d8d246dd74ac53a13471bba17941dff7

    SHA256

    4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

    SHA512

    7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

  • /storage/emulated/0/.DataStorage/ContextData.xml

    Filesize

    111B

    MD5

    6aa4dd1ae9db7fc44c2da364fff727a0

    SHA1

    3a0ee43d45a048ddefe8df2c5fc836b1ef9ed41f

    SHA256

    5a20acb3f259860b0376650dd980932975003dca8f1c8e96ec94adf8a768fef4

    SHA512

    4111a7bfeea0d5c4846bdf272cdeb3318d725bf53d5439d8e6372c70479b97b9998a4f42077e8c95c887045dfe8dae61aa9eebbffe7defad846383c4074d37c8

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    111B

    MD5

    63ba721e2b80d31c13e986159719eaf4

    SHA1

    841975c9f65ccdf90711dba9e36932bbc2f4c37a

    SHA256

    08fc881a8cd2ab1b8d47f0b70257903c061629bc7da2866d5b85c32c960a6f3e

    SHA512

    7ae5c74419daad1166a546a9c012371f498ca4ab2ec1ea096ecf27f274889d17922077028ac1092b7f268278a312692779cfd7187560ca35cdfc39e3d88f4223

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    407B

    MD5

    05cdc61446ccecd1d42ebea0f02e5383

    SHA1

    13d2138e441001c3fcbbc29a4cab6ca7d7e59ba0

    SHA256

    02cabe9fa233b6e02ed7b69632c96c28d9758153a1ab88f98c0f7ed6b23a9611

    SHA512

    ea392bfe23bb2bd91199fc89fd377078c9d866b06519204659ecd78e78d67c48ed07de47e25c1db40892a6377f3ba0c0518ca9d32be1ed5dff2e9a0543161b9a

  • /storage/emulated/0/JXCP/aff/com.yxxinglin.xzid510028

    Filesize

    8B

    MD5

    4fa7e26102afc285def55883c283d885

    SHA1

    ce1709a188ef1213291453f4751e3c5c5d048301

    SHA256

    ec600619d127b4524746c2668a7e5bf700042643d25951f1e6feb99bac4a4423

    SHA512

    c0191d0e19a0ececfb137fc102a7ce92b1f3b9d65c6e8e21f45cb9e9527b17b6a6e0bf68ef0216b69c3e0795556de29ffd7944d3dacf847b2b5f0e2813a5d3a2