Analysis Overview
SHA256
5ac6161e21943feafe24ef1d17f0b6fc9cdc3ca733ad754cb0c56b68d7a9713d
Threat Level: Shows suspicious behavior
The file 9a868c13ca6f47fb6b234547ee2357f9_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Queries the mobile country code (MCC)
Requests dangerous framework permissions
Queries information about active data network
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-10 11:35
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-10 11:35
Reported
2024-06-10 11:38
Platform
android-x86-arm-20240603-en
Max time kernel
26s
Max time network
138s
Command Line
Signatures
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.MyFusApp.yihaorenqiwang
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | yihao.dswang.cn | udp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
Files
/data/data/com.MyFusApp.yihaorenqiwang/files/AdBlocker.lua
| MD5 | b3dd91cb780ae5107d2169e4bd1a95d6 |
| SHA1 | e72ef4c408940e9f46c39c1505d20421193925f7 |
| SHA256 | e0e8d0b8fc69c370c062e75c78cea5a97db29484a4c6be66e14777f5db72816c |
| SHA512 | e88f497cdab055fa0cbcf66fe0a90bf63c91be6e987f91dc036c31f7ff3d9732959c972488795797bdc20d6ec7eed2e5cedd149a5709084bead599d79dbd08bc |
/data/data/com.MyFusApp.yihaorenqiwang/files/BaseFunlib.lua
| MD5 | 5b914564e81b2a5ffab882ab0ec9b9a0 |
| SHA1 | 343c0b9c7d5594283b830011bd6529ef96be1f8f |
| SHA256 | 8375a6a543f2d032bd60b5fd9cfcbbc553585f4b71c5dc8c88d3474ae4d71308 |
| SHA512 | 5526f667f84c0fbc8a4dad70fe06d80c111ebcdab72cc5a6964c7e8bd74268db8b3653a9f9f320819688c546b108146c030d6064512007ac63ccab3b0d18633e |
/data/data/com.MyFusApp.yihaorenqiwang/files/Util.lua
| MD5 | 5a8ff165c1311abe780b092ed79f684a |
| SHA1 | 353cd2b240f7ebb7ad51dee8ce10ee85676a88e0 |
| SHA256 | 142269a62435d8d372c301d99096c4e2edb79921a8960291350d3c323343232a |
| SHA512 | 1a4e4c777540741482c7da01ece6cfb19cb167298cf052178eecee5b8a5f4510cd89d60ab22950c1258382701f5dd22ba5917003aaf22d2fb0e668baf310d0c3 |
/data/data/com.MyFusApp.yihaorenqiwang/files/config.lua
| MD5 | a90831731abcd60918b7a02ded48154e |
| SHA1 | 33ae35899cc37a17c8f963686de14161d9e18374 |
| SHA256 | 7d48a6435cdd427b7e014e5d445d8f2949d68970ab21636b01beeeeaa54a1d11 |
| SHA512 | ed57909f03f4300a56a62e6062f4450839deb4ff517d75c078683d74a6740d9a195b031603b3567ec51355d89786f7d87d7e0c717a2f2ac2f1f563d06721b23d |
/data/data/com.MyFusApp.yihaorenqiwang/files/icon.png
| MD5 | 2e2d4d12a5649b92ebf87619fd9e81e0 |
| SHA1 | e277d4fd8122625e99bcb0606c419d2fe0329bae |
| SHA256 | 3a87360e5b4635023120868d268ea22e35d849ca8bb4a8bc6014d4da7b403375 |
| SHA512 | 5334ed59b2aba2b409c46b3ec271806fa56eac207150e58c5e6b48d4b48bc81360b73d603590dee15ca8147375c9e0d9dc558149f84597e7010b028f5535fab1 |
/data/data/com.MyFusApp.yihaorenqiwang/files/init.lua
| MD5 | 0678f73db43b02879d0baf264106057f |
| SHA1 | ad2d4648f08c086fb9df68ed2cd815b42b7a2886 |
| SHA256 | 2df675ebe6ddfac2f581624e25e9be23a3e4334fa988cc327f0a1cbd7edc8262 |
| SHA512 | 809f7d625a465525fbc08eaba5a6cec16fa859f8c1bdc9838cfcc21e9d1b2fddf1126120452f9d7716623adc90ae9912bc3518828c939fa62e1b02455f2eae0b |
/data/data/com.MyFusApp.yihaorenqiwang/files/main.lua
| MD5 | 0c6625fed8c0dd21ec821ab150b40692 |
| SHA1 | 0c90934bac177f48851c2b245d04381e5d0d033f |
| SHA256 | 494377f857f7fc69ff0e14b48b443843342699b570a615a8e3d6821858d46bb4 |
| SHA512 | 3267b8999f7a26d113205eee31532c98dbc62bd6de426288c043860151e58709730f89e2b8d31738570c8a5a1fb08ffa416d74ebf7e5ae18e80b024f5dd0da47 |
/data/data/com.MyFusApp.yihaorenqiwang/files/popMenuFunc.lua
| MD5 | e383e05957ce8fe9aa10f239b105327b |
| SHA1 | 7a264a0889d6510e6a0f02b9aaa4d68667bfb735 |
| SHA256 | df9a884e57cf43f76784bbc0bfa26178952a3315049daa0efdc05e237f9c4d54 |
| SHA512 | b647875a868801ca1ee6689f7961cb7bb0b96278a99ec1a9b918db5e378bfa725cb4a1d1fa6cf95c8ef4d1eb59bdae00e0c86a4ca240b472ee443da897edc6c4 |
/data/data/com.MyFusApp.yihaorenqiwang/files/sub/1581745213/config.table
| MD5 | a14274d861ca73731e64d0180243c960 |
| SHA1 | 4346e227112caa44ea1cfd8a0c6de303863fbb59 |
| SHA256 | 03a58c1255483381e1e00b09bf8689c16e7674d20ece0b7286cc126b2ff2707b |
| SHA512 | 7be94effefb863ac983fea78e626461b17ae97f9cd4347262505e6c4a5a71dee98cd2156a5e62ac64beda20af297dbe7412413252c2ff9a89c7ea4a5a8673d69 |
/data/data/com.MyFusApp.yihaorenqiwang/files/sub/1581745213/init.lua
| MD5 | c341cfc744d876b923b2985de354afe4 |
| SHA1 | 57fb3e583ea8e65e01ac12bfc71b8ffca11da598 |
| SHA256 | 30e6241ea3b109dba62d45b844e22254b7d231e3402cdb03c29f2ba062031990 |
| SHA512 | 221046025282d529041c97a0ebe078d833fc002b051ac2386e36e2b14a1bc46c4f74e4308846f137a7c2936a1c7a801d01418165a542d3e5cbbe3d2935efc4cd |
/data/data/com.MyFusApp.yihaorenqiwang/files/sub/1581745213/utils.lua
| MD5 | 58b3c48daf9316e4318a8ab2dcb86c29 |
| SHA1 | 330129216d31e7d4bc754fefd05745b97969070c |
| SHA256 | 17e75345a9a93cc6f5bd8c85c9d3851b124e81d451313a09b5f4ea2fa3e569b6 |
| SHA512 | 50c496bb4a5471513f4c5c39b80ced80353ffaba010b38cc75313518b9087dc2a0d8f80c4eb1a4eed229ae880d770589e9c3185a2f8947577ceafd2cae1f0e3d |
/data/data/com.MyFusApp.yihaorenqiwang/files/welcome.png
| MD5 | 1fc46aac9c575fe7be1011757833b6d6 |
| SHA1 | a744e2387ed58c82bf2e87e39055676287fba58c |
| SHA256 | f330536bbbde1b7b72f64dc528c46cac4dfa098e1a6a149d271883deb739e925 |
| SHA512 | 4a2717e85c577cbd1193ecf1ee324615fbec086ab97d94d704e8285eb84e5ca7bce7c720bb6369044748a5b989420825674266294faa8d8e657636afa9dd60f0 |
/data/data/com.MyFusApp.yihaorenqiwang/app_lua/import.lua
| MD5 | 35f2594998b871efe01feb631eedcaa8 |
| SHA1 | c8f0737859fb9b2afee46c16c1681860297cc212 |
| SHA256 | 3259dceb0a7dbb4117f62b5ff2c24fd54def478658fdb81728af3356c4cd41b3 |
| SHA512 | d447b95dda0e43929f8446f243df7a3c9cf94ebfc15491d703d8bb365e3efce25b8ad1043693c4acfd958ab2f455a650cd6e8125045890822169927ab10003f1 |
/data/data/com.MyFusApp.yihaorenqiwang/app_lua/loadbitmap.lua
| MD5 | 5cee84e76661f218683a84d8bc94c235 |
| SHA1 | 95c21eafd2d614b29e94bf883258c93cc1e7870c |
| SHA256 | 76280590358396730600471c6a06d7c1547d617c3cfbc91f2dc545a574bed2fc |
| SHA512 | 94169c7f30506a3e7f928ee4ce8a3b43a7f4ce821bb24596d477be34ab8186992837efc9152a53a31c0441a44a895d09a3b68407beeab7ea77b3e526aac3ac66 |
/data/data/com.MyFusApp.yihaorenqiwang/app_lua/loadlayout.lua
| MD5 | db9b960c8c43da10a87812029ee7f5f4 |
| SHA1 | b5ca83f694c5ff51d405dc679a518baecdc45b2a |
| SHA256 | 436ce1d2ffb72829d7e2b00186ae4dd8f44f99d8e7cb67e359c37e260fb96efb |
| SHA512 | 2b48a4d223ec8d145c7167bbc1c32c66225b3075b2fd03ce00346bc5b0c62c6073065f93303b4981be8cc87ae26a310d209ed46ccaff3ae097e116e45e5a7cc5 |
/data/data/com.MyFusApp.yihaorenqiwang/app_lua/loadmenu.lua
| MD5 | 439087f12946e6a37f25d5d12a20cdd1 |
| SHA1 | 1770574e5bfc5053d1fca62dc671d6efe077be38 |
| SHA256 | ff21bfad844982e7d3019113f3a014f099c7daa63bded998d51c7b6dba033989 |
| SHA512 | 7bff6c5a5c3635187c62fe5dd5d9d6cd46e1a60c74a6143627847a039c0da7278a8915d51c0e4257840f1e507f95e2175891f2e72abd7895879971364f1a7c87 |