28291d3743e9d41cf7a991c2d84c815bd491b8e71039de62618d180ba6d39adb

Analysis

max time kernel
63s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240603-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system
submitted
11-06-2024 02:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9cbad43839fc84b1afd2e51bfe825ffc_JaffaCakes118.apk
Size

8.1MB
MD5

9cbad43839fc84b1afd2e51bfe825ffc
SHA1

3311d2e2bb7368a9dbba2f1cfdd313d917fe14a6
SHA256

28291d3743e9d41cf7a991c2d84c815bd491b8e71039de62618d180ba6d39adb
SHA512

c0afaaba30d48df8ce3d2e1d8179aed695ac3e45653e5dc964c8e80fa0b1ed06dab837f4c986c39987ba6d0762d2802969962e9b345c5d233f23678e1dcf93ac
SSDEEP

196608:OivN/fOLIglltkhWIlocYZDnHwpjDZSQkvw10/4hZ:OGKjYocYFOtSQJW4Z

Score

8^/10

evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.ismaker.android.simsimi
/system/xbin/su	com.ismaker.android.simsimi

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.ismaker.android.simsimi

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ismaker.android.simsimi

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ismaker.android.simsimi

com.ismaker.android.simsimi
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4565

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ismaker.android.simsimi/databases/google_analytics_v4.db

Filesize
28KB

MD5
c3ca1bc9baf88af59edf8a9884017d41

SHA1
c116cb6dca27be1f8301b0e899d444d86042ec6e

SHA256
10603c20b25363b0008b6332081302308f6520b34b7df249e5b9b3f0fccc1102

SHA512
ac78aca08fd8f698aa8d6650e85d7627ea151a8154d3981571ffc2b3f04b8d31e540bad44af83e7213f9175170eb0b87039cd7575b4dc7a01c1b84a369038e2e

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
e499f6a59c0d4427d6f8a030424d8106

SHA1
e595487219281ebf0f2de525f85d049de63afc9c

SHA256
e45f6a348501d5b9697d6cdaf092a3733f81e137a3a54993adc1ba27dfb9005b

SHA512
3fce0cc4b0d5344ee0785f815ae03d9d33fd56ff3ade79c555f8657a27274e7b696d67bb3e991fce7c3a0e1202ed877077f98cbf822e2ba8c6627034bd575070

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
0ae1d73975aa9378b36901ce0d2630ba

SHA1
c60e8b0b8e4c017e2206ef000a2028ddfc270b4c

SHA256
b5edd5e42b74334cb9a35a97f6e273bd7a9ae36f03d47791c1d4d21867c588fc

SHA512
59bd2cbfb4f94e81bdc7927410f53a43f700d083e0d92e24822941b2b75ef47fe34290a1e199b40f639ca2aaa5f9c0d7ef72628f81b96e7ab5353d52f15f28d4

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
feb3909df141d086646fb0c9dc19d081

SHA1
68bd16e4310c22ad92ff06582043af768261a483

SHA256
6c2c1cec8a54d25cc601437549dcb8bbd640e2404f2a61665a4763b89511959a

SHA512
f9add884aa009318df12a62594de20475b9a973b72142fd3cf4759579951d38a7606dca495b9cb4377c7e7c9c59c523e72b0e252d9dd24b6d0df6e53cb6f0354

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
087b1b03d2c31079ce5c5e44b166ba2a

SHA1
13a5e1f9e7bbfa142d6c39d193ef0df4eb473ab6

SHA256
681d6ed0307398b181824c6a8364229aa47c9abd9ef763484c1d1423b1ac27eb

SHA512
65a2dcb1cb0aa92f78bce1cc579d0fce73bce6cf106a891c07b10e93a5817a26b5b2f9e4cdad81bd056795d92151e8b66853a5ef7cd20c26737ffd090293f1f0

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
b29de63df19fe05a74a562f5d4afa09e

SHA1
0ea9018127a5810ac3b0f4a3984e4a2cfcc6b872

SHA256
a14dd3068e348adc0c5344c200d64f55b6eeae3830698b5c745a39b2ca52235c

SHA512
8e19bab34de59f08254cd09f1b6e47a79c99903451dab3a078a405bb1221420a44fe128150c8119122819366ab09021a70673052c75439928b1b7e1e6bb82cf5

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
ef39fdfafc56b9a83ef403b4cb68ee0d

SHA1
7319d76e2e6db3a1d57593089177e9802087804a

SHA256
929eed58bd32dfcbf2e292b4f933fbcd38ca6094f14162c854f7eea5dbfa5c46

SHA512
0866ba76c88bc80c09d116147752d17a66c9ab22a703aac9390a47ff59e102d0ee7cfaf26290afeb152064074110b6534e8e4b10d98bf31233f04deffbf12e72

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/simsimi_db

Filesize
24KB

MD5
adaef899317926faaea8d52e2b13cc74

SHA1
52d8f714d4800ceca85bb9b869cf92d93c8b3ff3

SHA256
4ac1c49132bdba3f9c76cbd62231695cc0d4df10d42ce4ee89369ee38981b8a1

SHA512
82a950561d9018df9b11f339443d67dd07de455930420afae52ea530ef10587c7a4d1391b04b178e6c71635b2e19e3e6e24ca1b6c5809ca95a97ebf9e1b723aa

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/simsimi_db-journal

Filesize
512B

MD5
0034443e78e5110690d4dd7ab07131b7

SHA1
fc51159fc51bb24f478e41fe0eb2c2d925eafe47

SHA256
a42b884586f9b9da1f25d21e1d2054e32b2ad7f2a65ef25278fd565da067a28c

SHA512
a6fd2c43ef6438013d3b223098cf2aa2158eb62b621b14296d2042c0c0e86f47bb5e1496de9c949c682d3d22ef586141daed7ffe28bc66c8f319f205d2c74356

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/simsimi_db-journal

Filesize
8KB

MD5
29e556543d74077c3ee378159cafcefd

SHA1
03ba32cc6c7892d2adbd92815f44e5a7a8e881ed

SHA256
c8ba387b68898540abec78ce87886caf8cf2ba4df0cf721c0afd9a0bd8b3b86c

SHA512
6aed0630b8a98cfb458d184ce5edd91315fcbbf80a1f6d849c03031940b56da89227ffe24cc442386f70591576f03d848bea449bc7db2d4583f4f3a2e9b707c8

Download Submit
/data/user/0/com.ismaker.android.simsimi/databases/simsimi_db-journal

Filesize
8KB

MD5
ce7078222113f6c1adc2d9bca733176a

SHA1
d768300b49a8c84a21c6426ff445fbdcde4105ba

SHA256
caf28b3e7d51fb997cca1f3f9b2889b8b3ec280116e665927cbd661410828c2a

SHA512
804f8cfb06cf80cb058059bba17dea67301e99f2a53c027f53aadb434a7801b7d223b584493b04ad43b8ede400681aed7190c0808d4700e7aa144fa7edeac172

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6667B7040049-0001-11D5-CC5FA2D08167BeginSession.cls_temp

Filesize
77B

MD5
5d0e3ee757b702409b3586596ef674f6

SHA1
8528665b5bb6ac2012ca227a645a33ce05049097

SHA256
1063a0f77fbd46f117288ef490de024e5c1331a1189c910fa07ba3a60bfcf855

SHA512
bc58d0c87c753ecb118906539277c4d1686c8f4187960db3b05fc64da8bce9b221007ab62d95243940de7cbb9653e805fb3f77af220dd7ba7c04c7f0cbdb2e24

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6667B7040049-0001-11D5-CC5FA2D08167SessionApp.cls_temp

Filesize
125B

MD5
0027ea92fcec01a8e649cb864bb398d9

SHA1
13e040eb2a8dc3728a9e22464a616afe44d39972

SHA256
aca6ed740529b7b9311be01a630cfe37bbbc7768db9eee0a2fa3e98c6ec5d528

SHA512
8a02257204ee2ed4ddd79fb8d9e0acd0d1e000c7dc63b4aaa56480daa2dfd3978ee5c9e77f654129bc13a9b709869b6967afd8fa88bfa8a1ab7a02d1d848fc36

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6667B7040049-0001-11D5-CC5FA2D08167SessionDevice.cls_temp

Filesize
144B

MD5
69fd2654cdc2f0c1c830970321a185b1

SHA1
80e12b65aa50d5ade4c6b1eba2eb0708ec5f5a6b

SHA256
5a06e0e8982b1c792bfc5cab7881fba517f4556e3fd8e1578300c030ec7175ce

SHA512
c4eb16d121e2550cba9479f6624208750a7512cfbded7cf6db35dc0be887b79ed25b4281cb15a0d35e713f6a1e70baa915293a45f481cdc8998beafbe5717f75

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6667B7040049-0001-11D5-CC5FA2D08167SessionOS.cls_temp

Filesize
15B

MD5
b3d9541cc92a9153d14e5160f8d8c008

SHA1
2e1ac80eb381dd82a03795b682f92020348c0113

SHA256
1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

SHA512
78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6667B7040049-0001-11D5-CC5FA2D08167keys.meta

Filesize
133B

MD5
32691d5cec553af1cffa06461557ccfa

SHA1
d71c910df4e35a47a05549cc0639e2eec6faf53d

SHA256
6e92090bab1b6c0759f52a12d8aea76f4cbe677d9537b512952d3d93ba44dc3b

SHA512
5eb4650886cc285f813c85e8e1554f1fe678502ab02d00c09b0afb39ff82ca6433b19173a97aa66973f803839b813bca1beb4c25a491c4b8a95aef98bab93a1d

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
548B

MD5
500f47219aac8cc09af1350c1ac3e44c

SHA1
85292283036599f0abefe229cc4a2634540f4093

SHA256
54b510ba157a3bcdd09a67be50711e1613b90d3449b98d32cab455b97e48533d

SHA512
6759e0f3ef4a88c801a89c2c20d7518e26a49c8f786f6a959d1012c36a4dbbe842b7ad6c2777ccd78fc0d2e3bf98f65ac01ba8c445b23fa16f2b4b59ac08617a

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
5KB

MD5
7cda59bfdb21bbd57bdb4dffe3634e97

SHA1
650656999340d60869cc9aeb6b8060207f682a18

SHA256
8f4a735389f080d44e4df5e04f789ceddaf05ffc1fcefcdc6f2c2e4150c05a57

SHA512
7b4ad605724443c533a06ec01fe22e4171cf7497c5a902571fcf724ca0f1411790d7dbd33e6acb606a9e9d14dbc6e66bbb8a210ea3ff91860f9808fc3971d3b1

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_8285542d-26e2-4e31-ae0f-66ebbe5958cd_1718073093175.tap

Filesize
412B

MD5
dcbc754c62dbfdc80375de158d47dcc5

SHA1
37f18006cec9d1a0e215997bf3cb4c744f4c2c1b

SHA256
9bba0b1fd6a4b9d47fe8a96ddc75a54ae40ac66c79684fdd36ddf347039900c7

SHA512
ab4113769f9e5aab1463021cfc8d16e22879766ef4b470618c701a5199d647e1af0734833812c0038fa47c1a7ba8d04fbef9c44b76df375c96ebe047c29f9f13

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/gaClientId

Filesize
36B

MD5
d159925a777d5f11df9374a50cea75e6

SHA1
468aeef5281afd197abe72e64e7a9ab9b56fbee4

SHA256
3fe6d22ec1a9aaf3cc7d375e8c2170bac326ffb053a1135b72cc31089c2a2c52

SHA512
3f4580f14d23f9ac293bd1d3b190cde56e886a22d3866d2d4cff6d0a0eca93a20e9e050e6d658484997e4122548fe2c2c164e7b4b285edd167850d7a6a837d31

Download Submit
/data/user/0/com.ismaker.android.simsimi/files/gaClientIdData

Filesize
32B

MD5
9da7cf6ca301e90625d23363836e72b5

SHA1
190acd0b595d4ce828c9187422215532ab014487

SHA256
18f70d2dd0441110c41d04aa289b4d4c48024bbf0120b95a59746e4a769550ec

SHA512
0f5dae2f8e7000a0ceb024a3c40fd716bf970a620b3a179423947179cf62cc948e23cd63d1b382da7a03defc1023a16cb9d09130165b650b8b20ad7ad20d3ecc

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads