Overview

overview

8

Static

static

1

9ff03f062b...18.apk

android-9-x86

7

9ff03f062b...18.apk

android-10-x64

8

9ff03f062b...18.apk

android-11-x64

8

Analysis

  • max time kernel
    63s
  • max time network
    177s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    12-06-2024 07:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ff03f062bb0c58fa11380c290183b5d_JaffaCakes118.apk

  • Size

    2.6MB

  • MD5

    9ff03f062bb0c58fa11380c290183b5d

  • SHA1

    d19743f4caaf2ffe6aeb7afac5085cfab8a0693d

  • SHA256

    9f2043d5389728cb360c132e260c6fc61da58faa040dfca8f92395d6f4d87d6c

  • SHA512

    ba9e9475dbe9dce41a783fe9091edd50e9782fda7ed6af42164540cd727fd32783964ff927b62e78225b0b206f6438810b4c268a10b5ecafde235a2826e95b6a

  • SSDEEP

    49152:WHwAyxaFeaCHfn3C9uWv3Pau2fn5kJpvjDbtPBXiKr+pnQw:PA8Vdn3Gv/4nCJpPXo

Score
8/10
collectioncredential_accessdiscoveryevasionimpact

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.yxxinglin.xzid129039
    1⤵
    • Checks if the Android device is rooted.
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.yxxinglin.xzid129039/databases/ua.db
    Filesize

    24KB

    MD5

    41029b77da6a967339f3f027b3c82a10

    SHA1

    b2549d0aeeaddb6fe8a98af65607199e6db34388

    SHA256

    8fc31e26e81e0e079d35d08c0cc5010adfb2fcb6cc61e112615b05ddac7e4686

    SHA512

    9af784d7abde7ce1ad0f20686b825100b9438b51c2444615d7da6e1d81be1f3198c01bd811dd66e86e7a3952ac24139647942a3b8cadbbabe4545542bfae2015

    Download Submit
  • /data/data/com.yxxinglin.xzid129039/databases/ua.db
    Filesize

    36KB

    MD5

    4a8120c91e3143b2db43971dbc77cf8d

    SHA1

    37c5700d35059c4e0a718ced73b3d73ba5d2b277

    SHA256

    1fa1b6e6bd75bcef64d35785e2fd6f2e73dcdf92dce73c8b2a8fed49746d53bb

    SHA512

    465cd282927e30a0a894a75ad261feddde5a31869c8cea6b548362afce08fbb7cff7a784bd1d62c3e4c95916ce30e758d3919dd4cdc13176f29d68c2620c185c

    Download Submit
  • /data/data/com.yxxinglin.xzid129039/databases/ua.db-journal
    Filesize

    8KB

    MD5

    a04d1efe3bd48052469920b3d002bbb2

    SHA1

    80e552715f5be55df089ee7a4e37668ff488c9e8

    SHA256

    c412f664e221ffee6a86abf6ed02a191b567033bb851ab537e26414d9fe76bf4

    SHA512

    e407374c905573fc8b5ffb1a84c7cef77e3c8ee50bf188360dbab009803b0b38851d29fc8cf999dd77ffb7020d6b3facff55761376d15705a8af6b8e9c3edc12

    Download Submit
  • /data/data/com.yxxinglin.xzid129039/databases/ua.db-journal
    Filesize

    16KB

    MD5

    886eae9704d2450c93d265f034940014

    SHA1

    32d9470e9493b4838cff4d3b53c81f5cc2dd3996

    SHA256

    59a6437b43313f8fd45b0aa92b23f71186322a6e7b0f7c49d306865ef54470c0

    SHA512

    06fe45bf6698efdb3b0203422d8f369b851d9eede7eb9a0e9ddabeaa54e7e340f092cb1b9cd5fa5b54a8371e73698f42ad9cebe17fe5c3286db3ffe8b03b80c9

    Download Submit
  • /data/data/com.yxxinglin.xzid129039/databases/ua.db-journal
    Filesize

    512B

    MD5

    8500349544c8c4b8599cc63d9438595c

    SHA1

    c2c0b2515152042790958370263761b2deda4975

    SHA256

    99fc1637a5a88ad6489fc3f6c15298b9254524a37fb03f8231ea39d1888b253c

    SHA512

    a2716d2b36bf5b00b9c321dfc962ae9c4fe048d65d1b501598c81c6832486f368eb81d932b9b02c58ecbfa25a65cd3535bba7ad4126983b4c31d47636f72e2e2

    Download Submit
  • /data/data/com.yxxinglin.xzid129039/databases/ua.db-journal
    Filesize

    8KB

    MD5

    1b0b34b8fb7c0b5db55629c1f93b774d

    SHA1

    35582c00b63d84bb977ee613e97ffdbe5cd608ee

    SHA256

    a7b5733c9f3d282d8ac258c8326418f124d1a5e01bf7e6fbfb5a7ef5aedbee28

    SHA512

    cffea1222ef3929fe86ceb3f7d8c78307e61feaa77e27ac1a5b73e87d7ec81f65dd8f20699f6d0015df3697d939cf7049e1a87b65b5951a2df8e7f97ee6b22fb

    Download Submit
  • /data/user/0/com.yxxinglin.xzid129039/files/.envelope/a==7.5.0&&1.0.0_1718178302456_envelope.log
    Filesize

    1KB

    MD5

    8d96756b2279e688e36c302325a63135

    SHA1

    cab20200de34104b2e79d9e9f549a7b74e75bcff

    SHA256

    6783aef0b7d674884204fc5dfc608aba38bce43fb22b8065e3e08c25ccfc6696

    SHA512

    7ffbbd248a9286d8a2ed5d99b68f62792d62a368c707e34ed3c806b1e1b9e8effddd8d0088e257153db9f4b999170f9c47cd1863c319b3980ea081bf7746229b

    Download Submit
  • /data/user/0/com.yxxinglin.xzid129039/files/.envelope/i==1.2.0&&1.0.0_1718178297428_envelope.log
    Filesize

    2KB

    MD5

    e7b18f256f8d2c37aec11f8381a038d0

    SHA1

    1ce1ffca4a8db19fd8773a6a8023e1e97edbc8f6

    SHA256

    ca484bb9f090157d4dd5d8bc711b49fdb2afb6b66bd77f21552f3531c2832e75

    SHA512

    2d6d5a188a57f10f923fe43ec21d4d52334dbebb33d4666ee8ac83b6396dc20f392d3a4dee3d00dcb28e398105f1f4552059ac05d2d7b7ddfbc6e909c39eae46

    Download Submit
  • /data/user/0/com.yxxinglin.xzid129039/files/.umeng/exchangeIdentity.json
    Filesize

    162B

    MD5

    872f72c196dfe1d6a5811166a1ded1f9

    SHA1

    0c6f6d153052e4482ae3d93be4e293056b4acf27

    SHA256

    da55f232337496316ca6d25b7c7c7c82b3e0e3b4c2010427f24a216dd8de2558

    SHA512

    948820c24331a7ba709ea531c7c2ce724abac4d3350b2539f676af58666bde9a48e236685033b3b706c3075de1fd0f12c4055d34b58f5e5ff5d0303a6b345013

    Download Submit
  • /data/user/0/com.yxxinglin.xzid129039/files/exid.dat
    Filesize

    62B

    MD5

    83dd220016a3c388fe9da5dc4d927f8e

    SHA1

    cd1f4745d6c3c137677a7f1afffa54d041fe81cb

    SHA256

    d2eb491f387dc2b179dcf59fa4213be29c8d31a9d71cb2951a4ff1ed7caa0e16

    SHA512

    97487aaaf614ccdf559fd393e3f1c01ae419c1ca5617cd57428f366e806bc4577300ad716c8b2cd8a475e535ebfa61868b037bc067161a17006c7b0b5e2c56d9

    Download Submit
  • /data/user/0/com.yxxinglin.xzid129039/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MTc4Mjk3MzU0
    Filesize

    1KB

    MD5

    befcb1a78cc1ef2580b2c04383cf385d

    SHA1

    fcdd225345f8b43207524a52d94969baa25136d4

    SHA256

    ddc4a71da2894788f9fa73e6bb1abca8fb4aa6cd113b73441741ec5b82ed8cfb

    SHA512

    7581acf7e33b5f889d3d73a6e3c2d915bcefdd87de7f5388646e3df704b3a0aec95fe148662dd35e9333c1f5a9ce827a92d9e12f397a67893364e6f768854e04

    Download Submit
  • /data/user/0/com.yxxinglin.xzid129039/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MTc4MzI3NDky
    Filesize

    1KB

    MD5

    cb664dd57f577c499eedd07002b3ed9f

    SHA1

    3ecf60a36ab7c12299ea41c9d4440e5d3daf971f

    SHA256

    fac2354ce3117cdd5933671501eecdd7b9cc2546205266b496f7e04e291d4179

    SHA512

    e8753a19694f48a33bc4768ad12f6b49bba5390bd3c8000f3b085e390e213925b2f62e41d17ae5915138c3f25b001267c3bfd4ee67921d0b7893775165bbec4d

    Download Submit
  • /data/user/0/com.yxxinglin.xzid129039/files/umeng_it.cache
    Filesize

    348B

    MD5

    f89d2bde2beaf64fbd7a98c309ff49d9

    SHA1

    cb87a886da1842b1cb9c64119e396667601aad3f

    SHA256

    c5bf6b4dcf622648ce196e5d34f0084ae910a7415e83fb162bb84b6a89c7ce70

    SHA512

    b2c7e6ca7fa9130569ad66cb743689cda85de4c30da3abdf1d4115cec4336c04b45a334eae510c972d7dda5b1bcf5d904772ec7cba7ef10792f0e495bc92da45

    Download Submit