Analysis

  • max time kernel
    177s
  • max time network
    186s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    12-06-2024 11:02

General

  • Target

    a06d8dc6d77fb57b9106b182cececb48_JaffaCakes118.apk

  • Size

    11.3MB

  • MD5

    a06d8dc6d77fb57b9106b182cececb48

  • SHA1

    c67ee40b33bc75c75e7c7150d00638ac96d77d61

  • SHA256

    bda231d0832a836a7413c0f4881b568904a8cff04444a97a3c946c01774f3d1f

  • SHA512

    1d60a569485cdfcff0a9201ea430c468c3fcfe0b2b75cbdc02efd56a714c4e0ff571e76ca38bf90038893b2b7636a54f6746217812abbea3b2301f83f7d8acca

  • SSDEEP

    196608:UIjvizjafLIuO5rwFfUIMTM8YyTr+cV+baQbQmrmtjQHpQvdesm46I:HvizsFfUrM8YYr+heKiWpsm4D

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 3 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Queries information about active data network 1 TTPs 3 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 3 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Reads information about phone network operator. 1 TTPs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 3 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
  • Checks CPU information 2 TTPs 2 IoCs

Processes

  • cn.com.sina.auto.trial
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    PID:4258
  • cn.com.sina.auto.trial:remote
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    PID:4296
  • cn.com.sina.auto.trial:TcmsService
    1⤵
    • Queries information about running processes on the device
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4382

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/cn.com.sina.auto.trial/databases/MsgLogStore.db-journal

    Filesize

    512B

    MD5

    53dadf1687e5a83702d33d2bdb1781df

    SHA1

    e8b469f398a6d4805b06e4a5e24ecffa90da3e62

    SHA256

    6e0348851273fcadb21d3427c0a06811b1912ce70ad1090ef97030c6d89647d9

    SHA512

    bf87af522229be4c0ff3182231411df841ba671d76aeb6fa7058ca8927cc279f99d8a0d892a91095da0b0e4662732dec42ace1b66dfff3430b32e44136049595

  • /data/data/cn.com.sina.auto.trial/databases/MsgLogStore.db-wal

    Filesize

    60KB

    MD5

    c03671569efb6cb36e2983813a0abed1

    SHA1

    c47041fd89a06864495e20c7384f867fbb335952

    SHA256

    2e383dd3da9b9258637d7f4c42900482df303a6de2878295458b9c1960f96778

    SHA512

    b31636d5ec1e3d5e68a5e6683d8cdd9255bfa01af517b6d1e476e9b83b9b354c4326886da3a12678131e30cd6ac373d58c549fec4063fc02ddf4b9c18a0d08ad

  • /data/data/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

    Filesize

    512B

    MD5

    956ee78b3c3869f1996368d6ff026a44

    SHA1

    260fc5526b591b1d71f65e2bbffc7f2345222497

    SHA256

    717457e1dcce149f98d07fce7741d6e82f1ef4151ceaa1b4d3029548df277fca

    SHA512

    583364cfcf4a603c3ac63bb3efc452842ad6e5609e4bb85662c991117e8d89fcc14097fbf2f22da66aa1f6b99daf900edf054bd8202c1c524357ab8c63d918f3

  • /data/data/cn.com.sina.auto.trial/databases/SinaAutoLog.db-wal

    Filesize

    52KB

    MD5

    31ef6f3c21aa28198f8498de735011d3

    SHA1

    3e05b8f6c81878f0bcdcddca1353969aa6e9f175

    SHA256

    50ed6fd25f9f01ecc732e319a51af00552d1b04755b3a55ac9d5ed797f64912a

    SHA512

    0d818884843b44acbcfa5db8fa1c8152a44be012123e9b7dae3b9c41581c1e59c4aec9938590381bb9269ef98c4c6319cdbc728c5068a8cb60ecaa9c446be6b3

  • /data/data/cn.com.sina.auto.trial/databases/sensitive

    Filesize

    4KB

    MD5

    d2046c4f5aa6eee7471370e20f7e8a01

    SHA1

    f64b60606f4401178440cd7c8bbc6979c73a79a8

    SHA256

    98b4584b1afa0a0351ab2bce2365d8648c3db2e31d43bf863214da0f4798fda9

    SHA512

    161740aa51d9c7747bbceb656c0f2abb97a6ba769be9693fcc24505c8a8952ad8f286019e2390a30cdc32fe44653862c049b90335e9137405cb0f9b54b6b44c9

  • /data/data/cn.com.sina.auto.trial/databases/sensitive-journal

    Filesize

    512B

    MD5

    921360c1107bb82b6648e63fe20937dd

    SHA1

    7f63f9f1ff08cce675245d532d054c9b3008452d

    SHA256

    c822a037f1f7fa120294143840dd910d5c4af9359979f8b347b7de867a9ae9a0

    SHA512

    48249d8c7f283d436fac41891975c16a5de1812459ef368c63b8576c036bbbe92d110dd7b81e41c94cb637bcec213c522ddf7e9f4caa5756a689ba68e966d052

  • /data/data/cn.com.sina.auto.trial/databases/sensitive-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/cn.com.sina.auto.trial/databases/sensitive-wal

    Filesize

    20KB

    MD5

    cc190ac03628b108c38ed7fbe4e9bbb6

    SHA1

    f9e934f4d49a57284d4762edd1ea2f8782b705c9

    SHA256

    51a4b736bd95e49ac12e0d8c57270970519b3669063fdf0f67cfe32a784a814f

    SHA512

    e8e4c0f0a59c86f0eeeb1605468b755d1ad3ff56661eb923baef272bc43857daeb31ef55af6a57ea6e58dd56c78c14d6da0985c3be8155835f787ed496b6a224

  • /data/data/cn.com.sina.auto.trial/databases/sinapush.db

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/cn.com.sina.auto.trial/databases/sinapush.db-journal

    Filesize

    512B

    MD5

    2e7faf276ad1ad97fb9768c7b865af89

    SHA1

    26a94eb9ebff8db058aab20247a6726f32d49b24

    SHA256

    923e00a1f9a2563945e1f51d8804f2b7ada1ab687da5d4e38cba2ca01b69d7be

    SHA512

    63af1deb225c91b87f3b9d4c5d62787dfb34981af6929cc12451cf16640e491e3684f3b7d9ec6ff577ad3f73fe6fc4703d050ced083172bfb709064dfc882125

  • /data/data/cn.com.sina.auto.trial/databases/sinapush.db-shm

    Filesize

    32KB

    MD5

    d6bb265c56f96645083ad82c613e00a7

    SHA1

    5e85979c8ea0c2307b46c735f06a28888f96189f

    SHA256

    effbd2d9a53b07cff0c4f88c72f8473763c6dd219b2309c121be8b059038cfe3

    SHA512

    6bcf3b34c709a80a574b6199bfdd58f5f40d627c205adc60558c8e3321eb517b5aa51a0b89009657a1f8f92fe11449232e41dfe4b99dc557e955aeff1b4108ea

  • /data/data/cn.com.sina.auto.trial/databases/sinapush.db-wal

    Filesize

    40KB

    MD5

    8fa9264b0ebd8cfe5f774fd53d7e82e5

    SHA1

    7c35057995157ad30ea4ec2df5890ce2974cf1fa

    SHA256

    ea07928f19d504edfb3dc1357a4dae67a9710e563282736e9ab1c8a21881709c

    SHA512

    2cb1118b49b84d997483cb04de8d80c43fdb71da3f5dd08452b15d149d928650c7814adddbf20dca19d31c4e3427361b0ccad182c5ca169b100cb1b4243ab5a5

  • /data/data/cn.com.sina.auto.trial/databases/xUtils.db-journal

    Filesize

    512B

    MD5

    8c1210b8b325e933693e7a11c025bf81

    SHA1

    8e84279c2f7c149708b8b18c96210d4fe9f661c1

    SHA256

    c82075fb2b9143334f9857f4a8cadb8198b9f19d27dfef24053a2f44c9f0bc1b

    SHA512

    51cd2ab4ea6ffd0f72652d3c5514906f4f76e8655b22a6e74f5b3be6a256a0e5045de3aa72a317d15011556b51c47231120ed81f647fc654d283d0aa6618cfd0

  • /data/data/cn.com.sina.auto.trial/databases/xUtils.db-shm

    Filesize

    32KB

    MD5

    2fd0fcb5fd1302bed38ab9529a63bf61

    SHA1

    018042c4fae3c8ca4ad0991ef1ab674238fc1f2c

    SHA256

    c7820c55c7f873f6bef076446053cd3f7e337ff719faf4cc636c9ed3e1f2067c

    SHA512

    6447462bd7901df3efb83f863fe901656a00996dee029c2fffc934e2842c59e3fc0d26f23b12790ffbd1ccf95e85aebc31ace2badd34201e2faa4d03a94464a9

  • /data/data/cn.com.sina.auto.trial/databases/xUtils.db-wal

    Filesize

    20KB

    MD5

    0339ff7aadc415d18c1f81a8c08825ac

    SHA1

    feb33204723644caa22b9dcca5229fb7a6fa2841

    SHA256

    d97664be0e8283c72091a9ad5e314eac163b46b0b5c1eee5a6ff4158d54bfacf

    SHA512

    d26286a577ee1fd23d485131386b3aee93202c55ed125ecfa78bd578c5c4259578343e123fb36fd1f17f5c4377ac844bef2a237bd5efa6d639b8be95c6504435

  • /data/data/cn.com.sina.auto.trial/files/degradeinfo/sdkobj

    Filesize

    305B

    MD5

    bb779841a1251e2f6c99e6cc51638508

    SHA1

    29c153501acbd1676ed7fe9f9302bc3824db317a

    SHA256

    3eaf892397c289d98ffd657e1fc1e5d97dd7fd62268b4095a6b844f7163b5edc

    SHA512

    b963d8e7897f08694dea945d5fb260128ab319ce46415727a1f2cb63629f2a3857bfaed85259c203baed3bda8b15b12fa0bc0e6ae1b6982af2a094f7ffa38c82

  • /data/data/cn.com.sina.auto.trial/files/degradeinfo/wxobj

    Filesize

    301B

    MD5

    a28caa085620d2f9324de6aee07b986d

    SHA1

    d902f33092c953674b794010af6b450c4a48160d

    SHA256

    85de6c1617e1483d35a7dbffecae75cc70ff1aa5d42063612266d7f6985ac89e

    SHA512

    b55182cb4286dcb08edc36138de5392b75bdd290daaf69c4d9da337d67b645fdf77114b97adcddd050007635ad78d6684dfc8b9329120ae9e33e763c3f8d69ea

  • /storage/emulated/0/.DataStorage/ContextData.xml

    Filesize

    111B

    MD5

    433db4cc40f302bd3c142c0a935ffd96

    SHA1

    5b5c3e391c6b73902d82ccb10eec7f1178fb6fb0

    SHA256

    a8e97e4f1c3c969ea5529aa11af30b9365bac1b21b8372e25c8ba80ff86bccd3

    SHA512

    e4d04005c10f9077de4883e10368497f9fa54e0fe458711df625cc8afa8b6b4b9845a81433a6885e6f441efd8b28a0e0d5f844f2a65fab73b0f49a7dde05c9fa

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    845B

    MD5

    c4a0f67546cfe83f20ac5dcadea5a52e

    SHA1

    3456eeaf850c63719ba40f2c1370ca3bea12fe3b

    SHA256

    32a9870ad25728470f990b05ccb74a58cad731bf4ffab008554a49f5e527bed4

    SHA512

    624fb48eef4714da0c0fc321f84951a37b56eae7be0340faaf4d9c027abcf47cbb99d734827e8fef9d4f5ada3d4c2260982d2927cebcac3ba122c4273d3e82f3

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    167B

    MD5

    2cd82ee7eca78d503fb0325c28744c93

    SHA1

    60499d95975c8ffc2a70c3914f0cb74ca89f691d

    SHA256

    aa4172933f3fd36d7a2f5b22324097a8f765674346431d09c02c58893ae3bef5

    SHA512

    a772ead5514f395a8c5a8c47a44118acc9351b5d97aa7aa97ae5c5612cc88884cec0be3f20064d1d13d2640cd8ed9789d6023876ae51df2d252cc2acb7df84d8

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    40B

    MD5

    f04b659268befdfb3bf35f99f1182871

    SHA1

    a281f05e1e4fee01394066228bbe31c6f8b75d41

    SHA256

    13c12210c81ee0746e0246dff30fdbf2bcaa532cfe9da680ce0e5f7b180c97b6

    SHA512

    334444dc48fb62b54d3e161d7260a551b9a11fec49694e31809f80d8a0576f66d28ccf462fb7ce00cae0af554a1f86f10b24e123fd2b78c390321a39cf707d7a

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    59B

    MD5

    f37a5d4de4d3f8bb34e558874d383898

    SHA1

    76684099d2926d31e8bca888a5c82170d65fbbe5

    SHA256

    dee77d19a6dd9b7dc589489c6f3c0a8d6bc9e8ae0a1925cb49c4017968cfa0a2

    SHA512

    7b1162d238cfd45a4b7263bfab3b2eb5af809594844d841ac2474fd39943da925ece35ca9aaaf4476506d4426141a464f03f6deec407c75ade9cca0f7a621135

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    83B

    MD5

    d1e08c58ad79c0fda20c384824c6314e

    SHA1

    a186adf02817909f9ad3236ffee551b1487a6777

    SHA256

    d3176263c753b91ee41878f1394b82857530a9036903d5bc17cf1d38331f7f3e

    SHA512

    c06c0535cd14eb26d76856511be2ecf942a7268345046943907e286197634d67e46424691b9fb44c0a138233c43f106796b7f7fc9fae7498fe748aad0abe0256

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    50B

    MD5

    21e6e5e9d4c13b01e0030910e39d3fe4

    SHA1

    d3a00329ad3f27a9b3b21dbdd48494d74a1a2267

    SHA256

    291fce0e63c026e96d43e23f29a3f0f2c09b1efa6aee95ee3d923c8b9e597fbc

    SHA512

    189e48fb2a6752c252fd8e883eda1ec43e1b742e00dd373b5b040d4adcdac00119e887ba31b2ef43470b705f0431dbe68ef1ade4dc708a27433719555dec6e28

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    40B

    MD5

    a04b9b1ab8bccfc3c3d342e802749034

    SHA1

    8e7382d9eed3dc68796e8ccdb08100b38b5452d7

    SHA256

    353b21858254d616d4b7ab04ec787573ef1744268d855bb9a1c6b1d23714bac3

    SHA512

    6d83ecde46cd0b487b62af4c5712cee6f1b49c69d322c048fc31f45ca3ec73b7f27b2c02f0ff078528cc3c8655efd26bcdfc4c4332239a5eb73d70ff1afba969

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    52KB

    MD5

    cea175483d1b0499a370f3536c2e516d

    SHA1

    bf05be12839b7ed48c6a707451a5f7ed54fd7389

    SHA256

    71d205ee3872f293411e9e68298c19a8dd7d075fa0ffe06ea3774f6bb88bbf87

    SHA512

    40ce44ad4dc8dc1f44678e37c9d80f598b2964455a69e8abc2869253d7506c69f01d72258633914fdbbe7aa85a5b9302522da301c916593362e928781b89ae6c

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    79B

    MD5

    fdf924d47851a8ceaacbdcd60065d600

    SHA1

    31614c8f576f817dbfd79a8f9d1649b151e9c0a5

    SHA256

    afcdde958059db4f1b7958b91b6fc769c6058a84ee2e2c03edff28297291ea87

    SHA512

    81319cad96cea930cd19fb3f1cb2a55743724bcded75ac5162dbd54d6bbf053dc3bbe1d23d7d4695a554f74fee8fab98994b844fdff231a82fbdbc23cd97f159

  • /storage/emulated/0/Pictures/.tcms.jpg

    Filesize

    211B

    MD5

    f51db7ea526e2d8c7a3b7029e4bc964c

    SHA1

    28993756fcb3897a19c2fa5cc6b06e4670e068f1

    SHA256

    dba8cdf1d0ec18e520d7be20786626269f58ed85f557efaaa0f97e83e73cd315

    SHA512

    63e0260bb19498e2004c9c8b224d8c5f3c06377aab1555a3adfb59c67bcb7a39f45d9da58dade8085e6f615f1aa8bd874cadf1fbde6b5d48662a57bc49abd937