Analysis

  • max time kernel
    177s
  • max time network
    188s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    12-06-2024 11:02

General

  • Target

    a06d8dc6d77fb57b9106b182cececb48_JaffaCakes118.apk

  • Size

    11.3MB

  • MD5

    a06d8dc6d77fb57b9106b182cececb48

  • SHA1

    c67ee40b33bc75c75e7c7150d00638ac96d77d61

  • SHA256

    bda231d0832a836a7413c0f4881b568904a8cff04444a97a3c946c01774f3d1f

  • SHA512

    1d60a569485cdfcff0a9201ea430c468c3fcfe0b2b75cbdc02efd56a714c4e0ff571e76ca38bf90038893b2b7636a54f6746217812abbea3b2301f83f7d8acca

  • SSDEEP

    196608:UIjvizjafLIuO5rwFfUIMTM8YyTr+cV+baQbQmrmtjQHpQvdesm46I:HvizsFfUrM8YYr+heKiWpsm4D

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 3 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Queries information about active data network 1 TTPs 3 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 3 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
  • Checks CPU information 2 TTPs 2 IoCs

Processes

  • cn.com.sina.auto.trial
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    PID:4419
  • cn.com.sina.auto.trial:remote
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    PID:4469
  • cn.com.sina.auto.trial:TcmsService
    1⤵
    • Queries information about running processes on the device
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    PID:4552

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/cn.com.sina.auto.trial/databases/MsgLogStore.db

    Filesize

    48KB

    MD5

    f307a5c48c572e7d677e86a722c5662f

    SHA1

    4f3fb17327e6ab7be04c06289a6f553c9d7724cd

    SHA256

    b68454cda4a9e2a9f701ae77783a980f49cfbde1bed991660bba72eb04e214c0

    SHA512

    6b1351ae069089b578e0a0c799def3225b55d5c6e4ffd8690e2bf4f43cb048a2c07e958f9aee7901a955f840dc591f42d2104f7f54a32c0557c0ff2ce5974bf9

  • /data/user/0/cn.com.sina.auto.trial/databases/MsgLogStore.db-journal

    Filesize

    512B

    MD5

    b204f72f7763f6f1cdb001c910af1c74

    SHA1

    8b8020d7c3ce550bee66b776ffa8a7dfc3c4abd9

    SHA256

    e12892ca1e9238dc0ca0ba3871410e70ee8aabd000f123b073bd1452b787558d

    SHA512

    7a58ccbe5c8bbdce91d1df86507d951e8cfe3bc90e9e500c83fc5b556ffc2741921bbe613922d8fe027e7b2c14479235538e5e819a2d37ef4eb4156d5bbc46d2

  • /data/user/0/cn.com.sina.auto.trial/databases/MsgLogStore.db-journal

    Filesize

    8KB

    MD5

    f7ad77ab0cc058f239ef728811408edb

    SHA1

    f4b346bec6f35547f5f552e75a882da9caceec87

    SHA256

    f03dd628b115d058f7d4e9251133a6f7ad21eae51676869720182e959f06f2ca

    SHA512

    d91ac897b34a8f5130fa82681ac23f1c08e99bd48d7791a9f6f0dd2f506172d010015556954efea98d224825734f0ae5440eeab095ab4fb4e7aa8a7eb774c153

  • /data/user/0/cn.com.sina.auto.trial/databases/MsgLogStore.db-journal

    Filesize

    8KB

    MD5

    7137bbd6625e190815466acbb7a8c11c

    SHA1

    0bb5ad753fb90da992f6ba0898aecf34ab4f634d

    SHA256

    fc53e7d0cc8a14e3b816aa24e03bc4291c7463caf5f2f85a8f512dac625f48b1

    SHA512

    3df50e818f319a7365ea840811c3f38444474be288dcc96d1985b195ec932579f5b34977add364e4118c0e5400b28e15073eaede14ce8d241265d6fe396d68a0

  • /data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db

    Filesize

    32KB

    MD5

    22142be0310e6b7b7018be3a18957825

    SHA1

    8423461387adba133c081809e30161b0f79c24b0

    SHA256

    b25ab8134803d881fdf78b27cf3b66a11b72b4890b37b70205e868339e3ad928

    SHA512

    df2c672cb4a2b0fc3ad6d5a5209ee64dde1efc315e92c15b6c81694ff431d69bf74843336c2114709738f2a9034ae135a0d94fe9288dfa4311a46556272f1320

  • /data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

    Filesize

    512B

    MD5

    fbb73db9c66da2a645c212e723cb17f8

    SHA1

    8102eaca72f98261fae2febd02f38a3ec2c9c28f

    SHA256

    17d781c74b0fe6466bc9a0374f0617ddfb431d2605a739b0dfba93256e9de947

    SHA512

    d40733f06cf673a7f0a7cf40e87570bf185016bcf0c15d0da779352f4f38ad7cb0903be2d8cc68db9a18b1a4a3dddc9adb88c5b02ac4939e3c84c4f2ded17a2f

  • /data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

    Filesize

    8KB

    MD5

    475196d7b88c544662e7821e9b9052d2

    SHA1

    072550beff3189c7c6ad845204412ec3cc158aaa

    SHA256

    97d375b45ae657865cb78f19d00b7d5558068606b92eb3d2189d23643bdbe353

    SHA512

    070226967d39ecce072bab3058e669da12166f8b8346c914b0e942adba90b753903a54ba335e34136bdc3bcb26b0a8e0e5881425a723f6aa45b934facdcaf8e6

  • /data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

    Filesize

    8KB

    MD5

    8c77a7398d9bfa29b765f98c890be8ca

    SHA1

    3331497fb0a8566ae6f141c6856f55f48cc93370

    SHA256

    34202a108ce31b39d806247ae8a8053e943cbd7dd7bc25b24c77417e97e1d70e

    SHA512

    98454ad20f0ad47926a6acf6e1edc84a4e9fcd3ee3a3c527d851ab71df0f3e553002bf9e76971458b1d77d0f005c502fa0984b770a345bcbd7445dfba5f5382b

  • /data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

    Filesize

    8KB

    MD5

    015a4e84e01b56f68f3bb7c90de0651a

    SHA1

    d2919577b618df02dbcd6b0b94dd639d3e22d289

    SHA256

    2d7fa53e608ed3cef9a8dbf2a8a609eafc60fed7742bab85fde5d9ebd60a6e79

    SHA512

    a8a5d162e914ab675637e06471d2d8833324fa6d2c95d4815f610c0da257008407eb1dfedb705de0baafe3fbc79d78c6e305c26e02125f526e91328fa095db5f

  • /data/user/0/cn.com.sina.auto.trial/databases/SinaAutoLog.db-journal

    Filesize

    8KB

    MD5

    ed8d76750beb28174fcc10f61020809f

    SHA1

    0775c47f26825b76c3ba50b1fe18e7cb7bfb685d

    SHA256

    3fbb41f4f0109ab6204a5b1b20d497848818958f944503464bc316f4db456246

    SHA512

    5ba4e5841f920dc8fb8916deef4d262767f963b623813d1a349bceb3f4c9f47f536fa713f2d949f93a28e4b507a5aeece75c3c5b2eabf71a26ef050f7faa87b8

  • /data/user/0/cn.com.sina.auto.trial/databases/sensitive

    Filesize

    12KB

    MD5

    2e8d2b7e3b1a8758ee427d301314b7ef

    SHA1

    32bcf7c03fd4934e1224feaf2114df2ae56d0551

    SHA256

    67b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d

    SHA512

    2a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f

  • /data/user/0/cn.com.sina.auto.trial/databases/sensitive-journal

    Filesize

    512B

    MD5

    e02a82264c6a6b346d950c042142d6e9

    SHA1

    3b5e49d1760006ff168dc03ff2097a2acfa3726b

    SHA256

    15567d05498012ffc8b6156745882fa17d3a5905420e643655dd27429abfd5d8

    SHA512

    a450fff643878b98dcff3379f6005f0a191aa98d3c34187b360a8a23b53a37a2b1c2d81a50dbdb14e7821d8f0bb93367f7e7660e331b090979241465490decbe

  • /data/user/0/cn.com.sina.auto.trial/databases/sensitive-journal

    Filesize

    8KB

    MD5

    b2f31ad886f5ff66ccdffdf05fc33dfa

    SHA1

    a69bca4c4c52b72a9d75be44c7de7cf3bfb563fc

    SHA256

    5d5e79cc79037bbe25aff86b8a649635d74df414797423fcafe4324be02edb03

    SHA512

    19436d9a37e299ffcd166c9b0caf0fc902320da17a830ed2af3602f1be05aec0a3bb1b176575049d3ba7f8eae5df7321c7be426e867ed784c0962c05e48df6ab

  • /data/user/0/cn.com.sina.auto.trial/databases/sensitive-journal

    Filesize

    4KB

    MD5

    578e33ee396cd17adde1e4e105720e91

    SHA1

    c9c872d8240a3166ecbbe4ce0a292cc029c7bddd

    SHA256

    c716eaf6b0946b1e06dda77dc770bf9bc44d4f054c7440bff6497d00c90f0579

    SHA512

    5077290404aea872b729a455c3c07bdfea74684bfa6d5fe43fd5db102749c07fee582b1b9fc0d20a18e9cf6274835b23ec722d312f1fb4f68ed249d382219a9e

  • /data/user/0/cn.com.sina.auto.trial/databases/sinapush.db

    Filesize

    20KB

    MD5

    abceada5d017f5d343a761bf74c5b2a7

    SHA1

    9da4d8c8093ed87f746485506e8157721026c3b5

    SHA256

    4a28175b17040eab825ab72282e89d48be434130e53c62437e4c0d9ed9c2c159

    SHA512

    2751e5aef8ae153b5c32010727e6fd59aae4d636d4c7682c5be8b0e505bc24d42da39683679d719028a28376939a981384e87e9417c160b26b6d538c4ca0889b

  • /data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

    Filesize

    8KB

    MD5

    93fdd0ed5f4ba44c83052d8f759de2bf

    SHA1

    dbc2563a9321927714c226caa1beceffbc0fead2

    SHA256

    78ca5363e152656fdea3418c9a39a77a4c760d36bd648897994ac885536d7fb5

    SHA512

    404dbeeb84f9a93ec2ed33c61a38cd85a3727f0a2ac8451cc3d5813b033ef8c959235253e147d2c8618bd000f3b2ccbfc6a9f730c9d113f1431c641daa3bce39

  • /data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

    Filesize

    512B

    MD5

    0eed5ef7887a553ff8054b48d0f4d81e

    SHA1

    8de387c4d9cc065fd3d35ce5f2a4e4adc92d9514

    SHA256

    46669f4103c0b06363afd3facfb0a603e7f9d5c5aba2e41ea20f3456da025e33

    SHA512

    0d51f0cf63a4a3413ac4d82cb1f47678146d61579a261185e92599b4665adfba98aee65b59c9925970eac0319d7776754d2f007532dbddf8f61b662f67ff90a4

  • /data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

    Filesize

    8KB

    MD5

    707a387e2b45c254067bd35cbb3afbea

    SHA1

    c30db63a027e961f3c1adc0888efe7bca927b006

    SHA256

    c498c09f9bf04d2bf5c6e5cd51874eed83c9c2e60b243dfb765fca00ec1d6d66

    SHA512

    357b350b1c2dbd0354b94c7de27caa40d0ab8be1984f941052ac1b698ac68215520a7d3b039275d07416e2bd259a7342b54674376609f723847acdb9e7e6e568

  • /data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

    Filesize

    8KB

    MD5

    72409cebe9a335e476e0bea4274ba645

    SHA1

    c8a9972f53953f4adaebb5858e3e481e4946183b

    SHA256

    8927c0262747cecbac43ce92f2c6c70b4247e6b5d9866e296d5be9a899019e07

    SHA512

    659f40979f9e6506d791a99e16c391e50387c5c7bce4bcca53e6abc656fb2424a1897ad86bf7197b19105083cb4b9fc273119dba696c967b9a6be65fb7e94a22

  • /data/user/0/cn.com.sina.auto.trial/databases/sinapush.db-journal

    Filesize

    8KB

    MD5

    5052b4fdce61182ce6e42592ecedf848

    SHA1

    bbda88e45780649a1b3e4e8ab6634480140cf905

    SHA256

    660f4fa4b76345bb9a7a96b0d1a21e43797fd96d65eebbfe7b021ffe565458ac

    SHA512

    e36dc55ffd65990017c584358315db568c1099495173f376f6e1bbb4ded7973c7660a3062bf7c2c5eaac2b919fa8c359a77008f5b7a8668d1eeb18fe7ad61512

  • /data/user/0/cn.com.sina.auto.trial/databases/xUtils.db

    Filesize

    12KB

    MD5

    4a9695c2748887495fbb55ebf1496887

    SHA1

    332265d9de3e1d4efd965f667b606369a7ac85a1

    SHA256

    9aeb727052fa49be1a20b76186a374e5a76de6c7c4816ed1b200ea5c5a60eccc

    SHA512

    996c0c611eb11b2101138213a5838ee99ef115cef26292db03414b3de720a059003b355307a24fddfc8dfa501615cfa738899c37b4338b4bfbc78a3559bcf6ab

  • /data/user/0/cn.com.sina.auto.trial/databases/xUtils.db-journal

    Filesize

    512B

    MD5

    f0f1a639aef6bddc0d446e8cb963ea93

    SHA1

    66e6134735e7fa3602a2af0357d13a840046a3e6

    SHA256

    9decff993831b88e8c7b423372784f3027318639d5f04dd417e1da2327a8c6e3

    SHA512

    fc2794bd8124a625351683ed52706eeaed9619fc5cca8d795a17b653314297a1147e8f52d71498d4e64e53bbc6b60a4ee7552d2abdc46e15bee27e4e33b104e4

  • /data/user/0/cn.com.sina.auto.trial/databases/xUtils.db-journal

    Filesize

    8KB

    MD5

    3c7129d1961787b64666f57576d9d9f3

    SHA1

    34d6aa15a4ab99e55bdb483527390885338bbb2c

    SHA256

    8512c4fc33dbdf737a54cd776b1cb147e42ec857c9577cb344ed129f5bc162fe

    SHA512

    477c9637c657c3afa5697a1747dcec5441a0ed6d33e9e741b1b6b67ef1686284c3b3a8d90c5a6f4513c24ba295851f665db6d0130e637e87a8992402d0fea158

  • /data/user/0/cn.com.sina.auto.trial/databases/xUtils.db-journal

    Filesize

    4KB

    MD5

    394b4f53ee9a7d21900bd1adf3d868b2

    SHA1

    e87981e317a4081d9db90e9ca964ea629f638e68

    SHA256

    bc2510002115cbf4913eea5b98b77d0b381d949cb731672e0846fd48461459ef

    SHA512

    4d5e19d26862cc9cb49b8693f87670645c426e399b08546e3077824a6b3779a20791c736c5368edeb111feaefdae97c06793fb226d893cc51e9579eacdca20e9

  • /data/user/0/cn.com.sina.auto.trial/files/degradeinfo/sdkobj

    Filesize

    305B

    MD5

    bb779841a1251e2f6c99e6cc51638508

    SHA1

    29c153501acbd1676ed7fe9f9302bc3824db317a

    SHA256

    3eaf892397c289d98ffd657e1fc1e5d97dd7fd62268b4095a6b844f7163b5edc

    SHA512

    b963d8e7897f08694dea945d5fb260128ab319ce46415727a1f2cb63629f2a3857bfaed85259c203baed3bda8b15b12fa0bc0e6ae1b6982af2a094f7ffa38c82

  • /data/user/0/cn.com.sina.auto.trial/files/degradeinfo/wxobj

    Filesize

    301B

    MD5

    a28caa085620d2f9324de6aee07b986d

    SHA1

    d902f33092c953674b794010af6b450c4a48160d

    SHA256

    85de6c1617e1483d35a7dbffecae75cc70ff1aa5d42063612266d7f6985ac89e

    SHA512

    b55182cb4286dcb08edc36138de5392b75bdd290daaf69c4d9da337d67b645fdf77114b97adcddd050007635ad78d6684dfc8b9329120ae9e33e763c3f8d69ea

  • /storage/emulated/0/.DataStorage/ContextData.xml

    Filesize

    111B

    MD5

    8210ab33e2507f17b48e0eba4f55f02f

    SHA1

    958901cda86254d5a44660115aeade7f9a3eeb69

    SHA256

    215a5892672b5397250c6ec4d27257340c8a4c0a065e9164eb66a6de1675683e

    SHA512

    83fa04570cc93f6e13e2a2cd9089c20d2a8883d955067336b13d8407d79fb4c5a76541f98fbcb12f9618089e3b291aed73f0f6dbb894f17399dbd185ace9eaca

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    111B

    MD5

    28a0ae1b5b5fb4adcfe93dfbb7f46c48

    SHA1

    b4a02f03ef612b48a61782bbb6a4e30ae18b0253

    SHA256

    e737d33d16be84dc6d39ebddccb896a9def199197e6d16ed8241e48b34498592

    SHA512

    40ad3e2e77d7309e3f1dcbd0e6488597b27f42fb5d27335018db3433c9e692839b13340c26ea51891772e59e41dd1f41b95619947aa7e1391ba858c6024598b8

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    40B

    MD5

    110c740f5206c1db02d856c05616a1ba

    SHA1

    92f3ed5349f83a0a79be83025899c6d4c35105ef

    SHA256

    7deedd161e44573366a3cee361eaccd255d7da360d329de636c3cde1677e79fb

    SHA512

    3a5e6e91d00d8cebd7e99583ea30a2a8ba6d4fdbbfdeb32e9a0c2d50daa67fa6de4405087823756254e1d224d63efb84497fcddcf80fd716aaea9a822dd682b8

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    119B

    MD5

    88959f6a5a0a8c6a0a3fb54e96dcee62

    SHA1

    7fcd055e22d0b5539eb946873dfd9090f47721e9

    SHA256

    e8e2981d3bfeaa398ed839989dae8442fa4ab0a682ba55860e77e255ce0814ba

    SHA512

    b82a7560525238989207ac08d531d5c4ccf77b62c6d6e95926879c6c025dbf1f7c7db2e57b624f3f0d70e85005751f4b626adf2695cf5ca95f01beae0c8e1546

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    234B

    MD5

    77b35ba93f95c4c59ca9b5a31b32c4b7

    SHA1

    f1ca6ab0d1fdf4c07c57b09cd2568e2e0ced632d

    SHA256

    0a5607a289f0f589c45abdb03edb531772bd2557fa345333d7c05d86a72b4919

    SHA512

    2a91eef0f3a51203645d4f9016c0986c2ca7a0bb7162b099f4033b3dcdbfa38499b9f33906c2df32b0fdbf2707f0f33a9e991916606f09064ec2dc92ffa98368

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    50B

    MD5

    f22d926166009a726602077d0bf34e2a

    SHA1

    96d6f784c5a52feb4c960208d85214d49f824c40

    SHA256

    65dbe559831e0fe257e03e4fa03d98acdfb89d69a2f38d09fb711ca574f319db

    SHA512

    02d711a3f75111d0c927df65d67752ee3cff335f3bb98656315d0c3cea9a2f6a75392b020925c0d567813f5b3af23642056f651eea0cd8d0f41db6966960e861

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    50B

    MD5

    71dadf758da89b38fbd4c5bd8e6b4065

    SHA1

    9fad87081c522f345cae33d3f2f44f9eedaab2d5

    SHA256

    33ba9b440e15a9eb70a8c8d9303bfa9cf9e488a18a97bbd36c628b5e4aab13a0

    SHA512

    2a0680db8478f5a8133eb3c4e181293e0658d45d1497517c99c6307b78a406ece4587f555dcbc88787a93c0c411d9fc1e863c853d234f86c4dfc47396bfc2810

  • /storage/emulated/0/ASinaPush/log/2024-06-12-app-6030.log

    Filesize

    167B

    MD5

    20718a2cd71875aba9da434e32a91099

    SHA1

    1f27877e4d21f9c46b8d581927acd49feb769e18

    SHA256

    59796e3a411d8599895339d14ad69c88780274895b223823909be540fbbc3cfc

    SHA512

    285a29796017250d2b45b53a6e576c70f7b12b4643405287e21f590b0ec45c3e09f66ce69a37c6b40d69702ff3cbabca29aaa9778db9bd3dbfb440a5e67f0291

  • /storage/emulated/0/Pictures/.tcms.jpg

    Filesize

    211B

    MD5

    1c0894f611bf8bc10274f1332554b266

    SHA1

    d4fdf3c3db2eb3d7a026d7da868150ff2fb0922a

    SHA256

    1b88a68e63847c8c375f7c2e33dc0cfb7b8f6e7633d27c61e16a043bdd4e885d

    SHA512

    7d298782689cafa223ee64a45413ffbf92278b161cdd2fcaa5bab703ede074c9c39ea5e88cb5f92c8a950b4dc562e5991e8cdeac702ac7591a011040d0277e1a