Analysis

  • max time kernel
    70s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    12-06-2024 10:37

General

  • Target

    a05967aaa858836fcc2aedfba19aaa52_JaffaCakes118.apk

  • Size

    12.2MB

  • MD5

    a05967aaa858836fcc2aedfba19aaa52

  • SHA1

    e3273b2795b5a7fff9113cf7591a2aa48831e0b2

  • SHA256

    340e027c3aece5e7b8100c91a81dbc5a19bc92532be38a8c1d17276481edf475

  • SHA512

    55617adbd2f073b788eb86261ee22c005a9d3c174900d8aa9c0c322a6e7b7b3d859ad185097190418c0d0f3d9e62306f473a3bb71269e9c5e57b97be9f00640a

  • SSDEEP

    196608:G0EN/1UQJA9FtFUjmcRnRJtJ39b38c34OSg8loKOqO0CXXbMoWKBp1cRGyMzlB8P:BEN/1NJALUjRRl353j1iSBHbVRpenMwP

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Reads the contacts stored on the device. 1 TTPs 1 IoCs
  • Queries information about active data network 1 TTPs 2 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Reads information about phone network operator. 1 TTPs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.youku.tv
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4279
  • com.youku.tv:multiscreen
    1⤵
    • Queries information about running processes on the device
    • Reads the contacts stored on the device.
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4359

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.youku.tv/cache/cache/5623521d9737a5abfd637989d40c97b8

    Filesize

    199B

    MD5

    f9ad2e896b9b8a69f214758e3cff843e

    SHA1

    80b4d83ed760596eaef4bbb81dfea0d9310d8145

    SHA256

    7c76162895d093bd2e5e52aabb4fc6c76dea4180d7d1a5b7eeb91a2aced70571

    SHA512

    746748635d6684edf64aab3d8d365dbdd1f7ff67951409091961cda712b561a3b488b8dcf1e593ac1aaf060283ce891e715daa0a48c7393f5b575f6aa8d62d20

  • /data/data/com.youku.tv/cache/images/501bae020fee05637222043a0c179b16

    Filesize

    12KB

    MD5

    4b78cbdb133ec1c126d2ea754cc46df2

    SHA1

    cd98b17e3c86839415ed2641947980afa9e83909

    SHA256

    bdaccc7223d7e365f051dc00cf9f37ddfd3cf2e0b4add14d011d0e7629bb6588

    SHA512

    97bb6641bab16238cfe2bf061457d615970017b0fdb8676e7c2347704206413ac9c83e1775952259d315f53301df27248c825ec69d81200ebd3f5db1b779e164

  • /data/data/com.youku.tv/databases/youku_tv_11.db

    Filesize

    56KB

    MD5

    64af20cfd3dc832f207eafd2c00413db

    SHA1

    1322178e8056b32ddad2d2ddd0a6cdcc3751a4ca

    SHA256

    4e7600ba8328ed782fa73a2a20a29d7638742770d61690ffb235df40aa85c1cc

    SHA512

    a28975780ac97facd183cc2608755d5a21753345468368f3b79978512e297368c93b95ff19756d7a110f8f5372c8dc32755e95ea7692f714b4fc7a9c94e87394

  • /data/data/com.youku.tv/databases/youku_tv_11.db

    Filesize

    56KB

    MD5

    3aa6c72a569b73cfd4f6a89452d9c4fc

    SHA1

    c227c562f81f22808cc515c268bd2cb0c4106c53

    SHA256

    6fb578ff93cdc930b8875b227685a81c5fcec7f4169ef741ec39d3f908c3e338

    SHA512

    4e7f7cdd2bf26bdd042ad6c8a6ab34502ab5dc47fe0877606ae515a6cc0a3774416c8cba2e3dfada188baaabbeb26f1683ba4ad6652bde1444b8afb1731c386d

  • /data/data/com.youku.tv/databases/youku_tv_11.db

    Filesize

    56KB

    MD5

    92cc54332e23e05d873e3431c0d95746

    SHA1

    681eb93db8ff0474e17d2c80b6a16a4165c072fe

    SHA256

    7d8b98a710cd663ca854cb5cfff1267c33afae3fcc51395f8199e86b07228ef7

    SHA512

    e285fbbdaeea376d1682ae759dd3d5ee87a10f740cc85a33e9881c2825950154f978fe3e8f62df1bac7def6e965b70ec35e46d28c9c9badf2c649044512653f1

  • /data/data/com.youku.tv/databases/youku_tv_11.db

    Filesize

    56KB

    MD5

    7a384e119f0dde5e21a92cbe011a3440

    SHA1

    75cc4f00d202a2250f5ac6c17b2ca8682c660953

    SHA256

    ba0a0f914155c8baf4a003287525af63989a471954c6f317c4c366c05da16212

    SHA512

    c7dd7fe626cbf62f05694a32e9aae688a94bebe6b3d460308fafa86b251394ce2174cc31cbb56aca421a9123a410d33f03cb5ec3d16f54e764ecf1d60b5d0977

  • /data/data/com.youku.tv/databases/youku_tv_11.db

    Filesize

    168KB

    MD5

    d6565373c92c4c01909902d73ca96d45

    SHA1

    0a0d425c19470160fcfff70b5a238999b8b6a2ed

    SHA256

    70e2a5c94250deba4b9dadd4cd318ae51a8f9cd64a85e154324e47a267432e8e

    SHA512

    ce60bb9bcef07a35e80a39bf300921fbc4c62d19fd5b179824e049358601fdff360ff70381da70efea473ada4bd6703767d3ffa07618966e8b5d6f550df5bf32

  • /data/data/com.youku.tv/databases/youku_tv_11.db

    Filesize

    56KB

    MD5

    22a2690af40d1ff457e7932519600bab

    SHA1

    09cd9d9bb161fa4845d082e8c9473e5c25976e3b

    SHA256

    7e129d495b5bec2855c4de9acf7a252044876a8aa2a3600902ba957140262cbf

    SHA512

    457b6ee95737889cedebe8c2ea17341049011d0e2553a182cadd82b94dad2cef6a778318ae94b367e492cd892681a47635913dd7bf8549051b1b19ec9c01fb93

  • /data/data/com.youku.tv/databases/youku_tv_11.db-journal

    Filesize

    512B

    MD5

    33b99aa6d78dd4f801e4124102dfcbd0

    SHA1

    e8e63ccc964b10a46d7f104de866fdcfe399bfbf

    SHA256

    cc463edd93c9bc2fafd835f8e8e0776a40ed075b309dad0195cfe8a927d150aa

    SHA512

    fafc2b23690d3c6f70f41f73f340bf070df0c06772d901af6bd9023bb1d2ad238d848425e18bf0161ec4b7fd9003ab75dc2f9dae2e0c33ef6877ebce718bea0d

  • /data/data/com.youku.tv/databases/youku_tv_11.db-wal

    Filesize

    8KB

    MD5

    10f26b3b6e31f2b1ff14ff6065a54d6d

    SHA1

    de2ca559ef0811f874395d13182da20a150287f4

    SHA256

    ef48a1bdecb51d5695e4c69c27d0ba7cb92de3a953c87ef67fe001016d9baa02

    SHA512

    770989b965664d758a7f852bd8573509fce80d2e8d538837163b7b89d3f049c2181fa572389d3c9a93826b853bfddbcf6919400531d4bfad1890668d75fac158

  • /data/data/com.youku.tv/databases/youku_tv_11.db-wal

    Filesize

    8KB

    MD5

    38e8b41b1f0580c65c75c013067f4b78

    SHA1

    e6a73df61d2f294ff5648a9de416b56cc4f6db5e

    SHA256

    41c6d44963effef233910471df4714a72d553b67ebfbc348347d0bafc6d5df0d

    SHA512

    dec9f77869a34b7cd795af4cb9f08a0530241c461e5e726073b7814df4be15d47e4e3ee4d7d3cde39620a6ccb3ee60f3781b1fd55fc72f7bc9cbddbd4458a457

  • /data/data/com.youku.tv/databases/youku_tv_11.db-wal

    Filesize

    8KB

    MD5

    d8b57c6c197ecc6d4e410a95d9b7fa20

    SHA1

    60f890c5db4da11e61563a101f5ee1f0b9212882

    SHA256

    d3ee2a25859e5adc9d3a9b827d5dce4885e2ab9d729e79d4efc691bab123b024

    SHA512

    834daf755600964c781af4547ca5a1015df46b3576b7f701078ffc00c34d6392e8b3feb3634998f08bc83c1a4aa58f3a6799f848824363949c1401e600f86ab0

  • /data/data/com.youku.tv/databases/youku_tv_11.db-wal

    Filesize

    8KB

    MD5

    e9ea1de9738a9a9f41e1591beb54db08

    SHA1

    5f18398fb89e6583c5a2669848aadfa5131d7673

    SHA256

    682fb373a682159e183277643b73f5d399da1690a4a3e593e932b7c304ccf344

    SHA512

    8722bb0d39e56a54a404dcdeecb1ec008cb91d5c535a181a2aa339345ac80ecd1ed43f32e09e2176222893149926185e1650fbd84947bf4ce0c303edc7e59dbe

  • /data/data/com.youku.tv/databases/youku_tv_11.db-wal

    Filesize

    24KB

    MD5

    c267cb5323347746b90bc05fe3d52c78

    SHA1

    b93e6362f67abe1db997e91269f4fe1a40931528

    SHA256

    b841759b89f0d0ef939059b52643f0718816ee84f428ab951d1377bd86ab1ad3

    SHA512

    ab2ca9dd8b18d3720a27c6d7d52a396d2d082ea4dbfe50b5bf71338ff26de8b2137aa0dc077acdcc69e03f4938090c5fb81806df1092c86dde0352363e77c2ea

  • /data/data/com.youku.tv/databases/youku_tv_11.db-wal

    Filesize

    72KB

    MD5

    79f62abcb27167c00955b6d11ae25483

    SHA1

    f6a9091e74168165e09b7570410214924c40bffc

    SHA256

    c20d3d46fdf8296cc17b474981e3d5ee8a0551fe80dea65418774465e4ced3ae

    SHA512

    69335a47eedce9ad98fbe0e6d6180ad51910038bc3a9720b3390ae2fa56031e73e8f6a32848df1ff7705ff6b5f58a66886937adcb31d63e7cdc2424a05c030bc

  • /data/data/com.youku.tv/databases/youku_tv_market_all_app.db

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.youku.tv/databases/youku_tv_market_all_app.db-journal

    Filesize

    512B

    MD5

    70b18f37f2eafb33aa226a27d5bbc189

    SHA1

    3213e207face232252574e78d5e4e2e0ca0b66ff

    SHA256

    841a1eb72620388166c8a87c0d3a2e5c091112b01c6789a640b33510ed84aaea

    SHA512

    c042030e4638efc3eeb2b7731aa7b8a5bbae6ad7176180725b53ad2b8dae1f00f9e59d106581f6524e9021e2288fbd8ede909002e7ecb562aa589cf07575ba1a

  • /data/data/com.youku.tv/databases/youku_tv_market_all_app.db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.youku.tv/databases/youku_tv_market_all_app.db-wal

    Filesize

    104KB

    MD5

    6a8f01cea49c06ea06bd1251a257b6c7

    SHA1

    94311986c84a38f9d1c019141c690c849b09f622

    SHA256

    9a9a6539cd9843958cf5271a02fe4aa799b22fa7985b60d09145f5e2990ac28f

    SHA512

    7c5f8a5f6e1e83bf8406d80d31590f9bc5b1732418928ceadd3e3e9f93be3401850ebc3291980bbf8e49c9b54848fc05eeb03ce7f32230880567cd34fc7018dd