Analysis

  • max time kernel
    98s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    12-06-2024 13:39

General

  • Target

    a0dae5ce261f7d7a971f09c21aec67c2_JaffaCakes118.apk

  • Size

    14.3MB

  • MD5

    a0dae5ce261f7d7a971f09c21aec67c2

  • SHA1

    24d24aae66078071ff599e4756f6b1aa73bb5ca7

  • SHA256

    d5715b46879d9aa0aa344e21a94bb906fe16a80ab38e667595cfb17df5ce087b

  • SHA512

    06d085c5e2ea6e5c03ce3f52db6d5be422f837ec0d2c6f8f6c994e37209abbff203ecc9b6719691b54ed0be66d017d5ae4821db2c6ef3ea5b9e242c662a4ff5d

  • SSDEEP

    393216:usNp0vjBu1kqeNhQtw4fopWnoh7btGfs+OalHPHG7+nppCI:u9Nu180Vfu8ohH0dOGPHfnpAI

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.xiaoao.car3d4
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4275

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.xiaoao.car3d4/XiaoAoFrag.xa

    Filesize

    664B

    MD5

    c8ff4bdf9cefc934f209acf81789ae00

    SHA1

    90a0dac8a06d909240774b239c8206bd3b64e242

    SHA256

    d9b693303630d744f5fef6d0d52fb8ca79e449db9920cf480a558117f8bee6d4

    SHA512

    b3b490368bf2f289d597732991dc3ad54371cfcad45dca128766b7764394d5cfdef54ecfd672be3c98644a9ea86e3930db8241bd81769a1167ed6d127c099970

  • /data/data/com.xiaoao.car3d4/XiaoAoVertex.xa

    Filesize

    655B

    MD5

    693fc57f69d6509137029f08af094865

    SHA1

    2f87329a9c86688a6cdb18ed25b02085e8a9d3f3

    SHA256

    5bc5287b925801db9d6a56e1ac94cdf3fbb82217e3b0618833736e954793a1e4

    SHA512

    7aa3ea86fad965a68905b918ec0db2e342030c9b7bce50079eee89ed0df47aa157e026ca74872c25b389f55019473868feb58d37e3497c3cb9fbdc57901620fa

  • /data/data/com.xiaoao.car3d4/files/__local_stat_cache.json

    Filesize

    25B

    MD5

    2d805b13f2f28dc3ca9bbcc000f49bb5

    SHA1

    9eac165b4d81258fd3967cde5cc53b53b1dabcb1

    SHA256

    c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

    SHA512

    5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

  • /data/data/com.xiaoao.car3d4/files/_vir_0_104680412_z_.dat

    Filesize

    2KB

    MD5

    8c6733e843e8c64d592d244e3d530ac8

    SHA1

    29fb48f01b63e2a9d47fb597e983308bff593134

    SHA256

    53edfcbb5a44545fbd5c4e8242749be47fa31e149e3df2f710aa6b7beebd2718

    SHA512

    736499eec72e3b664c12fd19ea34a14abfd5e2e170b2a7c67e62a128aaf2f61b12d47fdad4e4c0d2f6e0e40faf4c16baf8d2bd3725a6faa7f510f659eefbf17f

  • /data/data/com.xiaoao.car3d4/files/_vir_0_198871994_z_.dat

    Filesize

    285KB

    MD5

    6a85f3d05bc26f89d7ad9f243fb4adb5

    SHA1

    fdc39e9557259ddcc7d34d1ce7043bd8242f8e15

    SHA256

    53f7b5aaed85790a35988abf807aea31c57c1d5320935e8015164f97551b8a5e

    SHA512

    7be70de91b90b3710924fb4e77900d6cfd76626bfd89ab8ac346c3e4901177d0e4b00b9bd693eac8844f11c04242dcb2ab724b24cde6100d5df608e707295aa7

  • /data/data/com.xiaoao.car3d4/files/_vir_0_69071534_z_.dat

    Filesize

    2KB

    MD5

    67a965aea083900175b29fbc9c8cd0f6

    SHA1

    e8d1268d63d93f6099c15e8fb718ddddb529bd4c

    SHA256

    175a3dd0f06e4d49fdbeeb9538765eaeecbbe711a54a6364fa01ccda30695114

    SHA512

    354430f0e150e3c53b86403fd9981b80721b6e4b56871a4a120248d4a1fa43de65302173490f9eac923d7deea2fb78baa31b8cfa5c0c380a041d9f446455c5db

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak0.pkm

    Filesize

    1.0MB

    MD5

    52df33d6502d7a51d64b97dcf2a81116

    SHA1

    b315d3f065eeb73cca1a14cfba7e7c76cc79d283

    SHA256

    0a5e91fc3739bd0278c7f0335269e33da607784edcfb7420c13490c3b26fa965

    SHA512

    9be7061f8c1a8fd468e8347fb0d0f5d0c7c815713394d04a63edf6ca838d3873f78e470e046286ff876ae07266230f899134a3a4f194c9009fff70bf9ffd574e

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak1.pkm

    Filesize

    1.0MB

    MD5

    99af44840d446bc23f978d9b4c8dd2c1

    SHA1

    1e6e20bc4450d77467d187bd152ef356051903f2

    SHA256

    1d089c4523e866b12af71dfe9fe6bdf8f475414b18dfee0b751b77a90133c775

    SHA512

    db5125c9867270061a4084c31dd42597c8963a610ef226b7c484c0307a60d798a15bfa6077d7eb2647cd28fa3835dc202bfa3b2999d9a6e9347c988266a64290

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak10.pkm

    Filesize

    1.0MB

    MD5

    c013bbda464b94bfdeaf13d1a0796e4f

    SHA1

    9e40a55465ed4de16f6500b4ec5170b038c158ec

    SHA256

    abde10767e770f83c12512061b9a7eb7fc3d633095145121b7bca5e3b20513d8

    SHA512

    ea0aae4515cac512ca338583c3528ff4189a12e1c7788ffa3165300ad3081784d744dc61204f47069843dc89c1b448245ac75c9f24cd0376bc5ff10f718e14a9

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak11.pkm

    Filesize

    1.0MB

    MD5

    779aa15b2324e0351063865028d287ab

    SHA1

    84e23d014265304c35dfc31c855e6539ff34960f

    SHA256

    ec603600132c777dc58fda02814077af2ecb124d5e93a2f74e66b3ea95c48363

    SHA512

    e96d132a3269e610c4c7a180ec3a68c75f4f7b814eb7e7844900bb67af4e96c2b7eabcec11d243acf05ecc6f7f7a6415aac9b51fbd930aee4cbdbf48520b4960

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak12.pkm

    Filesize

    1.0MB

    MD5

    89de6b4abd846c7f0264638c480c4012

    SHA1

    54db91a18d0702be31ce1c97084766ac0710b8c6

    SHA256

    36dd670875d59207d6793f1bcb4dc8b758eb893609108a5b758393792b548694

    SHA512

    fe1c32edffd2b396594e24c50b96943a344735cf8ab193b334b172f6fe508a4435c31f1700219a420e069d00788be252e218dcd2bf4b2a1d890249ad37e80e0e

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak13.pkm

    Filesize

    1.0MB

    MD5

    794ffd654732ce3c967a2cd584c36322

    SHA1

    9979f7ef48c70886901065262032548f2e4523da

    SHA256

    47daefb87af272bb729aa2b9e3fb76fe6f0155a7b24ab9ef980db0fa7be3bb61

    SHA512

    7eacdf5895d0dee4549eedbafa17add6548ed00eada7a88c5b20523d655d3892470d317e12000e2ca2bef7ce940e8022054ba444d67638448f69898d4aa408e0

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak14.pkm

    Filesize

    1.0MB

    MD5

    b869b1593bc90dd12a9590af29e9fca0

    SHA1

    7d2ca872f949ddca4861ef0f9609e643c61dd317

    SHA256

    a9068662182e50c363f4741cf343a9a0334a8b49102afec8cffc41a99e9556c5

    SHA512

    1b0a782094d3795df12b5d24da1decd9ecf2727e57a8218c4ce7a8537309275c2cdef38f3b84dbe6076efe98ab76200b4210bdc1444ca21126322ea6df8378dc

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak15.pkm

    Filesize

    1.0MB

    MD5

    bbd56b9809bf95e020f1c7978898ab84

    SHA1

    008cd0eec7fbb3acb565e1447f46f6344591f732

    SHA256

    28dda0c5a342fd7a97a3002eeb65e151974e257fabe7dec0569e70506c980716

    SHA512

    308f5f87253df5f7d0467fd50e0ae25029c0a180e83ab362885192cedc87d6b85fca06606a9d6576a681e0699a0bdab0ae0243f8dcf80c9ff07e75fea3f0d963

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak16.pkm

    Filesize

    1.0MB

    MD5

    3ab79432f544ae691cf25182af72ab83

    SHA1

    da18a48eb9f9aa4cdb6bf536e6e0e253e69a454e

    SHA256

    da3acf1ba673656a6b340c4795e8014b1a866bac89d88665b3f4feb79cb79c1b

    SHA512

    d29b5b106d0fcced855097873778a328d4e1b2271a97ba5444432c72b8c42ec6cbd080a502b70e2c50c9e797ec9d531bfb4360423ad5f854db58c755fa502888

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak17.pkm

    Filesize

    1.0MB

    MD5

    c06be7dddceda763bd5bda989b581d9b

    SHA1

    594dbcf8f088d9fbc7b11335e4ae7dde84289f2e

    SHA256

    6fcbcb77d9bcca9a1ec5430542d1dbf2ed65d6bee2e14aa66811f641e13d3876

    SHA512

    b4f0575c79b18d75a266ea8de81d5771940f33ef53f916eb045a64d20617f4d587fe9cbfef5d262d25c3b7b6b9fc8d9814cbcb1c1e716a84df56ba5626914c65

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak18.pkm

    Filesize

    1.0MB

    MD5

    09a8084dd5670288de5b3bdd6e9c1004

    SHA1

    3b776e21922e4ecfb50b4dd6f784d6863fec9f78

    SHA256

    039a529f25f3d49a2ab8cd1883082c6860bf467a6f39512e7d69acf8f0eb7e74

    SHA512

    82a2a62dddf6a665d31bf78135eb4bacbf2d41ca6860a8e8fe07810447edb1f5c588dea48a1a0576f383982e24c3da4b9c5c0b424ff36a1dcb68d77b9d502d44

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak2.pkm

    Filesize

    1.0MB

    MD5

    5ddc915fb5bef6c752466a62fb9b20d9

    SHA1

    283b0d22fafe5ff55e749fdd8bf93f09dd23d872

    SHA256

    f1b54680cfc7fd590e5e32ba1372bae1a1d45787f6bca519a0818b5c30f4df38

    SHA512

    7df5bb1565f6f3f76761e741b293a2c8fab3fe4fc444561d4edc0ad9a941fbdb69d103d0d1d3353d2410ba271992642cd8b5a9996a82b5be807cec3662a483f7

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak3.pkm

    Filesize

    1.0MB

    MD5

    5372ac3d3d4fa4b040231f3040156ed4

    SHA1

    2fc37c918d2dfd9ceedcfff09baeba5f20fd884b

    SHA256

    6fd493e55b811328ae0506a2b86ba2bb7f6a2e0043d3850c5d83f162b191bcc0

    SHA512

    0e9bd131f63ba903738e9fda2f244240a24e441e34c9c5e01451610ecec606352e129a034e5bdecf98c9ec4f7b497ff7b44e0ef70da6e959bd27b333f0f8c2c2

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak4.pkm

    Filesize

    1.0MB

    MD5

    5d63703aa5d9422b685136cd2db7ae04

    SHA1

    31b5b140be77505b2a6832912ea5f7c7bdcb3aef

    SHA256

    8ecaf9cb1a1b216e763e4ca6151fa18857e929e652684b5d6b900ee6955a6728

    SHA512

    23a33adbbfe001e8729379903b4935cf60e94bf454ce003c5e44aac60d7bec1fd40e7abf1f8700ca14a5310113abcae71d840d421089012308dfb1235b9a1e36

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak5.pkm

    Filesize

    1.0MB

    MD5

    45bab34c12c61d5d070549beb887a36b

    SHA1

    03790914e652cca10280b509c139f071596173ce

    SHA256

    7caf021d9e060a6ebb168601ce8b20d3d99681992015c0b4a37e0794cbb8bf68

    SHA512

    1b39ac4bf5953ab5475d442d6b7ebbe0cedfa936ee996feb7d050858cd5fef595bde1dbc6763cc1bb21963e019a7c2e0f12682525a63a454d73922cbe446ef10

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak6.pkm

    Filesize

    1.0MB

    MD5

    241e0143e7b14be93a492edb43e0abf8

    SHA1

    fcf19b75b4514441caa420d48cc042a950daa6ce

    SHA256

    d76d6265adde972b688d698e5f8650af6b00993e562457dd67d5de833a6c3a2c

    SHA512

    5e57215d98e7591f8dc06aa6023e55a9582b23830d316fed72f7ca2d11d5dff9ca7970a435f890b8363c0f5f3aed6c1fdc9daf44a7978a4bad15c08ee7f13505

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak7.pkm

    Filesize

    1.0MB

    MD5

    6e519e64050e1d406b010763c8d3240e

    SHA1

    13aecfb110d226ee6eb0b0a82b6c4696eda37401

    SHA256

    d99643902a6dd86f80e3b14358811a95837e136d7ca7e0449f564274412c6d4c

    SHA512

    9685fe4f20ff1430a6d31d15207fe415ecb62a385ceb51de87c7afab99a2487916c78ed1f3f6604319d52fffd4597c5f5cf0faff5825cfbd226983c0791cbbaa

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak8.pkm

    Filesize

    1.0MB

    MD5

    dfd58846d0f61d744ee9ced5a2b280e6

    SHA1

    b11ccc25c2d3f3a932098492a4f8053d10ff0518

    SHA256

    e11ce3724ed926817cf12c36d3a21a489b5557fd38e756fed0df88f544223eeb

    SHA512

    61b0ca46bc680df61e314abe7b744ee542aabe309a51369edf1f3c9bb117695ce5cb61cd70c169712b3fbd22fb134c5f1d0e5f971d47b7a319d0ede505a8c1be

  • /data/data/com.xiaoao.car3d4/pkmfiles/texturepak9.pkm

    Filesize

    1.0MB

    MD5

    66bd649400c21b30086a27e8ba6c4138

    SHA1

    fe68be8ccbe02483b50607e9d596d032defd1c01

    SHA256

    ec6f1de801ec4effb546bd2fa4431922f1ce66843af4dc764c00a9614d617fb0

    SHA512

    809dea0d79fbbbf21e3a24fb44f1376720da51fbf0f4ffe2ab2033607b67f6b1b4f98560d5ee03f8b1c3d10746eda543556ea862112bfa5c384b01cd8c438ce8

  • /storage/emulated/0/baidu/.cuid

    Filesize

    89B

    MD5

    a11207b984303f13bcc17e8f147e61c2

    SHA1

    103f677b010e18a1c165825a185a268a64299ae0

    SHA256

    9fbba5f0a4c65dde60fcdd9b262a6a8aa210b27bd6797c6653416d6b6549ca45

    SHA512

    3fc517d8608489117c7ace6842bb63a73dff9dc0da663a87974f64f96bf8006c7830fe100ae71860d54f4957a38a602a5b88fea242e206a2f2ec356aae6ac878