Analysis
-
max time kernel
98s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
12-06-2024 13:39
Static task
static1
Behavioral task
behavioral1
Sample
a0dae5ce261f7d7a971f09c21aec67c2_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a0dae5ce261f7d7a971f09c21aec67c2_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral3
Sample
alipay_msp.apk
Resource
android-x86-arm-20240611.1-en
General
-
Target
a0dae5ce261f7d7a971f09c21aec67c2_JaffaCakes118.apk
-
Size
14.3MB
-
MD5
a0dae5ce261f7d7a971f09c21aec67c2
-
SHA1
24d24aae66078071ff599e4756f6b1aa73bb5ca7
-
SHA256
d5715b46879d9aa0aa344e21a94bb906fe16a80ab38e667595cfb17df5ce087b
-
SHA512
06d085c5e2ea6e5c03ce3f52db6d5be422f837ec0d2c6f8f6c994e37209abbff203ecc9b6719691b54ed0be66d017d5ae4821db2c6ef3ea5b9e242c662a4ff5d
-
SSDEEP
393216:usNp0vjBu1kqeNhQtw4fopWnoh7btGfs+OalHPHG7+nppCI:u9Nu180Vfu8ohH0dOGPHfnpAI
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
Processes:
com.xiaoao.car3d4ioc process /system/app/Superuser.apk com.xiaoao.car3d4 -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.xiaoao.car3d4description ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.xiaoao.car3d4 -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
Processes:
com.xiaoao.car3d4description ioc process Framework service call android.net.wifi.IWifiManager.getScanResults com.xiaoao.car3d4 -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.xiaoao.car3d4description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.xiaoao.car3d4 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.xiaoao.car3d4description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.xiaoao.car3d4 -
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
Processes:
com.xiaoao.car3d4description ioc process Framework API call android.hardware.SensorManager.registerListener com.xiaoao.car3d4 -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.xiaoao.car3d4description ioc process Framework API call javax.crypto.Cipher.doFinal com.xiaoao.car3d4 -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.xiaoao.car3d4description ioc process File opened for read /proc/cpuinfo com.xiaoao.car3d4 -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.xiaoao.car3d4description ioc process File opened for read /proc/meminfo com.xiaoao.car3d4
Processes
-
com.xiaoao.car3d41⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4275
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
664B
MD5c8ff4bdf9cefc934f209acf81789ae00
SHA190a0dac8a06d909240774b239c8206bd3b64e242
SHA256d9b693303630d744f5fef6d0d52fb8ca79e449db9920cf480a558117f8bee6d4
SHA512b3b490368bf2f289d597732991dc3ad54371cfcad45dca128766b7764394d5cfdef54ecfd672be3c98644a9ea86e3930db8241bd81769a1167ed6d127c099970
-
Filesize
655B
MD5693fc57f69d6509137029f08af094865
SHA12f87329a9c86688a6cdb18ed25b02085e8a9d3f3
SHA2565bc5287b925801db9d6a56e1ac94cdf3fbb82217e3b0618833736e954793a1e4
SHA5127aa3ea86fad965a68905b918ec0db2e342030c9b7bce50079eee89ed0df47aa157e026ca74872c25b389f55019473868feb58d37e3497c3cb9fbdc57901620fa
-
Filesize
25B
MD52d805b13f2f28dc3ca9bbcc000f49bb5
SHA19eac165b4d81258fd3967cde5cc53b53b1dabcb1
SHA256c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19
SHA5125db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0
-
Filesize
2KB
MD58c6733e843e8c64d592d244e3d530ac8
SHA129fb48f01b63e2a9d47fb597e983308bff593134
SHA25653edfcbb5a44545fbd5c4e8242749be47fa31e149e3df2f710aa6b7beebd2718
SHA512736499eec72e3b664c12fd19ea34a14abfd5e2e170b2a7c67e62a128aaf2f61b12d47fdad4e4c0d2f6e0e40faf4c16baf8d2bd3725a6faa7f510f659eefbf17f
-
Filesize
285KB
MD56a85f3d05bc26f89d7ad9f243fb4adb5
SHA1fdc39e9557259ddcc7d34d1ce7043bd8242f8e15
SHA25653f7b5aaed85790a35988abf807aea31c57c1d5320935e8015164f97551b8a5e
SHA5127be70de91b90b3710924fb4e77900d6cfd76626bfd89ab8ac346c3e4901177d0e4b00b9bd693eac8844f11c04242dcb2ab724b24cde6100d5df608e707295aa7
-
Filesize
2KB
MD567a965aea083900175b29fbc9c8cd0f6
SHA1e8d1268d63d93f6099c15e8fb718ddddb529bd4c
SHA256175a3dd0f06e4d49fdbeeb9538765eaeecbbe711a54a6364fa01ccda30695114
SHA512354430f0e150e3c53b86403fd9981b80721b6e4b56871a4a120248d4a1fa43de65302173490f9eac923d7deea2fb78baa31b8cfa5c0c380a041d9f446455c5db
-
Filesize
1.0MB
MD552df33d6502d7a51d64b97dcf2a81116
SHA1b315d3f065eeb73cca1a14cfba7e7c76cc79d283
SHA2560a5e91fc3739bd0278c7f0335269e33da607784edcfb7420c13490c3b26fa965
SHA5129be7061f8c1a8fd468e8347fb0d0f5d0c7c815713394d04a63edf6ca838d3873f78e470e046286ff876ae07266230f899134a3a4f194c9009fff70bf9ffd574e
-
Filesize
1.0MB
MD599af44840d446bc23f978d9b4c8dd2c1
SHA11e6e20bc4450d77467d187bd152ef356051903f2
SHA2561d089c4523e866b12af71dfe9fe6bdf8f475414b18dfee0b751b77a90133c775
SHA512db5125c9867270061a4084c31dd42597c8963a610ef226b7c484c0307a60d798a15bfa6077d7eb2647cd28fa3835dc202bfa3b2999d9a6e9347c988266a64290
-
Filesize
1.0MB
MD5c013bbda464b94bfdeaf13d1a0796e4f
SHA19e40a55465ed4de16f6500b4ec5170b038c158ec
SHA256abde10767e770f83c12512061b9a7eb7fc3d633095145121b7bca5e3b20513d8
SHA512ea0aae4515cac512ca338583c3528ff4189a12e1c7788ffa3165300ad3081784d744dc61204f47069843dc89c1b448245ac75c9f24cd0376bc5ff10f718e14a9
-
Filesize
1.0MB
MD5779aa15b2324e0351063865028d287ab
SHA184e23d014265304c35dfc31c855e6539ff34960f
SHA256ec603600132c777dc58fda02814077af2ecb124d5e93a2f74e66b3ea95c48363
SHA512e96d132a3269e610c4c7a180ec3a68c75f4f7b814eb7e7844900bb67af4e96c2b7eabcec11d243acf05ecc6f7f7a6415aac9b51fbd930aee4cbdbf48520b4960
-
Filesize
1.0MB
MD589de6b4abd846c7f0264638c480c4012
SHA154db91a18d0702be31ce1c97084766ac0710b8c6
SHA25636dd670875d59207d6793f1bcb4dc8b758eb893609108a5b758393792b548694
SHA512fe1c32edffd2b396594e24c50b96943a344735cf8ab193b334b172f6fe508a4435c31f1700219a420e069d00788be252e218dcd2bf4b2a1d890249ad37e80e0e
-
Filesize
1.0MB
MD5794ffd654732ce3c967a2cd584c36322
SHA19979f7ef48c70886901065262032548f2e4523da
SHA25647daefb87af272bb729aa2b9e3fb76fe6f0155a7b24ab9ef980db0fa7be3bb61
SHA5127eacdf5895d0dee4549eedbafa17add6548ed00eada7a88c5b20523d655d3892470d317e12000e2ca2bef7ce940e8022054ba444d67638448f69898d4aa408e0
-
Filesize
1.0MB
MD5b869b1593bc90dd12a9590af29e9fca0
SHA17d2ca872f949ddca4861ef0f9609e643c61dd317
SHA256a9068662182e50c363f4741cf343a9a0334a8b49102afec8cffc41a99e9556c5
SHA5121b0a782094d3795df12b5d24da1decd9ecf2727e57a8218c4ce7a8537309275c2cdef38f3b84dbe6076efe98ab76200b4210bdc1444ca21126322ea6df8378dc
-
Filesize
1.0MB
MD5bbd56b9809bf95e020f1c7978898ab84
SHA1008cd0eec7fbb3acb565e1447f46f6344591f732
SHA25628dda0c5a342fd7a97a3002eeb65e151974e257fabe7dec0569e70506c980716
SHA512308f5f87253df5f7d0467fd50e0ae25029c0a180e83ab362885192cedc87d6b85fca06606a9d6576a681e0699a0bdab0ae0243f8dcf80c9ff07e75fea3f0d963
-
Filesize
1.0MB
MD53ab79432f544ae691cf25182af72ab83
SHA1da18a48eb9f9aa4cdb6bf536e6e0e253e69a454e
SHA256da3acf1ba673656a6b340c4795e8014b1a866bac89d88665b3f4feb79cb79c1b
SHA512d29b5b106d0fcced855097873778a328d4e1b2271a97ba5444432c72b8c42ec6cbd080a502b70e2c50c9e797ec9d531bfb4360423ad5f854db58c755fa502888
-
Filesize
1.0MB
MD5c06be7dddceda763bd5bda989b581d9b
SHA1594dbcf8f088d9fbc7b11335e4ae7dde84289f2e
SHA2566fcbcb77d9bcca9a1ec5430542d1dbf2ed65d6bee2e14aa66811f641e13d3876
SHA512b4f0575c79b18d75a266ea8de81d5771940f33ef53f916eb045a64d20617f4d587fe9cbfef5d262d25c3b7b6b9fc8d9814cbcb1c1e716a84df56ba5626914c65
-
Filesize
1.0MB
MD509a8084dd5670288de5b3bdd6e9c1004
SHA13b776e21922e4ecfb50b4dd6f784d6863fec9f78
SHA256039a529f25f3d49a2ab8cd1883082c6860bf467a6f39512e7d69acf8f0eb7e74
SHA51282a2a62dddf6a665d31bf78135eb4bacbf2d41ca6860a8e8fe07810447edb1f5c588dea48a1a0576f383982e24c3da4b9c5c0b424ff36a1dcb68d77b9d502d44
-
Filesize
1.0MB
MD55ddc915fb5bef6c752466a62fb9b20d9
SHA1283b0d22fafe5ff55e749fdd8bf93f09dd23d872
SHA256f1b54680cfc7fd590e5e32ba1372bae1a1d45787f6bca519a0818b5c30f4df38
SHA5127df5bb1565f6f3f76761e741b293a2c8fab3fe4fc444561d4edc0ad9a941fbdb69d103d0d1d3353d2410ba271992642cd8b5a9996a82b5be807cec3662a483f7
-
Filesize
1.0MB
MD55372ac3d3d4fa4b040231f3040156ed4
SHA12fc37c918d2dfd9ceedcfff09baeba5f20fd884b
SHA2566fd493e55b811328ae0506a2b86ba2bb7f6a2e0043d3850c5d83f162b191bcc0
SHA5120e9bd131f63ba903738e9fda2f244240a24e441e34c9c5e01451610ecec606352e129a034e5bdecf98c9ec4f7b497ff7b44e0ef70da6e959bd27b333f0f8c2c2
-
Filesize
1.0MB
MD55d63703aa5d9422b685136cd2db7ae04
SHA131b5b140be77505b2a6832912ea5f7c7bdcb3aef
SHA2568ecaf9cb1a1b216e763e4ca6151fa18857e929e652684b5d6b900ee6955a6728
SHA51223a33adbbfe001e8729379903b4935cf60e94bf454ce003c5e44aac60d7bec1fd40e7abf1f8700ca14a5310113abcae71d840d421089012308dfb1235b9a1e36
-
Filesize
1.0MB
MD545bab34c12c61d5d070549beb887a36b
SHA103790914e652cca10280b509c139f071596173ce
SHA2567caf021d9e060a6ebb168601ce8b20d3d99681992015c0b4a37e0794cbb8bf68
SHA5121b39ac4bf5953ab5475d442d6b7ebbe0cedfa936ee996feb7d050858cd5fef595bde1dbc6763cc1bb21963e019a7c2e0f12682525a63a454d73922cbe446ef10
-
Filesize
1.0MB
MD5241e0143e7b14be93a492edb43e0abf8
SHA1fcf19b75b4514441caa420d48cc042a950daa6ce
SHA256d76d6265adde972b688d698e5f8650af6b00993e562457dd67d5de833a6c3a2c
SHA5125e57215d98e7591f8dc06aa6023e55a9582b23830d316fed72f7ca2d11d5dff9ca7970a435f890b8363c0f5f3aed6c1fdc9daf44a7978a4bad15c08ee7f13505
-
Filesize
1.0MB
MD56e519e64050e1d406b010763c8d3240e
SHA113aecfb110d226ee6eb0b0a82b6c4696eda37401
SHA256d99643902a6dd86f80e3b14358811a95837e136d7ca7e0449f564274412c6d4c
SHA5129685fe4f20ff1430a6d31d15207fe415ecb62a385ceb51de87c7afab99a2487916c78ed1f3f6604319d52fffd4597c5f5cf0faff5825cfbd226983c0791cbbaa
-
Filesize
1.0MB
MD5dfd58846d0f61d744ee9ced5a2b280e6
SHA1b11ccc25c2d3f3a932098492a4f8053d10ff0518
SHA256e11ce3724ed926817cf12c36d3a21a489b5557fd38e756fed0df88f544223eeb
SHA51261b0ca46bc680df61e314abe7b744ee542aabe309a51369edf1f3c9bb117695ce5cb61cd70c169712b3fbd22fb134c5f1d0e5f971d47b7a319d0ede505a8c1be
-
Filesize
1.0MB
MD566bd649400c21b30086a27e8ba6c4138
SHA1fe68be8ccbe02483b50607e9d596d032defd1c01
SHA256ec6f1de801ec4effb546bd2fa4431922f1ce66843af4dc764c00a9614d617fb0
SHA512809dea0d79fbbbf21e3a24fb44f1376720da51fbf0f4ffe2ab2033607b67f6b1b4f98560d5ee03f8b1c3d10746eda543556ea862112bfa5c384b01cd8c438ce8
-
Filesize
89B
MD5a11207b984303f13bcc17e8f147e61c2
SHA1103f677b010e18a1c165825a185a268a64299ae0
SHA2569fbba5f0a4c65dde60fcdd9b262a6a8aa210b27bd6797c6653416d6b6549ca45
SHA5123fc517d8608489117c7ace6842bb63a73dff9dc0da663a87974f64f96bf8006c7830fe100ae71860d54f4957a38a602a5b88fea242e206a2f2ec356aae6ac878