Overview

overview

8

Static

static

6

a6b4e35637...18.apk

android-9-x86

8

a6b4e35637...18.apk

android-13-x64

7

Analysis

  • max time kernel
    87s
  • max time network
    133s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    13/06/2024, 21:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a6b4e356377427cbfde6ec72f92b793a_JaffaCakes118.apk

  • Size

    15.4MB

  • MD5

    a6b4e356377427cbfde6ec72f92b793a

  • SHA1

    6ba5dd4bc45d52e8d02124cdeb85c34d57282894

  • SHA256

    8de43470c81536505713bac1e7f073b4231cbaa0e234fd2746ed7daf2bf3d836

  • SHA512

    143c8f12d4987e3554ff0983d674613c8d4c0aa47df4c29a69f3b03f08aa519cb2487e0ffaf912f6144aff7e3752edb6ba39ac81d29c70e61b4aa7bc2407d3c8

  • SSDEEP

    393216:U8mXMAp+rQo4DLfZOCNC5wFxF8cEnhefkLE7MgWw8zzJJobH:U8KN+rSfHGsF8cEMfcxvzJJobH

Score
8/10
bankercollectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

    collection
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Reads the content of photos stored on the user's device. 1 TTPs 1 IoCs
    collection
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.joeware.android.gpulumera
    1⤵
    • Checks if the Android device is rooted.
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Queries information about running processes on the device
    • Reads the content of photos stored on the user's device.
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4260

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.joeware.android.gpulumera/cache/1582435991586.jar
    Filesize

    9KB

    MD5

    e8e0527a01aefdb89afd2c508f131da1

    SHA1

    f1103e6b260c657ceb3d95f1b023af3fda8b133a

    SHA256

    f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

    SHA512

    fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/evernote_jobs.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    85956e9024b7a07f28f4d94b56d918ee

    SHA1

    81174645456e33aa4ae81dde84f34b373b2090dc

    SHA256

    c1399c8bef4becef6ecec6dd335371b25ba33642893929515b8040fedd0f4725

    SHA512

    a600217ea1645b8c5cde0080474ac06480271a970035d5c713f3651cd3e6547695a89ac3a17383a1a99d217da8711166475957c108e5674b60ad028d309f4def

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/evernote_jobs.db-wal
    Filesize

    32KB

    MD5

    60067531a38a20d58ee879500ec0fdff

    SHA1

    a4a36c32dcaad85891cc9f25957314dd874df25d

    SHA256

    7d5f3acc2642c4f660e90c5ffce2b915b95e530857e89de1dbedcaa0b60cde05

    SHA512

    a30a4741d5f819de2393ceed5698836681d5c5fe0e8305ca131992373ea04eb61800a7e18d13628df2737825846e3afb025f9787efc307d23ca8536fd1b8514e

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_analytics_v4.db-journal
    Filesize

    512B

    MD5

    3179e1ea3e3b309cc7cc3aee7d79fdc2

    SHA1

    fc7ddf272ec4ccd15feca480c2325fb8772a9405

    SHA256

    34d51e78d1df54d9d7b168f9a66a4d6dcb1691a71d6a621bec2a2fd728851a91

    SHA512

    5b5166f604a7cd5925295ab2c1367a4667df4338ed5321e6aa4b34de3257413d6ab644f3a6b26fd1ba5969d62be3cbe1630a5274a6ddea6843c9f57b096afbe9

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_analytics_v4.db-wal
    Filesize

    68KB

    MD5

    8a7c78b790ad78afc2d2dd0aed689c52

    SHA1

    6152a2f1c1892d66f2088842b52c8df84f32fdf7

    SHA256

    e0ea918407d5fea871c82bae8afe9ab48e92c97dff358edf229137fd5a4b0422

    SHA512

    6c664752ffeefadfabd9344b725147426307b17e5e976b9183625f02ebb061463c1cfdf441cbbc0d34367aac859468628c33eeb5961547ddab4602686d2524f0

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    03f98da9cd25a31b365a949f8ce4c670

    SHA1

    33a03dfce50a2d89fe9a3c45ec297a844418317f

    SHA256

    fd46e2f79f5db474ee041ac5b57b4516b141a58e56ce7914bedbbdd77a58e2cf

    SHA512

    1d3affdb3b3390bee6834927cef9d5985ebc0be185096821de6a58c3992229ac91cfb6e83aab841ed86bd5322097aa2c4e9f78d5c8e181b05d727fa0fe4bac65

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    7524843d130b96c541024bf1ce7d1175

    SHA1

    cc7abe74911a9b2f83af6de710b61782eb9da706

    SHA256

    4de92211c1f9a7b86b3790a497b1793901c4cf63718ad428b514ded4c8984de3

    SHA512

    b43901024795ee3b86765b6bd7765cdae6a54d68a91bb5f0204e85405c3151c71368f21f69b8160eefdfd399468ee944617f191aff77f31f0c31abb71184e857

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    eafa286652dc3921074dd2fdadaa6839

    SHA1

    45d766e0ecbe1d615bb096ba36a85a3b2975b0a4

    SHA256

    27e2afc9a88d28cce376d382a098300a14086879d65a2fdff050e6a5fb9dd7f4

    SHA512

    6e4574a45e5706681108bef57dbca4cb5b77629868c0212a4aa47609c6f26dde6ca3af9386b07b4a7741ae343aa292babe4f61924a358b765cf93c30703bb504

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    8e1122a5fec6f1f3c5463169bd4710f0

    SHA1

    3b25c56634a07a2d2cfcc6f8c607e155c753a32f

    SHA256

    c9d2bf370720f4d765e65871f55ca0123df8a6855ed7f30148d858a67b5d8340

    SHA512

    4d98b89a278ec8b43bc55e2951c4140e4324b6f5f2e9a4ccba5d7b93176295a4589b25af9caa9d65f73b48905de8c2b36a3000df5ce4a7a3b063462b7b7cceb2

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    c8db59fb5ded1fa51849ff7d93f55177

    SHA1

    b938c7db3e51c3137ceb0a874663923ba44978a9

    SHA256

    13f00e1eeda6eec3bf2f698821e477ea3c2aa6b14284230cd1194687b5a38436

    SHA512

    2970b1682326ebbdf3047327cd3d9f440fba8c4a9f5c3bcdff64d00cbe996918a8af87045dd9e965d0e7685e2aa697d4d2d7d522a64911ea068bd3ece245c3da

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    d9572cf00f70753d83b9f93888d2e6b2

    SHA1

    1aca3f5b0fd51fba0202f59ef1b3b9fbfb923e15

    SHA256

    5aeae854911bdeb0827d78825ee5ba307e96edbd4fe89c216ad589f27c4b9b6e

    SHA512

    19619981e64b8c91d52debc451fc89c8cc8fbb2b164934148c9e3c301980791d70ace8897d999bfba7588aeafff6b9ad27f0792c8129b7f698d770a88a077387

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    7263c575f9886eef2cdef2802c421704

    SHA1

    50a880cfd830bb7609ee6b4515290a1ee81819cc

    SHA256

    818e30a2743732fe5c225609d9aa177e59b9b5039108eac602ca3da9590192ec

    SHA512

    0263ee694e77ced43d0d28bea856af9c31748d2112c7ab8c2581a93cbcf4b5c84bad4e6db101da2338b5f0eda99d83bea2940d850719ee42a17b5022760a2507

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    fd95e67c8eeb0cbd6904d272625e48a2

    SHA1

    84178ef2fc8c84234c7cc71ad981950cb28bdacc

    SHA256

    f9b0764ed0bd65b9f63debf9932f46731f358b8c7adc18a8dc8850c6bba4f025

    SHA512

    743997e184ccb47255db9a784c727e8cd74d8a35eae149cd4bdb0af153baed6aeadbcbfe0ccaf46b2ee2335081a5d34c7e928a13274f66371d63b12e80666d9c

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    0b491679abf83ba0bcf2e78846e304f0

    SHA1

    7e96d5487b2175cb5b97d28c47bc8925b34454d9

    SHA256

    f34cd56b84c11ff21ecb2494566871364dfa8b84c08993dbc6c983cef56fdbf3

    SHA512

    40bdf263aa1877c1dc3ef88aaa37db6d13100e30b66420eb3ee2a0e9b4214eb9ff17bc8ddfe8ba56d5f3b1a65151a3ae3d9589e48dbbd28f79dd59a0f323e44e

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    374e72dcf3b58d0e64466e19e6ff1bfd

    SHA1

    ff55929ba58464249c9fd5056c57879e5dc70752

    SHA256

    ab31d6e23454ed799e76b543b0ba74e63bf4489689bc90e2e8e4305ef2f4444b

    SHA512

    a3aa29ff995b56407f874a19fb9c1dd86ade8a16843602afc9a38ce85e2f84cf908416ac7a6aae0866f9d2e892abde30e13a63fb524941d5a15dbc3d25abe690

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    e442239a2e42dd5deec86522ba5cec2a

    SHA1

    9b90b3839b3051cb8f4338292182b6d926572555

    SHA256

    e50365dd961d7ef7406e23a16ea27ffbc2e6f1c4e987fb8c09d97527aac1ea6f

    SHA512

    14d5588d3fa6a885c9b3a3ab083e4444b9afa54ae67c7b6b371ee8ba0a455c2e140164bffce1e24fd047e26f51a9a975aa3479685985893b305dd3fa54bec0d9

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db-wal
    Filesize

    36KB

    MD5

    b1188821cc2eca9918cac2e2385f1fc2

    SHA1

    99df1aca22b6fbbcdcce0e5a478989131c23b804

    SHA256

    787b957f44892978c4d3e864d8fe55834db9759913e348b5d1164fd0ce56b7c4

    SHA512

    ef4e4e8e21ed985a577b7e7a9b1557bdb31384ca05373b95ea173af434550e7e1bd1dde3803e4d3df0aeb7b9876c18030b4ff15e73b84fba40ff30fe43072847

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    ce57ff38157c9ff3e61fd09463e1d5ff

    SHA1

    a3b8b5711e9570b671f38d167437531269951a2f

    SHA256

    378c75afee26e891a046b3b071cca211a7dfcb1245b09a9c042dd55009cba4b9

    SHA512

    f76dc7cb39cf22f1b24317fd5d590014033d8e5846202f912a5d42453005018846d947db1bbfe717fe9b4536548c8ca52cbcd0e34df926d9c058856c86ab964f

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/mobvista.msdk.db-journal
    Filesize

    512B

    MD5

    41860939dabf380042b6ce0ff963c147

    SHA1

    7b943133ec79c32c966bae9b7e4ed93b4ff565ca

    SHA256

    65638c3c45a25299abd0e032b6044f8168110918f3b9e1bfbc8289ebde817a0e

    SHA512

    e5b2ec29b5dc64ecbae5f3dd4707475d659b8aa6d4410ec0fa8d08f0cf73f66c659d4b97f7d258aa154ecb3ff5515fc13d7167f6f567bc3453c297efc4d352bc

    Download Submit

  • /data/data/com.joeware.android.gpulumera/databases/mobvista.msdk.db-wal
    Filesize

    64KB

    MD5

    d4609433d776834b7b4db34fb23d7471

    SHA1

    e3ae63a5bc4a52932919e53c56084eadeb216401

    SHA256

    2d6a8076394590bd818dd0d68477a2ad34808467f61007d5f516f71fd4ebaa12

    SHA512

    8fe83fdb1592aadcab503b5e90902103d7a57d83f471932e6a2ac8bdb31a2fea018bfa2b676519286d593c012495e1dcef69cfb66fd5ca836b6f39e14f3f71a8

    Download Submit

  • /data/data/com.joeware.android.gpulumera/files/gaClientId
    Filesize

    36B

    MD5

    564a54ca3760a36f0ee8caaba473198b

    SHA1

    6dceac0c89c9ba191755c02e7ad975d57c770c48

    SHA256

    a186b4da7b121cf7a181dcd8535ff3dc3562652df54bae127b9ebecc7b06eb7a

    SHA512

    f515bd1093a0f7ac550b3f0de8861d4f9a320d7b30ad325fef979867a7b8e51c76a979339436c70d00ef94f6ccebd9d483fabee85ba93c5041f5d6e3da71163d

    Download Submit

  • /data/data/com.joeware.android.gpulumera/files/persisted_config
    Filesize

    283B

    MD5

    31c8eea7d87d787ba62b7c5961b18860

    SHA1

    19d8e9693dcb3c915dd91d396bb3c2d515076bb0

    SHA256

    a07b520b27970ccc9bde6c0f81b98481f87184cbb4e5a4866c721a5126b8ca1e

    SHA512

    7fb2328e6027601d5eebf155ae2781c23ca2471a83157e0d776f01b0314877a505c0c0c4d22ffc5775df4c4179a6df516d0e15b86f1d308732f1466eb407621f

    Download Submit

  • /data/data/com.joeware.android.gpulumera/files/persisted_config
    Filesize

    6KB

    MD5

    d91a64568f5f2fcc813c6dc1ef76a723

    SHA1

    513ecdb36b578dbb1c874e9cb5796b299175561d

    SHA256

    3bdf8cb966690a4c61b52ec768d2dd8ca86b77879687f7029efc347afbb427d2

    SHA512

    3d7d1669740e1c568c8676beab22fc469de8d0d78c701a749cfbf78b8de3c6678eb0755b5e7447a182a8d314891c8002e0d6c82b75ba39342fc94aa4773b5b6e

    Download Submit

  • /data/data/com.joeware.android.gpulumera/files/persisted_config
    Filesize

    6KB

    MD5

    af876c3ad0ccc218d5f4c18ca44f00e3

    SHA1

    0fd9ad08ce9a4be6ff1b653c448c95106e5e2880

    SHA256

    5cd991185b008bf488b724581bdfa8f29e63e80ea15626dae22d23b333ec58b9

    SHA512

    1dc8e0f544a616f3ba11661d5b4d532298abe0f2802e1786ac8ca646c7bb6d1983ffa4bca01338c0a4028a27071ee92fa04015b61ce74b95d42016a61aa51955

    Download Submit

  • /data/user/0/com.joeware.android.gpulumera/cache/1582435991586.jar
    Filesize

    20KB

    MD5

    fde2ee00cbd121cfab5290b078aa3ceb

    SHA1

    e2b77d5320e155e413d040a8c20020962065b2f8

    SHA256

    2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

    SHA512

    a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

    Download Submit