cb935716f29af4136d449825baab47a79984011807ca0e6dca466e9d6eeffb1f

Analysis

max time kernel
39s
max time network
174s
platform
android_x64
resource
android-33-x64-arm64-20240611.1-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240611.1-enlocale:en-usos:android-13-x64system
submitted
13-06-2024 08:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a4b23fa77a1b406c9026ba2b1d5e3f03_JaffaCakes118.apk
Size

17.7MB
MD5

a4b23fa77a1b406c9026ba2b1d5e3f03
SHA1

a0781bf4a4ad092f590e19cb41324395ba4dc4bd
SHA256

cb935716f29af4136d449825baab47a79984011807ca0e6dca466e9d6eeffb1f
SHA512

4cb71e292321c96f1ea8151c6e528f7e97db75011e054787d99345f11e6e0a26ce5296f831180e2e729402883b16db005c56b8720562e64e4cdd93fa0be332a9
SSDEEP

393216:nCFebgK7SZonxcgXWL9m1V0FZGGQLVVH62BYwgux3:Wel7SmnxcgW8HM+LvY7uh

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.gezlife.qianrenzhang

ioc pid process

/data/data/com.gezlife.qianrenzhang/mix.dex 4340 com.gezlife.qianrenzhang
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.gezlife.qianrenzhang

description ioc process

File opened for read /proc/meminfo com.gezlife.qianrenzhang

ioc	pid	process
/data/data/com.gezlife.qianrenzhang/mix.dex	4340	com.gezlife.qianrenzhang

description	ioc	process
File opened for read	/proc/meminfo	com.gezlife.qianrenzhang

com.gezlife.qianrenzhang
1⤵
- Loads dropped Dex/Jar
- Checks memory information
PID:4340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gezlife.qianrenzhang/mix.dex
Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit
/data/user/0/com.gezlife.qianrenzhang/app_bugly/map_record.txt
Filesize
44KB

MD5
f7339d6d104e5b1670fad01228a85e58

SHA1
9d8b521e0f3fe2ae5ab8bed45c558e72bf790204

SHA256
c5cefb089a18c932d73624d6ea1e061b7c666e69c93b0c9a6aeb9cae6f30980f

SHA512
0674e264150caff0aebb6b7bce9e90b7abafa6e70353223650adab4902595ad337de1aa2279483240f54d49b1b23ee53e58cdcdabab840e645b634bd08073fa6

Download Submit
/data/user/0/com.gezlife.qianrenzhang/app_bugly/reg_record.txt
Filesize
607B

MD5
ed853e74c40ce88cc5ceed8d3d7283a7

SHA1
148f9e01a805f8adaaf7433c4953e3e48dcefc97

SHA256
979b6d7fd786c9ff28ef5c94b8d548b64333865f2512a9d9acab31fd8db8517a

SHA512
0a1b3407a3ab54302241330d6cd1d4b1e1f05f219927f674e49f97d623037858fbec33331aeff22bb9be5ed41b3e6fe88dfd85b61f13caad22cb8af9269c2369

Download Submit
/data/user/0/com.gezlife.qianrenzhang/app_bugly/rqd_record.eup
Filesize
29B

MD5
5ec758aba3fc538354888e38ac5ed313

SHA1
d35b6573d25b6e282a680a4ffe9ccfceebec74a4

SHA256
12eb72ff09eef9137e67ce8f0588607a28976e0e082b80125f7ff572405a582e

SHA512
13e094ecf0cad0cec897853bd3fad125b5ab07db68652cad4affb1b03da9d50a19815b268361a45543205cd54774148691a3433abb075a48ef0c846dae73ccec

Download Submit
/data/user/0/com.gezlife.qianrenzhang/app_bugly/rqd_record.eup
Filesize
117B

MD5
00c5e27fbeb3cbfe3249c83d6d3b8660

SHA1
12dcef3c8e6c16700c6cd280c3b3b43e1189df56

SHA256
7b98818f8127b23dffc2699faaee1d7fe7ab33bc91c1803de36f535319250d39

SHA512
5bc52f5cf19ca5234ce0ce908fc45b509d743653e46634d43a9c30352a04093045181cb2164efe2f907edf9c8664449fcf7b6d1a82b5977984ab3ca344f1557d

Download Submit
/data/user/0/com.gezlife.qianrenzhang/app_bugly/rqd_record.eup
Filesize
562B

MD5
1e70a7c5607f95506232efb102f112d2

SHA1
c9b5bc783195c981d46a1b6ec6d4acd326da38e4

SHA256
eaa46ee6ac094d65b66202e1120fb86c4e26fdb4a103b054dfbc4fd2f9065e62

SHA512
891af35e09a454eb2893157164607d11afad07bc6ba823eb8baf5213bdb298fa77e25cc5b6eede69971c4ae123f8c94954f9f3edf4dcac8dcecd612f5bde74f1

Download Submit
/data/user/0/com.gezlife.qianrenzhang/app_bugly/rqd_record.eup
Filesize
1KB

MD5
6b38fe2e6619052a4b719ee3dadc0081

SHA1
ee18b6085d40c9706061397d89741407bc9c2f03

SHA256
b864f2b628e6eb2fd06af2c8b51a05b54bbfb0af59cdd6a1fbb9d25348ca3ec0

SHA512
4530cf81ad530e486e584b676b85a13abc8c8430a2d2cdda89b1cee4f13ebeeb8eda0c2824659a3615cdba4c6bc5e7d13e7ddf259ce55caad5fd0093a416392a

Download Submit
/data/user/0/com.gezlife.qianrenzhang/app_bugly/sys_log_1718268464203163.txt
Filesize
71B

MD5
66fd8fc16027ad55473d3eaa5eb323e0

SHA1
029b40a72cee2c822e50b162abe8b98643f214af

SHA256
da8eb8a5500c71335d59c53cf35cd82f63d2ba45de7b862db3d72b96fef1b0a3

SHA512
e34afd9ebf5190ab5a408b87448201e8cc87007ceaae776c45318bac21228ae23c51eef0c565c2c629bdef953b039ffa3d4f11aabe4ee9790da9c085b3faa4a3

Download Submit
/data/user/0/com.gezlife.qianrenzhang/app_bugly/tomb_1718268464660.txt
Filesize
1KB

MD5
5cc9ed443aa658221a5151d0aa9be3af

SHA1
8ddbfc3ecf0a82d7693ad232d9b860c02a81c003

SHA256
53294cd6e666f765cf636f2212b3ff9a43587159d9fe3a2c74210f433db9882d

SHA512
a83ef1026c2aee5cd468b9e9a371ed519c9d6a40a29c102c183e39db37ac88b86ded6b1723c5722d880e57a55c53d9d27fd2b681a019fce58aa5972ef69cfd13

Download Submit
/data/user/0/com.gezlife.qianrenzhang/databases/bugly_db_legu
Filesize
60KB

MD5
b3ab84778b8e610f7c6094a5620688db

SHA1
54a91c2fc273e765fedd86b11d594d1264748e28

SHA256
229cda5700d6099a8884b4120dc8987fed2b790e9642c22dd277e66d57eacc9c

SHA512
8594080aeda88d6519fbfcc8acc83e79944b11eb232b67d2aa5fb712e7d277f87752d9ee5d680d2158e97e0a8bdb72102cdd10d28dd050300ca5e499c9a07fba

Download Submit
/data/user/0/com.gezlife.qianrenzhang/databases/bugly_db_legu-journal
Filesize
12KB

MD5
dd325cfce4900e041d82fd1208882ce5

SHA1
21014531601e336c7e5737b8fd222815a43a76f9

SHA256
64ec2f55cbe539b372fe3379f815fffb4861e4ec752fac885399ecbb1b58b92c

SHA512
fc8f56540f2d1a92967db3ab42140cc7c5a678d8c76ba5ae4f805e44e3972714558612396abcb6b06f78e1675c32da12f198886572764a614376e1ea7cc86081

Download Submit
/data/user/0/com.gezlife.qianrenzhang/databases/bugly_db_legu-journal
Filesize
512B

MD5
95d00cbf1d1a728993287e23cd75faa4

SHA1
415174df4da9e62a34ba06548434d5fd54502ae3

SHA256
9a099e78687c667774c401fd11ba0e1569732585e41866c28c930e1a7772dfe6

SHA512
da494e42c8fed2f447dac340ec4b78e62cf4e3a2c4782a9377a24238c96872664026020f68c69d37687e4e8323355af5dd49b48177cd3cc24560dd22846e75be

Download Submit
/data/user/0/com.gezlife.qianrenzhang/databases/bugly_db_legu-journal
Filesize
8KB

MD5
1f24c93e2ca55106a61abbd034185449

SHA1
03a370009c02a5b219ca2c2d20d642710d13d88e

SHA256
32c5d649b0bd1d307a3a95ac3115d2280664dfbffe910a79e68a97c25729c2b9

SHA512
a1405acaddee066bb0f72ab7e79454bcef1b05949290f9f591c4aa603a096041f5956db698adb1328a388ef7459b9c7c79602aed310176cfc4cba08ae1a7cc1d

Download Submit
/data/user/0/com.gezlife.qianrenzhang/databases/bugly_db_legu-journal
Filesize
8KB

MD5
782343582fc3dc49e74fc6d884568b0e

SHA1
9eddc30bbf5f23a3827a1bb56321c3fdf2c7b307

SHA256
03d635b71d4ffa40b68032b61cbb5068b99373f1e893e4249b9e051d5b7e8af1

SHA512
ed05035ce5049e8714bd4adc68e540cb56ec9bb2c7159211a09d6d5a14298dbe3e0cb350d805e678f841d5874fa6f28ec6b8a516c0e02e4320201aa3572b1e57

Download Submit
/data/user/0/com.gezlife.qianrenzhang/databases/bugly_db_legu-journal
Filesize
8KB

MD5
067e97535c21ce1ce0e1ef1052344a93

SHA1
be9e256eedd6b8a97e803f043d05b437d9924707

SHA256
0a7c1e3da69f80aa7cb8bfb9b6c9028f226accfb6de5bfabc1cd8d0fc5a3fc76

SHA512
d205a8b720e0ae95768f877a8f5af57497808348a6dc55e9cefe49a668dc81eaade749d4f96cd403d26ad43ee290c0f7299aaa19b122679a088e059eebdba66d

Download Submit
/data/user/0/com.gezlife.qianrenzhang/databases/bugly_db_legu-journal
Filesize
12KB

MD5
09d6cec3e98d6e5975b06aaa742d06b5

SHA1
88a234634cea7647a52b11670251e32c40bed21f

SHA256
9f59b78c378a79036a65f12606a7ffd36c77b39c86ef3322f6e15dc22e563cdc

SHA512
376fbb636fb3aad4188ec20a02432ffcbf239641c1b8c73c1213301a821b3f98b554f38cf98e60d158a1301215d6d2eadbc7d61d6fe28b8b8a72cd6c83e26a50

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads