9894cd0caa7018914265133f22df23a423396671600838931e53001fdf11fafb

Analysis

max time kernel
176s
max time network
184s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
13-06-2024 10:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a50de3093d97769c41115dbea0241aef_JaffaCakes118.apk
Size

4.8MB
MD5

a50de3093d97769c41115dbea0241aef
SHA1

58109b6a4f94d82898e2e338fb46b85d48ce393a
SHA256

9894cd0caa7018914265133f22df23a423396671600838931e53001fdf11fafb
SHA512

c532e37976dbc02ff40fb00fde1a0347098904f332bf6faa14f448f1b625afce40cbd74527f21a88ff0c3080761e9e32385f5bbdcf673e68f9664a389550c581
SSDEEP

98304:5hTKv1Nn8wEosnrtQD0vILOAEz3DwkHjpBfW+E6Bw8a0MYa:bKvYDnZQQvyOB3DLXfpS8awa

Score

7^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.jb.musiccd.android:pushservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.jb.musiccd.android:pushservice
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

Processes:

flow ioc

6 alog.umeng.com

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.jb.musiccd.android:pushservice

flow	ioc
6	alog.umeng.com

Queries information about active data network 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.jb.musiccd.androidcom.jb.musiccd.android:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jb.musiccd.android
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jb.musiccd.android:pushservice

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

com.jb.musiccd.androidcom.jb.musiccd.android:pushservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.jb.musiccd.android
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.jb.musiccd.android:pushservice

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.jb.musiccd.android:pushservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.jb.musiccd.android:pushservice
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.jb.musiccd.android

description ioc process

File opened for read /proc/cpuinfo com.jb.musiccd.android

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.jb.musiccd.android:pushservice

description	ioc	process
File opened for read	/proc/cpuinfo	com.jb.musiccd.android

com.jb.musiccd.android
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
PID:4236

com.jb.musiccd.android:pushservice
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jb.musiccd.android/databases/download.db-journal
Filesize
512B

MD5
01f5201fe392aefdd19dc92c1a0507bb

SHA1
a704e9d7f24a825315d4d20e0e9da315de07e302

SHA256
626ff8d3e84a991701207c39b1350c84a0fc40a75a4ae52e055edbeeafd1e24b

SHA512
701e3b4f1bd1fd736edf6a01c96ed040b260047bf0b03414b198aae8057f1d0d60a5429086dd088bcec7c48ae9624c7124a65be3ee18535f41d6015ed968bf60

Download Submit
/data/data/com.jb.musiccd.android/databases/download.db-wal
Filesize
32KB

MD5
296c395407022e5ea4ed735809f1bea7

SHA1
226c93b6b77aef422589fa0b6efb624fdfac93dc

SHA256
94b794d50649fe3beb528616dcb567fef8bfecfe6a926e0ae2295c9921f7343c

SHA512
e628719a568e92847a39baf090cbf4d6266d120b5dc415d3ee852241d82a67d873b23cb04db3e2b6e2d77656d300bb25cab553ae378c4c9f89d0f29d355229c8

Download Submit
/data/data/com.jb.musiccd.android/databases/gxdbapp.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.jb.musiccd.android/databases/gxdbapp.db-journal
Filesize
512B

MD5
f63eb1c8d582a736d3c1aa2b110d7f50

SHA1
434ffc91c4eb6691e55374ed8be701fe72083c19

SHA256
165d3917705cf79a3dd70fafae9f886e52cc37c3bceedcc91d444f1dff55a2f0

SHA512
a6a42202bde44681527c7b3de1c3014c11555f9f942f7fd68e20c0d08bec7df0f38d2a5a390e2569e58bfe86f4a52434ea9e48ca86f444d34db09fd345a82031

Download Submit
/data/data/com.jb.musiccd.android/databases/gxdbapp.db-wal
Filesize
76KB

MD5
353e2be59cf92bf84594dc7db1a2170f

SHA1
0e59e5c3a777e868233e7019d63efc411730b852

SHA256
1c38e04731f4ea29094d227ece7654884574c974f6d802a6efc6926bbf82157b

SHA512
d06d5927163765783096541fa1ab53552c4d973870328b021c9a5332fdab6927412d6ec54205a78911f88ba69d433edcbdedd200147c3e4cf20e687c216c6ca3

Download Submit
/data/data/com.jb.musiccd.android/databases/gxsdkdb.db
Filesize
32KB

MD5
2b6ed71bbac8c1f7eb104d85bd7d05ce

SHA1
ba20ef849e8bfece06e8e51aecb8a49e2e767eeb

SHA256
c80532bbaf984fc3051c3c1c51131ea7bc40a2d471181cfcc7949ec03b1a9f1b

SHA512
1318755faf81c62bcfe3a42c0ca75f2281d770561c50e891b13af88e6466bbb3685a2b1c259c226cce826828bb5c49d2044c72f7226b8af326828f79ad974af0

Download Submit
/data/data/com.jb.musiccd.android/databases/gxsdkdb.db
Filesize
32KB

MD5
5f4cd862fa43e47b554c473dff647124

SHA1
a994d21bb852c3c64e5f102f4ebb67b0df6e14df

SHA256
fee386cdc1d18e3240e031610a43da10a710252c49f9ee961aa892641df66a57

SHA512
aba50123c5a382dfc2876543e4a86abed3ca56adef8bbfcbce4da868b7c778f238628985364677b06c92b67ecc645d25940015f2b335fba38decacbe98b8c243

Download Submit
/data/data/com.jb.musiccd.android/databases/gxsdkdb.db
Filesize
16KB

MD5
2d9eb2aa0b38ed317e62bcd25314861b

SHA1
b25086ad7da1de1de24640d72e9f1614017687db

SHA256
305e952653535c2626e951d14d9212e4fcf4eafafe1b937c8d6c36bc1c7b8829

SHA512
9f54c7279ae23a05c3a0e4bed74bf2bd0292932b20e39a905d56f3bac8a8de805ecd7ce6faebef10de96e083b39077219b32f82b6e5637a6a7d2b89edc4e9b13

Download Submit
/data/data/com.jb.musiccd.android/databases/gxsdkdb.db-journal
Filesize
512B

MD5
5f8dee490660831cdee2e44909b90b7f

SHA1
59e52c6618a7dd2073a853364069229417ccd9f8

SHA256
a374215f5604f8ebe07196e6933deeb618c23161aff7fc15c2d6f6c8e9e36088

SHA512
9760bd90f09cabff8f04135c875a15bb13aedf62fafdd63afa71d81775f6ef56e1256278481f95372451d36bc55e1d2ba7de2e2b9aaa7ecbcbadfd47e7a4fc34

Download Submit
/data/data/com.jb.musiccd.android/databases/gxsdkdb.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.jb.musiccd.android/databases/gxsdkdb.db-wal
Filesize
4KB

MD5
f3f3de8b5e63fd234acc0c2c04ec2d4d

SHA1
712abce940fe261d7e2d34ffd6bebcd521e93665

SHA256
17ee63610e566bc1e83c5778fef153a12683e5d323a248d70a9872b4ab0d5c02

SHA512
d3bd8d3adf59c0e583faaa1b10a18aac5b067e368f2d4ad4bd24df32aed22223cbb6fc0b9b411e0764e98f15b5eefc06e4ba0b374d5d99dd543a4fdd737a977b

Download Submit
/data/data/com.jb.musiccd.android/databases/gxsdkdb.db-wal
Filesize
72KB

MD5
b0e0bab35a823b1c4d7b6dccae3e1c78

SHA1
f8cd1e239b5815987ca1f0a7b6097f122ff8fd5b

SHA256
86156f9e1de19103efd2dbabf1d4f3bc5c0e4cecbde3d7e439732bfb070c0d59

SHA512
a59efe320e62d825aa38281730dc183da194d088a0eb497a799a7435b113c9c0c38bbb841d264d28093fd5d7493bc5604f0ff91f06dd4c318723b8fddd74f48d

Download Submit
/data/data/com.jb.musiccd.android/databases/gxsdkdb.db-wal
Filesize
8KB

MD5
ec9fa0b41ee85efd1416dde5ff0679a9

SHA1
63450a410cb69f0dfe04f6e27c0cb4ce134c33d1

SHA256
c9b3b71c9c03107f3751ef246af7821b0f116f7eac8647f84b80165b6db04a0e

SHA512
176e9b0da439472531c802a22d5ee0566987e608734ad8d2c4d7126780e3fac4c018725d4e6acaba1551e0211958d34c8840ba14a38073c05f78024bb9ed2f6a

Download Submit