134f4629a97a49b63a9a1383a1361b681e4aa384240dc9330fc9daa4bb78bc13

Analysis

max time kernel
9s
max time network
157s
platform
android_x64
resource
android-x64-20240611.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
submitted
14-06-2024 01:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a780c2eda875aa56730a31593639e935_JaffaCakes118.apk
Size

23.1MB
MD5

a780c2eda875aa56730a31593639e935
SHA1

699546f2eea51c4a8fabb8f5ef187b038b72a966
SHA256

134f4629a97a49b63a9a1383a1361b681e4aa384240dc9330fc9daa4bb78bc13
SHA512

aab4a7dfbac9aac2593a2e68f082f86d38334af25e7ee498d0cf5e34ef840a67b33f31b68f020f20de130431ab87c10a08778a2a97c0c7fca1193a6b4bf196a2
SSDEEP

393216:YHLFdVwZo42A2vK7G/wyBCwSAgtMqqsAhaeG9cBjgFjP33OB9vou+noxl0+frdew:YrZwF2A2i7G/xB6trjAweccB4KOu+KiW

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs
evasion

T1426

Processes:

cn.fast.fast4ward

ioc process

/system/app/Superuser.apk cn.fast.fast4ward
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

cn.fast.fast4ward

ioc pid process

/data/data/cn.fast.fast4ward/mix.dex 5033 cn.fast.fast4ward
/data/data/cn.fast.fast4ward/mix.dex 5033 cn.fast.fast4ward
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

cn.fast.fast4ward

description ioc process

Framework service call android.app.IActivityManager.registerReceiver cn.fast.fast4ward
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

cn.fast.fast4ward

description ioc process

File opened for read /proc/meminfo cn.fast.fast4ward

ioc	process
/system/app/Superuser.apk	cn.fast.fast4ward

ioc	pid	process
/data/data/cn.fast.fast4ward/mix.dex	5033	cn.fast.fast4ward
/data/data/cn.fast.fast4ward/mix.dex	5033	cn.fast.fast4ward

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	cn.fast.fast4ward

description	ioc	process
File opened for read	/proc/meminfo	cn.fast.fast4ward

cn.fast.fast4ward
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5033

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cn.fast.fast4ward/app_bugly/rqd_record.eup
Filesize
356B

MD5
dcda7f8ceb4f60ce6458c5e4defdffab

SHA1
cd9a49c4fdfc0f6408c92b892ce349c102d08004

SHA256
19da27e5e676383ffef5f1269dd8ec736f1cf22f1fdebbbe8b73e692723c55dd

SHA512
5b91d853eb82ed801306462218209fa723d9f61bc261d9fd5cda7f4b2cf7364fa3ba6967a4bcc343795d09c89eba6b149df16f3751be0b67547a3a36fd81c8a4

Download Submit
/data/data/cn.fast.fast4ward/app_bugly/rqd_record.eup
Filesize
1KB

MD5
2fdfe05081041895d756ff6265262de4

SHA1
d8522a0f34272e2a525d3ceaa4d83fe8c9f4a2c0

SHA256
768e71022e9fcf218abb5547d6043f8776d1cae13e538afabc43fff29909bc2f

SHA512
8c60537d6accf7b65dbbc3eb89b3aaa14fc46a385e498cbc3cd41705cb71477407c81b30bf4d48ce38d2a291996df68778860faa0298618c99948631624689cf

Download Submit
/data/data/cn.fast.fast4ward/app_bugly/tomb_1718328041133.txt
Filesize
19KB

MD5
6bb81935072bf7a2488e6be28277949e

SHA1
0180f22cfc0850ac4b4478306c7c9e27305429cf

SHA256
17f047fa9e6d822953e90736b9f5b7dc8832132325991852dc6e497035f48635

SHA512
b296b2e77c62d63cb0ba8d96050b2fbe939d4a2864d5b80d4cc3b07420e2688f673e4bcf6fa2c572c050cb7b8abcc38810eed619d8393f623cdd22150d07df7b

Download Submit
/data/data/cn.fast.fast4ward/databases/bugly_db_legu
Filesize
60KB

MD5
0e5f70fd0d8fa903209c4dd236b4fbe3

SHA1
87fdb33666f73f604f3b6c9766a05f6d7779ce73

SHA256
b65a827b5b4570c805d46627500628da0fff7a84d998763001a8f5a2e4bcbe46

SHA512
1549929b7cc8d0af9366e29c31c6b84689a16dcf57676f235aee47738e99a9c1daa8a6e8fd2253fe41591e4988b9362d41cf806615dbffcef766ede8c5428754

Download Submit
/data/data/cn.fast.fast4ward/databases/bugly_db_legu-journal
Filesize
12KB

MD5
9a61bddff910eb609e29aa6e4f938aac

SHA1
4388ff2fd76b9562eb530928b72f3c9aed53e929

SHA256
20eea424b5a85d3f2ef48562ef679f745c8ee147dd099fba877f89d98a70c57e

SHA512
2b7a0044a827251c45d5e74025ebf94f173cc9914f08cf509c44931bcabf7bad82c4ae5289b2a9cdf042fc6baac9945a93a396c12fbdbb39bda7ceea62c14a00

Download Submit
/data/data/cn.fast.fast4ward/databases/bugly_db_legu-journal
Filesize
512B

MD5
af366c7a18373cc35603d9a371f7298f

SHA1
ab27818fa119f32eb1f42dddb9650736d91aefbd

SHA256
dd0489e20d3c267a11fa36d28fe261851a8ea5cec4857ddee4fa0be43e49a3b1

SHA512
b03990eaddbbd284cfb4592fad7869237e08186c1d714db01a696a564bb229b4cfb3b731174278eb5aefac101344d6224f445a52a217821c89a8c6f650649ade

Download Submit
/data/data/cn.fast.fast4ward/databases/bugly_db_legu-journal
Filesize
8KB

MD5
87e08d55c7d7eb5dacd184fc2a04a7de

SHA1
694c2081ce997a51f99c0e1bc249c281e1bdf9ae

SHA256
48ee0da80b5ad3bf2e21615a8ff9e888f4bbcf8d2c999b7d2e25e467d06e068b

SHA512
1bfceb9a780679017ddb4b58538c09263c35b8715945aaa3cf13c22401aaa32841a367829b69cb5f58d9f67b0fed2aa20cec37c707cbcf9fd1146d41b1a93528

Download Submit
/data/data/cn.fast.fast4ward/databases/bugly_db_legu-journal
Filesize
8KB

MD5
6d2816cc1858217e9cd275900e811e53

SHA1
37416c9618c91d5996c6b738acb6320aa5b5ca4e

SHA256
4e969ce732c90c8005b76d7cc8167fb775926d246bd8b4f7c8b92bede5de77a2

SHA512
4bc1c146b9c71da3a4d3f257d20803199033a80ce005de756038dd86fc38b6dc95de7f83a9c0460e4816c7cbb80d93fb8dac2155967d30c41b9ff8a806400001

Download Submit
/data/data/cn.fast.fast4ward/databases/bugly_db_legu-journal
Filesize
8KB

MD5
a8c1e009fa392963938c26076aa85eb5

SHA1
639b7517a6b1d0b4d1ee764fe65b4ec2852fa096

SHA256
8542d11d64362c0590c377d11d0b839cbd6f69a69c369f3b55e16b0493f608aa

SHA512
3e4b733a2de511e5833ac0438459a352df5f1bbee5bb22589c54e0d3bfabd16ea6dbfa9839c21aad9f6665b31140f1cdea6313a29ab414adc631571196b0c906

Download Submit
/data/data/cn.fast.fast4ward/databases/bugly_db_legu-journal
Filesize
12KB

MD5
1ac51b6b76aab8a87307012197da222d

SHA1
e81855e2b0802213d5de0d6310b2e13e59ba31ae

SHA256
8b245d888c92f62fc9de4dabe638e7260d55a53caa2cf916502ea60349e85352

SHA512
8ef7b7fcadd1517d0353fcfa3383cf5b408b19ca44e7a98062cc713728bcc7525138db91e2ac1cb3dd03a7de719c69e22f5bf17395858b8b9f58cbda34f26c77

Download Submit
/data/data/cn.fast.fast4ward/mix.dex
Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads