Analysis
-
max time kernel
14s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
14-06-2024 07:49
Static task
static1
Behavioral task
behavioral1
Sample
a89989c1ffda36014a4a4136590f5fac_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
General
-
Target
a89989c1ffda36014a4a4136590f5fac_JaffaCakes118.apk
-
Size
13.6MB
-
MD5
a89989c1ffda36014a4a4136590f5fac
-
SHA1
a1f8e5665d0b1793d5ff5295d9faaf1dc0175aac
-
SHA256
fea7dbb975b5ece13f83c93fb50f87c1aa0fe843d095a134fb4b46876804c3ba
-
SHA512
1b5ec458e13505b95d3e36a9a06a922bd84011f728628b32528c51d100297258efa6e0256e9d11ac65f675ea2452181ae9369fbdd9d4ccc1c443d5917050c88e
-
SSDEEP
196608:/6QD73pxz1UsVMG0aFhm+Mqe2KDbPT2arvrbWMKN4GjDVmCqscvVRn1PJMmdOUdx:/6QDT/13RF8r5bigDbWD4GPcv1JEVOJ
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.unlimit.ulreaderdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.unlimit.ulreader -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.unlimit.ulreaderdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.unlimit.ulreader -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.unlimit.ulreaderdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.unlimit.ulreader -
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
Processes:
com.unlimit.ulreaderdescription ioc process Framework API call android.hardware.SensorManager.registerListener com.unlimit.ulreader -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.unlimit.ulreaderdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.unlimit.ulreader -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.unlimit.ulreaderdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.unlimit.ulreader -
Checks CPU information 2 TTPs 1 IoCs
Processes
-
com.unlimit.ulreader1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Listens for changes in the sensor environment (might be used to detect emulation)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.unlimit.ulreader/app_tbs/share/core_infoFilesize
49B
MD5dc35dd6609ddfd6696457c4a96a42f45
SHA1076187bc19635bb4b65a084c134f0c0e2c0e268e
SHA25613486676484f5be65fc2d213a86d89cbedce0032e1fe091d3770ec9a71661a5e
SHA512b548c41b488ca97737f4e924b4c3c15a71d0277a1e1a9bf9891d8945d50544628f97ffa8aed5fcb84a54fe9d78838acc9b9adcbe4749a573ca8cb707d529dfc8
-
/data/data/com.unlimit.ulreader/databases/E-ZINEFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.unlimit.ulreader/databases/E-ZINE-journalFilesize
512B
MD5b0f94e29ee15a579398df2afaaa5ab20
SHA172a2e5e390bd5ce50c425a0333cf9ec884de9c2e
SHA25655282e5548062e930b2e3254b4848ebac2f66472a29c090f1e221643a3ff6b1a
SHA512e528567c4866d0d951855c8c1bdebc2d769c31ade0fbbd11ff711cec0eab1a0547c858f8b0f14e5bf0a7685326419c6f06ca90f402ded89da66a6c0e462650f1
-
/data/data/com.unlimit.ulreader/databases/E-ZINE-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.unlimit.ulreader/databases/E-ZINE-walFilesize
104KB
MD54ef9731ec5095a681466d850e54dc105
SHA1f842d30959ffb7a15f6bdbf5ded04b7617faa5b7
SHA256ccd45a1cdb508380d5b3a6352033219c771aca70cac0e456605afc1ff233e93f
SHA5122a763e08dfc09d3a1d986914a07075d8285008aaadf990f4d30fce4d1ea364ed0163c19b48b15a74e25b2a2569e40aaac9f9f596a5b8807058efe88313824e3c
-
/data/data/com.unlimit.ulreader/databases/userSessionInfoDB-journalFilesize
512B
MD5cb73b5b127bdfcd48d75ed888e85f9da
SHA13e9deef9549d1a970ca591b4620c0fd423f359c6
SHA256b146afbc3a935c2e7d5e73c7402607f6382bbf6944a10cb8f747e3f19ecfc069
SHA512a9546e803772f707375c0d612c630bb18da64c9a9fe6379dbdb961ad001eb8bd6e1fe06a7caab8a043aa8f4098cafb32755ab881ed149b3d268235ee17df1e5d
-
/data/data/com.unlimit.ulreader/databases/userSessionInfoDB-walFilesize
144KB
MD5c4ecb7a17631f3e4751e0a887e238f48
SHA19cd33210c3bb54e0f9548a7d3f217245a3e558cf
SHA256982761b79bfd9ae184dbf651c693fabed41f33df43378600322fe6a8b174ee2e
SHA512de52b30bc50cf302098862f1f9b4a317132e08a0e95fea5d801b939c516542d930268eacc6ae8f472bfc5e7432939e2107fc5d9f24bd764bcf7ac922c69f408b
-
/data/data/com.unlimit.ulreader/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE4MzUxNDAxMDIyFilesize
1KB
MD5c12099d11275ffa5d71dbffce52349ea
SHA126be40b31f07917b2971702a1d04952ee0193114
SHA25650ba8c555bd9d4c676031ac27c26dc08122fd93594e001eb97ee7a2996c5b729
SHA51282f139063906b93deef22d630341d75a54760f71486c7fabb280f22aaed4462e137b4b0ece1b426e57edb5b362a2462ae7b9fde69739812672f986ef37273659
-
/data/data/com.unlimit.ulreader/files/umeng_it.cacheFilesize
415B
MD5570ebf53c6ce7bdbe13553a52a1e31ba
SHA1b3e0821b1da804432c9569c83e58166d6c0517ea
SHA2566771be253ffd717ee1162239be4331625a547e989409195a2b22dccfbe1557b2
SHA5128dcb202fc390a2784d801e2b4043a4aa9f1c651f5bdfa00d98d6e0a26dddfd0902ccdb6a86ac7fb28e254d195bd9d3867ac397efd162779bb4ef52a604ebb61d
-
/data/data/com.unlimit.ulreader/files/umexecption.jsonFilesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
/storage/emulated/0/.tIdConf/.init_34.cfgFilesize
244B
MD51100e841d23aef96b20e63add23633b3
SHA1a8436079d61854f21de3dc072f4c87df8a20dc03
SHA256cde42bd4fd0767d532fa30c193cfca5e7c6c6eeafd2c0b530057ae1391f2f57a
SHA512aa43fc2c923818d9eadb056c03bd50a1b80616471929dbd16f5f7aa4b820a108fbbc38e5392dd5d311b2417562ebf895e9ee3e873d3a43275c47de8b88bc53ac
-
/storage/emulated/0/Android/data/com.unlimit.ulreader/files/tbslog/tbslog.txtFilesize
8KB
MD5c17a55a345db817ba45b88ab42245b24
SHA195164438e0bf11e0a44d68d7ecce626047d6ddf6
SHA256f94ee9bec337821579fe0f39379d92d47ddc1a26094766adf374ebadf622904a
SHA512db539a49e8f7f12f0a7e7ed8cbb9a2f9328437ef378cfd3096765879d38c3ffb099ee0ce3e7d5ec66ede1356c011b7592d8b0d007e4c389c14987022f4697a79