Analysis

  • max time kernel
    69s
  • max time network
    186s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    14-06-2024 10:04

General

  • Target

    a91b5bfbc13dd12a1ebe449bd2c3e044_JaffaCakes118.apk

  • Size

    9.7MB

  • MD5

    a91b5bfbc13dd12a1ebe449bd2c3e044

  • SHA1

    6865696ae5ac54fe7b7e354c47ebbaecd1a8799a

  • SHA256

    d09e419eaf126355af50685f1b892add4e1a553204600134d12a1461269bff93

  • SHA512

    df09eb8b27096edab26ff857b562da1b0c478e6a9975d82b4180015bdaef67958de9649ffabf4b20eedcfb5a47149fec2a3254f7d1f7f76cc19216020a806546

  • SSDEEP

    196608:oPrfphsmd6aUh4u80mAXfFOgR4sg9o3LKeSfnIl0pF1XxGiLsr589nEQB2:oD/sO6aE8NAXRcML7sImpbxGx9gh2

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

  • Requests cell location 2 TTPs 3 IoCs

    Uses Android APIs to to get current cell location.

  • Queries information about active data network 1 TTPs 2 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
  • Checks CPU information 2 TTPs 2 IoCs
  • Checks memory information 2 TTPs 2 IoCs

Processes

  • com.huabian.android
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4465
  • com.huabian.android:pushservice
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4610

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.huabian.android/app_crashrecord/1004
    Filesize

    8KB

    MD5

    2d6b7ea1ba5b57c5cf090b08470a16ba

    SHA1

    60118ba8903fab50ea2fc5b9fa4caeac7b36c091

    SHA256

    4587d210b0f3e6299c109c593d03f03fb81b0d2e02d2ba6da87c07b2f7426113

    SHA512

    f1ac2e35aed402b5f0ff9518090a5677545d86884bf712bfec7c02b559176a53d40cba4d446c14fca79de09b972f7ab6932ea14e17841ff78c0f2c79efede8ed

  • /data/user/0/com.huabian.android/app_crashrecord/1004
    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

  • /data/user/0/com.huabian.android/cache/VAdNetSdk/reqQueue/-5998622401067643521
    Filesize

    7KB

    MD5

    5bfbf50d55120d05de587b70de35d00f

    SHA1

    2bc9f28ee625a5d6443057d1eb6b51c8c0bdc16c

    SHA256

    2316eb891cce195fb5ab9f4a9c2e8b801bfd9baf28d8a031b4aa1974fa6db951

    SHA512

    121144c53559198e6af1b777ec4a69281c3607efe52bf412e65f5794fc83edbb84289ea3f094729aa073b9a2e2ea2a3e94ed6cb1806529bd42bac01b65adbd66

  • /data/user/0/com.huabian.android/cache/VAdNetSdk/reqQueue/1021689741840853517
    Filesize

    1KB

    MD5

    d577435a1df554291c99b5cc453a58d0

    SHA1

    e41cf5263c5dfb3fe8c73c11fe26ea07bd588bfb

    SHA256

    ae5c9b9f8af8a76c174a4cd7b67ec8f97e3289fe8b5ff226da4055ae9f888f89

    SHA512

    ddc92cc3f67ee867959fa6c3401b17f8670e2751139fd438f20cb1b34bcd9a226a2d436dce5d2fa5634a6ea9e170d7a684df12b1bd119da1034e488012174775

  • /data/user/0/com.huabian.android/databases/bugly_db_
    Filesize

    52KB

    MD5

    e72f535b9b46104562001e99328d3383

    SHA1

    3de1afbc2523217e1de8f34b46552d1110290a3b

    SHA256

    520b06be3966385062e2c2aeefa70d4d6e16709ad1a3b1189cf672b9035d1526

    SHA512

    c022053d10e3713f2ae61ed2ffcf4832cd233dff0eb4b90da2d58d9d6e411ae2084b072b2c5f2b06b4d37e57bf821be655695e9b0aab718de7c27a12ea5eef3b

  • /data/user/0/com.huabian.android/databases/bugly_db_-journal
    Filesize

    8KB

    MD5

    dd69200f89aac0bad39a94023b9bd8b5

    SHA1

    baf7519ec1d4de704716d4612db723d3af40af3a

    SHA256

    559c8875aae332530efbe5e12574cf21b7bee1e3284df1840687ccf1aee90182

    SHA512

    41717bc1c14cd75803f5287ed0120c6d4980657b838066a1073114375ed619f6cdceda270bcf2cdd444d5ba3103add755a57170bcd9c9ff84151bdea1be2f320

  • /data/user/0/com.huabian.android/databases/bugly_db_-journal
    Filesize

    8KB

    MD5

    3ce3717e15fb34c8d1c7bbbb7d9a8532

    SHA1

    d3156bbdb0e03cc783ef075beb501691765a17ab

    SHA256

    2e46f5c27c49fbe8f1e68937e156c23eb8ab73119ea92da23db8a44b44d65ad3

    SHA512

    44113074b45cab74315f592af8c1bc90b497d66f0ec94cbbefcfd681388e885849650d32ef2c90f123c8753106888d00bfca1846dcf6567ec67365d2e4528666

  • /data/user/0/com.huabian.android/databases/bugly_db_-journal
    Filesize

    8KB

    MD5

    3dede1eb080baf00f2bda0fc2e6d4717

    SHA1

    6f9d6ea7d05329bc16d06cc600a5df9a16b018c6

    SHA256

    f4d708ac1ccf62916b0feb17463aecec43a209f3e6ec8d0389fe40750b919d32

    SHA512

    49f54a84ccd1101d4823bc36c7b65e042cd98e959325bbaa891b2b5ede38c8e22df70884f355263420ca52f31e2406c4b023e67d07b2e90502e7f18f6e69508c

  • /data/user/0/com.huabian.android/databases/bugly_db_-journal
    Filesize

    8KB

    MD5

    6b06118eb050ed629d2e1da857a297d2

    SHA1

    dd4e9daa3287506f915c1249c285436d7c5298e1

    SHA256

    7316af8ff5f8131b2c8f83d874754c8b2d98902f716803f3363a0fbca66e6a68

    SHA512

    6edc9924fef82eb9797e0d8bdcab245684ab01f79b3723e8531e5c80f3a658e4b312c84fdd5ae7a616b19f00eda41d3ba834b1f38b0b586d1d3f2d1a95349372

  • /data/user/0/com.huabian.android/databases/downloader.db
    Filesize

    20KB

    MD5

    8073cb088785fcf134424799ce72ac12

    SHA1

    e3deb07b744dfb5a99698ca5ed03c8e05526b165

    SHA256

    a7be103c90c92406031d05f84705415db2a8d081362af527ce8012ad0706b35f

    SHA512

    9236f9dfb37159f15a393be1fcf73d0ed2ca920e93fa0e5323c2ab854f3f5d23ac813d684100a5376eab2b35b663d608f29e6299c715a9928c9c4f392e12b5f8

  • /data/user/0/com.huabian.android/databases/downloader.db-journal
    Filesize

    8KB

    MD5

    e6cbbd3fb6d9c1a61434cc49ac856542

    SHA1

    4803aea50a15d1ceca77c1867f33b1f779d6fc39

    SHA256

    3e01cbff09abbda4d79b65bbb8c9dffdf1b32b2bcb45bab211d94a92ac0ad180

    SHA512

    7fc3881d05e089babb8dad44deecfbae556fa809587a3e0d79558beed53ce66345e261289e91fe63327dda66db34efc70f60c22af0250b82e7e1a859844633ee

  • /data/user/0/com.huabian.android/databases/downloader.db-journal
    Filesize

    8KB

    MD5

    cc6b381750f57aeabd288e6057e49d89

    SHA1

    e674224cb1afbce0082963a685cd6afc3dc22e0e

    SHA256

    977de9727c94fd3244fa248b298d2f396745d5f0acaa5009740fffed6df76a94

    SHA512

    f1b8e7950e9bd328bb66cb7743c18970c4f439eb2fc1685db78f0eb6273160877a89b14387f1d64898f79a48ff67e69d15ae9b27930653bf0e68c6898da08f32

  • /data/user/0/com.huabian.android/databases/downloader.db-journal
    Filesize

    8KB

    MD5

    f8bf2cf94b82af36499f1d5fbff94cb2

    SHA1

    709be26b11c33373e89239c983ea7890383a3c9c

    SHA256

    c85bcd504608d76b4b73ba8138606f94664eddbe9651c0c745dd3d00413b61ef

    SHA512

    68a317ef6fc86f7981e48562442c70be5fcf7933b6b69b880220c1e87be07a3443dbcd9167a1428548a71d5714b856375b2391ae23863cd5e5843abc99d99774

  • /data/user/0/com.huabian.android/databases/huabian.db
    Filesize

    88KB

    MD5

    64136f1363e918d941e5e0af0db5d259

    SHA1

    3eb91555c5ae436ccb67a97e8226f9be33135c74

    SHA256

    09632676bead1cb5ec689e10a01995687de557cbad56d8823d75a93d55598202

    SHA512

    5875b78d3cf75ac39303be97f81a973ac12004562de42cb33a1a54445f9a190654c0f1d75fa7ca894ec0ae160631b5671dab8fe4506f8cf6bcc8614197dc8e2e

  • /data/user/0/com.huabian.android/databases/huabian.db-journal
    Filesize

    512B

    MD5

    8270dad4a133782c03e50533d1dd9938

    SHA1

    db7a257d9175b7b09c2c5d46d8a2f165dabda430

    SHA256

    f517b6a8356c070651b30594a463a0f2aceb7b21ee78139e2db63b039c50ed6c

    SHA512

    57c6b2c259a24fc1ee64756bad0c95040997f6c6b342b69ad4494cf763c7949f3d5486e004f8a1e0829f75f04da06a94d324d906652916c4e401e1eabace7187

  • /data/user/0/com.huabian.android/databases/huabian.db-journal
    Filesize

    8KB

    MD5

    7977a0317642ff30aea04a3843bba59b

    SHA1

    c460c3a660ac9c44919c80c494034db67ab56b44

    SHA256

    c43af95c55c2f5c29e6bfaed94ff14108ddf815f554ead87e83b21e4ba628f66

    SHA512

    17d340db292d906147c508b48b0b1c2975587d77481834806bcbfb4100405936207110fb241dc0c9600a7873d6eef20d4b8243104ce1815995aee0d7b0c7ea3e

  • /data/user/0/com.huabian.android/databases/huabian.db-journal
    Filesize

    48KB

    MD5

    f1d5c4e3e361a281a88accf6929c864c

    SHA1

    7fdc15d25958658183187596d9e5caf3cc7aad8e

    SHA256

    df5c8f00a8afdab4956a5cff9effdff9dcf712494d284aceec8ac4b74088794f

    SHA512

    edc27a50f6ec4e3c3093bb27168e8ac7d1dedae8d2aae71a32004c84cfc7d9dfef40afe09b762fe7d9bd2da7e53360dd859f5cbe537f5c65d2a3c9eff2cf0ea8

  • /data/user/0/com.huabian.android/files/TDAntiCheating_Switch_Value
    Filesize

    1B

    MD5

    55a54008ad1ba589aa210d2629c1df41

    SHA1

    bf8b4530d8d246dd74ac53a13471bba17941dff7

    SHA256

    4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

    SHA512

    7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

  • /data/user/0/com.huabian.android/files/TDCloud_Control_Cache_Param1
    Filesize

    2B

    MD5

    99914b932bd37a50b983c5e7c90ae93b

    SHA1

    bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

    SHA256

    44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

    SHA512

    27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

  • /data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database0SaaS/1718359482436_4610
    Filesize

    2KB

    MD5

    c84cc641fc230a3e97b14d7fcad726fc

    SHA1

    c8e3acdd9a1965ac75ff11a32d7560f8989839f2

    SHA256

    1277814bfc9f9fe7308a2ec8800616b2c5f4c57c33e9cde7aaa9d9e8055f7e53

    SHA512

    840d37cc8d0f57f1102751f09e2f472d2a07328562b25ee322cbbf67d8572d0fa2e68db37460ae784c34a299d951f6cb83561f396cd519772f52583fa54c4e68

  • /data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482251_4610
    Filesize

    2KB

    MD5

    7efe12b16619b587d61ad25a64987cdb

    SHA1

    0d243d8c35b89080d3bf096466d5eb8635b1576a

    SHA256

    8fe1cbaeae6c5cf93e38a5640257a8e11a728705a6f208b4ecc46c7dae7f5df9

    SHA512

    dedf6caa86a57219cc3c1d299122a6369617349da1f6c7a7e2ed4c62894c222210bf01559aea6eb2cff2b7d4d4856ed0f8496e67018ae8d1bdd9ff9ca301bbe0

  • /data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482346_4610
    Filesize

    2KB

    MD5

    30625f345d3e26ed4bcafb2bce794b74

    SHA1

    62abdff57ff68b56c66ad0fdb3795ab8a1e84266

    SHA256

    337be77df271e995f2f7226374bfe2b16adb42f0d87f5d812b62214596f0a76e

    SHA512

    0c2d6cae9d5b8982eea7502446f27db86a9450e402e09ff7ff25c36624ee584a3dec756ad6f85d95c7cd6fb0b922bacd232527abcc2b1caaf5f7fc5247701c87

  • /data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482557_4610
    Filesize

    3KB

    MD5

    4da818ecda8dd6030cb9342cfb6e66ac

    SHA1

    e623cacd451b37baccdc4a8fee452957ebdf75ed

    SHA256

    b39d04ef346f3706334541ac3cb0437abf96b76e5db60973117bbd097e904de0

    SHA512

    1693afb6a9245614952cc460a506a021c96fc27757b3e00c3fce2bd965980119ba481407f4dc49410c7be4ccaf0803adfcdd53f0385c24b7bc2e9fe7aac37778

  • /data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482875_4610
    Filesize

    2KB

    MD5

    be5921a14e52f8da0d65febbf2aef6df

    SHA1

    0b33ad98ce74c38239c1116a86a3788b9d02df28

    SHA256

    19bb440648d1b51b006f07ccacb3e6bfe39ec12761a44be0125d618430d297db

    SHA512

    e5983e1b7db13785258efd2a4f5f380ca9e2b353cdb01290bc5fbf315f5977fd670035b6cbf5173b4ac001b41062dbad62788f3de952a9c38a0cf494e15310b3

  • /data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359535678_4610
    Filesize

    4KB

    MD5

    c86df955d265a8c7794acbed5345b16b

    SHA1

    6db3055281d9ca519ea160689f2352330ba17e1f

    SHA256

    50dcef6b9b58992d54cb5b039d8a072f685f4488b06ab3ea728703343373741b

    SHA512

    2ec0ef238e77968eff873436b6593b94f12cc71f3f5e3ec8b3568f09bda0befd25cee07ed616b220d1fdbad512d69752074383b8de68c084e089c0f4fea5be14

  • /storage/emulated/0/.tcookieid
    Filesize

    512B

    MD5

    900811ce1164d3c7b2d2ace2c227a20a

    SHA1

    62daaff612061c8adbac7083493d36b7a806a1d0

    SHA256

    0ef67e258506182066ca328d4360e42bf014fc7746d53d04fd57ebcd6585df0e

    SHA512

    c6bd3e0466fcc9a30bba55a10761c4b29fadcaeef7b3f1c380ad35f34ac01cb2eeba01509e1026c6f5121f255b2067a3ecda0e5e18386a320526252ade35efd1

  • /storage/emulated/0/libs/com.huabian.android.bin
    Filesize

    55B

    MD5

    03500f89713926c852c87399595e8bec

    SHA1

    f8da4abebbdaa183b3e09c6e354aef0185c45583

    SHA256

    1cb97f169bfde2fa47827fbcfab60a8cbd7828e633a060e5445f2799559a8e7e

    SHA512

    42bdd02e05f1e449825641fade33af65f7b7fa99443b2bf2e3e5927bef80acf96113208379243e98bcd7cc11ec1de893585be2034264027be8aa3eb18983ca2d