Analysis
-
max time kernel
69s -
max time network
186s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
14-06-2024 10:04
Static task
static1
Behavioral task
behavioral1
Sample
a91b5bfbc13dd12a1ebe449bd2c3e044_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a91b5bfbc13dd12a1ebe449bd2c3e044_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral3
Sample
gdtadv2.apk
Resource
android-x86-arm-20240611.1-en
General
-
Target
a91b5bfbc13dd12a1ebe449bd2c3e044_JaffaCakes118.apk
-
Size
9.7MB
-
MD5
a91b5bfbc13dd12a1ebe449bd2c3e044
-
SHA1
6865696ae5ac54fe7b7e354c47ebbaecd1a8799a
-
SHA256
d09e419eaf126355af50685f1b892add4e1a553204600134d12a1461269bff93
-
SHA512
df09eb8b27096edab26ff857b562da1b0c478e6a9975d82b4180015bdaef67958de9649ffabf4b20eedcfb5a47149fec2a3254f7d1f7f76cc19216020a806546
-
SSDEEP
196608:oPrfphsmd6aUh4u80mAXfFOgR4sg9o3LKeSfnIl0pF1XxGiLsr589nEQB2:oD/sO6aE8NAXRcML7sImpbxGx9gh2
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.huabian.androidcom.huabian.android:pushserviceioc process /system/bin/su com.huabian.android /system/bin/su com.huabian.android:pushservice -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.huabian.android:pushservicecom.huabian.androiddescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.huabian.android:pushservice Framework service call android.app.IActivityManager.getRunningAppProcesses com.huabian.android -
Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
Processes:
com.huabian.androidcom.huabian.android:pushservicedescription ioc process Framework service call android.net.wifi.IWifiManager.getScanResults com.huabian.android Framework service call android.net.wifi.IWifiManager.getScanResults com.huabian.android:pushservice -
Requests cell location 2 TTPs 3 IoCs
Uses Android APIs to to get current cell location.
Processes:
com.huabian.androidcom.huabian.android:pushservicedescription ioc process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.huabian.android Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.huabian.android:pushservice Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo com.huabian.android:pushservice -
Queries information about active data network 1 TTPs 2 IoCs
Processes:
com.huabian.androidcom.huabian.android:pushservicedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.huabian.android Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.huabian.android:pushservice -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.huabian.androidcom.huabian.android:pushservicedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.huabian.android Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.huabian.android:pushservice -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.huabian.android:pushservicedescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.huabian.android:pushservice -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes:
com.huabian.androidcom.huabian.android:pushservicedescription ioc process Framework API call javax.crypto.Cipher.doFinal com.huabian.android Framework API call javax.crypto.Cipher.doFinal com.huabian.android:pushservice -
Checks CPU information 2 TTPs 2 IoCs
-
Checks memory information 2 TTPs 2 IoCs
Processes
-
com.huabian.android1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
-
com.huabian.android:pushservice1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.huabian.android/app_crashrecord/1004Filesize
8KB
MD52d6b7ea1ba5b57c5cf090b08470a16ba
SHA160118ba8903fab50ea2fc5b9fa4caeac7b36c091
SHA2564587d210b0f3e6299c109c593d03f03fb81b0d2e02d2ba6da87c07b2f7426113
SHA512f1ac2e35aed402b5f0ff9518090a5677545d86884bf712bfec7c02b559176a53d40cba4d446c14fca79de09b972f7ab6932ea14e17841ff78c0f2c79efede8ed
-
/data/user/0/com.huabian.android/app_crashrecord/1004Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
/data/user/0/com.huabian.android/cache/VAdNetSdk/reqQueue/-5998622401067643521Filesize
7KB
MD55bfbf50d55120d05de587b70de35d00f
SHA12bc9f28ee625a5d6443057d1eb6b51c8c0bdc16c
SHA2562316eb891cce195fb5ab9f4a9c2e8b801bfd9baf28d8a031b4aa1974fa6db951
SHA512121144c53559198e6af1b777ec4a69281c3607efe52bf412e65f5794fc83edbb84289ea3f094729aa073b9a2e2ea2a3e94ed6cb1806529bd42bac01b65adbd66
-
/data/user/0/com.huabian.android/cache/VAdNetSdk/reqQueue/1021689741840853517Filesize
1KB
MD5d577435a1df554291c99b5cc453a58d0
SHA1e41cf5263c5dfb3fe8c73c11fe26ea07bd588bfb
SHA256ae5c9b9f8af8a76c174a4cd7b67ec8f97e3289fe8b5ff226da4055ae9f888f89
SHA512ddc92cc3f67ee867959fa6c3401b17f8670e2751139fd438f20cb1b34bcd9a226a2d436dce5d2fa5634a6ea9e170d7a684df12b1bd119da1034e488012174775
-
/data/user/0/com.huabian.android/databases/bugly_db_Filesize
52KB
MD5e72f535b9b46104562001e99328d3383
SHA13de1afbc2523217e1de8f34b46552d1110290a3b
SHA256520b06be3966385062e2c2aeefa70d4d6e16709ad1a3b1189cf672b9035d1526
SHA512c022053d10e3713f2ae61ed2ffcf4832cd233dff0eb4b90da2d58d9d6e411ae2084b072b2c5f2b06b4d37e57bf821be655695e9b0aab718de7c27a12ea5eef3b
-
/data/user/0/com.huabian.android/databases/bugly_db_-journalFilesize
8KB
MD5dd69200f89aac0bad39a94023b9bd8b5
SHA1baf7519ec1d4de704716d4612db723d3af40af3a
SHA256559c8875aae332530efbe5e12574cf21b7bee1e3284df1840687ccf1aee90182
SHA51241717bc1c14cd75803f5287ed0120c6d4980657b838066a1073114375ed619f6cdceda270bcf2cdd444d5ba3103add755a57170bcd9c9ff84151bdea1be2f320
-
/data/user/0/com.huabian.android/databases/bugly_db_-journalFilesize
8KB
MD53ce3717e15fb34c8d1c7bbbb7d9a8532
SHA1d3156bbdb0e03cc783ef075beb501691765a17ab
SHA2562e46f5c27c49fbe8f1e68937e156c23eb8ab73119ea92da23db8a44b44d65ad3
SHA51244113074b45cab74315f592af8c1bc90b497d66f0ec94cbbefcfd681388e885849650d32ef2c90f123c8753106888d00bfca1846dcf6567ec67365d2e4528666
-
/data/user/0/com.huabian.android/databases/bugly_db_-journalFilesize
8KB
MD53dede1eb080baf00f2bda0fc2e6d4717
SHA16f9d6ea7d05329bc16d06cc600a5df9a16b018c6
SHA256f4d708ac1ccf62916b0feb17463aecec43a209f3e6ec8d0389fe40750b919d32
SHA51249f54a84ccd1101d4823bc36c7b65e042cd98e959325bbaa891b2b5ede38c8e22df70884f355263420ca52f31e2406c4b023e67d07b2e90502e7f18f6e69508c
-
/data/user/0/com.huabian.android/databases/bugly_db_-journalFilesize
8KB
MD56b06118eb050ed629d2e1da857a297d2
SHA1dd4e9daa3287506f915c1249c285436d7c5298e1
SHA2567316af8ff5f8131b2c8f83d874754c8b2d98902f716803f3363a0fbca66e6a68
SHA5126edc9924fef82eb9797e0d8bdcab245684ab01f79b3723e8531e5c80f3a658e4b312c84fdd5ae7a616b19f00eda41d3ba834b1f38b0b586d1d3f2d1a95349372
-
/data/user/0/com.huabian.android/databases/downloader.dbFilesize
20KB
MD58073cb088785fcf134424799ce72ac12
SHA1e3deb07b744dfb5a99698ca5ed03c8e05526b165
SHA256a7be103c90c92406031d05f84705415db2a8d081362af527ce8012ad0706b35f
SHA5129236f9dfb37159f15a393be1fcf73d0ed2ca920e93fa0e5323c2ab854f3f5d23ac813d684100a5376eab2b35b663d608f29e6299c715a9928c9c4f392e12b5f8
-
/data/user/0/com.huabian.android/databases/downloader.db-journalFilesize
8KB
MD5e6cbbd3fb6d9c1a61434cc49ac856542
SHA14803aea50a15d1ceca77c1867f33b1f779d6fc39
SHA2563e01cbff09abbda4d79b65bbb8c9dffdf1b32b2bcb45bab211d94a92ac0ad180
SHA5127fc3881d05e089babb8dad44deecfbae556fa809587a3e0d79558beed53ce66345e261289e91fe63327dda66db34efc70f60c22af0250b82e7e1a859844633ee
-
/data/user/0/com.huabian.android/databases/downloader.db-journalFilesize
8KB
MD5cc6b381750f57aeabd288e6057e49d89
SHA1e674224cb1afbce0082963a685cd6afc3dc22e0e
SHA256977de9727c94fd3244fa248b298d2f396745d5f0acaa5009740fffed6df76a94
SHA512f1b8e7950e9bd328bb66cb7743c18970c4f439eb2fc1685db78f0eb6273160877a89b14387f1d64898f79a48ff67e69d15ae9b27930653bf0e68c6898da08f32
-
/data/user/0/com.huabian.android/databases/downloader.db-journalFilesize
8KB
MD5f8bf2cf94b82af36499f1d5fbff94cb2
SHA1709be26b11c33373e89239c983ea7890383a3c9c
SHA256c85bcd504608d76b4b73ba8138606f94664eddbe9651c0c745dd3d00413b61ef
SHA51268a317ef6fc86f7981e48562442c70be5fcf7933b6b69b880220c1e87be07a3443dbcd9167a1428548a71d5714b856375b2391ae23863cd5e5843abc99d99774
-
/data/user/0/com.huabian.android/databases/huabian.dbFilesize
88KB
MD564136f1363e918d941e5e0af0db5d259
SHA13eb91555c5ae436ccb67a97e8226f9be33135c74
SHA25609632676bead1cb5ec689e10a01995687de557cbad56d8823d75a93d55598202
SHA5125875b78d3cf75ac39303be97f81a973ac12004562de42cb33a1a54445f9a190654c0f1d75fa7ca894ec0ae160631b5671dab8fe4506f8cf6bcc8614197dc8e2e
-
/data/user/0/com.huabian.android/databases/huabian.db-journalFilesize
512B
MD58270dad4a133782c03e50533d1dd9938
SHA1db7a257d9175b7b09c2c5d46d8a2f165dabda430
SHA256f517b6a8356c070651b30594a463a0f2aceb7b21ee78139e2db63b039c50ed6c
SHA51257c6b2c259a24fc1ee64756bad0c95040997f6c6b342b69ad4494cf763c7949f3d5486e004f8a1e0829f75f04da06a94d324d906652916c4e401e1eabace7187
-
/data/user/0/com.huabian.android/databases/huabian.db-journalFilesize
8KB
MD57977a0317642ff30aea04a3843bba59b
SHA1c460c3a660ac9c44919c80c494034db67ab56b44
SHA256c43af95c55c2f5c29e6bfaed94ff14108ddf815f554ead87e83b21e4ba628f66
SHA51217d340db292d906147c508b48b0b1c2975587d77481834806bcbfb4100405936207110fb241dc0c9600a7873d6eef20d4b8243104ce1815995aee0d7b0c7ea3e
-
/data/user/0/com.huabian.android/databases/huabian.db-journalFilesize
48KB
MD5f1d5c4e3e361a281a88accf6929c864c
SHA17fdc15d25958658183187596d9e5caf3cc7aad8e
SHA256df5c8f00a8afdab4956a5cff9effdff9dcf712494d284aceec8ac4b74088794f
SHA512edc27a50f6ec4e3c3093bb27168e8ac7d1dedae8d2aae71a32004c84cfc7d9dfef40afe09b762fe7d9bd2da7e53360dd859f5cbe537f5c65d2a3c9eff2cf0ea8
-
/data/user/0/com.huabian.android/files/TDAntiCheating_Switch_ValueFilesize
1B
MD555a54008ad1ba589aa210d2629c1df41
SHA1bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA2564bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA5127b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339
-
/data/user/0/com.huabian.android/files/TDCloud_Control_Cache_Param1Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database0SaaS/1718359482436_4610Filesize
2KB
MD5c84cc641fc230a3e97b14d7fcad726fc
SHA1c8e3acdd9a1965ac75ff11a32d7560f8989839f2
SHA2561277814bfc9f9fe7308a2ec8800616b2c5f4c57c33e9cde7aaa9d9e8055f7e53
SHA512840d37cc8d0f57f1102751f09e2f472d2a07328562b25ee322cbbf67d8572d0fa2e68db37460ae784c34a299d951f6cb83561f396cd519772f52583fa54c4e68
-
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482251_4610Filesize
2KB
MD57efe12b16619b587d61ad25a64987cdb
SHA10d243d8c35b89080d3bf096466d5eb8635b1576a
SHA2568fe1cbaeae6c5cf93e38a5640257a8e11a728705a6f208b4ecc46c7dae7f5df9
SHA512dedf6caa86a57219cc3c1d299122a6369617349da1f6c7a7e2ed4c62894c222210bf01559aea6eb2cff2b7d4d4856ed0f8496e67018ae8d1bdd9ff9ca301bbe0
-
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482346_4610Filesize
2KB
MD530625f345d3e26ed4bcafb2bce794b74
SHA162abdff57ff68b56c66ad0fdb3795ab8a1e84266
SHA256337be77df271e995f2f7226374bfe2b16adb42f0d87f5d812b62214596f0a76e
SHA5120c2d6cae9d5b8982eea7502446f27db86a9450e402e09ff7ff25c36624ee584a3dec756ad6f85d95c7cd6fb0b922bacd232527abcc2b1caaf5f7fc5247701c87
-
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482557_4610Filesize
3KB
MD54da818ecda8dd6030cb9342cfb6e66ac
SHA1e623cacd451b37baccdc4a8fee452957ebdf75ed
SHA256b39d04ef346f3706334541ac3cb0437abf96b76e5db60973117bbd097e904de0
SHA5121693afb6a9245614952cc460a506a021c96fc27757b3e00c3fce2bd965980119ba481407f4dc49410c7be4ccaf0803adfcdd53f0385c24b7bc2e9fe7aac37778
-
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359482875_4610Filesize
2KB
MD5be5921a14e52f8da0d65febbf2aef6df
SHA10b33ad98ce74c38239c1116a86a3788b9d02df28
SHA25619bb440648d1b51b006f07ccacb3e6bfe39ec12761a44be0125d618430d297db
SHA512e5983e1b7db13785258efd2a4f5f380ca9e2b353cdb01290bc5fbf315f5977fd670035b6cbf5173b4ac001b41062dbad62788f3de952a9c38a0cf494e15310b3
-
/data/user/0/com.huabian.android/files/__database_reborn_January_one__/td_database2SaaS/1718359535678_4610Filesize
4KB
MD5c86df955d265a8c7794acbed5345b16b
SHA16db3055281d9ca519ea160689f2352330ba17e1f
SHA25650dcef6b9b58992d54cb5b039d8a072f685f4488b06ab3ea728703343373741b
SHA5122ec0ef238e77968eff873436b6593b94f12cc71f3f5e3ec8b3568f09bda0befd25cee07ed616b220d1fdbad512d69752074383b8de68c084e089c0f4fea5be14
-
/storage/emulated/0/.tcookieidFilesize
512B
MD5900811ce1164d3c7b2d2ace2c227a20a
SHA162daaff612061c8adbac7083493d36b7a806a1d0
SHA2560ef67e258506182066ca328d4360e42bf014fc7746d53d04fd57ebcd6585df0e
SHA512c6bd3e0466fcc9a30bba55a10761c4b29fadcaeef7b3f1c380ad35f34ac01cb2eeba01509e1026c6f5121f255b2067a3ecda0e5e18386a320526252ade35efd1
-
/storage/emulated/0/libs/com.huabian.android.binFilesize
55B
MD503500f89713926c852c87399595e8bec
SHA1f8da4abebbdaa183b3e09c6e354aef0185c45583
SHA2561cb97f169bfde2fa47827fbcfab60a8cbd7828e633a060e5445f2799559a8e7e
SHA51242bdd02e05f1e449825641fade33af65f7b7fa99443b2bf2e3e5927bef80acf96113208379243e98bcd7cc11ec1de893585be2034264027be8aa3eb18983ca2d