Analysis

  • max time kernel
    179s
  • max time network
    186s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    16-06-2024 19:54

General

  • Target

    b4eb44e6ec16420e24ddc4dc06f07700_JaffaCakes118.apk

  • Size

    16.3MB

  • MD5

    b4eb44e6ec16420e24ddc4dc06f07700

  • SHA1

    a248723c3414b59698d5c0fc409ac11bf2c4b234

  • SHA256

    d48013a9f5f6a9adaf1fa79c4d28e2ab112200b9a76d9fbc3a265aef7c95d83f

  • SHA512

    e2878ae31034fd70caebf7f6180dc0823c133bfc1e0fe9d1bb46ebbad1239f14aebe9458294fcf764aa2c94f664bacaf860e90e033df7b887a12fb2ec7c820cc

  • SSDEEP

    393216:csoa+g7xXvosE7kIo+twYbfU56202NIG8Q47KDnPHPRJ:cs+KXvoDkIo+twpplNZ47WHP7

Malware Config

Signatures

Processes

  • com.kangxun360.member
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4318
    • sh -c ls /dev/socket
      2⤵
        PID:4393
      • ls /dev/socket
        2⤵
          PID:4393

      Network

      MITRE ATT&CK Mobile v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.kangxun360.member/databases/rep.db

        Filesize

        4KB

        MD5

        f2b4b0190b9f384ca885f0c8c9b14700

        SHA1

        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

        SHA256

        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

        SHA512

        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      • /data/data/com.kangxun360.member/databases/rep.db-journal

        Filesize

        512B

        MD5

        dcdb0a6572dd380e4e95d8c477afb7d6

        SHA1

        2d7198640375faf890f50f24cbe8b299dd280ebc

        SHA256

        3313870e76e191e7476cb6664ae4324f06c4e00c5d5256ff91f184835c2aaae2

        SHA512

        502f0127a447ea64d2b26491a13316ac9a2d749f0871a71c8d423762f4c065d092c6551fd16acc9bd1a7876b04bf7d429af41baa57bc4a0f9e5857ebd862b6ee

      • /data/data/com.kangxun360.member/databases/rep.db-shm

        Filesize

        32KB

        MD5

        bb7df04e1b0a2570657527a7e108ae23

        SHA1

        5188431849b4613152fd7bdba6a3ff0a4fd6424b

        SHA256

        c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

        SHA512

        768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

      • /data/data/com.kangxun360.member/databases/rep.db-wal

        Filesize

        36KB

        MD5

        2f989c275c699dc54ac25742b506277e

        SHA1

        6758e1724ed57656b163ed1efade3ee3709bb4a3

        SHA256

        644131d222a56dc423b2833803d8302599024327fe9944f625258318298bbbc1

        SHA512

        1d7835d2918097118e3219eece15a10484f8fdeae0e467fdb564e790d4671a585de21052f8fe5fd6675aff11ce04dd1ec699ab845896dd8f9d9be875feb213a8

      • /data/data/com.kangxun360.member/databases/sharesdk.db-journal

        Filesize

        512B

        MD5

        8a817ff5b4faa2bc6661588210f00f15

        SHA1

        416fb9bba224f31c5688ca2cac5fbdf01e268f22

        SHA256

        c354760e5a1e114e39b354a681635bd995c62b3372e1a3a863f76c8ff8250f50

        SHA512

        cc73ff7e10915bf391a5ef83f8a45e0ec76e7792950ef7af93ebc4ff58ea79a4ec829424cf5a3f8b1ce7ffd8ea252f7a641dafe27abc315515c1fd2216497019

      • /data/data/com.kangxun360.member/databases/sharesdk.db-wal

        Filesize

        40KB

        MD5

        20553083418b476d0b39a0f8519b0b4b

        SHA1

        f82d2f1dc44db79ec50efd7bde35abb1b3247143

        SHA256

        54565d956205b57bd52a74a96f71d41ff9624438d25652915d1b20fb5c7ea2fa

        SHA512

        e39f284247496abe6aef464c4ba864d66ad6ad451bbebc570e6275a41e728cafb3696b8fc9efe427cf81f53790edcd1fb1d3a7dbb5004d782badbf444e92348d

      • /data/data/com.kangxun360.member/files/.um/um_cache_1718567765609.env

        Filesize

        580B

        MD5

        89460f06801c27a49674b4c011df61aa

        SHA1

        ea76989e27c87fef849f0da4a0182ec659328e5e

        SHA256

        9c6edee16931809b5cc583871b66867c46187e75cce082683f86df4ed33add55

        SHA512

        05272a446ab9e5a5e3c17ce7058dfbf75f7b998d0a7b387d1de03d0092406868edec829000fd4f454cd2b6f98e2f3fc0c2466bed66b32f971c3e6b6a380c73c7

      • /data/data/com.kangxun360.member/files/shuzilm.db

        Filesize

        133KB

        MD5

        3383f022372cba2aa59b749f148d02fb

        SHA1

        086ce0cb51083a7b02ff4b895e69cb3ce06e8792

        SHA256

        aec9578202732b5a08832922658f857e2acdd1c20cb2b630b59c82ebe6db68df

        SHA512

        b94a644fb65ba876ea872c44217304d618e773f3550707f74543c9fd3a00a2ed13698c0d7ba659ffda5a5039217fc96e3340daeed60ac4b4ee24e56a2d941253

      • /data/data/com.kangxun360.member/files/umeng_it.cache

        Filesize

        310B

        MD5

        f793ec1902bb53b419e39d690a521fc8

        SHA1

        1b56ac4026a59d4aebf59a68cef21eefb3b643c3

        SHA256

        652bf1034990774057e4e29fd696d418a369997ba9c210d386d36f5fcc91cc5f

        SHA512

        81e37d4472952cb2ab4379d6ddc012c6d6387d3e13dc64d71ddf32cc553394d3068fba661a67c7956e89f5fcdb8446bc3eb522378581efe0da914a737613bf46

      • /storage/emulated/0/Android/data/system/local/_system.dat

        Filesize

        48B

        MD5

        fd8c393e124a375a7fd42cbfea6ae9ce

        SHA1

        90b1278e57b992d57f1a36542a93a1394470b0ea

        SHA256

        115ccc07a620308d3640d53a5a6f06a7b8ed17a5374416d4ab2349ed219a73c8

        SHA512

        433a7e84a62123d6db15bf0291b9ccef58c205d24f39427c55081d42e267bb42084f8238fb3d2537c470dec05eb6a436cb9d927c44dcfb7b10876f916d170957

      • /storage/emulated/0/ShareSDK/.ba

        Filesize

        401B

        MD5

        4fcb9ea2c889c44747de7775f42feb1b

        SHA1

        fc15343199db7e8adc1cd2397e68d514269c9edd

        SHA256

        5559cfdddc3f5dfb99066279fb46d6fae984aaa5beacd7372d7d826fbd73af58

        SHA512

        955965985d1a75be87a89d3ba6c213c455002873ae52ff58e9400871bc620bf213c5d75ff0f41ac1ea44ea2f9e6af7b46fb48933fa6bfe8fe6219025a9006af4

      • /storage/emulated/0/ShareSDK/.ba

        Filesize

        500B

        MD5

        e6529bca8bf395f5861c5edacb2b6db7

        SHA1

        62d0adfa43a4c25b52d2567eb519d03361362345

        SHA256

        5af936c8928b1c22d201bf861d2ac57c9bd2525e9aacb9f18433fe203e7470d9

        SHA512

        37b719c98d578b97895404b5707cfda37b86c2ff7c49e3c64d98ebf82059f61573e6dfa0ca83e3846eafcdc0e8098894564b7cd71c01bdce8dc280a4e8900237

      • /storage/emulated/0/ShareSDK/.dk

        Filesize

        107B

        MD5

        c9383021bd97affc44be4db7018c4d7b

        SHA1

        7e680409d1c86e35149bebc22f2cf8c484f0d23e

        SHA256

        b7b7e032170e3190a84359e5c37adede1d58b6bf4c455ef0c01f73335709bb65

        SHA512

        7303f068da97319891e2d25c1c737035f1cfdc365d75d954102b612000e54d7e2b5dfafe10bdf909563e2b46ec3ff9e546423bff6f0aa9496880eab1c1c36a81

      • /storage/emulated/0/kangxun360/db/kangxun27.db

        Filesize

        2.3MB

        MD5

        e4787c80e67da0da94b736448c709c0a

        SHA1

        f91cb0a9d89d95bb4bcb29e7f277208b0363b59a

        SHA256

        19d02631edf05989268df902272a2079abe3d8451db63d001d1c0ab3385fcefa

        SHA512

        552ebbda25b994edd84ddde030715f0d723c0999b5496b8624df5f8d29b3260244ac45084cc626ac6565f04fa4a9f62cabbcb50969730360e47c57500eef5385