606936c290c675dcf56730307002d8d4fcf5d9914f616a1bfccb5d5b82636e12

Analysis

max time kernel
103s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
09-07-2024 17:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3161c69c344bb7475d720d3194f1a867_JaffaCakes118.apk
Size

5.6MB
MD5

3161c69c344bb7475d720d3194f1a867
SHA1

1a0576cdf06409f7dce3eb8fc30b8c2d3cb56b04
SHA256

606936c290c675dcf56730307002d8d4fcf5d9914f616a1bfccb5d5b82636e12
SHA512

fe07e22ca795f9a55f9cb347c13143c241d4f96c55e919fccfaba3ca0ba6cad51506661878b64a2bcb09eb7b24dc14767f6930d92797316455fbb5b638a63563
SSDEEP

98304:3dZFUMZ4BE8wCaA30tumaqpspOgmDktBOESV6P/RGupq3TCb1hC/3tVbU6bf:/FUMZ4O8w8kfWA0HFSVgRRpq3TCbzuX3

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 TTPs 1 IoCs

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.product.device	com.shoujizhaopshipinhuifu.yi

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.shoujizhaopshipinhuifu.yi

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.shoujizhaopshipinhuifu.yi

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.shoujizhaopshipinhuifu.yi

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.shoujizhaopshipinhuifu.yi

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.shoujizhaopshipinhuifu.yi

com.shoujizhaopshipinhuifu.yi
1⤵
- Checks Android system properties for emulator presence.
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4216

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.shoujizhaopshipinhuifu.yi/app_AdServer/AdServer_asset.apk

Filesize
1.1MB

MD5
73c2ac27961b9db4274ca13a178c0fa2

SHA1
3d1b1a8f6c9bc63fc88068c71e98bbe70797d03e

SHA256
751012d560a3c16a6f377f403ea12b9c6805a279d84c08210f9a5543c5bef42e

SHA512
591bf3bd1316189616aed273c5bdcb49ed1c46fc7bdf6ee1db9ce11b317dbfda5477989cc3ceafaa2e02dc6555afa1ac4ba872ea27d9a8ae9b5a9ac3abadcef8

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/cc/cc.db-journal

Filesize
512B

MD5
4153a69695f8c45adc627e2f67f0b757

SHA1
3ad6b612816e1bd2e1b0a03295aa0dcb672ee9bf

SHA256
da9e7bc5dd7527507a3e3966678b190c08c45197cee5eafcffa9bc0cf8d54717

SHA512
a09979b4ff44895b7f3012179b62a7803efa5d5f92815d65e9c637cc6d9b92c0909742e43a32f1617698ed1a3f2d43696544092789b2f1db82c5fe8c08778045

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/cc/cc.db-wal

Filesize
48KB

MD5
48c6ebe78ce954ec843d2cc8fe381bf1

SHA1
02e63d9c9d1382884372649253313687c6230eb4

SHA256
43074c5ae50094a98e27ed086e00f662051ef38f32ce4efcc59cd8a6c8dde597

SHA512
e73b1b573bf498e5c04e8f4c78ba6dde71cb91288bf402d9bb6da554f843c80b64163d8fde7902619fa2be9aaf5a4a3e1a76270c771d3dcc2f6669ad54a4e84b

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
253a3e89fe371bb80233f84ca8752da6

SHA1
dbbcb2705315af4d30f97f6fabd96f83d7264e8e

SHA256
1e93224aa7525fbef5e21546c800ce20a51336c7f6ab1464efc8305e54c398ef

SHA512
120f6355c0527145c227db36fffa09897cd9225d589061f61774c86e21d093a459e58ef76ea19bdd451f0f02d2f5c4a4ae2c974a194f4fc03af8a3e00248cfa6

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a19c3b8d390bd229074d2072f53ca588

SHA1
4a955def9799ef56a4ae565e613b568d227f979a

SHA256
0df62a2c23457553ca2d7417eb5fa9df65e639cade2db8c7f4d83d4b727c9499

SHA512
4524e081eb6d563ae5ed6b1b9e70bfce3a96cd410d341ccbbb5f7dfa93e25fd80d9f3d7176df2d32b6542131f47fb3ce529809054238ff01877af350ca02e172

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
fce75496ad84f3485f17b255a3cd3565

SHA1
6fcaa6a28389e25f5d3d7b298f930dc2f80434ac

SHA256
760ef92d3009dd38b8cd8dda6be9481ba15775511ab03672895ca07a500aae02

SHA512
cb315e503f2ba7982077e6ee7d4ce4069708adf59d6e4003ddc8ef58f0aaf3e12df0349f87957fd4a27af6590f838cdc7ecb54b918293c032dbbf5f5bf861948

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
922a30060f7d64883479e9afaed786a5

SHA1
1f8d3017d7fe29f0c85332ffebb96165f516a93a

SHA256
19edec7f020801635a5c56f464d5d6e41398b894e898ccaa4d3c778745fc293b

SHA512
21b015bb87ea483d4fd99463cad402cb6ce35eeed7ab717b276042f6cffac861c6325af92315d1c2384b2dee40ec496db616a5a6242d71a7a502219b2a95ca88

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
b632a4f71f94e4cfa76e250e0d354448

SHA1
dfb6ba08b0ed0595ad22a238e8d0292be7547eaa

SHA256
5afb406d88a9a5a11dcf1bc865884e33bd11c82eaef061154a894b3ba2cf32f3

SHA512
aca377fc55bf92a63c8c8a41dabda120c7e4ae16179c644975bab070024dd8fe2ddede0582a8bbeac93616921c4e4d9b41e2540582898f80ee7734fd541f851f

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/ua.db

Filesize
32KB

MD5
74bb2c058533c234beec866fae8d89cf

SHA1
545cb9ab463ef32f2c3ece9df40eafdd88cb92ec

SHA256
a4d58c3caceba5539c4d9b813b398d192327627ee6975b2b28298ae2b70f6249

SHA512
4ca8e5602535fd65ebc4613a490d464a14ae64a97009357787dd82a815f6a2787e6088a7722e9e1bbc73dab6aa83d500076b674b775411cdba75fda73ce4eaff

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/ua.db-journal

Filesize
512B

MD5
52aad47d9f13f1e998da08b2a341de92

SHA1
a44e74becee689079274273a2c75c3daa0933e46

SHA256
df6aeaf75b62d5cd6fbd0179579b3b764fe38cb9b91b27b1fa285bb714f04f09

SHA512
0922123d237b30f1f661898513f0c86ba70b71df752cf30cde5c0e7453984e5c3064aaa143c8df46cfdd102790cd1841e7a9af11168f59a3549efcdcd8be089a

Download Submit
/data/data/com.shoujizhaopshipinhuifu.yi/databases/ua.db-wal

Filesize
56KB

MD5
1c527488feaf62e932d333a62efc41fc

SHA1
1641ad95404810ddc372fe7363ef206f1c46c5b1

SHA256
5fa44cb12430ede9c7bb1b5d005be96f90c35497bd4a57b0b09c7dcf7f1d92b0

SHA512
6d2549dfb7082b00e79408bc3ab2c34370aad12831063477112957ad6c440349978794107f7c77f413398fdbd5a3bcb158ddc9169ef1825d6ae331e1c6220540

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads