87353ecd1828a4c02e95352b3e3c75f18459bfd5c72b053ccb6f145ceeef69a8

Analysis

max time kernel
165s
max time network
184s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
11-07-2024 04:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

37ba40a8382570bfee63ac70d7c6b3ce_JaffaCakes118.apk
Size

9.1MB
MD5

37ba40a8382570bfee63ac70d7c6b3ce
SHA1

669d47db9e1550279bc312aa096dee8999dac036
SHA256

87353ecd1828a4c02e95352b3e3c75f18459bfd5c72b053ccb6f145ceeef69a8
SHA512

3b29e86a342f4b4d4845bcb57ff19a4b989b8ea2b3363fafaec0c142ee757e4f1bea5c0d8a9a9d10afe33e77152d279594474b9bb0b83db16da63634d7ea7516
SSDEEP

196608:dkFNTG3/p8RSI/7dyVMVE3IVPBWi8N26szgskUFLgi0NlmZPR4:dkTG3/p0S0kVMPPHB6sBbuNUPR4

Score

7^/10

banker collection credential_access discovery evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.browser2345/files/ixintui_plugin.jar	4491	com.browser2345
/data/user/0/com.browser2345/files/stat_plugin.jar	4491	com.browser2345
/data/user/0/com.browser2345/files/ixintui_plugin.jar	4680	com.browser2345:ixintui_service_v1
/data/user/0/com.browser2345/files/ixintui_plugin.jar	4862	com.browser2345:ixintui_service_v1

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.browser2345

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
36	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.browser2345

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.browser2345

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.browser2345

Checks memory information 2 TTPs 3 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.browser2345
File opened for read	/proc/meminfo	com.browser2345:ixintui_service_v1
File opened for read	/proc/meminfo	com.browser2345:ixintui_service_v1

com.browser2345
1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
- Checks memory information
PID:4491

com.browser2345:ixintui_service_v1
1⤵
- Loads dropped Dex/Jar
- Checks memory information
PID:4680

com.browser2345:ixintui_service_v1
1⤵
- Loads dropped Dex/Jar
- Checks memory information
PID:4862

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.browser2345/databases/DCBrowser_Data_db

Filesize
64KB

MD5
7929e50f6f2271bc828b0827b4966393

SHA1
368d90c5d4508325f35e160aa9835e7df7209800

SHA256
80de2124d83696e3be108bdb32f60c641a69e064ad3bfdd4f0cb1f6d13d48411

SHA512
711c95db9937b3c748c961bb748a5764305cb0c31a012eb90bfe6cd36f96724b1ad79c4d1a6dec739d7c614fcfd557561d90420249c79a402d42823a5d4f85e4

Download Submit
/data/user/0/com.browser2345/databases/DCBrowser_Data_db-journal

Filesize
512B

MD5
319591cef3c5e2c3fac9faf9d14609a8

SHA1
d347f8a0306e558eba4a6f2669329c1ba81cd6af

SHA256
4144f315080cd8de74e700a5ad68b5254e276447400ea94451c0e136e09458ca

SHA512
3a68f6fc279373995a2184fa10c87f872a8f3a00278d1509548634816f340d1980f5737b7d8b7a8b64074426272bde6dc242ea2054339b0b0e14bcb0bb401031

Download Submit
/data/user/0/com.browser2345/databases/DCBrowser_Data_db-journal

Filesize
8KB

MD5
469ea55e66f8467ec4edff3e46598a86

SHA1
ceae0a3f7d9bbf0a62858f3fdabf76ee400b4dc5

SHA256
b1804938d4d8073c377faec406e048fef500af569dc74b97a45efbf41e7d2605

SHA512
1f3e0d493ade0c862895790ce347eb1959cd88d5dd51f5070e706d5313953980ea9074f4961b188e667c1040296ebb32a048c5ef74837c44f21e85e22f4ec9fc

Download Submit
/data/user/0/com.browser2345/databases/DCBrowser_Data_db-journal

Filesize
8KB

MD5
f34b69ca403c2b76c4beab6c22f5807b

SHA1
51a074b7445a014e0131c77745a18d256ebbc9c3

SHA256
225dacf3beb39595ccb23751b7fd57c49d58fe3d2129b55f26b99a334ee0174c

SHA512
0259143ef277b56d9d235d029d9a2e02cbee26fe7c56720fc11f4056f768ece121ff65439a825949222281411af3a8594a0184155f7b1db447629fd516364eeb

Download Submit
/data/user/0/com.browser2345/databases/DCBrowser_Data_db-journal

Filesize
12KB

MD5
daa0d3843dc1db4fd40330522b73b4b5

SHA1
e284f1b5dad611d63bb2c2aae8d8b65b06a25044

SHA256
520865e8e4561c29e4731883e4ab393c4a2a122181a4eba68f26ec4e65ce8c85

SHA512
ea202b9fecf986b3ac9d486558d5eb3f21915ab5c186a7d7229c7938fd47163e8639d6531d6a637233b6e09bb4db6d2df15fe0dfb76cec1680ee6fe5e8b444e1

Download Submit
/data/user/0/com.browser2345/databases/com.ixintui.push.data

Filesize
28KB

MD5
0a7b7f2a8650d4a2c7c3a2264904a2d8

SHA1
f9a0ce4429c5491462f58b4ed6a6e89bef1b39a3

SHA256
7dd2782519631ed4c8b90a71ca4f3c283504ac8a21ad0dfdabbda52ab12d53c7

SHA512
1ba61bfdc9a68bf38224a26a08e3e53ab01bf1e3e75cd4fc5a4f48bb49f564eb131a87ea80f1aa470d81e2a68dc56e1a2e4e2cba98fc0cd87816b521c8eb9013

Download Submit
/data/user/0/com.browser2345/databases/com.ixintui.push.data-journal

Filesize
512B

MD5
da4afd3aa735826488fc583855cefe87

SHA1
d3f403c500bcc0b65af8e1b4ff0471b3e3f4bbe9

SHA256
639811e62de51656443c4668c30094241fd34566a98819cdadd3ba06a274c797

SHA512
ba7937468936800f26016341f87f7df543af171411bf50f4da9b10fbbbc55be9dd0b57a480e11b7e3c4dce1e37c7cb04f91c756a694a79a42b34ee733d910d97

Download Submit
/data/user/0/com.browser2345/databases/com.ixintui.push.data-journal

Filesize
8KB

MD5
1ca32b50d321f298ab13c609d91d5d41

SHA1
7ecdbaaf569723675b07fb0d39c412fe6ecf41c3

SHA256
94bc6ab103644fc7bc9239b7086de25587c9757c4d3e17144a7bc56138259ab5

SHA512
a2c0793a7b2c3e68adc647007dba36fd3e366c8805f28f2e6994008cf96a53e2e32f5502d3cb5dd5fd8a895ffdb662df5f6ff9c3a2d98510b4cadda6cc73854f

Download Submit
/data/user/0/com.browser2345/databases/com.ixintui.push.data-journal

Filesize
8KB

MD5
15ef240166ba8fcb9f89f8bdefd1701a

SHA1
b84c2a915b049cede0bbcbb70ce8e24cc6b90572

SHA256
fb09ede821b89943098f601bea19528b3df9c294b4c7b99f3d25fd6de3f188c4

SHA512
1c814a23a7a6762835858b1f98cdcd139dd70266aa976127abd26085e38b7274812f83bce96bc8629a045b60557afe7c7eb1d3fee9f8bf8583a3b03bb8dcb345

Download Submit
/data/user/0/com.browser2345/databases/com.ixintui.push.data-journal

Filesize
16KB

MD5
558932b81d12b750c1315d1f904f5fdc

SHA1
164682fc3469f44d4c69e98378a5d1eb22b24e98

SHA256
0e5999d5cc448025cf50f35424ed65144de5d14ef01d7d4fd85190ae5a3b737d

SHA512
abae87c737a429ec26d96de0aaf46a64431d5d834ee7f329d1ac601d6d1fa73bdd1f397b002226a9fb08d42d241792342f5918c88b2268e7b8ff545174fcb54e

Download Submit
/data/user/0/com.browser2345/databases/tj2345.db

Filesize
24KB

MD5
79d545758e779b1b84e19106326b2cf0

SHA1
848c10b5e7b9540927d9dba7a54e5e17072b8dca

SHA256
5d50c69ab8363eec8b8b16a8e41332989105fea4b20f42e2b61c533a7ea2f695

SHA512
ac77dae1e30801b23f715b511a23d672c30a9165877d23039fad9cffb1494249b9fba52b8ccc221e3a76007cb5a118bfeab4eb2fcfee2887f5c87d42300bc78e

Download Submit
/data/user/0/com.browser2345/databases/tj2345.db-journal

Filesize
512B

MD5
bbc4e6cd7342318652aebf91f6fc16e9

SHA1
c9b0a519cffb82628ee3d074c977e30d83386bbf

SHA256
928c43963f5b9ba46e8a4b5470903406c9039fcf6e9bcb0e58977aa899107354

SHA512
fb56fb1cd8aa2ba9d4968cbd9ac5994cd4acd2b2dd346b0a3e71a01dd03a754c5539285b9a6126266d146543410c5af163a9f56c05302bbbf86846a089bd0934

Download Submit
/data/user/0/com.browser2345/databases/tj2345.db-journal

Filesize
8KB

MD5
b9846add4c22380f856c37be1cc740b1

SHA1
921a0631659060d791672f8bbbe09e146c8ed152

SHA256
1e766b6f30a9469daa6f16e02a84e7415a154fcef413708a0953c3c655c3c08c

SHA512
b594cfd2113e0466def470470891eb342c3a703602c743b8de503143d9c63ca52aff3254b359f313d1fefc26e5a6919453d864c1053ffdef3e855b8539cbba09

Download Submit
/data/user/0/com.browser2345/databases/tj2345.db-journal

Filesize
8KB

MD5
a3660bbab64509b84108fe76bcb9e77f

SHA1
292e563d1fe0ab250baec7d06b3d1311a7048753

SHA256
2bd5df7c53dae8e033226d2894121cb32c5296b1162ebb00a4275223b9944969

SHA512
1b9e8968e81345d6dddb6b27df5ef3876fc3eea7dc8e4f28354a4e130890de2c7bf7a841b587a363385ad60be58f48b56ca0db2a1d70a5a44af05fd5614bd18c

Download Submit
/data/user/0/com.browser2345/files/.imprint

Filesize
868B

MD5
4b3e44e4c11a0232f65f174b4e00083a

SHA1
9750d9470c832fa89ca4f56620731574effef823

SHA256
8b377a396f9b0819d77faadcaf8cfbf699b66914b3e0437bc18dff266105c620

SHA512
6f1b1015cce1e65be3ed90c0b75d4ac11a6d542f2cf3ac7781ff05fc6fb427f7dfd9142adf2f37816b5f3e2378d524666e6830f96be13b3c13f36fba7725e7dc

Download Submit
/data/user/0/com.browser2345/files/ixintui_plugin.jar

Filesize
54KB

MD5
0fd5745abb8efd27d19339cb8bf74c31

SHA1
0514c079304f4ca950dca9c5071fc8f149a644f2

SHA256
fee09a01b0393e0ee0d4e344b798d990be0783be31b6d8829a6aa9329928a848

SHA512
598e6cd7ab9c7147cd532d3c491e3a7158068b7024a8293c9c99cb32e5d1dce0800e3f42b8914380156a0901973c9ced495aee3d9c628f674bc0b23472d2bb96

Download Submit
/data/user/0/com.browser2345/files/ixintui_plugin.jar

Filesize
119KB

MD5
3bcf8974e4cdf927afb37d9e62e8f5ae

SHA1
cb28d4153b06de6f278888be699a44217ace784d

SHA256
d47323aae8216609741ff960eae9649086451d4399c67fb813b6a2f6abb2f841

SHA512
83cbaaef1cee4d83d184e4766708239829d3c512864fecc9e9d75e7318d6bde45bdcde472d116c9effdb70d13967709fd4d7eaaf9b4a58dfc0ec923437498e04

Download Submit
/data/user/0/com.browser2345/files/libadblockextrules.txt

Filesize
3KB

MD5
a07fa5d48c91c227fad07a070a66dac0

SHA1
beea88158a2f3e2dd9c7837d0e70d0753055a662

SHA256
6ad9ab990efcfc872dd4c1f808f6672d23535251edc7a877b0e81c4598012986

SHA512
be54d306ab42726888871766b262b74e6fb07c338a56cd09f2cd0d30b4be15bad9d7e5f054b83c70bd389beb9ce6c1155354a622f5e64bcf77e75542f69cb165

Download Submit
/data/user/0/com.browser2345/files/libadblockrules.txt

Filesize
5KB

MD5
337016606298e1170754a6821085f2cd

SHA1
c8e54364f0d64a6ebd836054727b20634d9d2507

SHA256
49ddf51619cbb365ff3cc51c86171b371f69e1b580306b7029bc12704f858a65

SHA512
e6469c3c942b084bbad722094318470aa09172b45efb2966e342143708f5b33465db4b51d58bafa35660d88763b2ecebe4fc9bde2193c128d81b0afdd7f0f64d

Download Submit
/data/user/0/com.browser2345/files/libadwhitedomainrules.txt

Filesize
11B

MD5
3b57a48f05d2d29841b03f757b9d984c

SHA1
44ca5585b2a01816dd1500b294d237bc66c41fd8

SHA256
c52ae9b8849c139174a7492f6c04b07cbc7f78d82e8e7ca54020858eb9056a1b

SHA512
81626818967bd4961f59670dc59ee91c89d4ddd64f46c8169cd5d3fec6a44d1c9835bff22440136acb21dbaacd333333e9c0d1196be4a9113378d0cca2819a5b

Download Submit
/data/user/0/com.browser2345/files/mobclick_agent_sealed_com.browser2345

Filesize
525B

MD5
5adaf103a6a79b1f2c77ec05b5cd8085

SHA1
4bbf46a16765a553f750d338def96bfe1b3e8adb

SHA256
16fa2d84bda80b93f719c1ae9c602b2682edf2261718bd891f05cfa0674888a2

SHA512
ad32b946f5ff95b8b952fd4ed6e845800c702f173c27d315ea30b844d9df3c9f1bc83d87b9d3719eac1e118f9e96e3ea186400f2477d96b623b35f0f3eb22f46

Download Submit
/data/user/0/com.browser2345/files/oat/ixintui_plugin.jar.cur.prof

Filesize
277B

MD5
46f40ed79864c10c3f278b9480e7221a

SHA1
4b44f7878506e84762c29ea12de4d20379e44088

SHA256
0ae9d90858ddd62f313d6b1bc1cf7b3c9ae48b19adbcdcc54c4c250c5f11deac

SHA512
857705f9c2ac9fc7b886aa54b295722c07781f0a3c5b08dbaac65fdca7e78da672293d6fd422bf8bc508f943f45ba7127178d6b26a67c11a338ff7d623fc61b5

Download Submit
/data/user/0/com.browser2345/files/stat_plugin.jar

Filesize
11KB

MD5
6407165af23fa8b3ecf0d65664d316e0

SHA1
60a74d827d9b9d80344e9f8669dc520f6d1f5a1b

SHA256
66b2e6169631facc018b1ceb4c7b15b406abe2fcc0d04207ad185ea53304b4fa

SHA512
c06fc91bc9d9637c634d2e08e90295885c76a765444d0e552d33630c5f591870bc0a8b823d6e26394de131f610a0f72829e42999a4bb38f2894356a410be564e

Download Submit
/data/user/0/com.browser2345/files/stat_plugin.jar

Filesize
22KB

MD5
fbfd3d5c8dfdfb06f712bbc4db2645eb

SHA1
0bcaac6931feb1262c618c12040dd43ad13d0b61

SHA256
be9ad9cfad08657b6ebb1a4ed6ab1dc24d817cac644605bad6fa85b3ecbc8059

SHA512
07401ec8e2024ffce0d8264e9ba6abd061c3c16f33acbb3836b9523e0969ff1fc48f8d84621fa7d2f50390d2cab730d2a3467e8e90f2f60dc929e63ee2af8537

Download Submit
/data/user/0/com.browser2345/files/umeng_it.cache

Filesize
148B

MD5
23efa67d58c197773edf8c90b84e8c4b

SHA1
606ac50589b4b3b2a91202f5c5e5b13ba0c66062

SHA256
a56a5dc0a08fa5c9d1b15b83c211ed1dcc9de85054ef3b19585ae61b95143e70

SHA512
50db3fdbbfc0ce055dfdc96948132dfbc87177283efd2879b8ee8fbef5282f1b17c0138b9747182d0915db365422afc1597068f978897425f7746b8d294f39ad

Download Submit
/data/user/0/com.browser2345/files/umeng_it.cache

Filesize
76B

MD5
9cd2daa20230aac84893f9cf6519a411

SHA1
614847d27e5032aae3ca5b101817e0ff87c5b0f7

SHA256
3c0a478b7b581569367bd7fd001e550e21f6e3feda26f75c0c028502f2b40316

SHA512
2362727ac80c4cee2d7267489dff3f0b229fea4fcb4bece6bed72b27012e1700f3d40974534d53bb54f3f7d24324c00b8e58033b7590314ac194655ce2f82ca5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads