582e9825e6d6b27bd627af93afc188809e35a5c74d6646c95df4038abccc1889

Analysis

max time kernel
44s
max time network
158s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
22/08/2024, 00:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b5aca0413654627b1377dd0e5118750c_JaffaCakes118.apk
Size

4.9MB
MD5

b5aca0413654627b1377dd0e5118750c
SHA1

9831383822a84d912a5303f3da749b1ba3b2fe09
SHA256

582e9825e6d6b27bd627af93afc188809e35a5c74d6646c95df4038abccc1889
SHA512

4d18a04a0267ecc1b58499d85f878d5ce87486ba358c74395b5efe1cd6d6a3ea3c8a9fda4829d5403d586c76aba7bac4da94662de7676d5debe811f23fb16747
SSDEEP

98304:Xzdxc6dTodeM68mgU+ZKVRDISlEW79QnSx2NAP2nijXyvRyeneY:76PbmaZKnI+EW2SUnniLy5P

Score

8^/10

evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.example.android_ksbao_stsq

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.example.android_ksbao_stsq/mix.dex	4316	com.example.android_ksbao_stsq

Checks the presence of a debugger
evasion

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.example.android_ksbao_stsq

com.example.android_ksbao_stsq
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Checks memory information
PID:4316

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.example.android_ksbao_stsq/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit
/data/user/0/com.example.android_ksbao_stsq/app_bugly/map_record.txt

Filesize
42KB

MD5
1cbb325ab2aaf20d190ca0a934247f56

SHA1
beb2b9d2249d2c429b48890a559f2765b9be0bce

SHA256
721c94c6d7d9980c31699226fb27c1a574c1e6493aa6c2863701c583243546e5

SHA512
9988a9e13a02d5448967415bde4c099470b00052e5b4c298b13cfcf2f5e02a75b4e5b8cb4d19f20d8cc1c5e32532792baa7df3655fc347ee32e64aa58ca07deb

Download Submit
/data/user/0/com.example.android_ksbao_stsq/app_bugly/reg_record.txt

Filesize
613B

MD5
612228ab3ea734513fa3584c9127f8f1

SHA1
10a6d39f547da911d71d43862bafb38cbe8448d7

SHA256
471f2824199b0aabfd3e526d0c52719276da7de844913a2bcc05e5e55ffeb548

SHA512
ff3ebe5e79472a2923ebb1506f374c8d3b5ab8a0d10d1cf846d43a06208e4e900810f6e1f6245a014925231f118c7857738cd08e45dd193c898e04119a435293

Download Submit
/data/user/0/com.example.android_ksbao_stsq/app_bugly/rqd_record.eup

Filesize
29B

MD5
5ec758aba3fc538354888e38ac5ed313

SHA1
d35b6573d25b6e282a680a4ffe9ccfceebec74a4

SHA256
12eb72ff09eef9137e67ce8f0588607a28976e0e082b80125f7ff572405a582e

SHA512
13e094ecf0cad0cec897853bd3fad125b5ab07db68652cad4affb1b03da9d50a19815b268361a45543205cd54774148691a3433abb075a48ef0c846dae73ccec

Download Submit
/data/user/0/com.example.android_ksbao_stsq/app_bugly/rqd_record.eup

Filesize
120B

MD5
805b76201cdb05cfa3fdea56a22b06d0

SHA1
52bf0ac913784eb91ee37cf7e7bb5a077ac3d584

SHA256
9be9d51a09a338a9bf46453f1b4e00b7fae7600b9ed7632f3f6c68d6e9ecc92d

SHA512
2764988df40350dd9334b96bdc88ac015bf308be69ade9d23328d3320173e5b41180d89ef0e1055e02bb86798f1db662be14839a171ca5ec0775460f64d0e3c9

Download Submit
/data/user/0/com.example.android_ksbao_stsq/app_bugly/rqd_record.eup

Filesize
211B

MD5
e23e1c9e4c9c3e022678bc549970c7ca

SHA1
d5c7facfc3d52d8633d0be172eea3a1b6c9ca1d2

SHA256
764d2bb7bc5a62be91325663eefa83135ea60f27a4e2d8bdf76f77d041546fca

SHA512
c878b57dfa9c041023c0586959d50b0eed65fd1454084dcb8bbf983487cb3c050392f6639c1e9d725363852f80973c5efdd39c6d2f427ce1516dca7382584ed7

Download Submit
/data/user/0/com.example.android_ksbao_stsq/app_bugly/rqd_record.eup

Filesize
724B

MD5
9ce347cf06297fec9d324f343a296387

SHA1
3eceb61fbceabe33e403ded309538ab6fbb1bb8b

SHA256
79f9d0d46610e2cb1dc2fc060312dd0c44ba98d70a4a38186e5397962aa7c00b

SHA512
ff335645be9bff7806717a46b1aae6c1d8bae5e8e75ba853d0402223c4d21f77b1a328b6017345565c67f05abfa4a391b8307b978fa77f07b83ff85445e61b5e

Download Submit
/data/user/0/com.example.android_ksbao_stsq/app_bugly/rqd_record.eup

Filesize
1KB

MD5
0b6916fb0385439edd9b68b06d7fb80c

SHA1
0bdecb775707484c54a464e9fc87c7c251117dba

SHA256
978c81ba9e3c9019c13075c250e375522c2ffa69666f8a1e3a185c63b148f528

SHA512
affbf044c123bcd16b3e4a4756abb88b4722b3c9b9dd7af07fe754ea2e882614bb6a6ec4fcbacd17038546afc9b76130827d9b5d3807bec990d24a7560b36b29

Download Submit
/data/user/0/com.example.android_ksbao_stsq/app_bugly/tomb_1724287116646.txt

Filesize
1KB

MD5
f6ba61db0c37f7ad8422874f4820730a

SHA1
1e95ca4fd60da3b9798c47229006c7492af79aaf

SHA256
df75ccd1609171af26ba42da9895303eb11be58c41e308313883b0473371198e

SHA512
d692beb33d4356521d00576171e77c909e7b7f92c188ae4d8652ceea602c6ac51a53caffeeff1a99071eea6c48852c4eb205ab4ef3a9111a859179e667471bde

Download Submit
/data/user/0/com.example.android_ksbao_stsq/databases/bugly_db_legu

Filesize
60KB

MD5
db8e7d0c04873d5af40b742d7f944f0e

SHA1
4a2d4c15475438b5924ab9142948686e9cc27665

SHA256
6b300ed0c7f615283242996f6affd65102cf59c71299e41f73a1813c57a67668

SHA512
e681d15c70f6614257fe3f334eb72b658fa8c418c1dd65ca6de972c7817c65bdf0a536962be8d0d9122de925e82bdb7a001294a127812f75f5a8f90cec0926ca

Download Submit
/data/user/0/com.example.android_ksbao_stsq/databases/bugly_db_legu-journal

Filesize
12KB

MD5
cd6e0339110b4d2dbc80aacd8fb5e75c

SHA1
dbe196a772191e5da47c41d3605e930729e8df98

SHA256
fad2b70628dc420c2cde4213a33232ce6ad2b9eb3fa990898eda2f71d352656e

SHA512
62e4674b042b663e95befbd1ccb66a53d446e3bd247b15269ded71bf41655d52f985aa8d642b64e80f151a75d7e13514fb97271da56e7ed57bfa95c65c265eff

Download Submit
/data/user/0/com.example.android_ksbao_stsq/databases/bugly_db_legu-journal

Filesize
512B

MD5
2deb52b737eeb8ec1b280999f69437e9

SHA1
8167d717ac7d6df9bcd2253d84b55c821f8ef67b

SHA256
babad719aeaaabbb318265ed7f88da73d1052607ef1579577fc4c1c44c9a4a27

SHA512
280159ed52ea5c5bb163e01a2929972337e46c5c750f810981e6619f3e3e02773aa33b78ff4379b77efe63297c8389d732f36767b921aa2bdecb267fb7a9c7cf

Download Submit
/data/user/0/com.example.android_ksbao_stsq/databases/bugly_db_legu-journal

Filesize
8KB

MD5
09e1592e5cebe3c3f445100aa88506e1

SHA1
33ceacd5144148637e1bd25c5ecd245fc7cdcfaf

SHA256
5def3d5798cf0b50b2b21c380563a4206b426d4708036b1c9306f2bdf4e2df94

SHA512
b6662ceee00e8a22126eef39ca90c8136b3f0d8e242651fcf60387e4179be443184618f49de4b85cce2aa1f511aed90e8ca22581dc2da6c49d4e4981f82825bf

Download Submit
/data/user/0/com.example.android_ksbao_stsq/databases/bugly_db_legu-journal

Filesize
8KB

MD5
5d6097ce77c3bac14e605eb06cbca25a

SHA1
53386ec75932ab7591b31dde08e25318426168eb

SHA256
bc829fe0d05255fea976a7af792111716e5ecbae86addbfb01d0f5b507302b65

SHA512
4df80514cd326e7ac67593e79721bcca424c1a6335f20db15c3210cf207d2fe9fb8a2dd317fd81260bbc693bea87db5a67f962cd6ccb77b339fe7e039bcc5aee

Download Submit
/data/user/0/com.example.android_ksbao_stsq/databases/bugly_db_legu-journal

Filesize
8KB

MD5
6a81f704d4c23535a753487bf2dc8a92

SHA1
bb69b6c92425c280409adab57db21bc0aa420612

SHA256
62f59e4a1734a6c251bbd72757fceee108be1abbb52d63c09a4c8261f6ed79ca

SHA512
6c8658a86b77fdb39e0be56bc1c3fdc721d08a79b1eab11240725fadb3b8992743b48a3b989a5e03dee6c4bb3514cc2235584fcb6bb7bd61f76c80f827a8d540

Download Submit
/data/user/0/com.example.android_ksbao_stsq/databases/bugly_db_legu-journal

Filesize
12KB

MD5
c96fc6cdbf4c66ce16f821ae4bcf5f2a

SHA1
bc993d0104b164457b9283bb929e394e8a7b6a11

SHA256
a01e5a69413042002e261dabc939a4bb7391b8235cb22b4ecfff0ef95cf0f192

SHA512
446d9f54b0109739e800fcf2bc3e6c8ea3247cefaca4f72cf0c667017b801a366110534f243d02094261d8f9de4ff6a87a3cffa44d6c358661c94ad656de46bc

Download Submit
/data/user/0/com.example.android_ksbao_stsq/files/native_record_lock

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads