3534dde7a8d3a7aa6d79f77a2150cf282a44f9186b9dd9fac350b8aee7f43c0b

Analysis

max time kernel
168s
max time network
98s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
24/08/2024, 15:06

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bed9fe4abae5e2bd28fa6db30a488ad9_JaffaCakes118.apk
Size

4.1MB
MD5

bed9fe4abae5e2bd28fa6db30a488ad9
SHA1

2f93457bdd6c75cdb4d09ac735d9d9a3b7c89af8
SHA256

3534dde7a8d3a7aa6d79f77a2150cf282a44f9186b9dd9fac350b8aee7f43c0b
SHA512

47dd9c5e94a046fd4f7dea1b3a43880f2abdbb1f99412ebba8bf93f7d7decd805beac4490b410eaa443a6a274f84c0c95d1fa8a490e6f13d00e5a42d867d5387
SSDEEP

98304:i/rXJ3y/23qe2EbbQo+B4MGJlhlhRB+uhkSERvGOWohS1eBiK3XvhF:z/+qAbbQJJGJlhlhQ

Score

7^/10

discovery impact persistence

Malware Config

Signatures

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.halo.wifikey.wifilocating

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.halo.wifikey.wifilocating

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.halo.wifikey.wifilocating

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.halo.wifikey.wifilocating

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.halo.wifikey.wifilocating

com.halo.wifikey.wifilocating
1⤵
- Queries information about the current nearby Wi-Fi networks
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4238
- /system/bin/ndk_translation_program_runner_binfmt_misc /data/data/com.halo.wifikey.wifilocating/lib/libnative.so /data/data/com.halo.wifikey.wifilocating/lib/libnative.so rpcx com.halo.wifikey.wifilocating
  2⤵
  PID:4293
- /system/bin/ndk_translation_program_runner_binfmt_misc /data/data/com.halo.wifikey.wifilocating/lib/libnative.so /data/data/com.halo.wifikey.wifilocating/lib/libnative.so rpcx com.halo.wifikey.wifilocating
  2⤵
  PID:4362

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.halo.wifikey.wifilocating/app_db/ap10.db

Filesize
90KB

MD5
ba709b8d2026d7140c62d20a3477456c

SHA1
fc440de7da2acc014f15181ff95588c66b9c8d94

SHA256
21dbf437a37cad05534b23109cf6086d8bce563bfb4b18552812a0be1c219873

SHA512
2c242e789ed636c608d32d9af4e3564ca0177bbe1478ef59c5c89b040b32762f81e7012de576109fbfc68495be15fd5d8cb17a20cd1dda6dd8bebdc8fd28561a

Download Submit
/data/data/com.halo.wifikey.wifilocating/app_db/ap10.db

Filesize
1024B

MD5
660fc427c50bb5d4656dd784958c0e16

SHA1
766909e5ca579d3852d3a4897bf1dca537d07419

SHA256
be705eeee76d57007554afb4e1b675d509a9b326493048e03f0d67a7244006e7

SHA512
66aaee724ec05060c96c7c451753c82593a15791e6a6c96b5f2e584e0b869380d4f5d42d4952d2889d5c5a39965a1d9eefb95e90f3d41ac78f0c11c16ac76d86

Download Submit
/data/data/com.halo.wifikey.wifilocating/app_db/ap10.db-journal

Filesize
1KB

MD5
f8f8cd809c0170ebf3571d055fb592ef

SHA1
316392102f01e091391b85b80b2c404c7a674670

SHA256
f4ea5dee2aa1cad413aa2e5f03b6c3e625341cd34d4adb66e2391387b0537d0d

SHA512
d6aee0fc1bb98dea2feb7b03e60f0beee4a3a69a24b8a9b62ad25aab63dec4ab3e99daf735cc6dfe72ff9fedec52e680d7a087cd8900c48860a3b1a83bfc3a8e

Download Submit
/data/data/com.halo.wifikey.wifilocating/app_db/ap10.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.halo.wifikey.wifilocating/app_db/ap10.db-wal

Filesize
1KB

MD5
46231d4e083819b578ab92d11c0652c7

SHA1
6e73a525e572980a231a14268f99d3b39a8fc001

SHA256
d3c1e03c9caeaae66942bf80e3271d6dab26bc62f8b12ade73f8cab675336f36

SHA512
0c22e8af37632d3fa24ac530a50308eeb15a4a9b5f4d60bcba472f4979be2af3ab7bfd285611ea958a9c79f226347792689315d8dee98c190a63479f6b8ae6ae

Download Submit
/data/data/com.halo.wifikey.wifilocating/app_sslcache/www.googleadservices.com.443

Filesize
7KB

MD5
0c0dec10512075231e52caf5875acd32

SHA1
f005bdf9be217e54ddc0477e043def03ac5ec8b6

SHA256
6fa9959299a3e29a0eb4c312bb9648687c2a8e1199180272c689064e5289a7ae

SHA512
d68f09f02df759c2f0cacbd16f747ef316984947d22dcbb4e28101a657cc3f9474bc0ced6e5177d693304f505d085aaaf2acc948699e6ce92e013ae288d6c016

Download Submit
/data/data/com.halo.wifikey.wifilocating/databases/google_conversion_tracking.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.halo.wifikey.wifilocating/databases/google_conversion_tracking.db-journal

Filesize
512B

MD5
81b4a7579a5476eab45d81ea7850c221

SHA1
3a13d2d7a01d78c0bc0a60f54a39982b161cb200

SHA256
6aeb0397ac32409f4d7d5be7791397d12dadb72253b8e3a83af9bac8fe1542ec

SHA512
8ca45b4947fb18a2e08b4f24b183ba63da2e8977d673cb8ddb48a5941e99412037df79a6785c2224913412569f09f1c7c5fd271689be0c8ea8eb9e10bb9f3105

Download Submit
/data/data/com.halo.wifikey.wifilocating/databases/google_conversion_tracking.db-wal

Filesize
56KB

MD5
7844e91b18932d3821595b92cacdc9fa

SHA1
b48a5d6af8ad26864a8d9923a44a8fae4b1d070c

SHA256
b98aa941c2344558f4876a2786cab9009c7dee59e1a1b71e80c2dc567f42e836

SHA512
2c76d96dd6226dc382b33bdf189c3a08e1b9e112f78b5151eaa6d638f1b8d1d3119ea47eb223fbf63a08aa7167b700eb0b93c5e88f3edf1e666aeffb45d76e94

Download Submit
/data/data/com.halo.wifikey.wifilocating/databases/wifi.db-journal

Filesize
512B

MD5
f75d48b7c5aefc2b393d3f03e74fdcc6

SHA1
5e18e99f4176894938d3ef3739c5bcfc7e887d86

SHA256
78d473a66d5188f6afe9a042ac8472da7e9c9e9c04e592d2b50b8dbb3b375d27

SHA512
30163db740d238afd0f523d828dbd7814872ac056790ce2d35cdffe89dfecb1ac7a552348f7c583f09dbd7c0869b13c2441a7f2338688706be3c1d61afb1c149

Download Submit
/data/data/com.halo.wifikey.wifilocating/databases/wifi.db-wal

Filesize
96KB

MD5
baed7bc375a785a6f86085fe90486e19

SHA1
1bdbf4957f677a2bce1978dd3f7a14d9159c85d0

SHA256
d681a7d50441a19203b3042056b0ffab12ecc61a813de58eb93fa26adaf71ae9

SHA512
782653574cd1e4f0b9e147b91b02e6efb78b0727719e543421b41a046880f54db210d912bf3672f2fbb92bf0ee0a722f0b475e42682b657b0429e88592a254e3

Download Submit
/data/data/com.halo.wifikey.wifilocating/databases/wl.db-journal

Filesize
512B

MD5
c60860d32d5bb0ed4508844d99648b0b

SHA1
2a695f0de36ce550820f3bae78ecf7b7ed8addaa

SHA256
c3cd6e74c04ef960e635aca3be41fdeabba85c8b0d9d84917515dd7a0f38d2cc

SHA512
7407c2d1e81a18de695c84bbf24d75c57048b4798eb9d7c24030df7b6571c1372f76216387d440dec1f401f68b0c380ae1e95608629938af70851a4f28d02ab0

Download Submit
/data/data/com.halo.wifikey.wifilocating/databases/wl.db-wal

Filesize
136KB

MD5
2f3d10c3a2dbb3cee18e6a40660f487a

SHA1
a089a196c7440db9bb1f2c379b762b015bc273c1

SHA256
be0e7515cf84379bc4eb5604981a8f8a7e6d86a76c7969ad58b35a9bc098b931

SHA512
ddb44c88485abf21ae3d6106f58d9e118f78cbe960381b8a3acf1488a53f701631e6125af8043498813ba9a92ec758e172eb2da760e05a952d0fa31b48bafe21

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
436B

MD5
618af441f3d274cbab7ebd15fc590e00

SHA1
fd8b29eb2b7d681e7a1d326c93dd30bd872e8418

SHA256
e322adee5925bab4731b15d16587ed45a59b3459a75dcd58228d6772252d61eb

SHA512
6ba13e795eaed0bc4df4a3f7c94ebfe4eb87c5fcedb22ed6355dc6dddde682e43f64aa7ad915eecb41e4fb1c319c096c445dad357d79a347845c6d9bf9bded60

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
1KB

MD5
65f35dca9b57b239379db1e4fbc9e360

SHA1
4dc3333e21fd1e51abf9250d3f1889015c2bc3dc

SHA256
092497810058675bd8712f97ef54414ee58493b3ab686c0de9328fff18f9cdd3

SHA512
f79f51ff3da9dba772f2a000b27dde476c0527ff2dcf8e3efe5c0eadaf0c39ea68fc39d88f60501484c3529979c9fb7a384007ce8beffb151cc635e5c9ae3597

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_6e336055-4556-487c-9261-25ae279c2bc8_1724512137348.tap

Filesize
348B

MD5
16e34bf387658c405d26d6eed56fc090

SHA1
9d1e209461fc6187712a7e1df1860f903bc373dc

SHA256
4286d0789b4d2295f2669487580b4fa75c558521a5689e5d2b6e707624b5cce3

SHA512
2c57ae8e4922bd05c58e05eea8118e355713b336e0721b4faf57c1507a265ba1fd0cd9069deed723e9ed25cb81d0978d39fcbba0bf12f5e7c3a49cd919fe7897

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/AdjustIoActivityState

Filesize
297B

MD5
54d5f27ff4828190cf65b6bde346bb37

SHA1
ce4b48276cb53ca6ae19754a1954e750f889b543

SHA256
f2b380570f45bf7b6cffc97d19b6d9b0288924667070e728a58139722a7cb40c

SHA512
90db96b6540b94d930292a55e2466729da8f5f1c86623b39404e76a516d7231d606ad34c39330d83278d346c3c369a2e8f768565d1a28b32d65b4382df1e51cc

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/AdjustIoActivityState

Filesize
297B

MD5
ed04fed669695c13bd16e573ee261ac6

SHA1
16297cb05f6fbff53dac307d06b24bc592a2da3e

SHA256
54dee51c0b5641e431e2b82877c0e8b8da087e871abaa478caaca250e86c15e5

SHA512
1e7173e4c2d4aab43a1c23c4b96f88293fad111b2079cc4efa4b7782f4ce578a68771cf013299731bb63e0d9bb569ab5b27ece9cb9bffc4ecee3679ceaaf6a51

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/AdjustIoActivityState

Filesize
297B

MD5
2d07609d1f8d45b4b99a642e989983bb

SHA1
a99a520cd5180b2067ffa6a7d09536cf8c5b6cd5

SHA256
c91c390d6400959ae20b2409af5ee3040f4061047500c4d29886adfd12666b00

SHA512
b0f3f6a301d963a0af234aabdfe3b00c64055825e29feffcdfa091ee03f7411c302ac3ec38a1685e5d28714237654a1ae15f0d8b8be595855be4c883dfd62a95

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/AdjustIoActivityState

Filesize
297B

MD5
a95c21ca270940b073c33b1a5ab15e1f

SHA1
39dfbcae1d7d7ee9c26a0331b4bde1c3cf61cb04

SHA256
1ab38f17dca2cb250589b72758ed70aaea8311194c516c6a653394a0fed2d92c

SHA512
eb777c86bf6e4689e6744f69740550b83018dea738d85e8481400a980d54c12e960218740e51f1d35a5c541d24c142cd27b902c470a360f561f71363bf953ad4

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/AdjustIoPackageQueue

Filesize
1KB

MD5
efdd4576a7f394763f5021a3d098ef18

SHA1
272197c868b73656575190938704d05f06294193

SHA256
620d9d8e608e481d4e40a94782b98c175a511777cc5d6836687ead389616f8f6

SHA512
88f4fe9591207293faf37cf08c287d844dbe144f7e2e4b98f6d85baa42a57eca730a4363f77e6ef552f87687cb2e9095778959e96757a1d56bf75137520a31ee

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/AdjustIoPackageQueue

Filesize
1KB

MD5
f25e9733a1ea753f6aa96460ec758b46

SHA1
2ddedce62510b2ba4798b30f4a26b2fdcc820882

SHA256
1ff66a383f245e16fdbaa2baff7a6b90c92507d9a547adfa64c6671217383da1

SHA512
39345cb216f4ee7e8c90a562b571a35d6b4384c33dd352350aaa55a61e57f062dbc629a1928f018fbece44d334b8232774484590e4a290d3f12e96ac5609c4e5

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/AdjustIoPackageQueue

Filesize
1KB

MD5
90b40406ced5b08c7d980724c5e50bc7

SHA1
805aed6fb356e48a98040813a634594321788f0e

SHA256
3cb0941a11498d58509a10a9aa33da953da2fa26c85af2af74243e48b28fc603

SHA512
4a3a571efeee93cabf3c2611ad10c4d565d1d6e9308aacf94f25e4cdf9297070b590326786c81c0c974f0d053343932d694cb52deae3f7c30df8ee734372a525

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/AdjustIoPackageQueue

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/AppEventsLogger.persistedsessioninfo

Filesize
495B

MD5
c7425099bcb42810b47eb60bc6cc255f

SHA1
e26c91a470245d687f962eca758e3daec7655d5a

SHA256
25bcbe9244a52347d53293812966c7af1e7da66a2d70734593d51fd55cf92c5c

SHA512
e69d29283cde64ff36a753c2487f051bac7249186f0ffb59796168977d470e660d6c34b81b45d95a1df7d8e7ca8341b56a1ea49c22592489c0e72d14a03cbc7b

Download Submit
/data/data/com.halo.wifikey.wifilocating/files/gaClientId

Filesize
36B

MD5
5cefb999bf57cda33ae41cdd9723504a

SHA1
84b973cf290015076a0b2ccbf10c860d9c7638a1

SHA256
6e5e7486835adaf3079eccb357f0aba7efaea72f457536e40813392eda06647b

SHA512
3a76c5ed4f539cb3eef784c11579decfc360c4a976a0036d8fc176e1a8eebc39893b64103a22b375dab54b3cf2772fb243d784cb2f16acfb2bde9083ed869646

Download Submit
/data/data/com.halo.wifikey.wifilocating/rpc.cmd

Filesize
147B

MD5
9e57758efea88691fb01eb5774ad7614

SHA1
e8b20ec628880a6a1c38c69b8d6ae7e26b70375c

SHA256
cf72498bb43c2fde3dcb9d13d7efd235e1c3c81c588738fdd27c5258e203926a

SHA512
5ec91183150368bee76e1e08894f4e8bc5325a4da3676b400ec310067e9745688f83a561c1729e8bbb8c96b25115bc66c44b4dc563970915dfb35daa0d3f2a6e

Download Submit
/data/data/com.halo.wifikey.wifilocating/rpc.cmd

Filesize
147B

MD5
da273c50b575741201ad5f3cfa4149a2

SHA1
3a3a1cae4f605ffd6722c004b7013baa739b35f1

SHA256
41fdede902bf3a536f63fb40374c696bdb8b1e4799b987ea5d4ac61e19b36d40

SHA512
5fa5821c6bf6523fce148cd69c4a26cf707e258d65efff682b900998ee7ec165ff89d65bc2a9be601984e77658508912660012c56b4f8da888c8f0ee4ee767e4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads