Analysis

  • max time kernel
    44s
  • max time network
    165s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    25-08-2024 19:35

General

  • Target

    c16db227fb29787cd2158fbd7a812248_JaffaCakes118.apk

  • Size

    6.1MB

  • MD5

    c16db227fb29787cd2158fbd7a812248

  • SHA1

    5bff97136838756b6090a2af44fd43a3eff523b1

  • SHA256

    b34c00722df5d523e7197690aeb8fb36b38af563793aa22acd14567553f04241

  • SHA512

    a988e527e5d8cf18cad465176b7164144441c287b6addabe31ec17d5f498c008eb387344c68a1e474faf9a8f1c326cb4f8ced9b441118b41e96cbd127e88e9c7

  • SSDEEP

    196608:fxhozeKrsCDmZSMwAvRYvPvXb11+Igf0Kl:fMjshAMTRkvXSIgf5l

Malware Config

Signatures

Processes

  • com.Saapart.SW.hack
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Queries information about active data network
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:4501

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.Saapart.SW.hack/databases/OneSignal.db

    Filesize

    40KB

    MD5

    2479ff01e32c1445266304f37e9e7b35

    SHA1

    63a2b50d03eff98a4b5e684f1f95996b78219e6c

    SHA256

    c276033016c0ae04c4e1a7128d443a01aab24d99c434696ee1b01fef2d3acf15

    SHA512

    14b24f8be6f9a88e31a2d74f3f13cf9e84817bfe445b8b8a873c1678f274714237b3f1a2fc9c5821c300fc72418e3229439107c2a2ff307007409dee6fdf16d3

  • /data/user/0/com.Saapart.SW.hack/databases/OneSignal.db-journal

    Filesize

    512B

    MD5

    2f0f52c323a17aae819ee34aaffdb245

    SHA1

    ca4101e00cc676143a5834580975cf2237112e34

    SHA256

    bc0c20f547322fdde8e4cb68bef657a6fbeed5e23f229b9cb230a74613acd82c

    SHA512

    e1632750885654c1426addbe9f24c21a9a1d8184e208dbe16483f9de859c97a4fd2c476744a0cffe6c7da0c9cf26e80f5bfd1a2dbed5fa5bfca58a7f45b8fadc

  • /data/user/0/com.Saapart.SW.hack/databases/OneSignal.db-journal

    Filesize

    8KB

    MD5

    06833a2dce390e7a26f9e8e21c89aa4a

    SHA1

    24597c2ff1a16a3ef45944b72aaca6128a6cc99d

    SHA256

    a4c19672561e3963fe2b7c9f6282e1bc34c778afc06702cf316f4be4910c1519

    SHA512

    5d12233f2596ba69975db1f2d7c6ef5a79c4343af5acf2238468d17d557ca5c651293bb6e0149484de3225eaa94827181a5ae4362b34e82778aeb8334893f760

  • /data/user/0/com.Saapart.SW.hack/databases/OneSignal.db-journal

    Filesize

    8KB

    MD5

    2cd8fc3900686843d4f77ae2d835e4fe

    SHA1

    54881bfbf7765a8e5287603c618adc43bcd75ec1

    SHA256

    95db73d5f5d7b914d20e9fb87455a1d50c8515f1498d8fa1968a1800d841335d

    SHA512

    9601052183dc4d8e408142a4ba9801a1b8df4ae34c8a8167fc848168f7c9ed03a0a495103d9fda4baca480dc6102341db5f50635e1cca0b2dfb5ab90d33caa8f

  • /data/user/0/com.Saapart.SW.hack/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    c3a6e7ea70af6d04783db6a6069a2e9d

    SHA1

    f6138435d6f9545111e2b2c6c6e9c1d4e4c30c2b

    SHA256

    ca6b6d715f3b331bab5b3571d0033d5afb34d43e40fdac58e4c617a64c806231

    SHA512

    4c5a96dce2dad3136b7f34e94fd59657d3c34b3a0c45a8f8e8fe3302c29d20dd1172a5fdb269014ae27b1d48042aaebe4f8c58f755eb9260bf3252018647b74d

  • /data/user/0/com.Saapart.SW.hack/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    2f0577c24419155e5ef29d4c40c84825

    SHA1

    fd5a79d16f08a25f31215217ef6edff359e4a885

    SHA256

    9e53a2073396cc59cdd9aee436c0c48edea83470d4a8bd89c9e09305238ae96d

    SHA512

    3baaa1138ea89285ca57f8d43b95c03ea5ee9046bc664e04118b7351ab8da7ee12c475a7cac466e39c5ecb606636a9ce4e39c1c964453e3d97d8cc33c4807bbc

  • /data/user/0/com.Saapart.SW.hack/databases/evernote_jobs.db-journal

    Filesize

    512B

    MD5

    7587542799ac74717b9214fcf4f195c9

    SHA1

    2ea48a3ac374892632d87ec6ad96ef2716132af7

    SHA256

    420889a5f46426bc7671ba27cdecf761d5bacba6759ea64761f792a155e3defd

    SHA512

    d32fa156c1d0fc3b3e17d5964f5faeaa247c2ee151ab5a5c963cd7256f7eb231f55230314c5c53e06fe258f22ce2f1a0152364e42274c9f3b88e52d7f3eb800c

  • /data/user/0/com.Saapart.SW.hack/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    f7bbbfc2af72009b501e8c3b9c44faf1

    SHA1

    d0830dcc83afefaf0b91f5434a8b795f028ad2c9

    SHA256

    00d515cbd98b622ed78347615b7a105e204a47f259496cdbb3917556bdc912a6

    SHA512

    c20832ab2609fca70f45a0b59e65e2d8491ffa0d19053168601e1133e168a1b6529a994e9b279360b8f9f91d718903b8e5b434178265ae9c8db84a00b768c521

  • /data/user/0/com.Saapart.SW.hack/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    b8b0bd16543ad482d51d0d5eb57aed99

    SHA1

    fd5e02b3dda05bfd77d240f07cdea2da06bfdf04

    SHA256

    8892dfb91ead33365c7e57268b230ff30230a5d0268a310e40c4fd222d4cc56a

    SHA512

    2988689f1f17c9dc211e8f4d88a112170d2b70e364a4079a37176b795dd0cdc634ca83b358d0a7cbfc3cc00cd73f655e0499c4fe55dcb8611c5521227eef4eb9

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    542e858bf83b4122706471b22799b67e

    SHA1

    a41faddc1ced47ba6bfe1c223243ea65e035d22b

    SHA256

    b5d44fa54c61b90240e28ebdfc84f5fc67e567b9d8914685445fa5f05ca4d4ca

    SHA512

    45850768168f2c8886ac491278293ba31a3703592dc404eb11cc9981a083174859af47374350f975abb55b428922c8e6791ec7fdf825be2d56b47dab46276e27

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    c5ce84ef5c66c00c0d309a5db9231f9c

    SHA1

    cc740d9e97e94857b3294f5bb3ef723c45cf617a

    SHA256

    845138169296a52dfebf872918e102be90499da063d27719b0ad76896c5eec80

    SHA512

    404bafb954ac276001a06d05a1b26c9db577c6c4dfb234d35f5dee1576cf8448119cbab76f1ad61a73e6dd5b50b656d233ec143557c573c100ed9eeff78f0302

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    f2ce54d783681edb19bd491e3c691e01

    SHA1

    e9a7170e25e59f82dd9189061624f07ef009bc0c

    SHA256

    1c6863b2daa1d2328e369f665d262dd8510be7d2db475890e23e295bf228550e

    SHA512

    c87e43751f51ec894b098d2d5dbc5a090b0f5f9fd54f7adb6137b05335133d2b35c54396d31762d9b484aa2ea450bbf4aecec743755c81e2dc3a2d89f8d3b478

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    2d5dbe1d08a6c9cb2644b27fbd3e4ffe

    SHA1

    0310584dc4d022c8457e22923f8c39d40432b293

    SHA256

    4a7b3d34e8ac3d4b85c3b98015fbc5e2980b12e6a27faaf517e4fa3f548e2372

    SHA512

    59e944cdfd33cdf332fb06c8bd3b9b6211c7cebc0af3cd130ee85a8869562ab712abb484c068914c7a4e0430fd4e2b7f891453c3bf810e0c2c534ea95ed0cd79

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    818548be1885386cc995f564f36a8e8e

    SHA1

    008b0c602ed55b1122dadfb3a20db517d55c10b3

    SHA256

    b4765a86f69c122307448d0c6e81cebd52ffbc59b0d19da42971e2857f773e6d

    SHA512

    47840561a1eded73600b656576a7a9195bd1beddb79b08090b9e6bd9ab610de6cfb0a334310bfefe0b33ef157d420aaa17c6315fa2e689398da3328c4460a02f

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    d9cf75fdd1c2292d986f6c3d5d60f2c8

    SHA1

    07ecb1d3a26d952ae5fecf54f36699ab498510b1

    SHA256

    2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

    SHA512

    442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    bfdaea1703c08a330424a2362d10bef2

    SHA1

    b9cf78bc06b345d0fff3a2bc8aa493e8a572c794

    SHA256

    bb1683139891f25e7ad8a761b4262d682628b1637c25bb71c913ea97a71e6277

    SHA512

    6968ca4713370120617df2dbaa0ddfa871947fcf14453911f873d1a5b3377bec53da9a129244f3dfb87861a9ab5a7e7fdb4f52e16172d2166c41f92ff37993a7

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    09acb9d93ff79444090355f284e91883

    SHA1

    6d439a50de5c5834421f2828fe2eecc67ce8eb03

    SHA256

    94100082b3eb0c50f4831645a0d7530279b6403572a1f362d0ab897681fda4ca

    SHA512

    5676c438bf64f0951fe7043519ba95809d4cbc7c05ba6605255b8c7b4502277f789e1fcca427c189221cc1851d414819047d03ca4cac9e3012a680bb146f650a

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    c3c983999b499a464eb408698011851a

    SHA1

    327dcd2e67ffea6a03e365747f1dbd89731e2f4a

    SHA256

    74ccfe0e1538918541f5044f1f9c13674c4685e97439956da092ad8d65b65e21

    SHA512

    43b8d6e1c3d2f559b9a369c616bf1344b37ae56e5e904bf36850ce129643c998d1f39d9e7dc45e225a1995aabf7102b115d8c4390c745b749fd7fe03743c74d6

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    7ab46e808b8b0876d2762e4962ed1b92

    SHA1

    52b8518e9ca9eb71a859d98546bddacc6400beb7

    SHA256

    485d6da2a9082a2b6aea905b256f5e03d979900671e7daa07d97f74379bf4426

    SHA512

    19c6dcff915cfafa33c68e594f02759e3d180b4647c664e83bb6354fc482272bb933aa3b2a7fe61e6b899be09ec965be5f3fd4d14de3dceace20c683a69701f2

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    59bbb8d92ec0934b495be4359240f398

    SHA1

    f9862ff38626cd67862dea7f3b85b7d30291cdd8

    SHA256

    cb9fdac38a10e8f8431cb3ef3544a3415b84f68b8d59148239970b498e62cf5d

    SHA512

    a23e57d0b96e3d5e7bf6c8e208d594bb9bfd4e9641ca5c546541afcc334e049c81d78e79fe012d921de79552810ff8f00a97634bcdb9c656d5b14b44397ffd03

  • /data/user/0/com.Saapart.SW.hack/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    d8fb6f5c13a769c2857d5441076bde38

    SHA1

    c7ff65d6bdcef9aa8b4f444c6055153ea21f3be0

    SHA256

    6ab36c4c726b3bdf8c336ff8743fafa716d4c104bea952fdd01709f8573b7bef

    SHA512

    8794991367215479799442761566367f9e7c28a5ac108cff9b00a1edb58cb7fadff7d7d0f97721521858eacb1f8330f10ef1e5c4ed8260ed822333161f3b22bf

  • /data/user/0/com.Saapart.SW.hack/no_backup/com.google.InstanceId.properties

    Filesize

    2KB

    MD5

    aab2be9c5a4db50aa743a517465b8ea6

    SHA1

    2bf738b5497892e45c46f0ba18ed5e43670ca04b

    SHA256

    dc785b8187c68788fa306242a460395c3aacfd92922518bb75ed782d1c5b79c9

    SHA512

    3714238ae6afc6fb90cb54f8e247cb19e125870bde763560aaeb882344ce2c67354e8a92ef48eafbaa13e198affffd3d7bc9780d6481a4108ceaa46339678c18