Overview

overview

8

Static

static

6

d10f07211b...18.apk

android-9-x86

7

d10f07211b...18.apk

android-10-x64

8

Analysis

  • max time kernel
    3s
  • max time network
    150s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    07/09/2024, 04:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d10f07211b6251e54fa4b12c5eb41926_JaffaCakes118.apk

  • Size

    30.2MB

  • MD5

    d10f07211b6251e54fa4b12c5eb41926

  • SHA1

    b660ba885c1677afc2033f9d53c5960129e19704

  • SHA256

    1f0e7d8526f67dc4ab7e2e377a94b24da7a33d2a2d387840b1abf05ae488d7f6

  • SHA512

    37974b2bd34c8df0c036491872695130bf82345484e3da4ff7145e6b39778624ea5013ac15ceb6e32959b7468f76aac8db751c72ed29263348b779dbf0b02d7c

  • SSDEEP

    786432:B/0aqi1/kwmNX/TOWcY5dZ5tW0bNlvrLHIaDoeEYL:BMIaNywdZW0zHZL

Score
7/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 7 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Checks the presence of a debugger
    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.cyb.app
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4213
    • sh -c getprop ro.yunos.version
      2⤵
        PID:4255
      • getprop ro.yunos.version
        2⤵
          PID:4255
        • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.cyb.app/mix.dex --output-vdex-fd=56 --oat-fd=58 --oat-location=/data/data/com.cyb.app/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
          2⤵
          • Loads dropped Dex/Jar
          PID:4280
        • cat /sys/class/net/wlan0/address
          2⤵
            PID:4359
        • com.cyb.app:pushservice
          1⤵
          • Registers a broadcast receiver at runtime (usually for listening for system events)
          PID:4329

        Network

              MITRE ATT&CK Mobile v15

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/data/com.cyb.app/databases/bugly_db_legu
                Filesize

                4KB

                MD5

                f2b4b0190b9f384ca885f0c8c9b14700

                SHA1

                934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                SHA256

                0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                SHA512

                ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                Download Submit

              • /data/data/com.cyb.app/databases/bugly_db_legu-journal
                Filesize

                120KB

                MD5

                d8503f3b6a30b746805b537f67566809

                SHA1

                cc9c0ca060b22016c7f7407b43a74b58a4db1ca6

                SHA256

                72a3d6f8d233750aa8a561cdb8d79eb62896b60c763cf534cac3dd9336ae7a06

                SHA512

                2185b4098516b8e2fe5c130b354eed8846b8ba539e00c89d2c8e37a00552df2d01f6bb129b0796e1b1de569f5ac6f52d48b1bd295499ae2a75cebd75d4339e06

                Download Submit

              • /data/data/com.cyb.app/databases/bugly_db_legu-shm
                Filesize

                28KB

                MD5

                cf845a781c107ec1346e849c9dd1b7e8

                SHA1

                b44ccc7f7d519352422e59ee8b0bdbac881768a7

                SHA256

                18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

                SHA512

                4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

                Download Submit

              • /data/data/com.cyb.app/databases/bugly_db_legu-wal
                Filesize

                92KB

                MD5

                41c378983e7ccf429b510372694d4e78

                SHA1

                40ce962b07330557031a9b819906becb217f6845

                SHA256

                59718c66c34567280a6a27ae538b43d19da0e0626305cc34654cc5e1f50bea90

                SHA512

                b46b4812ffb2765fc79c03e9eca1b587bf822059779c227c033f9a017ec5d19673da6cc81b98017776c3d288d43610f9453fa5eb8cb0903d5d1ed5cbf15c1774

                Download Submit

              • /data/data/com.cyb.app/mix.dex
                Filesize

                292B

                MD5

                63f77f99bd2c2b772a479923bde11974

                SHA1

                c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

                SHA256

                4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

                SHA512

                3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

                Download Submit

              • /storage/emulated/0/Android/data/com.cyb.app/easemob-demo#chatdemoui/core_log/easemob.log
                Filesize

                543B

                MD5

                01c3d547a4edae3235ab003e00187d2a

                SHA1

                e7305764eeb87272d57d07bfc832de1bc2dd3eca

                SHA256

                5f91549fa892eb5fe2645f9ae78d39522f7252cb532f9aca66554e084c9977c8

                SHA512

                fee29e6f46872a3295e5db104617ee846c653267ef4bfd1c84a37490e72c84c26a62fa93adcbf1fc14e4988c70d118f8afcf6428c2c5df5f3b6b9f10a9fd5165

                Download Submit

              • /storage/emulated/0/Mob/.iew
                Filesize

                64B

                MD5

                d62b25791b9f8972176645601373ffbf

                SHA1

                03bb840c1867ffda55c486a53fc36a9ad95ef4fc

                SHA256

                2050f5a0e4bce2cc95fedb74e8438f87814131057ba93f8b5e175be144bd5ae9

                SHA512

                21de1d2fced190df5709a7444cc2300c850537aa91a26a2ddb6d87fe59321f54e1b96e616ad1462f41a1d73db837beaa36333bcd6b7e2be29dd25c261e29c112

                Download Submit

              • /storage/emulated/0/Mob/com.cyb.app/cache/comm/.mps
                Filesize

                26B

                MD5

                840eaa01e5d03fffee257ed5ce4fba9e

                SHA1

                886bd732b29f6dbdd94b890a2b203c5a276ae773

                SHA256

                7648e772307acf936c331c4ea9d92872b1af6367cbf83f33f569ac204df65595

                SHA512

                b0a4f9238c4b60bec0cca9c72e551a702a95210a735bd8176c1d5ba741e264d2f1e885d65ed07a88086afd74f69c5e02a92db8068b222a62c6f56762a26b7d4d

                Download Submit

              • /storage/emulated/0/Mob/comm/.di
                Filesize

                57B

                MD5

                70a42cba408700f9a6c01c7941a8829e

                SHA1

                eab01cc2c0671538795fb0b1146017dc099d0984

                SHA256

                499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

                SHA512

                8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

                Download Submit