4d3f473c865461577b0aa04574d40a3f013027e6fcb4020404ffca4eb733f7b0

Analysis

max time kernel
149s
max time network
134s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
14/09/2024, 15:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e0784c6cda741613f13fcd47273f17ba_JaffaCakes118.apk
Size

12.5MB
MD5

e0784c6cda741613f13fcd47273f17ba
SHA1

cd47c1e6cf25dd030d52f8fb0a3034eb220feb8c
SHA256

4d3f473c865461577b0aa04574d40a3f013027e6fcb4020404ffca4eb733f7b0
SHA512

709cd234bbf6c0fce19dff6fcfdf1a823c2e5850422537197384253a82458b120ccf884398512092c6c95517bc45dac85895a752b858f90b0bd97759e75c76c7
SSDEEP

393216:9tBA83FiiLiEcuRemMAzmAwbS85cZo5e/dq8pVoQmEqpxC62bt:ne8MqcVmsA385cD/dq4WQsC62R

Score

8^/10

evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.ybzc.mall

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.ybzc.mall/mix.dex	4336	com.ybzc.mall

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ybzc.mall

com.ybzc.mall
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Checks memory information
PID:4336

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ybzc.mall/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit
/data/user/0/com.ybzc.mall/app_bugly/rqd_record.eup

Filesize
337B

MD5
56d5a7e7fc6077b5495bc19020fbc224

SHA1
ac96fb8c4785d8aeca8e6b28b7f42bb8773be184

SHA256
fe4562715e986475dd48457f75aa68d92c1562bb11912fbebf007b4f80fd32de

SHA512
fd851c7f158dace0b0fc2787487d1f3ef777c28d2fba0b6301fb2103ef94019fc9bb02858b95ba2dfbb49ed8271b619d365bca9344481168346b5d38520fdf2e

Download Submit
/data/user/0/com.ybzc.mall/app_bugly/rqd_record.eup

Filesize
2KB

MD5
ea28dd8cb583958b60d7dda0ca24c5d8

SHA1
e546c00814808bcf60b26f4d8d7a48d44ecce4e8

SHA256
5a6c0b74be2623ab93ad37e4e7e5cf721159636e1b937ef803bd6ef7d288ab9c

SHA512
3d97d7c51196117f69dfdc5d1d5aecee9eff40d7851ac4da4e9366f6be0c80324c4e020787d08d4e37d21e1300312ae57d44c5b26dbc43983e5e956457584b82

Download Submit
/data/user/0/com.ybzc.mall/app_bugly/tomb_1726327468133.txt

Filesize
56B

MD5
bd0f8f8f3ad93fa07623422ec6e72003

SHA1
c3589295e7a4ddcf35bcd7a2c13bfd381783821a

SHA256
7fe875398dea7537a57a77c5275cbc8647aaf63ab6fd9148443b65df2e1d0647

SHA512
2ec3e073321262b667afbf98fe4e9f51e4c0c58baaad506b120239031f10699d699b94470bef13007bd6199df3d3b03f1eaf147c0cba5178aee7e267072b1c0b

Download Submit
/data/user/0/com.ybzc.mall/databases/bugly_db_legu

Filesize
60KB

MD5
c2641d1dbe415ddef997897241255577

SHA1
a1268a8cc4fc1ef9a595e6a5415f606668c4adac

SHA256
b4a077a770ab30fcfda74ebb1fab409cd8a5230714a02e708e9fd2d81dcfeebf

SHA512
79dcb5dbc6067318339c4c3637a0dfe57890632b912647af09022ecdd2291f204cd89c55d6872b9d004bb774c4937a286e0c148cd42af528fc1d9782091c8665

Download Submit
/data/user/0/com.ybzc.mall/databases/bugly_db_legu-journal

Filesize
512B

MD5
3bebd9114998225a32eac9c63eff3a5a

SHA1
b967a9887c4bf790be15a628d92be65a628c7f9a

SHA256
db924fd0aeb5af28038fb13d848bf2b703f5ce38e2f7769ab01c2ee9d3752602

SHA512
556765e33034136235698263c5378edade0c39b237e31210525832efd453bd4264a0b0721e86c2b8ca20fbf9dcbb1859eece57563f249e9595babfc6a707a8fe

Download Submit
/data/user/0/com.ybzc.mall/databases/bugly_db_legu-journal

Filesize
8KB

MD5
5c1903da97dcf7deb18b8f5d34e05816

SHA1
2115d08673f4b64bcd0c5401eb92ec7d02b7fa91

SHA256
de94a4f49bfa2b6e75a4ee35822ec3d7c1e434e3c173fa84ef4c988d60ab3b29

SHA512
50805528adcadaf03c3e7027a02a5199f3a1812196d0dc7cde30722f25efa416285ea6fe7b9c5efb855bab28d4c4bbd7306cb9c045b2d6fd368c563b9cda15a9

Download Submit
/data/user/0/com.ybzc.mall/databases/bugly_db_legu-journal

Filesize
8KB

MD5
e1202b03b59e464c06f49bd47091c81d

SHA1
17d64aecebd99303a10c7950e62d53024bbff476

SHA256
e2f548cf9964203babcf681aa5000504a05ef4834e7e9cf31c94af8401a41115

SHA512
d789cd3fea3a9eaf9a922d6172a351a298a6db2d3cf0d26093601aa436cceca11ec6d7dffe74eb34c0b78325b409d849aa4927018585e31eb97378c9a12fb1d0

Download Submit
/data/user/0/com.ybzc.mall/databases/bugly_db_legu-journal

Filesize
8KB

MD5
575b291c92ec0929e03e6bb2a47bb404

SHA1
3731955eb5c848f105af5146da60c54cf95fd8b8

SHA256
b16fed417018c6888a4e6a7510c0a98f5f42d086a65989e551f6436f3dc724eb

SHA512
6a73f0aba8ef6eadccaed679bb7c801905565f587c5050de5ac9be8687cb6e3218ec273832ec0618790cfc9496a7a707e12fda8c2799296ff4a1571377c30438

Download Submit
/data/user/0/com.ybzc.mall/databases/bugly_db_legu-journal

Filesize
12KB

MD5
51dbc966c86cea05ce12a10420496b01

SHA1
dd6c9604c510a82d83773f79e7b145e29317ad78

SHA256
4d080fa91f27b8a2081659eec5bcac99813847671841eab40a9f8aa8fbcc4fb8

SHA512
a5775b5f12ee38e1e4a47d5ac26a59cc1d26206d6ecf91c219c22bf9c91314660fc7c99108270730e8a6048faca3e1636da291ada45fa0835ec21180549346b7

Download Submit
/data/user/0/com.ybzc.mall/databases/bugly_db_legu-journal

Filesize
12KB

MD5
5e1c2538aab8bde77d0fd2a72ca93a28

SHA1
d75c71449d2e287dc31e77ce43849831dd9cb622

SHA256
63ba425f3c39ab5a166ab6ee1e8a67bdf4bc4c6ec981907355c97e5e936130e0

SHA512
e5aa19c0d2aee2f3a49b1f8e446b81e9b425776417a5a545878206e7cec5a6d71ff59a4c58e9f5316c8cba8f760d41f96522818ef84235cb98a09ae7f153832f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads