23db806d4d57078409d052a5d2c1b50ef2d49834ec2eb1df270104c49c9a9fd6

Analysis

max time kernel
34s
max time network
134s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
14/09/2024, 16:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e092de18505698d60c58ca5d21b8fe2b_JaffaCakes118.apk
Size

9.6MB
MD5

e092de18505698d60c58ca5d21b8fe2b
SHA1

4843421086a42fa80333fde3daa23276a909cb77
SHA256

23db806d4d57078409d052a5d2c1b50ef2d49834ec2eb1df270104c49c9a9fd6
SHA512

0b8fcaadaf2e7cddadb326ea705693fe8836033f07c999c4433de32886bef4ea943f95695870a7671f22bc54a5e634b2b5d52a2ef222e8732bce4c9387e078e7
SSDEEP

196608:F2WCIBK4ZxxsY1TgGlhn4DJMyykKQjjTpOugkgphdsBw5sYTrt6TVBX2JSMpqKwQ:4/qfxhfTn4DfykKQjX3KnJ5MfGJSM3cC

Score

8^/10

evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.rc.ryjf

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.rc.ryjf

com.rc.ryjf
1⤵
- Checks if the Android device is rooted.
- Checks memory information
PID:4336

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.rc.ryjf/databases/bugly_db_legu

Filesize
60KB

MD5
7fb5c6fd002b11d4c8ccc4fba2700f30

SHA1
d28730c91fbfa65c79a31dc75cc8c8d3b02b943d

SHA256
8cca9a371792a5a50ea2ba7309ec7285555fc579d2a65e83cea4c9adafcaeda8

SHA512
86047d9848bf8947fc8c84f014800d09c41d51f3929feec19a0300250711f83d4bd3225a81f7ea804568343da75fe2f33e3a346f14c3c412112facdae50ba65d

Download Submit
/data/user/0/com.rc.ryjf/databases/bugly_db_legu-journal

Filesize
512B

MD5
2f0e08da70153782aab590ff947dd48c

SHA1
9552b6d691eadae78a760fd86c01caf7545de92d

SHA256
5d833993b32a686808e8294cb1b3548f8931b24ad5544c9689c2c95b7e2da01c

SHA512
7dda6d173edfb41789d769228b0ea9775b03696dc96232801438ddbf14ad4a336a884ff071af00ce107e8f69f90ef802f4b92a9f7006c12996b08b45985a0233

Download Submit
/data/user/0/com.rc.ryjf/databases/bugly_db_legu-journal

Filesize
8KB

MD5
020b61ef822de87b5720196455169b6a

SHA1
76b839e420b568a336996cc94c804ed232d541d5

SHA256
f300d407544679b608efbde1479f8337fa1b0a33f5de303535de1ab32277f91d

SHA512
18405c07263edd94aa728d4a32c012129fb6dd9a0d2516e118c4b170d003f74551400d72aa661d1a05d442b378ac1cb231540e2101eb59658926d657e957158a

Download Submit
/data/user/0/com.rc.ryjf/databases/bugly_db_legu-journal

Filesize
8KB

MD5
e923cddf861e86dbd54025ed6831ddf7

SHA1
ac8fc2cbf5abc734947d1d6b0f3a1a1b2cc533b0

SHA256
c27fcfe78da8ee073d64c8188de44a0456b9d919e955495aecc681f4ac8f8879

SHA512
376d7475c3ddef835067a03955d47509687a0b00bf4c091d54977c50951b4c19faa1da77254b1151f96eba6a5688299a7603beac2062b9bccc147b5ea2948413

Download Submit
/data/user/0/com.rc.ryjf/databases/bugly_db_legu-journal

Filesize
8KB

MD5
a44558ff7b1edbae37768f7258ff7b51

SHA1
bfb711e1ccb15da8378b45bd42c952fb6852a38f

SHA256
30d61efa09e23723816246af9b4f987e331224429f571fb60e742249afb89ab5

SHA512
65e43dabf6b1ecbd0a319c7fc999814e7e6230b60902ee9ddc76181ad8af85c87d4e31fe510802f9bcef1161e5bda6b7e7474d7b6ceadc8a86ad5278e89803fc

Download Submit
/data/user/0/com.rc.ryjf/databases/bugly_db_legu-journal

Filesize
12KB

MD5
0fa36df5f296c7eeec0a3f53d7baf0f2

SHA1
c9823fb59f0550810da6b08f9b01ee6d2f44d1f2

SHA256
b0864dedcfea3e85b6e56c73c3d308606f23aaea0e9c121559e263773e0ebbd5

SHA512
19c847726a07b20dfad8846b2f1c758cd123a72a9475f857785d4d9bf5564fe4c6939ce15286c1649abe29ed1210bfb58c1e214edc5bd1813e6fefa62179ee91

Download Submit
/data/user/0/com.rc.ryjf/databases/bugly_db_legu-journal

Filesize
12KB

MD5
35cc26283ddc0aa1ec11c773be25649a

SHA1
7da87481452432577033598cdab5ffe74b494310

SHA256
976250b6e6b35398efd5deaa7534e3607f69e4f758e1fae7f53cf4e62d6288b9

SHA512
8a30f89e94730486f3726abf03771b7b020e0d5fb6830ab0c307e959a2e26562094b61020823a41c2ea4b1aed0551448d79baa2f28da93768467112fb2075d3d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads