89aeff7205e2a924ac6ec4cfb2bf506dcd85bcf8db23032f191bd2fd4bc93b0c

Analysis

max time kernel
131s
max time network
128s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
19-09-2024 05:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eaa99c3fa9bd2dc29631a79210bcff78_JaffaCakes118.apk
Size

13.3MB
MD5

eaa99c3fa9bd2dc29631a79210bcff78
SHA1

e081467a27d96fc6fecf2258da2f343280a15513
SHA256

89aeff7205e2a924ac6ec4cfb2bf506dcd85bcf8db23032f191bd2fd4bc93b0c
SHA512

7fa9815b77543766cbd8dad35ac44567eff08d72236438851cafd0f5764867e5ba2adb3e887393ad830989dae9228c3fe277fcc1b8392a9e4b5b01e14e4f5dc5
SSDEEP

196608:ImhvXcH+666lPBIz9oi7jFeFl4f0L4boxDK53RgL2QSGvw+UXkMMG+nvQAi7:7v/6l5cy+Lf0L4bohmhgL2QSG4X64T7

Score

7^/10

banker discovery

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.gao7.android.weixin:pushservice
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.gao7.android.weixin

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
9	alog.umeng.com

Queries information about active data network 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.gao7.android.weixin
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.gao7.android.weixin:pushservice

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.gao7.android.weixin
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.gao7.android.weixin:pushservice

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.gao7.android.weixin

com.gao7.android.weixin
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
PID:4241

com.gao7.android.weixin:pushservice
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
PID:4290

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gao7.android.weixin/databases/CityProvider.db-journal

Filesize
512B

MD5
9af3a1c4dfb6e3d299244dcf7d5a0b12

SHA1
c0cb2290a3c1efa52721b3256cffa461e706f54a

SHA256
1556e799d138f33de4ad25b166add197674b8ce488343c81e2b45bc54ec152fd

SHA512
2768f9d37631b718c5be9c9155c5d5e9173093801b2d5f8d2e9489a3476b037037e2b0f09cb50c63c66f9c87cd1b75e86d8f27c3cd1b4af955de080ba9746ebf

Download Submit
/data/data/com.gao7.android.weixin/databases/CityProvider.db-wal

Filesize
32KB

MD5
3547bde9358eadbf0b804db663743830

SHA1
bdf682b41e62a50a92d1b16d6014cd06c99b414d

SHA256
4ee70403554badea654027342778327ac570ecf1cd9ae5f2dc591b24d93024de

SHA512
291da06beabf23327f2185571649799adc3d57cff2a26e83537b02f4ab3a9a4d8180622aa81f6c020ef449da21cd5024540119cb4b337b8762e7a5f030118438

Download Submit
/data/data/com.gao7.android.weixin/databases/ReadArticleProvider.db

Filesize
4KB

MD5
a7200babd49cb43daeb68fd569cd0ef0

SHA1
709e123938d4873731fb841858c69ff6ad568eb3

SHA256
ecb75841357abf7c1c2a1ff11cfbfede269a1fbde1b3f469bd26aec45b07c42e

SHA512
3277f0ce2a98c79f5c23aed3194d12ae0a9dbb4ea6ad1a63211b953a0c5961018476cc58c19526cb97701c5ba98fa21a004f8d4def316285c29bab03ebef27d8

Download Submit
/data/data/com.gao7.android.weixin/databases/ReadArticleProvider.db-journal

Filesize
91KB

MD5
cfa9051cc0b05eb519f1e16b2a6645d7

SHA1
149b5180cb9de3f646fc26802440a6ac6e758d40

SHA256
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

SHA512
4e2a15148d477cf00587b04602cb8207beaf22b98cae8581fb244d2a74da9f6e8e042769747f43598a13c596e35bc902287dd00c8b61780115b28e4defec3be6

Download Submit
/data/data/com.gao7.android.weixin/databases/ReadArticleProvider.db-shm

Filesize
32KB

MD5
15d42f5f5daa5a6a966c11274f222e93

SHA1
6f0224671e062484e43fa48ec63fa797901d7c5e

SHA256
e60e08d69d355ce8a8ff1290b79057ba7bb926bb8c2bd0fbfc8b26773ba58270

SHA512
3104856f545f474fd5181dc741a781c8ed8072c54268e787b7350ab6eb5b243ff8ada37ec6355fda574a78ae134973821b36e7aed86a07785cd32d9505e5d705

Download Submit
/data/data/com.gao7.android.weixin/databases/ReadArticleProvider.db-wal

Filesize
28KB

MD5
8a7309dc00c7d0998b374cd603078ace

SHA1
c9042a2eea0d5fe1f982395b96903978cddc3cec

SHA256
62f69706473f51a063b64030b5fdd979a92c0944a703af57b1df5af269a6ac09

SHA512
b7cca804c5e44d1a01502b7754f5cf6dbf770a5603fe58fe580cba9e6e5521dfb5fa38938bf196ee014325445a5f99d990cb21e336db1528125481be27059f04

Download Submit
/data/data/com.gao7.android.weixin/databases/UpArticleProvider.db-journal

Filesize
512B

MD5
72ea451ccf2e9021c620c282a57281af

SHA1
d6f637f4c2dc1177dda74674bdd397bced32ed19

SHA256
f35a4574d68e05e2113cc95a8c7b321856dfdf35ad0c6139b4567065152b9065

SHA512
ca9f5da49f122c3f04ec86983cd2d0a7e8db4e350e598413f66d4d47239dcf0f8e4df8f2d56e470a9d5c2ba18f0e600b0f14bfcfa8fdb4be368580871fe09edf

Download Submit
/data/data/com.gao7.android.weixin/databases/UpArticleProvider.db-wal

Filesize
28KB

MD5
12b217251c4ca8b902804896e461e01f

SHA1
5d02f65a3fa2af1f76d3797f8868e676f0bb8e7c

SHA256
968594836bffd391932525700a3f736fd495890c1494f9a4b90ffd9f6bc15aa2

SHA512
322fdebca5e39db80d4a7ccbc66c39f9b6c3bb0a1052f677df1703f2560a793fd91681f6b2a56582f388e77956808aa22610528fd2b49188d7d5226a2cf36bc2

Download Submit
/data/data/com.gao7.android.weixin/databases/UpCommentProvider.db-journal

Filesize
512B

MD5
f9f0c0ab72ab1e66078a1ded744e4ab9

SHA1
044f225de4740f93390dff04cab0543fdd326e9b

SHA256
240a81983b3a024cda1ba145c822e001caee6d298ca42ae9e5ba714ffde1da29

SHA512
a1a74f36d1feb4a08f4dd22750407358579bb0700f786f084b8ae14890e0d9ca3c9c24f21eb2d7a5561f5aa0265f6d79e1cbbee011a9b32a6281fbeaad0edde7

Download Submit
/data/data/com.gao7.android.weixin/databases/UpCommentProvider.db-wal

Filesize
28KB

MD5
123647ae9dca8237639d3fbb357da52a

SHA1
801b59a1c143f41f14cb7d3971a42cf3cd58ee16

SHA256
6aff15176ef015a0585baf7f1b3f244a4e5c719f6af9a332c01774189e1e41fc

SHA512
e48e3c044e70c67f2b60e8ba6e122590e8dea191cd875d3f04e6e353237296aab7b28143de51615c6845d17d2c1f85a331c9486601aeb28a16ed58ee6434216d

Download Submit
/data/data/com.gao7.android.weixin/databases/UpJokeProvider.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gao7.android.weixin/databases/UpJokeProvider.db-journal

Filesize
512B

MD5
dd167a95d30bcd3c6297df26ecfac4f3

SHA1
dcb7e7f141b16b3d0ec5b77f40744a9d98e9a9a1

SHA256
d3538876243d2a7cad5d1b7f30a3d589322b3c3ccbe28ea1f26b5bd4bb5ba177

SHA512
985ccc4cf69d94177acf544eff2132bbac127a958ce47909115c77aa18ea42a2c7396844962459a225e2308f50cab32540ad6c113520f0e921e8a7518049af1a

Download Submit
/data/data/com.gao7.android.weixin/databases/UpJokeProvider.db-shm

Filesize
32KB

MD5
506cabb962ee404f93bc81f4e8a477f2

SHA1
6cebad6276b3ec6fcfbab06b61a2b1d2b1269886

SHA256
268ff2b4412e881d16ad09bc6a1d43cb3da4711e46d740b12ff21e00c708ef80

SHA512
ef4d707de58addeaf3950fe880ac603b73b87b9cfd8bce0a8baff07528bafcabe1b08bf744dbde6355023083f237aaf6aff207f9aff70053f44a8fbb5052cce6

Download Submit
/data/data/com.gao7.android.weixin/databases/UpJokeProvider.db-wal

Filesize
28KB

MD5
2561640ef2f61bd32744105e78b2bf7e

SHA1
8da200f1a3c5f337b05a97b1da347c7ef6237100

SHA256
9272777a122ff97327e2d88a943802b70ec16510e6022a7799d9cc4acca6e1c7

SHA512
f65cb9f4ea5deb836c906ec228097636b6592f6fea9320a4170ba28c194b289697689054a63e4755cb287b3b614c20a6c02d6de3645bd87a1c8379b0af901030

Download Submit
/data/data/com.gao7.android.weixin/databases/xUtils.db

Filesize
4KB

MD5
aa222c10a6fceb71491a00d127ea82e3

SHA1
c9d2b5e0e84a1f304c9833cd2e808e41e4e6fe6b

SHA256
dbb71f7df060100fdf62e43f1b669c0c7f602090d3445a301ab22473eb74e37d

SHA512
bb95b272aec608a3bc442f6dd23f4e7a6bbdbde0fdb44001d1170d3cdf9da39fc386d925eacbc65a16dc372faed072247bab607d45e7c35f71c0ea26b68ed725

Download Submit
/data/data/com.gao7.android.weixin/databases/xUtils.db-journal

Filesize
1KB

MD5
d318b6d965212b5562ae36c87cbb981e

SHA1
aaa0cb4a4b326f94b319b6be00808cb12834808c

SHA256
a4eaae40f19bc948b70f658cae0e64a308a8d1c45382a24ffa506d9d5960dc42

SHA512
f0561a875478142e586e098836d137327b11ddf39a868ddb37189711892072ea69081746085cd4dd93f3e6b0c8500b3f1a34a8319c842e58c08eb0a38c5d5ea7

Download Submit
/data/data/com.gao7.android.weixin/databases/xUtils.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.gao7.android.weixin/databases/xUtils.db-wal

Filesize
20KB

MD5
423f4ec75cf8ed05a8a9cb2942b070ee

SHA1
9a964c6a81c456222922a88993127f42791d8466

SHA256
ee5788144e1557ce3588a0467f62030c8973602900453b375efe570eaeea533f

SHA512
26ff37c3b5594f24233ddca0e415e0d0a2eca7526950df8b8438dd7a2506fc8b14dea94da6e2b34b5123f91ddbf0c33c5d1143b71a29e2385a5e0af1ada85544

Download Submit
/data/data/com.gao7.android.weixin/files/.um/um_cache_1726723401649.env

Filesize
573B

MD5
77a4df6e6944a334e6a1c1871d95151d

SHA1
612fc847c094523bf59bd3b775409f4428f98ef9

SHA256
25a019a702748003b7e3e7c57d5fb2baa7a2ad73087698ad9c93a3365bd13974

SHA512
4720752108a93d4ca1f65ba56807fb17dcd0cc01e40b7ca396d38101f64f9f2c73ebfb377ca066144b191fc31163ebec7cc08712e8d60d0af4edf54b39434f08

Download Submit
/data/data/com.gao7.android.weixin/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
ca223920743265b60512766dc9506d92

SHA1
2d9ce16881cc29c43ef4d09df0720b06a63dd775

SHA256
849abfd0f784f4dac9aebc63588569a24303e3c47619edf436d54bc80ca038b3

SHA512
0479686d78747e0be7e0ec9755eeb10e8e3d15c4088b4666507ad9a37a7e5a397b10a0e59ea1b9c12a9a37a20ffeb7d832871b836461b04e44d6f2970df81536

Download Submit
/data/data/com.gao7.android.weixin/files/umeng_it.cache

Filesize
310B

MD5
f90a1cb284202c2508a4a2e63ae52130

SHA1
ec8819fc19f961c323e221fc89e6c8e04d9ecefc

SHA256
e29fac401454ed3dcdd0e543326693aed8921c65acfe25bdc65be295c37d5d8e

SHA512
6dc59f54692e9db88f23f5c05e95f9f3265dd89eb35f2cec5788bbd328c31d79fc467015cf05b8b560be525ce9718f24c887ef7139b0ea4eb2b017df7ff5fd20

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/cache/download/tpdownload.db

Filesize
4KB

MD5
a9322ce7e40a073d7619420517eb47fe

SHA1
b1686a176140c3017e9b7c8c2131ee04ad51a611

SHA256
ca4b9997ba2beac4b86f919aaa39443b49b4cc76afee20d6fbae87c6ac4c636b

SHA512
7a2bb209ce8056757a7599ada09fd9c5702aed4b77b5d7af83f1229d34f94dc70b9724d6e10a453779a2ba185fd6927939ced54df6d1ac7526e1ef61c9bfbe0d

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/cache/download/tpdownload.db-journal

Filesize
834B

MD5
56a26b3846ca68147bb81032b7a8d514

SHA1
b5b4eb427d5e14b1a4047d5aededda1130d0fc37

SHA256
36a66f2d597cd0cdbe6503f15d044360de66e79e0f20f0bab1a4ef900f7efc69

SHA512
02bdf7eb1f2116ad674efdf404181053b38bdf7c51f5b21953fb53f2b2d7bc5f9ce6b3586529ceadd2803d355ab87e82a0616e5aca63a1e5322479e2a14e660e

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/cache/download/tpdownload.db-shm

Filesize
32KB

MD5
37d22ed599c2db4b71977fa3a272e455

SHA1
796e90725b0dea09a466944ce2f376ed251288b6

SHA256
b781835709690414ad4da87989d93ba8d051ecb21f292a919c24d97cd9a29920

SHA512
aa1a97bb38be887379e5fee005c816f1f5c8cea0be2f1f82667755e3a365d71cfb45b8b8a9715195ce5c43157a9871daa7c9aab869f267fe2ddd6bbe2f9a111d

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/cache/download/tpdownload.db-wal

Filesize
32KB

MD5
c3a4510ce4a4a3f1a03df3c6c2374622

SHA1
4a9e9b0616c44762e1cd6a72e0dadd45de80c480

SHA256
87bb67b722f717c9db7013eb4bd3a3a162ddd04c9a1a030c3c8d7ee206753e8d

SHA512
a03fd223e5c880c36375ede67f8f0b88387cb9b64004325a66297b18b2da626415cb9732efa7e7cbaf677739c83e21ae6f8bf15c8b1ad1280e9fb25f40d71921

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/files/Download/html/article_template.html

Filesize
3KB

MD5
6758d2dc4c6dce0441982efe227541fe

SHA1
8a6e259dcd3245ad4716402a91272860617dcdd7

SHA256
705c0a47ae29bb5b56e175f24d4443e885a387bed6a59432c9aa82862f47d7a2

SHA512
74b372dc2f1b5b80609d91f5fd4b0fdd98c44423fad7f541d561b4326ff12f0636b863537fa13243c95181417e986e78e3b9d3f9aea1092bdadcc1793ff3b6e9

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/files/Download/html/article_template_night.html

Filesize
1KB

MD5
3ded1162d3a4685e117a3f5dbe30b7aa

SHA1
74914e7bdcfdef4e266db6ddbf5585dde62d45e7

SHA256
7606f8b04781a1204fd1c027cfe46cac20625a0871ea6a900e32c58b648db4cf

SHA512
8d9f4f33dc73be2ebe0b507fa7387ec862abb1cc853ffcacc011d421013fed8e1f5f556fe355f4411d1e8f84d8ebc9b9c291021a7dd2c7718371840265c880a2

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/files/Download/html/assets/default/detail.css

Filesize
1KB

MD5
23e755d06ad9a8d39db60de636d8dee8

SHA1
073dfeefd1ed17ecad4a7ad0e57bfd17c79f50c4

SHA256
71095df7c88bcf3e3b408f8b46820fe6bd2603bf287d0ad05c4268e58a4e9e42

SHA512
34078f4d2ec7923f997511738050412ab4bbc5c695b47034e212f7ac9debcc15d52c6cd9f76aa0f0223dcabebba3161a198794a44d0064d2b5e300ec2093aa92

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/files/Download/html/assets/default/web_loading.gif

Filesize
3KB

MD5
0af3b47ba680f1109065ddfad019f5b3

SHA1
8d7c06bc3c4abe7df7bc97218b8ef811a5616472

SHA256
5b9d8499f7d12df7bb6d4e363ca2cd2dba92f4367e664da359fc7a09cf932ba4

SHA512
09c6dbaf9e0a84e6d443dc126d772fbe725a31f82b4f27815e8cc3e47eb887b1525d338c9e9881bc68cdf84481eb08afaca30f87b40644342cbf05ac93699b57

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/files/Download/html/assets/default/web_reload.png

Filesize
2KB

MD5
30cca7796924ecc9fc8e39586053625b

SHA1
bb6ae840962d48b02fefd09d849deb09971e688e

SHA256
16112ac8ec819a44813d0a270934a6cedf67439d93f7e173006db614f09368c0

SHA512
5b32876a2ce0ad4cc4921b2e1ecf3f3c159b8f3547211ff95e90415b9019c3d9ee442250f1d3c68a218eaa1fa3f8208c28c387e73eff3e58deda2a84526d973f

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/files/Download/html/assets/default/web_to_load.png

Filesize
1KB

MD5
f167db5f91c4b6e2119a1476e1493e11

SHA1
ccb08c0f4010d994857ff72b5d94eedcfb256eba

SHA256
247e57e4e5bbc239c946b015d4640f59182c92779337e6ec1cdd0b5a77358ae8

SHA512
30b7857e5d02c66a123c83ac62909cfd8c4fd64e8107592b5baeb3ef7fdbff47229fcd338ad06d795fed5179577b9702cc2609b2b417eed24eea2ddb69ea4a05

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/files/Download/html/assets/night/detail.css

Filesize
2KB

MD5
2a6e9c0be33a9ca1fbab8edd67ff5ea7

SHA1
499f0a2658fd412fa0450bcfdb8fdf6691b67446

SHA256
135542938ab440ec16258d1fb52197e0a7aaef19d67e6bca7dbd71a20f8afc06

SHA512
a9d5d198eb1039af4844b1370c569aa4d8a7bc4d7cb480814ee6f90cb9ec59f007af25e644cd516cda1cb34709ae4f639b300afe73c14a40105c8107d0f1a865

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/files/Download/html/assets/night/web_default.png

Filesize
920B

MD5
30a9535c40a7bce522ee4a329b0105be

SHA1
791f4cb327f83a72219ae2875d332849016e97c8

SHA256
36f3205d5d41573b6e69bbb9eaa7015e336abb6e1fbb1775875df2fd500c6c79

SHA512
c3fbe7f8239a3b57d3d73d357ac7e671cb45bdddc7fcb69bd451166c6175e19ddd2438cb9755c1e65ca660a47fae822eaf2e799ba55f229cce01e0f5d4128fd3

Download Submit
/storage/emulated/0/Android/data/com.gao7.android.weixin/files/Download/html/assets/night/web_reload.png

Filesize
2KB

MD5
83a8277f9f8470136b1e0ddf6b7c8f7b

SHA1
1e91f044cef3057f933e9fe2499b8cb2e865cb12

SHA256
b305874ff4d7919fb1526a1f088a1d662a370e61a506519530534eee9443847b

SHA512
38140b5cbe6518701ff752db7045ed77fc3fbd984bc9e34d83ef1a7399a846093261df781d1bc93a2770da49ecc3d5c54e1a0b5cae3223e004805838093a43de

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads