e254b52940f712001a328f74d8dec33390e08de03052a7de9f46ca2e793ddde2

Analysis

max time kernel
11s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
21/09/2024, 22:20

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

f0b90e84a02ce153066b4c89e6a658c5_JaffaCakes118.apk
Size

18.5MB
MD5

f0b90e84a02ce153066b4c89e6a658c5
SHA1

7c2de191eb4cfb34f1e3135dc527a7b47eaa0066
SHA256

e254b52940f712001a328f74d8dec33390e08de03052a7de9f46ca2e793ddde2
SHA512

e8cf1134b79dabe124fb63adca39910ee2f5aaff349c17ed1cc4ec4f0a7ee7d07797292e68a82a0eb4818cf87fe2d3a2b5ab5b834d8d97d38ad132db23cd366f
SSDEEP

393216:eEbFN32MIs+cLILJJqsr6pKOLtEa4T36VfyJRBfFBNb:pL2MXMJz6CtTOy/BfF7

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/bin/su	com.cubic.autohome
/system/xbin/su	com.cubic.autohome

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.cubic.autohome

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cubic.autohome

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.cubic.autohome

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.cubic.autohome

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.cubic.autohome

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.cubic.autohome

com.cubic.autohome
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4244

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.cubic.autohome/cache/pdatas/pdata

Filesize
23KB

MD5
a2fcac5a6f1ab71b3b77120e56f3b05d

SHA1
78e3a93b491790c3b3b711181a8108e847f14fc1

SHA256
2d7198de4a2091460221781e976d770420eedbd74319d3e6e05a41f389fdbddd

SHA512
17998b6c96dcc44ab59fb12bc0f568362e7d998794c9e196d7581a37b408794742cbe8d9edf8810b376ec947ef7e2d010d0f7c304389cf92883a62000d3e7e79

Download Submit
/data/data/com.cubic.autohome/databases/advertinfo.db-journal

Filesize
512B

MD5
bd94a7b9cf0c1ec310bdb23da31e7844

SHA1
2da04237ade6ef4f94c7e769f6b465169ca36767

SHA256
35c4a8dfaff228a1ff2921decee75d10091fdde11e75ea307b68a3fed60b69c2

SHA512
b5fe30509189e920679a52fcae27705d2756b2fe78798b78d9e4d74a035d1fd3159b6673846e2b22d542e614d1a6cc514f02bbb5fabf62537cebe14e95d3782b

Download Submit
/data/data/com.cubic.autohome/databases/advertinfo.db-wal

Filesize
32KB

MD5
f5079751c6287549e3b2b106b5ea61bb

SHA1
d63ffc001cca8b71e5c9ee2254df90cd9c645d69

SHA256
7360dac00ce1c5ea79b205f736259db30f077fcf6bf2b37a58993e3903e11eeb

SHA512
3e756087585e49ba7a6620d9478af9ec5e206af9c597d621ab343f651b27d0fa4f8bfbb10514adf09347144520641715d621c6b3e44fb3197e0ef6cbd8f92d99

Download Submit
/data/data/com.cubic.autohome/databases/ahome_plugin.db-journal

Filesize
512B

MD5
7b3f6eb6f53678f032650e1af3afa2c9

SHA1
a767a034feb29a16b4ec06a5b519f08e65f5281b

SHA256
421a1c8d75baf1e959ac02cceab95f7b4bac61cad32f30fbfb9d03a6ba39c370

SHA512
89193cc9f404199161fd6da15527c5d600f492a05b0e12203b4c27015bfd174afe30782b901af114e525e9f0f6dcfcb9c8ac144fa8addbef9f04575bae62bc7a

Download Submit
/data/data/com.cubic.autohome/databases/ahome_plugin.db-wal

Filesize
354KB

MD5
086555003f19bccfd51322614bd3e11b

SHA1
6a3404adbd58f24c3cb8e04f3170902fcb12b082

SHA256
d6566d5fdd782dd0b0075e6f3876c2e4fcff99f643ea60697c80822d9bfe19ae

SHA512
9dd37dd1fa1f31eeb7d7d4ecdfba925a9c1cf14c97594187b1a44a4a75b0cd81363276a465892bed36008cd2f54ab704109983006a5ac64fc19400eef0255d1a

Download Submit
/data/data/com.cubic.autohome/databases/ahome_statistics.db

Filesize
28KB

MD5
cb99f7f0a902443a66b5c6248df1a7f7

SHA1
ec0585f382fb41da7120bc0f86888e7ab8a6d993

SHA256
0c26ba7a5c609ee8007a0139c2c516817b30a94f0798f47a062ccc6f60f4b102

SHA512
90e079ae4a410f7b2cf0fa005f9bf8f671050ade2780cafca7d63a9c02abb666ef1f9d8fe50e19185f6ecbe67a68abe00bd6190e52453da4f3676e8b6def6e16

Download Submit
/data/data/com.cubic.autohome/databases/ahome_statistics.db

Filesize
4KB

MD5
488853a2c895868b6b271c2a760d2f3f

SHA1
3c77934a08ca56a58788f87e77621b08377c52b8

SHA256
ed71e9f44bc160f6668b0d1f51a425db02618814eb848e96b84ab4cc5ed8eb5b

SHA512
672a2a5c121f9a3d6ff1a5591d5899eedab670c0ad867e2e901026e62053fbfd19559789ee1d8995db5af475e27b18c168798518dea4ac74f52a290aff7d3855

Download Submit
/data/data/com.cubic.autohome/databases/ahome_statistics.db-journal

Filesize
4KB

MD5
43e12578b7a673e97260a9eb87ef0be4

SHA1
e69235c2d6505a1a80ac82cdd9db34c47a1de9f3

SHA256
5cb99f7b62a7d67b9b522013038ca23a4016edc65e54170b3054c75a4f343264

SHA512
a62911949718c1c5f251d717893fd300f30233dbb846711291ac2f52d55dec2428372bd306945178cde9f03c087636132e57d6c67bb389fa72660ebcf8492be0

Download Submit
/data/data/com.cubic.autohome/databases/ahome_statistics.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.cubic.autohome/databases/ahome_statistics.db-wal

Filesize
4KB

MD5
0c25a3f05d7d68ad8aa4e74e78dea407

SHA1
7659a97058966cba21f3a4a750cf3ddaeb468822

SHA256
f91d3136513cbd99494b7b48d7976e811f490d7557d59cebb6e83fada21e635d

SHA512
5029b7b03ec276493a6320eda120f2abc9000265e04d1d23787a58012384628e331f43259e5d8bbd39e9788fddca8804a2dd89537583fb8eabd5599dc3b01b27

Download Submit
/data/data/com.cubic.autohome/databases/dns.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.cubic.autohome/databases/dns.db-journal

Filesize
512B

MD5
ca52202ec18ca671ba43422384a5b03b

SHA1
47010b5351e71f78dbe5dfd4d7096e1eb6c1b66d

SHA256
19a83864eb80de75240a8bd12d2535cd274b84df5c47d570aab6f9e28bb79ed1

SHA512
00b798869c33899f752fa06e8c4781c8fc7c3a62ca98f0866dc81fe939933d034dabef82b1ba248c50e21a691c2f5369a0b299695f3b5e03be884d96ec17c05a

Download Submit
/data/data/com.cubic.autohome/databases/dns.db-wal

Filesize
36KB

MD5
0a948935c61731040b0d51168a5c9d44

SHA1
8dafba416236e75ac08754f4c437dba732984754

SHA256
e8bc06546644353fd70f35935337f5ab33df5503e18e0ce1751e10a274207f9e

SHA512
da952d654dc6168e68300135d34c8696057c2269c82aa346fa7b2508aa0b36237ddcf83d1c79d178b307c59bb0bc766b5c60a31bb9ea603d678f5a1e886a845f

Download Submit
/data/data/com.cubic.autohome/databases/downloads.db-journal

Filesize
512B

MD5
7854022d3c2d050856a8bf12535ae45b

SHA1
65adc638b50d0ab2b3e5266094ec88e73ba03f47

SHA256
767bc919499122eced6aa6bcef7c05dc16303280aa944b61fb284158c41fe174

SHA512
ab6a1e124dea12d41b4b915a15afabe3429d4d2aa2854ac07836f44c305b2a1d72a92ca158b4a0b1416fce4e801d88369a4508d38a59d6adc5bd377823bb6506

Download Submit
/data/data/com.cubic.autohome/databases/downloads.db-wal

Filesize
36KB

MD5
f4146abba52ae652aa56e244446a001c

SHA1
08fe265c7ddb3093d8f7f5442f23ebc8635909d3

SHA256
65f770d6d4f6c97bfbeaa9c1411654ab8b124cc70f737a6f5cc526a3d0b17a5d

SHA512
00fc5de5b4e013c6bf86dd0a42e3a0a70a648ce92e0d3241f18cd207be72d6d5be24682bc6e9a25de88c8585048cd369ac969a6ce6aa333c94b58e7bc7baa611

Download Submit
/data/data/com.cubic.autohome/databases/netDB-journal

Filesize
512B

MD5
9bdffb4721e307c19ca0200582374d46

SHA1
ec1a2414a9486a77fb2c7dd918f523ebf80c25db

SHA256
7e64b840fa9ffa58a4fff598597fb9ad6873373d51c9a3637366a426a750c4c3

SHA512
1b6413bd212f2f9e437c3160813eaa3f0ad50c8867b18b6b98e7dbb27bad5752195bb11a93faa957d543449411fc10be0aac7a56380ed1d4089034b4b0d240ad

Download Submit
/data/data/com.cubic.autohome/databases/netDB-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.cubic.autohome/databases/netDB-wal

Filesize
80KB

MD5
299eb3ddc0a00fb8db5e74eb95214c9b

SHA1
ec0345a3e8925c577ee29ecf30e46e0f7b3a8113

SHA256
074695e67ba5a9b6cb6a7cb852d1555d0f346a52c4e1ed170715563134d75822

SHA512
a9108b65bffbf9e3bd539c15dcdb76ad573e7a2837c28427052ea9bfa5bdc4f33836a07f81ccc22458b8b2d4b6b8f2dc387e84cf8cfa27ddf0bf7ebbf9d1e09c

Download Submit
/data/data/com.cubic.autohome/files/libs/libBaiduMapSDK_base_v4_0_0.so

Filesize
660KB

MD5
55d5584fdb56587905faf892f685d1b8

SHA1
4119d1cbbc16bab5b7529c7e53890b8c76aebd95

SHA256
6d8f8d619e7c22ca21f4df67493d5760b9ba134afb1f5dc8654f6da2ab51b8a4

SHA512
96f892e8eef70f6df7969854427494032328d66b2400425b367eea2b846b236d5266fc05e38dc3786200b3fffb4f73d3307c292a21d5520f5e9c4e2cf33e04fd

Download Submit
/storage/emulated/0/autohomemain/img/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/autolog/1726957235705_629.crash

Filesize
4KB

MD5
e68b7ac2f41226245adddf6125493f0e

SHA1
b79680d090d744dfa1240338f3d9dec8f9d7104c

SHA256
57d22727fbba3ee87635e6604b60176e2836f72c73df9783bb962e015ca4a6aa

SHA512
1bff340ec347bbd6781cffe8c5281047514c712f5e2723877ea8e70e33075622b0285810991f95fbc90bdee44ed836cc50e88c0d409c21b055f7e443bfd3e248

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads