Overview

overview

8

Static

static

6

ef9eaefbb8...18.apk

android-9-x86

8

Analysis

  • max time kernel
    147s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    21/09/2024, 10:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ef9eaefbb8929f2efd0ac5f37886b566_JaffaCakes118.apk

  • Size

    13.8MB

  • MD5

    ef9eaefbb8929f2efd0ac5f37886b566

  • SHA1

    342639d759a85b32bf727c35528858744c7a0504

  • SHA256

    4eea9a478c31b5125172a8b2b0e1a5ab6309e8b07f10889550f8015f55fb5645

  • SHA512

    2691247fbab2e1d890a1856c1315f83eecd148431a3adb7312923b86e661e7a76fbc779baf76692a62f3eed5bc7a95590eaa45e824cf2a72681cf8050905d6ee

  • SSDEEP

    393216:RIT3Re8SGUvsqS4E2f7icpbvdIiwPWnoEJnK/Vhevm:03CQ2fVZwPTEFK/VQvm

Score
8/10
bankercollectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 3 IoCs
    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Requests cell location 1 TTPs 2 IoCs

    Uses Android APIs to to get current cell information.

    collectiondiscovery
  • Queries information about active data network 1 TTPs 2 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.wfacebookwatch_7872353
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4245
  • com.wfacebookwatch_7872353:Metrica
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4367

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.wfacebookwatch_7872353/cache/volley/12656194441060619102
    Filesize

    32KB

    MD5

    fe06d14ad731f8631a4cbe8ae9c45641

    SHA1

    f065073b5bec52779734657e0290252ba4e2cc9e

    SHA256

    130e5a5184ac15c377b5d4e4f4ff672a56bfa5c259569a8ab2b3d7045f1acd67

    SHA512

    ff5d899b616ca7252e863a2f1b04cf69a64fb0e2e794119185d2fb05bfc8f0ab5490bf49d6e712c63fe133fcd1e4a5eeb7752238e93d75566f9dd44b53eeb7e3

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/cache/volley/442711969129270218
    Filesize

    32KB

    MD5

    a7245caa301b8db958466b4c8b50d1da

    SHA1

    723c541a18bcc2a5a31451b618a38184d7153d1d

    SHA256

    bd69fc026e83f45f548a2ccaccae3414bd575be4d0d21990564292793d706eb1

    SHA512

    a231030c04e56b59a0d6d20a16633ae2714113a54385e032b190a887b404621111388c7eb71c9676069104e9a0b219c9ff3301eb4b85f0f9b5ee59a138bead00

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/cache/volley/5356414481356467777
    Filesize

    213KB

    MD5

    34f73871856d60fac73801952d1aaf6f

    SHA1

    fc7e8da28d3f3e68fa1d7d2a93a0017b9e3f6925

    SHA256

    a24a69a2972d97a595b61e557ad54db238566423ff6d82d6d97931fb90801447

    SHA512

    2b4319c10e954655d12ec4102ccdf8125bbb2ba1d96e6555b8561f0bc8dd8e9dbf2eed00affc1ca5e2c490999c5043222b3e0819e776c861a0932841c195d479

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/OneSignal.db
    Filesize

    8KB

    MD5

    850d9c01b6b3c70b0af1d94a710fdf9d

    SHA1

    e9981181bae8cb134a9f52a56ce4145a937caec5

    SHA256

    1fbb990ee4a1abacf9c58cf068ddf18b8a882291d146f6f88373ad564d5be4e0

    SHA512

    dd63eb3d9c753b81fb1e898ef3e0cc0cfa16851694c24d63d521bb58b55ec689eb057ab31a6296bfe06fb7049fe609539e4e17d6d9d1dec79aac6e9967ee0234

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/OneSignal.db-journal
    Filesize

    20KB

    MD5

    121552175b2fd0a67c5a5d3bfb173098

    SHA1

    96a7289114f0a88ea813477df62a00df6f6abcf2

    SHA256

    7eae1a89f34426124d79c4ed5b6b9d8c6c007e329164de4afa830563b82fd509

    SHA512

    7915668157295612ee8141a95a9eaac83001d28cc3b2da9bb0a891e8326fe49e42942cbcf6c50f5b0a84fc8d2b4d93fddb07f10dfbd23cfeda32e5ba04b7a1be

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/OneSignal.db-wal
    Filesize

    32KB

    MD5

    7058796f785ef2f66fcda9d3268e6d1a

    SHA1

    04016af92121ec83c6c47b553bd183970deb3ad4

    SHA256

    1344a539305877f9418f9e9f650cf6d9a9962032ea488a42fc5412e78414bc28

    SHA512

    fd4e17569b57adf89ad4f20e3dec0830e7365cb911c69e13cfbe4a6b6f79f5edd0a5d8029acc0dd00bb0d727bd7fb869f0b6e6e1876129275e050dcf24286ca0

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467
    Filesize

    40KB

    MD5

    3c8960e985d5b2fb481d0a41ace2ab7f

    SHA1

    f03f6fdf56c2a584588e0119eeaf30a1ad7c6df4

    SHA256

    0ca3e9545e32fbd1d489297576beb4c90410fb9e539a42121f805bb1e3d6375b

    SHA512

    6df06345fdb6f1c3059af67a8c21bb9e811bf58a91e2c29d707fed05fff8bdaf6c0bf12f476e1b2451889123a8f285baf8b4aee7b8b7568e437d7a00f25ba102

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467
    Filesize

    36KB

    MD5

    4c4dcdae45b2127a66cd07567ff79d43

    SHA1

    a9d3658c9f13f5048a4f454746169a065a51425f

    SHA256

    6d9cd69620f6f53123946bcc91213c6ff9422966cabb2556665e2d95ec467c4a

    SHA512

    2d7945ab05b6593761117efb7c116d04d6926ee6322968d5e4ad3552766fa1a1d52c774add9ed15f201493b74ea0768b6250b9a3545c064b58fda1b5fe99ad59

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467
    Filesize

    406KB

    MD5

    cc69b6bdcede2446e6d9a314469ed79d

    SHA1

    107911ed955f3f5dee224410289aade95fc50897

    SHA256

    14421ac562e2603dfc09f96aa594cc475e6435d1a2c4e32f19d365a8bb3c6098

    SHA512

    ddfa905123227310aae9da835debc2b5ca9cea37d291e7dc26bd485c5cc6502bec3ea1a88467b0d50e26190c31260320bb3c20b062e957482cebbff3dd38de1e

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467
    Filesize

    40KB

    MD5

    dd42a7643c383f6aa383ae34bdc529c5

    SHA1

    f4fbb1d60628710adf8a17522f9d332ad1e3be3e

    SHA256

    c4568291b733af50cb3843dda5e19d8380dd67a447cb168ea4fa2b7a60ee3c5a

    SHA512

    2cb5231ab240306c758cdf69e4ae5a7b63514b71d910ca90d18e0e1b6b8d84a713f9c0009681eda8a4f2aaad7e5cde336f85135e2dac2830adfc36fd74fc2d87

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467
    Filesize

    40KB

    MD5

    3302e5513705acb31ed7c649c53a776c

    SHA1

    8b9162970d24954b2aa5002c86dce9df979f53ed

    SHA256

    9543aefaa155d586edb5dfa8797d4e8242e59b6e8b4ad5697d58c74a170a5d6a

    SHA512

    63b3de3fc12e338ae72c6b4b6ace1223be060a1cf19c32d81fe25f22ff49398a8378ddb899fb6c019be000d14c30b6352cd67e0b1fe434109f8b3cc7c44ad123

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467-journal
    Filesize

    512B

    MD5

    9b3523283049c05671c2adadb68bc2a6

    SHA1

    af9f2b7ff930bd5b778a27578ee8bd600ce42f55

    SHA256

    602c8c696e36f0d6baf7e6e5649bf11381b48e906c2979688e72319f4c685dd2

    SHA512

    f72590fb387e881e79c61e940c2c0307b1a0a5ffc44d21de47894e67680f65ba89bcdd8a664393ea193b080be9b8e92758934c038b62cfbefd84175a2fd440a4

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467-wal
    Filesize

    52KB

    MD5

    03ec09dcc550a52f94d31e303f2ea0ed

    SHA1

    4e25f89861b2dec4607f8bc568659b9a43453a12

    SHA256

    f819918cc3db20135a3f668bae59520c12f33328b838a441d34a47a052a8acc8

    SHA512

    ad987c509bf7b6c56d1582eceeb2a5f1c8c138cd7e7a46031f3ce29cf876356e5e061ee566ad6ef55e0f28af10a7bf8df6b2f1ad0e7b06de1299ada112ac3664

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467-wal
    Filesize

    32KB

    MD5

    3dfde646c4704895bde83dbdce23bcaa

    SHA1

    7e05b57f88bd3a2173c2ce87c7d05ae126c2884b

    SHA256

    f9dce8c9e7957d5070726c1bbcbf5ddcc8f038bc38690f61ebfd8a83e6c18762

    SHA512

    52f7664cd97124f4ca007cf3fce2e8c8418a702be96eed395cbbe49688ae2e9080bd78bddea24f4e5104d94ee64ba4bd72b012380c9b73358c3d06d97a85b327

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467-wal
    Filesize

    8KB

    MD5

    13580d9ea52b332686c9850fc3ada5fb

    SHA1

    99e84316c10f4034414c1865f93f61bd1215f8e2

    SHA256

    92b13bfebc1e1e7ad2086e9741e2ef51c9707bcb03a02c40fafb2e68d8b90a0f

    SHA512

    e72d3d84b90285433b304de808460984f922c322748242587d9a1399d90ac596a9ff9ff0b6ccfd48f3622781985a23854c66a47884b1d356116250f5dd2e88dc

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467-wal
    Filesize

    8KB

    MD5

    0492e9618309a23d00988969e2562e34

    SHA1

    a3929bc0769aec801b61019451b2d63b5cfe15e3

    SHA256

    6c73e397f2012b3a0c078f4a1db7d2599e3b9dcef33ba3b6452d738cb6ef9dc2

    SHA512

    7d9637b269cbd146c9c46f5cacebf3f26b42d61be68c6df6bf0f3c9e500ba02967699eca20cb7bc3bf2cafa306fd8a9583257449494b922e69907a0ba7a268dc

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/databases/db467-wal
    Filesize

    8KB

    MD5

    761371fea0ae914579a4ab1e65291f90

    SHA1

    e6720bd0391b1693b8d2537a17059bdfb11d6272

    SHA256

    d4268d6c6619d0ed8c8755965c900a01591a3b5ddf13457914364e6fa6218be0

    SHA512

    07f2fa14a7a8b6f0917cfb0a938716d23c9986e0d6cb4dfacbb646f48f00324efdf9d16d8c7e647f018fd7bb133c41264961cb347fd74c126e8f834ccb1c883b

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/files/data/appnext/videos/video-763555-30_o_1722521472.mp4.tmp
    Filesize

    5.0MB

    MD5

    5ba3510ec332b28e3cb06a0e7831fe6f

    SHA1

    9dfcc16718cfe678656be50afd30ab6aba4f14d1

    SHA256

    7145e7b3246632c1f0eddd69ae31f5bd7713c47df096c1b989613460f322981f

    SHA512

    d546606931ec699512560cb087517c38d5eb4bacd5847b44dec02b7ed242981a4a5d0bf9538c41f024eb0aa0107b6440570d6e3d9334887fca27944883d7fe68

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/files/data/appnext/videos/video-766095-30_o_1725260773.mp4.tmp
    Filesize

    7.4MB

    MD5

    b40c0442ae373850932154ce0f4fb3ed

    SHA1

    490d28460dfb78163c981aaeb97e3ee15bd9f248

    SHA256

    44cb17e4ee8d0b565cd03f79c96d2ff955ccf4e8c74e04a4dbd1fb3ca389c865

    SHA512

    7e1e8ef8372ab6b8ca3380fd7a4a7e9e54889ad60af4e9c1aa7872b935b584a6e765d6e3afb85aa83e38c68de9e2edcf70198005fde7d5e301bbacc5026b3057

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/files/webWidgetConfiguration
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/files/widgetsController
    Filesize

    1003B

    MD5

    d52e0919ee2db9afc16385adc59cc748

    SHA1

    91024f4cfe101785cac8c68e20ca7fd9cb88b8c8

    SHA256

    a647c715d4788a07ec22da938739724f3927579541177cba90c429b34e869a84

    SHA512

    006be9ce2eac7a6b039999a38d18ee4e37ec136e1944916bca35c4d8a04f1e70c16af44670ca6748ea6c0a7ace5b90143c9746882bb99b0a171c69292d0a5786

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db
    Filesize

    124KB

    MD5

    1bb65e872d625bc94afd51e920f409ec

    SHA1

    378d37940ac534628982c678fcb086c8bf909fe3

    SHA256

    4bb897194e3c3796647aaa335a69a2935ae5164caf90277e952a89e78689d8af

    SHA512

    a9e53c5ddab70f2abc8842c870c18cbd0acebe9a5dcaf68de1e804dd665dca674fb784a78dc9d35608910181651d1cf7c87b4f2a6c0f5bc34c2439486e461b0c

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    6162d43fdef3a7784e67f425101f25c8

    SHA1

    9b683f26f8026f0d67422e5e608d23dc08962e52

    SHA256

    f85d9c6293903cf87707c5750f9bef8271f167cf14111e77e3cc24f16c9af6bd

    SHA512

    8f8e69ae7d321101bf0aabc253177fe98fe9dc3fc9992c819337995beff2b6ace95c443f90858eaaba4b0c99ba4e06a74ebe8f666bd8b71a14a0b36ccc6d0b63

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    556f37be329850b65554755c70405717

    SHA1

    95f109caed24e0e936db6fd1ca1f79a955b26e4a

    SHA256

    1ada1c798904763920d013ae0a1b6e1c43ea25b678848c2d89b775f177409a04

    SHA512

    2020a5577a9c420006565954b8553c5e2446720fd404cf03580c11ffd3f74f5bf29787f4abc41b342d978232b74b8b3c38ae64f711c41b36780fdc24b445026e

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    7952405b1da535298bfc2f25ec4c07b9

    SHA1

    79fd9b5c7935cf329dfa9e29c974335d524b7cb6

    SHA256

    c115ed2575c0aa643477355db966213a630d34dc407ecbcf125ff295fbb3a821

    SHA512

    96e30984ebb299b898af00a0896d109b5a8448c5162486d253d6149ea81f3e89349c16b4aaf7c3a6c758111e449c29236d7a0cc56139278eb54880d71175a4f1

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db
    Filesize

    32KB

    MD5

    880011fa7df8bb90a5adfab8364e2e49

    SHA1

    8640c23913dc2b771465a63c5f9417bf5327522f

    SHA256

    b9b37a47c3aa2e7b718df97281ea8885b70c12c9456918127987552ab36098d7

    SHA512

    e32127b9e15767334e13903462b81df74cbb3bd894f35d64aac97e08260ecf3245a3574234f13021e6ad3cc8cbdcaa6824179442e06e2a18c28c44a22515a5c3

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db-shm
    Filesize

    64KB

    MD5

    3efc35d75e0a8ac447a2a114ac14b510

    SHA1

    ecbc3447ed1226634a1f942cbf0280a9a01942b6

    SHA256

    cfc0b5507dcca8af4744bd1a93f6ba15f4892edbb655b893f1530108dc0b9d0c

    SHA512

    f7d4f89a7d765519524f3d1403fd48a7ee98d9164e93d682079affa219c460c2a8533b747f659f2fa223c068137817be25365c3e0fb9474f4ebe5b1eb9d59e76

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db-wal
    Filesize

    8KB

    MD5

    57d5fd08ed4f426d7f053a47715d5033

    SHA1

    f163d3086bdb2a9d49feb4e33f584b2aecbd7018

    SHA256

    5b5764a6f1aac394e5bafcd85f855f7087c1b33b66088700ddddd4011fa0b256

    SHA512

    a2071eef1de2afcacd74caf4287250b9ed1be7ab2eed617c53496e38059f23a8f753beae5a6659020f5d39e5c5c57c60a4cf6c87c3683100534630650e19d963

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db-wal
    Filesize

    32KB

    MD5

    fed712dd52df8f11516c019d441c0555

    SHA1

    cd6821bacb0ab9a4443c9edd727c968d7ade12b8

    SHA256

    a1171ca401600d4af667d420ce7e2664ab6a2c883299d66b28904e20f0a92681

    SHA512

    fcc60771973bbfae8109fb4c4aad2270e7cd4442f012c823b6f8ceecdbf486b5eae03ed849ab0687e88b41a99037e1adc584af2529eb1b0ba6ea15c6bead8aca

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db-wal
    Filesize

    8KB

    MD5

    9f28e6471b39936aec142fcca163abf2

    SHA1

    78d9df76e227038a7b28599a26add7778fa7d539

    SHA256

    b57c6c77f2b057aad7d5c6b5b117f41e0970aca8ae8a6a538840b100d54fc77b

    SHA512

    105fa17ca338bd90e1f7daf9acebec2a62cf45642d7332fc5e158e6202cb8e96daf63727faa0d7dac1a5cdb45b8611e936a66ad3e0dfc9270c34e3cead854d7b

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db-wal
    Filesize

    8KB

    MD5

    9b861e48a0092158466fff8ca54ed8ff

    SHA1

    c62473651a581c5c1aa2110ccf1045fc31917030

    SHA256

    0b1e40731c6c144fe601fff53d3a26c779a7921d2f3055c80f73bc2d97758ec6

    SHA512

    afd12d03b6683b11d24bd049b05f381f0430f9f3dfe1baa921312a2de05619b2e88804668aed6b5421267d50bb0f183c6f1ce261ecbca799b9121ead02f9e982

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_client_data.db-wal
    Filesize

    32KB

    MD5

    437446df1ca88c6a4c32f0e4ac00c462

    SHA1

    987d00f8affc09d75d5cfaa67842e5a454f572d5

    SHA256

    bf2aad90a77d68c027667bae072cf47847fece1964d185700cdbd14ad44cb10f

    SHA512

    8cde8eef54bf432d75140fb2785dfbe3143f709c74fc1364aae828225d3e9869b537b6c25d72c2d40f0b226bf11f4cb3ec6b469c1128ef9f083dd1d28480ee0f

    Download Submit

  • /data/data/com.wfacebookwatch_7872353/no_backup/metrica_data.db-wal
    Filesize

    144KB

    MD5

    d61e605acbbbfb8a6d6f9a73bb6ff47c

    SHA1

    762345382c1caa5e152102d952ba2d21d91ec6cb

    SHA256

    daa1d310be7874490d2a06c12d993b308ad6cf7ec472e9bcb858c893a3f9c95c

    SHA512

    9f6839bbe25fe52b1bb14f59b83284c077e24a2aa587fc969641fdfaca12211d06d97fe16cd7efea91510b4c185b3166052d990c6eb20da191bad55444db76fc

    Download Submit