660030b181c84a17b47e577ea66c98d9a81065453dbd86741494952cc54871f6 | Triage

Analysis

max time kernel
7s
max time network
128s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
25/09/2024, 02:16

Sharing

Report Analysis Logs

General

Target

f4f3da8b0624d48527518fd2a71b23d3_JaffaCakes118.apk
Size

31.6MB
MD5

f4f3da8b0624d48527518fd2a71b23d3
SHA1

8553966588c18bb64e558b1630d4c78e7a72ac0d
SHA256

660030b181c84a17b47e577ea66c98d9a81065453dbd86741494952cc54871f6
SHA512

438db0f4aa8ac6724ae2261391150750713c91c1b1605285ed571eeb09a4cb5c1fcaf9e849122947bd5b707719208b397f79602cc79f07b291d0b1dd81a7bc0a
SSDEEP

786432:X99abChYM+RAIDdRoDICBtLwPgMXY785g+N0Gh58ogY4ID/Mv5IJOOE5UY:X999XIDfoJLh9g5P2WIJ

Score

8^/10

discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

System Information Discovery

ioc	Process
/system/app/Superuser.apk	com.qq.reader

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

Process Discovery

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.qq.reader

Queries information about active data network 1 TTPs 1 IoCs

System Network Connections Discovery

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.qq.reader

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.qq.reader

com.qq.reader
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
PID:4260

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.qq.reader/databases/beacon_db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.qq.reader/databases/beacon_db-journal

Filesize
512B

MD5
2e19bd18dc0ab5a7ad4072dd50524d5d

SHA1
0a25656a291d07ad10663d68d7451ecced01d658

SHA256
630c0300ac4067ec342f2ebdc5707f325090f42195eb9da73c00652c50973690

SHA512
7673140bfccc4b49e134d41116e74936cc6b262a95f3b9e7b6dd16530e2826b4b5888a2872c55764dc9427a7dbfb37114bd3f5f318465e633de11498af02750f

Download Submit
/data/data/com.qq.reader/databases/beacon_db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.qq.reader/databases/beacon_db-wal

Filesize
76KB

MD5
f5f34d438d15ec376a188cc571c0ae92

SHA1
f74d8123bac68754f319a8575df826a4e3107b2f

SHA256
a7b3779af58bfc0843cdc93a0d26b4663e98363ee7b66bc1ba00f35c64d20634

SHA512
accdae24e6a57f40c81ed3e0eb5a05f5f628de34be89e121b520d1aa6ce0903960d2494a1881fc6b1babd607f2ba5e8c9f1c69ff5dffa666b3c1211fdb9a096c

Download Submit
/data/data/com.qq.reader/databases/eup_db

Filesize
44KB

MD5
ea25a44c5f7c3d2763b0cec8ea033906

SHA1
d4fd1e205f7ea89a879d8ac5bd8b0251da78f8a3

SHA256
f0319d89aea03a0cc6295b5a43c784cc4f91954e141c520c2b9e8070f9171837

SHA512
8f13640208499d841e6c0007909d2bab4f14e33ba20cc6e6440c429a7245bf352cc3fe9bd0538033668348415fbc20c9807fcee7201dba48e1070f56ab859cdd

Download Submit
/data/data/com.qq.reader/databases/eup_db

Filesize
36KB

MD5
706891ce2244ae9882e5f2e7c45e31c2

SHA1
e1e6d9111961d38cdc369ef6eba20eef90fc33c4

SHA256
0081b285c6f2daadc76138607bdfc1b6d89875415c9681debdf3fe77a60c410e

SHA512
ef590635ab6267b44c31349dc6db2741009e5559a1b462140b3d6ab2ea3f62945adcf2edc48264b1fcceae57da6eacf11ef924b013892b227a3110baf01ffbae

Download Submit
/data/data/com.qq.reader/databases/eup_db

Filesize
16KB

MD5
53dbfcd45050474b02a4e5bd6e1d0048

SHA1
beac54a47edbc5b42bc3b6b468bf513ff9b1e6f6

SHA256
9753eea333bdf31c72aec428da2c453d69be278f623e9600a2e3f1037c0a05ba

SHA512
c4f415ab51dca681276f21df4ba6b2a79064ece8c5c1d5649038aba4e26201cb3366dc8b51ed5fcfe8de83f6fc0691c80b4e176088490083a2b675af845b124c

Download Submit
/data/data/com.qq.reader/databases/eup_db

Filesize
44KB

MD5
0388985514d5bd93d43804a488513b2c

SHA1
a1cfbee502c24ba2c74c584cd20d7fd8ff8fbabb

SHA256
376dfe8fe589195773f4f821da98f81b412888a86e009fc8f6cba67fe35a0d7a

SHA512
3f35375fdc827b12078ebee8c04ca9e70a1326c562dac6c4acc136c5d6bf7e184e21961f2e5be66ad84ab2ead7532d7585efabb2af87424852c964456d626d6b

Download Submit
/data/data/com.qq.reader/databases/eup_db

Filesize
16KB

MD5
0b2121b29c320b0a1dbd70127d097b0e

SHA1
096b24c1d193b54078f7cccaa45f8fe1824ba6c7

SHA256
8d35a39f0811195eda42be6645fb2c42c4d60ce10f29b7df2e1a6d60c21b98fa

SHA512
8e47597e3321694c0cba24dac6e1b2331b0f336d6effda9d8b64076d30948314ebd4eeff3d77f0d4e48ccc73945458db4e28edd71e6b285c6c5da69bcfbea1b9

Download Submit
/data/data/com.qq.reader/databases/eup_db-journal

Filesize
512B

MD5
39fe2390c1431d1f2fc64842429e8a6d

SHA1
ed47d594987c34b352c84dcf7457336758cd3f9d

SHA256
773b15cfe755eab1fdeaf0b9581a677859c594ed2df141363310cc455a074406

SHA512
78e1a91a94d85282f8976656d3d6e8f0de75db4f6f939e1c1ad7b52e772168f3559377bf5777966134e55f8eb1a6396071b483d55ed2a6e00714ada690b816c1

Download Submit
/data/data/com.qq.reader/databases/eup_db-wal

Filesize
4KB

MD5
66a6b51737ff2a92c878380e1bdfc772

SHA1
5792ca862e96ddf9e77dcd5482c820748788a8c1

SHA256
56e3ce44d30af81d3e285bda730f61a522419a1cb7f3ab7add66ce852c3eb907

SHA512
156cf2b918322dbec37ee907519f71d46119a396d7e7aed831f0e1291ff4718dfd50f0e15bf2bf430c9dd6dcd8df9f639a361a9946970715e83570e631d6aa2c

Download Submit
/data/data/com.qq.reader/databases/eup_db-wal

Filesize
8KB

MD5
4d01e1b8254382ee77ac4a1ef110addc

SHA1
eab7b197f90910c424b322ccc6a505b13f14e6e6

SHA256
f7342d07f71f1b785f310bb178462c15329258464bcf7a64b115ae6b0447b836

SHA512
534fecc5bad47545eca1b35596f112fb681dcddb6166de59ea24d4c38109ad541a55b0fb6a15d99a3e191513502f5d1413ec70c7c84f6f6e42e4e255f752a3a5

Download Submit
/data/data/com.qq.reader/databases/eup_db-wal

Filesize
8KB

MD5
88e5d017d2c3f4ea86b7f9016fbb34e0

SHA1
a3654b4f4986bd35459ee79abad5a6e4adb7bd35

SHA256
fe65edaa5eedb2ef724e6e2b09cd506b29cdd6af66d71c4f82a9469ad9534970

SHA512
efd297678e6f0028f95fd544865d067ed38e49bb76a52844c7944d23e2c8c89226cd9a332caa7f09e6269388fd422fdf0e7d8faa4a8cb374d15e19978d2d86dc

Download Submit
/data/data/com.qq.reader/databases/eup_db-wal

Filesize
8KB

MD5
9eaf15884f6120c0ca79134db7318c5f

SHA1
bf2ea307c940bd1f020005bec4c75624ebe16b72

SHA256
0d2a3d4cfda37471e7b23cc41f8ad5b6e3762242e7d11ca63b8fa5c8260392ff

SHA512
be78fee3ed8a4bfc9f943c38b21e8f98c9ed66d1937098c36894c1882d4db227ea597cbc86131c214eec81110e754a9d8fd14a05284a9ee968ad68bc65397e05

Download Submit
/data/data/com.qq.reader/databases/eup_db-wal

Filesize
56KB

MD5
8f6a4d4f76993cb2eb359ed8f212587d

SHA1
ec56df24e7f4217807b759c8ed690b33528dff90

SHA256
79e7db35fca204bf4dfebbbc3c0a2d07c79b99b4d85cbadca9a0f51879141573

SHA512
5e9add14a0fbf10d94c34279c38716e634a8a6dc36b0aca351ffe54405a618f4a0d0e0e3c794dce5f83a951bac4957f4663c75b439d36be3785488a633147466

Download Submit
/data/data/com.qq.reader/files/com.tencent.open.config.json.100686853

Filesize
1KB

MD5
f526172de1566b34fdcea744710d9559

SHA1
000cb54d9a008a807a1c5a3fd2b2e7cb41e7939d

SHA256
8572be02b59f4d514000939ec04a9b4e2380c55265256b724a617d8d0f4c6940

SHA512
dc81f0fe345b18c96b1638c67b9ef4c5e60059dfc4a02f3c30a23645d4847abeef46cf467d044c42597115c48052ce0e8ea24328382114a544c5dfd039a95e7d

Download Submit