Analysis

  • max time kernel
    131s
  • max time network
    138s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    26-09-2024 05:04

General

  • Target

    f7a01a72056b791898c75c6de13a15c6_JaffaCakes118.apk

  • Size

    13.6MB

  • MD5

    f7a01a72056b791898c75c6de13a15c6

  • SHA1

    9d901ec639f2a83899e3b1f60acd149ccba02387

  • SHA256

    93ca4d53d68b38627ce7c629f189d500ebe5f43240ae9a4cd1b1c02c68990359

  • SHA512

    03074bc31e599b7220577036f099908ed31642bf3bd9497e7b72934499279f394dc57ef9b68d62b053d84d4a833812bf061812c29739692760cc4cee16a491b9

  • SSDEEP

    393216:OM/M1aZ85fVGEAA9SVSEArrHnexhdPWACDIurRo951bw:RMnhA0SZ0i1C8c22

Malware Config

Signatures

Processes

  • com.andmon
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Requests accessing notifications (often used to intercept notifications before users become aware).
    • Tries to add a device administrator.
    • Checks memory information
    PID:4621

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.andmon/databases/SettingsDB

    Filesize

    84KB

    MD5

    d89b97c875ff081652b3b9428f001eaa

    SHA1

    4ebf43d141d6b4438a022498b926a5988598fcc2

    SHA256

    c53b2f113103ed317647eebcf65a5e921d5537f66c9f42b48790eeb804c06447

    SHA512

    4e9b232878cb8b27f89f4f11cb8aeff3d87f9875bc9bc05d3658d1105705a5ce512471240df91327eb64f10c96da1e9f23579fcc5b81b7bbe5e9e54a5ca5f385

  • /data/user/0/com.andmon/databases/SettingsDB

    Filesize

    20KB

    MD5

    dad5d1eb3fa8ffb777a3d862a67a1a52

    SHA1

    0d1fbf27ede5166c7b3fbc63d12f3f390ecbc800

    SHA256

    07f241f53ad04379da93e2d95ad4bb8f99d220ff6c7e24f99de35ab86258b3c6

    SHA512

    acde845157bbfb7ee649ba1a4d3ac688cd2a96dc1951a21dcbe6a484cf6fa319f345f611bf74f00be1ecfd49d0baef4dc12b294e6967943ff98912ad4045eb47

  • /data/user/0/com.andmon/databases/SettingsDB

    Filesize

    132KB

    MD5

    5430cb1cc4a44463f86d109f3bc6279e

    SHA1

    188c3eb1d2c9147c00a81a0fc6bc1da13774b212

    SHA256

    ffe179ac665024224ac944669b403324909529c9c14b08c738708822378c4edc

    SHA512

    3d99e5644ee3a2a4d683c40f1a2759033459e8d76445a66e3c8df49ae0908ae714428e6a6edd56b812a6d3289735b680c4bd2c62f5b458bac2adfd46b20a66be

  • /data/user/0/com.andmon/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    f3d7e2e00cef895a262f97f20d717d6c

    SHA1

    c5b77d0eb616355580d2c43f83ec6e87713c4d42

    SHA256

    c3f18ae7de582ebf28f3c41820a341b877830862b00a8e47b14cc9d726629735

    SHA512

    980a53c2be72ddc4d385463522e9a59190be7d07f387e896c93f5b9ebf8f5c0932974c64f4c39226b05f4151bf79afb9ff9b5417911213e75cea5732570ec989

  • /data/user/0/com.andmon/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    2808ae860df3ecdd2adbc45bc6226a04

    SHA1

    cb19d9e193709d79d88e855d9987d5ebbc9b04f1

    SHA256

    7c12e1448b7eb7fbe71bbfef6c4c022d98cb2ed6f75a239d5209bf54580af6a0

    SHA512

    0d4fd1da2b29a941553385b9ede9ff7ae1dc31b79baff45baa47f74ec44dea39bc0ae00d6ba9b47696cadd500ea210c7261d62087577bf70765416f5cdf788e4

  • /data/user/0/com.andmon/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    488d3d73067dfd137a65cbfc1e154e6f

    SHA1

    76d41c3cc027ac56bb8b115a9009722e73e7f7fb

    SHA256

    0359efc04cb2b208b15c0118c36eb0b00d651ac459343bb78d2755556a263f8a

    SHA512

    631a05b332336ffe900ca6e715e0afb6a5483a2a5e055924df0d3410af451e82b7fd27dd2ce673e64bac3988db2e8c612501d69bc04d7157e1f4a64bac8ab65d

  • /data/user/0/com.andmon/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    ccaa1587e89be464d402211e13c0dd45

    SHA1

    b8290e0acfa475e69e17da2751521b0003c0b99a

    SHA256

    d43852739708a60b6bc7d35c1c1653f47f643707e6b9e90d341ee21f7b94121b

    SHA512

    d49643638888c30e1a5b3d9f0af5ca2130d8e60af03d2e79433579d8d0a4c54ab9a6507250664ee699cadc5092e1fc98ae307fd3860550a2765c48147c47e7dd

  • /data/user/0/com.andmon/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    8a00107d73cb085f659061fef96d3183

    SHA1

    9fd20e444736f82244525cf124aa0b27983ccaf8

    SHA256

    530519cfd3642a48da4e701d1cfbd01e5dcddbc8470803eb9e7fee7ee121629b

    SHA512

    9228136239c28fc8eb7151f9c5fe53635e55d21cfe892f157b1dbf38e039deaceee670f3f794f4ee40a03801eb742284b92e61c0bbf8b16d84d6dc6bdc443e95

  • /data/user/0/com.andmon/databases/SettingsDB-journal

    Filesize

    24KB

    MD5

    293bb695865d403944f8ba4e87e8cd15

    SHA1

    cf35f0bb59fa25543d32e6dd36529fb0649cf369

    SHA256

    8f5a866c8ab124ded84703dadc94deb7c23f2c59d1163c9eca94d335ac4b65b6

    SHA512

    50634cdfd361749ed21c49258859ce1ceae733e391060c236aa7ac84bd671a138abdd10498a93e7aa97602f52d235f4ba28b9cf3fbdea9e794e58139b177cee6

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66F4EB6700F7-0001-120D-70FC4220A852BeginSession.cls_temp

    Filesize

    78B

    MD5

    a7588a7f52bacde05dd16579257a93a6

    SHA1

    229c4bf00a7f0b86b960a257ada6c3bcc103bd51

    SHA256

    fb686a9a19cd2d68e3eceb98fd1a89c1485c82fd4dc0baeb13d9d9f4337902a9

    SHA512

    0fd984a5867191b34512856dec215e58b44645308126c6a8ac03a1b0499560d35d57f05c37b4c0d37d0cb506a6e283fa32d07b9f4076568edd5dafa34a9eb906

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66F4EB6700F7-0001-120D-70FC4220A852SessionApp.cls_temp

    Filesize

    103B

    MD5

    62f761edc3858ddbc0d946be4ca0a8de

    SHA1

    9aca77d394f1f38469ff1c18b6d77dc298939401

    SHA256

    0100576da9a6ca2a6103a317847448dc8e02137ab34e8e8b057c1a5920a7c016

    SHA512

    f1e58267acd44089c3cec54e1832d2ed1b8dd05fd1505ecb0a12de818fa843ebcfda7f0d4b64a7d8756eda849a998e64d67dc663acc7ce7bb824579c68ac5e64

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66F4EB6700F7-0001-120D-70FC4220A852SessionDevice.cls_temp

    Filesize

    88B

    MD5

    2824869e2b48847ee06aa112458a4c18

    SHA1

    62ac324365ca456ba4e5308a446b3a95a30d2aa6

    SHA256

    1e6829928e284cc18fd68989ae7a5a2a67970dc2c79cbb94e49263dbbc5621be

    SHA512

    7028d0b43fb51081ac279a3846ae5a589d97657e403dacb0514ecf08dcd2b38c573c50b6b845fa67fdef7027bda6445011f0c6c7d3de8a8005ff7becff5c74aa

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66F4EB6700F7-0001-120D-70FC4220A852SessionOS.cls_temp

    Filesize

    15B

    MD5

    b3d9541cc92a9153d14e5160f8d8c008

    SHA1

    2e1ac80eb381dd82a03795b682f92020348c0113

    SHA256

    1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

    SHA512

    78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66F4EB6700F7-0001-120D-70FC4220A852user.meta

    Filesize

    29B

    MD5

    f5454a0160dd1c70ae6ca4b5eca84966

    SHA1

    4649dc7548bf4e3b473edb8faf645bd7fd1d12fa

    SHA256

    4ab1a2641b9a60d3b60308e63592b192a71be9d10ad793158ec43131a7c7ee40

    SHA512

    de8e9c47fb0c4d2e913bdf719bcefcebeff26aca3e79da3dc2acdf73a00c85c130487f2ef181605562ba6cf69d88206c9c0f592bb4ccfd695262c01239b664f3

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66F4EB6700F7-0001-120D-70FC4220A852user.meta

    Filesize

    47B

    MD5

    71f360ddb4cfd7eefc8d66ad9ab29dc3

    SHA1

    2b476760bed51444e0182807942e6c0b516d8e4d

    SHA256

    5eb4961a3f79e653013019b4c2f61a65ae930c33f51733f127b7355a51a13e35

    SHA512

    e8b8f692c1fe6a6cd3d6c268bbed983733fbbb822771e2f6b5cb915f26d82a583759905bc30470a6eec71828f7d49b60406a5d5d323556191195cfff48bc5514

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files/crashlytics-userlog-66F4EB6700F7-0001-120D-70FC4220A852.temp

    Filesize

    88B

    MD5

    eb8f9286ff9eb95ba0aa1e690ed83c8a

    SHA1

    fe9ded7ffede4e24be04d6c7f497047b7f7a5309

    SHA256

    921dca4f701c030b017efd7fde26d7410563d3883e9033cfbfe91b40cd2e6769

    SHA512

    a1096697edb001f7894f2ceb5660daca6eeeb4f59ce4a409b8eb61c3a62c559d8046b002a59ab832ced3742aeb7b0c9d704f4a659d32526bccd79b0b9e312926

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    410B

    MD5

    acfe332b611569b177b67075e6743ed8

    SHA1

    16099eef8b8538b92724b67cfa215c8ef5fd7963

    SHA256

    f098377d62554d529257acd40d9e6b9d88500ac976824cf1a2347ab347f29e3b

    SHA512

    eb85f58956a117f438e2300e4408de03fe4fc9791159ce8acc2dcc627890378213e67e454d0adad30c0ec96a4e4170788a8796e4e6fcfa5228a11b9339302394

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    1KB

    MD5

    393aadf52361d902cc8b9bdf53d77e5f

    SHA1

    db3c5101bf2957ea7bb9dd1c2ca438127e15089a

    SHA256

    831a8acb6f3e34626090976335f654e4575584c92398a425fbdde9eb410bf678

    SHA512

    ff466e1ee860ad4d8ea899c3dde378955460890010c95763690e1dacfbe5efbe74ef87de61be60e09a6971448659000c34cdb11097095dc55199df7d1db3a46d

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_18eab791-8bc8-4e77-b7a6-07e5ea77c0a2_1727327079873.tap

    Filesize

    335B

    MD5

    f45707c07a014e7af2d7414fb9fad0c7

    SHA1

    bba9cfdac0fb79dc87ee7e756c10d5945e2ca72a

    SHA256

    ef73ef40381acf45874dbec800cb27de1157a9f6e02b34cabe59db64e95450bf

    SHA512

    cdc9f549132a60f9ece97831fe68f8782d5568615c248937032530f6264e7f64a264e1cd97f9ce39b4e25e63dc920dbe724c40091df35e3ee772ee770c2935a4

  • /data/user/0/com.andmon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_1ff81436-3ac3-435e-a73c-016d725ca260_1727327091270.tap

    Filesize

    416B

    MD5

    def5e08857c6ca706a22d158f4a0b878

    SHA1

    a580f4ad1ad6c954aec15530cd1bbeb71787f9db

    SHA256

    1c4bd5cc491cfae37f312feb865ae8432441d5baf32effb22daffab0b54e33ae

    SHA512

    7df7fc3b5825af9c87130158b57bee98cd98bb8b2778e31f83a10d96a7293c3325a4585616c0b02331481565550a7d82abb1a823cdd7060294fe32b9e42aa1c6

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    46B

    MD5

    8b72a1f30c7675ec0f5670b4b75c81e8

    SHA1

    c41e947fa30b13ba9b5a37afc822fb6f33d93cd2

    SHA256

    678a1bbd9d3f1d5c620cb5d7366d23fc78c3ff347f553f47388c23dfd36751de

    SHA512

    d3ada396d3f9dcf7e43d944117a0741bb6962419cfec7455dab02662c5a9bc9910a1df18f60df10e545c575c4821edd06b11c75e16c6d0848b899d26a4602c46

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    59B

    MD5

    8db45e06cd98ecd0f367425247239c36

    SHA1

    b4e38459381fec82f5b8789b3763d811ae55f67f

    SHA256

    bf37275cca5cfdc05e670cdf46f47b3ace224044c28da2d595d65975151bea3b

    SHA512

    a29741c6ebf00d9b031ce6d7c4eed2859ef9208c2c6d97f914385b4bcfb263a300717927a2c16ce55daa2a03f01e906f2cc0ad05f504583ce6164d091563dfba

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    74B

    MD5

    0111af89e7e0e4a5325787449eb1ca9f

    SHA1

    d8fef9a673d3dd0a7cea38f25ed70cac7d20b59d

    SHA256

    9b503b35b7451da3642e5d77674951edad3d05a255001dfa35a57b60e4417b26

    SHA512

    b454be303a8cf1b1e19e0f885180cfe215bd431ae5dcbfa0a41a5b065d21c5e7253abf4a18126f53434d97057ed871bbe996adb249228cb107e6d5b4beeda59e

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    55B

    MD5

    5581cba0c1d2d499e4d5cd68d807d77a

    SHA1

    54096dc398124d5727a2c8b8d240ff95c9a92f1f

    SHA256

    f48a4cfb2166a23185391ca93a1f9c283ce0906db2934387f920af8ade450f41

    SHA512

    ef662ba84a41500046cf8a9d5982c4ce8084036420fa07d5553ed5923ad7abe543e805f4217b58191081fe171354c839ba59648d6283b26c50d47328314dfe7e

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    48B

    MD5

    09ecb56ebee213c50f57e478c6ccafd1

    SHA1

    9ce49ebdb6dfdd08555b9d44aa079022765f957c

    SHA256

    6f71cc280f473e3c505a171f338997b00a8323164e89ba6ccb69f2c9eab51c78

    SHA512

    28452473f1151dd9e96835b8376bb47b33aa924dd23ebd923c52d00af7260a64bbbbfc497f321bf49a5cf38e6088393bc988179251280d2e149e1627cd7e5ec2

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    51B

    MD5

    20f957538d1f4315c498113051928a4b

    SHA1

    fdf5e021da0985156a7e960c5b7fa01e1dac4949

    SHA256

    eff9a07da65a02103f0e23d94d168c1cf9614c69a2e7ff7bf39d7a53229da94b

    SHA512

    630499df1a09f468822fbf53f88cee2649eca1c45f3f97d7d46564e331ad466cea124781c6ea22cf48b6b4c9c7618477c70b3586d82f85e94000c2c0d04c94b2

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    622B

    MD5

    af4217a530164f4f0371d01e35b13253

    SHA1

    8594d6fc923f7f44c40a7f1921ff891723eb5d02

    SHA256

    be126ab827268f114c5f01d6a03cd318c3569ab6ee6085206066664cec83af92

    SHA512

    9f11f48e393b6d976eb960b11f2cdc47fad6486919d5437eae59c392243252fe7b7069bcab44e8e0410006002f51850316c9314a3982f424ed5f6b5903ad0737

  • /storage/emulated/0/.androidmonitor/log_.txt

    Filesize

    3KB

    MD5

    86f839a24e95b242e5938893ccb973ba

    SHA1

    82a18191e48579d14ecb17a8d5555f9a76b5aa85

    SHA256

    781278eb17fa40c4daefa103dfc99df3803670c7b3b1766cef5c0725b63e15c0

    SHA512

    55d62dd191a4f5dc4769c1abd888e4f085e410eff7175bedf9964ea2e497b9b710d3001260f9c4248b8b9db8c84e5178cff7d9e939d72ea1d21d8181aef260b1