Overview

overview

7

Static

static

6

fa46a05c91...18.apk

android-9-x86

7

fa46a05c91...18.apk

android-10-x64

7

Analysis

  • max time kernel
    8s
  • max time network
    134s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    27/09/2024, 10:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fa46a05c91784392865041643a5fc35e_JaffaCakes118.apk

  • Size

    6.7MB

  • MD5

    fa46a05c91784392865041643a5fc35e

  • SHA1

    70ac45e8db0c5cfb3fa3e2a6450de80608ae4567

  • SHA256

    d25c188f4a07ee3e3f2cc3d1f0809c2be170554f127d7aa15c5dba77779807a1

  • SHA512

    f7af0137420eb8371691f4e972ae11339429705f770696940d2cc23c1c60acb134b7904cac298d059ea3ed4feca891f8beec5558a9f23b5e90d2931693a17507

  • SSDEEP

    196608:ihj75VDy0QyiHgk9Tfx6Ypft0k4tq9+oauW:25Vj2fcln6+o5W

Score
7/10
discovery

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery

Processes

  • com.lblm.store
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    PID:4968
  • com.lblm.store:pollingService
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    PID:5018

Network

  • flag-us
    DNS
    oc.umeng.com
    Remote address:
    1.1.1.1:53
    Request
    oc.umeng.com
    IN A
    Response
    oc.umeng.com
    IN CNAME
    oc.umeng.com.gds.alibabadns.com
    oc.umeng.com.gds.alibabadns.com
    IN A
    59.82.23.79
  • flag-us
    DNS
    oc.umeng.com
    Remote address:
    1.1.1.1:53
    Request
    oc.umeng.com
    IN A
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
    Response
    ssl.google-analytics.com
    IN A
    142.250.180.8
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
  • flag-us
    DNS
    api.lanbalanma.com
    Remote address:
    1.1.1.1:53
    Request
    api.lanbalanma.com
    IN A
  • flag-us
    DNS
    api.lanbalanma.com
    Remote address:
    1.1.1.1:53
    Request
    api.lanbalanma.com
    IN A
  • flag-us
    DNS
    utop.umengcloud.com
    Remote address:
    1.1.1.1:53
    Request
    utop.umengcloud.com
    IN A
    Response
  • flag-us
    DNS
    utop.umengcloud.com
    Remote address:
    1.1.1.1:53
    Request
    utop.umengcloud.com
    IN A
  • flag-us
    DNS
    api.lanbalanma.com
    Remote address:
    1.1.1.1:53
    Request
    api.lanbalanma.com
    IN A
  • flag-us
    DNS
    api.lanbalanma.com
    Remote address:
    1.1.1.1:53
    Request
    api.lanbalanma.com
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.200.14
  • flag-us
    DNS
    oc.umeng.co
    Remote address:
    1.1.1.1:53
    Request
    oc.umeng.co
    IN A
    Response
  • flag-us
    DNS
    oc.umeng.co
    Remote address:
    1.1.1.1:53
    Request
    oc.umeng.co
    IN A
  • 59.82.23.79:80
    oc.umeng.com
    240 B
     4
  • 59.82.23.79:80
    oc.umeng.com
    240 B
     4
  • 142.250.180.8:443
    ssl.google-analytics.com
    tls
    6.5kB
     7.6kB
     21
    12
  • 142.250.179.238:443
    tls, https
    1.7kB
     40 B
     2
    1
  • 142.250.200.14:443
    android.apis.google.com
    tls
    6.1kB
     8.5kB
     26
    24
  • 142.250.179.228:443
    tls, https
    908 B
     40 B
     4
    1
  • 142.250.179.228:443
    www.google.com
    tls
    24.2kB
     12.3kB
     45
    37
  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    oc.umeng.com
    dns
    116 B
     116 B
     2
    1

    DNS Request

    oc.umeng.com

    DNS Request

    oc.umeng.com

    DNS Response

    59.82.23.79

  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    140 B
     86 B
     2
    1

    DNS Request

    ssl.google-analytics.com

    DNS Request

    ssl.google-analytics.com

    DNS Response

    142.250.180.8

  • 1.1.1.1:53
    api.lanbalanma.com
    dns
    128 B
     2

    DNS Request

    api.lanbalanma.com

    DNS Request

    api.lanbalanma.com

  • 1.1.1.1:53
    utop.umengcloud.com
    dns
    130 B
     135 B
     2
    1

    DNS Request

    utop.umengcloud.com

    DNS Request

    utop.umengcloud.com

  • 1.1.1.1:53
    api.lanbalanma.com
    dns
    128 B
     2

    DNS Request

    api.lanbalanma.com

    DNS Request

    api.lanbalanma.com

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.200.14

  • 1.1.1.1:53
    oc.umeng.co
    dns
    114 B
     130 B
     2
    1

    DNS Request

    oc.umeng.co

    DNS Request

    oc.umeng.co

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lblm.store/databases/lblm_database.db
    Filesize

    12KB

    MD5

    ea628e04765adaf4238a5dcdff4bbd51

    SHA1

    a801947619ea8c368efe9c006a324dc6339ac60b

    SHA256

    885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

    SHA512

    c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

    Download Submit

  • /data/data/com.lblm.store/databases/lblm_database.db-journal
    Filesize

    512B

    MD5

    997c7843842bfdb8c369d65cf4048417

    SHA1

    61dfbac12d8d525e26d982f076107ac68183a037

    SHA256

    53bd27c65e5d40d7da3e38ff40999752c77d3af601ccf4b2b0bff812dca00bac

    SHA512

    e31b4398ff437c644bff6c966d4477fe2e189949ad1f237998289ac2f10a029dd0e5182e9017e0b610a408443c05c27d0e956dcd86f221836ae77fe00fc83726

    Download Submit

  • /data/data/com.lblm.store/databases/lblm_database.db-journal
    Filesize

    8KB

    MD5

    86d868705d5d1a2f0a4dc56f1725f6ff

    SHA1

    21b804c8cc79b59a0ac95a10cc43f746f3af971c

    SHA256

    9ebe5fad976f9ba97f16a33763dafa7028663c01e54240c7a313ec92f1a890be

    SHA512

    0faa50e176fb216709d94985f7bef059f15db1f4457dbdc3e7f7f2a47efb0928b1ad829540b8f61f359461b73a0d85c62bebf9751aed2ba44747c887a1aec027

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    359KB

    MD5

    4be6dd83423f03759170bf2650a198de

    SHA1

    855aee51ca35fd4100fa56f6a33849073f14a344

    SHA256

    52f82dd6d5ef578f4a292fc310eada5760e216b1dca66dd4b97147a4e64a601d

    SHA512

    eef73e320773dd236ac7faafbc76a4ffbab6be1ce55ead8467ac7d4956badce1a7d06ef161118af4234676ddee677a2ef0bdb88f39f9a0f3028318db799c82e0

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    408B

    MD5

    308e44edd14d14bb36d141c73bc667d8

    SHA1

    5f04287e074d672f268a774cf255afb796ed088b

    SHA256

    399b8885e49977154ab8fec4ee40de51a7551989fdb4f28a999121493f93b8da

    SHA512

    9a63ad27f8b26010a487cb619ad50fbdc670856d04bac03ee7dd543ea261df81f64b26533c4ba89ac38c8c8f389babab6d0759759641660293c0a99611c130cd

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    2e0a599b8311bb5d269453647b0d9cbc

    SHA1

    f4e6f6ab32feaf5cfef40ed98f47e0c808d142f6

    SHA256

    aecc7c70b603d5a49e835f3637f5696d6f75d7dd304fdf70b8bd0f2596a18107

    SHA512

    96fce36d96ea7af409b0f09b8ca3ee6d9c9cb7fc425065390704af2f2c2ade5dbcc3570ab3bc4d6457c6db0066fcffe61faf8ca7ab4ca87c3eccff2bb56121c6

    Download Submit

  • /storage/emulated/0/Android/data/com.lblm.store/cache/uil-images/journal.tmp
    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

    Download Submit

  • /storage/emulated/0/com.lblm.store/asdklog_s
    Filesize

    135B

    MD5

    10ff13985eea1559aba49a4e1ab8809e

    SHA1

    4da0adfb9af4ac48c4f545afc36bb8085c38ec24

    SHA256

    d62f5ad15c379db0dfd36b9aae06768acddf779ba4695acf2a358a65c46eb526

    SHA512

    4847ce8e2d7a0cf603346b720127f8418691bbb0bbb39ece0a64e0875bb56eff4c325b668c692c30e310df19646b0c6bd8b5aa865b58779ffdf4162818af0b5f

    Download Submit

  • /storage/emulated/0/data/.systemid
    Filesize

    36B

    MD5

    427eb495b0e2b9f028b78566dee1eb0b

    SHA1

    8ffb2bb835d6603b58abb081a3260d3ba2763627

    SHA256

    cbcd39dab06ba5a7c83c5919099b5deddd439e69bf34a5f5c3e1abee980a2a5c

    SHA512

    3a2f383422edb7d49340e1ddf79c9e454c913f29bc77df18873bfbb64cb041aaf005e597c28945ff7088f372d2b197482d1d09ba36fcec2540e4f4b35123bc2d

    Download Submit

  • /storage/emulated/0/lanbalanma/database/lblm_database.db
    Filesize

    12KB

    MD5

    022702becfb995e87bbe2758d6ce549b

    SHA1

    e793134d0c8b55cae395a2dba4d53b4d782a7a09

    SHA256

    1f10cab1b2ee5e9c75d63466bed56bf6e6eeefd9a31f6597cbdd73e6185eb794

    SHA512

    1e66b940d780ec82db5151667558c83b431a9ef28ae483440b55ce3f5fc944267125e3aa047dadf17d0e6a1113de236c44e8b64aaae9bba5dafe8de3387f4123

    Download Submit

  • /storage/emulated/0/lanbalanma/database/lblm_database.db-journal
    Filesize

    512B

    MD5

    de95f05d4832c2d3bc1b504dd3185fc4

    SHA1

    afb2e2c1d500444bb9acd4ead1bce4f82918cf0a

    SHA256

    28ee9fcb02cff0c64effcc9c0bb214a52479be1260a33d9194b6cce37841a490

    SHA512

    c7b185533c3475e56880907a7a3c029b4b66128151094738b144a327458eb8d6c18741ac98e50a091b4e70dc73b6cea0e0ed2b7a8b78fd5a054983abc781dd58

    Download Submit

  • /storage/emulated/0/lanbalanma/database/lblm_database.db-journal
    Filesize

    8KB

    MD5

    04e4c78206b9041d5a2ab1d4e983998b

    SHA1

    a8a903d49863f4d6b4f86cc2e166f4f777d1a221

    SHA256

    045e218d1d03cef4cf3048b08e430206bbd35687aed6362328dd707c51985b0e

    SHA512

    635a15e1cd72d9c9bf90ba3f4ae61e82184cdd4b24480b56080a167d1bc83cb676955616039647ad49ef8bcfcf5362b6373e41efead3531b7d76009d44103081

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.