0889e6f6b0c2680fb6b7a2020c18a9b6209751293cb248a0950a795d923e1dc4

Analysis

max time kernel
145s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
12/10/2024, 07:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

38fa2231ba4e08541e5eed325ed50eee_JaffaCakes118.apk
Size

4.4MB
MD5

38fa2231ba4e08541e5eed325ed50eee
SHA1

769d9bba662b6d5fcf188804189be67ca754f781
SHA256

0889e6f6b0c2680fb6b7a2020c18a9b6209751293cb248a0950a795d923e1dc4
SHA512

ab1ba931cc4a57f74f6e9b0bb62090db5c80995e14a33044878ca52d3a5cdf35363218af34a6d83eeed0bd53730f655006b51845024a8f394daeeafc5a993fbe
SSDEEP

98304:TfWqXZyojw5eLtwCsxVCzC+8R0fe/1Z2LqNeUDV3ZcRGdTB/:TBXNjwsEyeF9UeNeUDfcRGB5

Score

8^/10

banker discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.baidu.androidstore

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.baidu.androidstore

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.baidu.androidstore

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.baidu.androidstore

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.baidu.androidstore

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.baidu.androidstore

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.baidu.androidstore

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.baidu.androidstore

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.baidu.androidstore

com.baidu.androidstore
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4310

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.baidu.androidstore/databases/baidu_androidStore.db-journal

Filesize
512B

MD5
dd052a994a84a2625ab4b428b41b402d

SHA1
e6aabfc85be0fb37701844bf27dddac172f6855e

SHA256
0cd89ce7f88f2ec21a03b9a5b5a7c8ff339d4485d3a3fab2a03d5f03a5771cd4

SHA512
291e8832b960118d76f197b7292a952a79728b3166e33dc84cfd82ee457316619d86514af8f545ab8e47a2fb4df2e489d15bed8222faf84c088b51f20d684ce3

Download Submit
/data/data/com.baidu.androidstore/databases/baidu_androidStore.db-wal

Filesize
164KB

MD5
5409d8b88c2fd7f7fb7ca7b482c01b20

SHA1
20d910bb1c8e65b9085938d5bc63c691a519a3b7

SHA256
3d78056b897aeea03cbdfd38fab4a8aef5be5a91a7eb991b1511ccc2097f0965

SHA512
68d9670b861e90e24c460cda1869792b29bfe939879ca79b22bfd834db6e2aec20c3e97492a321edf58f687cc38f46b625d02a36bde35eaef80c576722b28c6b

Download Submit
/data/data/com.baidu.androidstore/databases/downloads.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.baidu.androidstore/databases/downloads.db-journal

Filesize
512B

MD5
8a3673db90287105558c5ef131c19b67

SHA1
a5ce3729a8298c856fc7f6868901cc1290592c0b

SHA256
bff8866cde40f32b5a39aa26a034d4987e88e8d7269984cc94e15fd78378a3ad

SHA512
05a8c9e80ad27f148037fc51cc7051349ac15be8f30d827adf78e134701819d69fcb50d9cae9af3d7556a35f39269a2f147813c98d6efa4c60f7c7e134031cbf

Download Submit
/data/data/com.baidu.androidstore/databases/downloads.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.baidu.androidstore/databases/downloads.db-wal

Filesize
36KB

MD5
c66fd3a48c53c525fe900eaf41c8c65b

SHA1
ad6e32b96bd5e65ca3edbd751c7484b356b126a7

SHA256
9208e99f83d41585890dbf2d339ef394d53ac6e9400c41eb6feeac260e366b95

SHA512
dcb5e9da329c5dc22af18ad611a68f8d64c86891ebec408c238e6baa8540c8f354d9afef97a1138257a4fd04bcb943b30d6da9e3bc5c1b033cc473491bc060b0

Download Submit
/data/data/com.baidu.androidstore/files/.FlurrySenderIndex.info.AnalyticsData_JPRCQJSP38RX9ZQJZDCR_159

Filesize
42B

MD5
38c5513a52dec2630be9ed895e15ba4d

SHA1
9a229eb960a24768269bcda8fb4f373eb54be2fd

SHA256
c8c7946ddefd7fb21495688c33c91af5ac4d6b866b8296a2d69f5330f4168e71

SHA512
56f9d3b10d6360d0128cb9275c7261f2988f29d6f7e55d6cdf9ca305310db137182eed72a41a0fa6277d0c7b5a69c0032227bf3f36a43064af721973aa8089e2

Download Submit
/data/data/com.baidu.androidstore/files/.FlurrySenderIndex.info.AnalyticsMain

Filesize
44B

MD5
a3fc4f8aca67441e92697926e7e303c8

SHA1
0ae8e0ad8f29955d584c542b999617389be05bcc

SHA256
f6c1146581ec1a151690e46cfa64093d4889c9df61621c8e64cc19ae347a4228

SHA512
a1379fb23c371abf4dc7b01625dd5e309da4dcbb64a214ac325cdd0334f4117c7f0c68eff8335d5b5e680df039a34d184061e38accb8ade10b4fde9242b17cba

Download Submit
/data/data/com.baidu.androidstore/files/.flurryagent.3a4e6cb

Filesize
58B

MD5
e517a1fce8bbd8a690b92e62b2311551

SHA1
200c4e2d6f341237cfd67ba87dc7da03852059a6

SHA256
0e5faf3d69f832ca402d4bf7c2bf8f8bb0231002cbd9f795fa9955df80938add

SHA512
5d8f0e3a5fed9fe07a30ce78e990599d4c60c94746e0607b6bd04b6908e9b616c87ffe3cbf6b321044be54433afc7a41bef23717bb2d332d403c1644ea889d10

Download Submit
/data/data/com.baidu.androidstore/files/.flurrydatasenderblock.35adf7d4-4d4f-4afa-91fa-40ea0abc9403

Filesize
282B

MD5
4bad942901e2081db4259b2e37a0681b

SHA1
3dfbf7e835c2bcb22cf927b6464dfb2ef20034d3

SHA256
6a4a887166f76e9cdc9136b9d538163467cd903a886852dde76fea63f40c0d36

SHA512
6b34f433071de7825e44174591d6864baf9b6163c2005da7bf79eb77a04db7e1714101f31b44708ec89396c858400bec166936e5d4207c425b6b4900baf73a78

Download Submit
/data/data/com.baidu.androidstore/files/AF_INSTALLATION

Filesize
33B

MD5
1e6b5ef372bafa5c58f65bcf00fc4b01

SHA1
c74fd31c1b3a98c917ab35dbc041d275e7f9d51a

SHA256
9fad44c7b9fb762169d7cd9699ac3fb41a3e25a90bb24ad8c6ad07a0f045ca60

SHA512
a67370fb9d38e822edff2ccb4e4b4bf43eb441a51b0ea33312f09e8b22c51beef582ac0d7ebf895d96dee40dd751bd265f97989b0a4753f16844d5952664b9ab

Download Submit
/data/data/com.baidu.androidstore/files/action

Filesize
50B

MD5
186827e94edb58fc0debe254ca4de0d6

SHA1
d9bf153ec0264f631cf45d2d39679741bab9fd9c

SHA256
b807d32beaa651fe8626c2a9111d2e27da1272363a6b14032bdf16258c080e43

SHA512
d364648bd191ffea69648a12acc1fd37199a31e0f7322a829a62342fe33967098e5106b9a1c054d4316d0d03a62c88d5d6126aba39087ee165e46125d8efc7cb

Download Submit
/data/data/com.baidu.androidstore/files/action

Filesize
306B

MD5
a9ec76125298c0c2eb5271438b841ba7

SHA1
b247f8789a421e8d7f6351da5d57281c947d2a99

SHA256
771159f7258915244eba6cd9168e9db2d3a06045fe262d252a5d985410f8963b

SHA512
93734f188eda10e3d008ff3143686cd6dbf1c08b0ae109db22abfd7e2b21ae9e926df41620104b3e1c794ec3d7b3ed0104b201447e8c1551aa7d0dd1bab483ab

Download Submit
/data/data/com.baidu.androidstore/files/action

Filesize
143B

MD5
4d9646ddfd4b62928987ab2f58fdcb45

SHA1
a0807c558695179089c495ba6043bc359028e7c4

SHA256
d275a0298d46c3f6f11c947ce5326229cb52262b3a7e2fc32e345faba20a355f

SHA512
c961a44365e83330c8bc43411703b5dca07fdb8b74ae56e745c1ab8b3ca08028ca672337b5f3ed1d387c2d40559f45bf9a7715c8623ea91ef474363dded9f657

Download Submit
/data/data/com.baidu.androidstore/files/action

Filesize
127B

MD5
7dabc2b2398a650e61397a7444a9349a

SHA1
30beb44dc0e119182558400bf8323f67b687bc5e

SHA256
415055997ab628f0ef956a6f2f8d4521d8a20dfe5d4cd3a35dfded98d6a117ba

SHA512
26a1152a070682d44a9abc77db1396964d983a1f8baeb60bea0aee178123a7c38f237cb046e974ebab405bb0c94c1d28d7b6a9f4f87018b17e68b6bae3e86c21

Download Submit
/data/data/com.baidu.androidstore/files/action

Filesize
1KB

MD5
b718cd7c75fb70b12a3cdc4c7d6ac0fa

SHA1
b15c1f93215b9af2929166c9e703e7536c277cfe

SHA256
c4b627725daf6a9b28f2d08d8542d84c6401616a113c22111b283d143dd3bfbb

SHA512
efa64a55dd2cf534c9848532782755660e34872ff45ca9cdd23904b12ead6b6e43b899a1c4b02a4af28afc36933810876e6cf111b9fd8a884dc45897183296bb

Download Submit
/data/data/com.baidu.androidstore/files/action

Filesize
42B

MD5
61a21598db1ade088fe314b62f0be91d

SHA1
651e76f69d35b7a4a76f0d414fb71511d35e378d

SHA256
e378ae1d7321f43d709d9c21550c5a744f1ddd1cc9671732279d04f774787247

SHA512
52b84f299f18bd9289f4b039a13923d689583aaacfe7731dcbd53317decef26b4cc1a351b1ceda9e8af12740144e866c6b6c367af122b2fb64faab1cd561bd0d

Download Submit
/data/data/com.baidu.androidstore/files/basicdata

Filesize
484B

MD5
9c5a3997a4a68a67f660b09622efe1b3

SHA1
7237caff328d0b9be6c8edad29d8c13559b07025

SHA256
30d6943de8720c1cf074a6bac54711dbf4b968bf85fd5f3d4979884cb7fef79a

SHA512
ad86ad67c375f49d955aa593a57a51c307f0f0efdaab03c791eeab354461d9de26e82feb8249b94dfae6f78a65909482457c9f14be8465f2734c7c97f85b1e75

Download Submit
/data/data/com.baidu.androidstore/files/basicdata

Filesize
1KB

MD5
8f55aa4ab06763bc9d3589eaa89dda5a

SHA1
174d1bffb6107bdbce073e26cf0d508f1eb675ab

SHA256
f4fe2ec06e3e94ba2b923035b85a6cebeb883ad3f12c5a121a29160f45460bc1

SHA512
621e27367d99b072de1827f8aeb208948c7d33fc7e161f67f0c1ed6a15be890ee59b9e11fc70b26fa898c6fd9313f66ac7f607ce79ffb312fa7181cf376838c0

Download Submit
/data/data/com.baidu.androidstore/files/libprocmox_v1_4.so

Filesize
5KB

MD5
8eb10043948109601f47ebcfef9efeaf

SHA1
98b1d03a9533086c3b60dddc46378cee601f1d5d

SHA256
78df1b79b59165733d01dba7cebbc518861a6bb8a1282598dfac0391dba85604

SHA512
216c4a2da6ec0f96dfa2c217fe08b462f2fa7ed072fc5e1a25418a86c7730e208c930918d4ff23129100f1b904163c1c1cd1ecd7d9b52fd50dae5a18b4423d9e

Download Submit
/storage/emulated/0/Android/data/com.baidu.androidstore/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/baidu/.cuid

Filesize
89B

MD5
b1b4d18cd4ba26278ab898cce2a3ee89

SHA1
4d2d60248567838d45d38b29cbb828d3939cf775

SHA256
bb9e0675247e18dfa1414b666ee5ff733780050f364448d3396ccc5aa770bd98

SHA512
e8f4b59c07e9cd2a5049c1beee5af11f193bbeb122ed92a9099b3a736753fee05975e29b88b58179e05111cc133447378cf57c36f027ffc543180697f17b6d2c

Download Submit
/storage/emulated/0/baidu/AndroidStore/channel

Filesize
7B

MD5
d89689ead56c5e1c9d4fc91dbc92946e

SHA1
7af9311bbc625a01a0a7c1cf88fbfb86d8c8db1b

SHA256
6bf43bdf36c99de68dfe9e836709db2dd4e6cd949ffa2198f3c6d2be48813c2c

SHA512
2f4cc76924241b9a1d67e26289fd0bb69f04bd90fca1136817f224af4d79dcf400c3e786724fa7cd71cf6ba4d9f19f65d2c865f514ebe006158989d6da5222a9

Download Submit
/storage/emulated/0/baidu/AndroidStore/http_cache/journal.tmp

Filesize
33B

MD5
dd10779911a504098752ecf62ea9af0b

SHA1
554af85555d603baef7dc2909507e25c2366b149

SHA256
926a80ddf7bbedbdd97ef3010bd49132ae6f3fae8aefaac16b8dbe350c15ea6b

SHA512
d20d04c8bf7f39d70b527ee288fbac2c76dad89e9569eba4acfc8f24b2153560d2a0d10b3a1c345c569851314b3b133b7687065b3da88c7e72b7f235f24eb57d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads