Analysis

  • max time kernel
    130s
  • max time network
    136s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    15-10-2024 15:03

General

  • Target

    487abd92a6412fc35a9518bd4c49f5d7_JaffaCakes118.apk

  • Size

    14.1MB

  • MD5

    487abd92a6412fc35a9518bd4c49f5d7

  • SHA1

    094d5889f17421b96bd4fc383fc5932a29ecb7b5

  • SHA256

    f995985d847a78ff1987d7c60786d5372cc8a107b2a9816c5843851e355eb300

  • SHA512

    ff9d4dca41fe0e409756d482949887a0c8f1593e83953248c3e3857ed1b7a91a7d5415ddfe58ba2e787627162c1140f5b6097751fab8780f0d9cfca7d65957ec

  • SSDEEP

    393216:wYS4HEep5BViqsS5vLwuUT0pvWPRtqOJePLkhI3:RSinpjgqvvLPr1WzNJejkhA

Malware Config

Signatures

Processes

  • com.dromon
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Requests accessing notifications (often used to intercept notifications before users become aware).
    • Tries to add a device administrator.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4258

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.dromon/databases/SettingsDB

    Filesize

    84KB

    MD5

    16264af6b4d878bf23d39b6355594db9

    SHA1

    b21d39b00485b55ce133d1d65ecc0d33812dc3c9

    SHA256

    2e39d98ad582d91453b3f066aceb2b97536b062b7a37136bcaafd92fb59ff5e7

    SHA512

    1da00145b8429cc21a0b9acd08cf267e4139d8780e6c287a6a7b4b016cb43448f4192a31c07b0655fbeffcd730d0e8a5b7da12971403b9cf2a9baa04ad5120af

  • /data/data/com.dromon/databases/SettingsDB

    Filesize

    28KB

    MD5

    079700dd24e42c6c986319268907fad4

    SHA1

    1e11b0dc3e3c283f05aa38219a5b5417b73ec1be

    SHA256

    8c1ce76976707828509fc7073b465ed81f6c1722cfac88504928765003f781a8

    SHA512

    f8ee3d2d66cd620d4d1cef5e1084c0225f28fabe266a19efaf690c20cf0d4c1a362c32f3bbdc4acdb41fb189abe5b134542638cbf73d5a71a80b76c2942d1836

  • /data/data/com.dromon/databases/SettingsDB

    Filesize

    20KB

    MD5

    adc8534cde45e339daed7d29156a4e35

    SHA1

    960d1a599ec8f38f52684a349ab528f0e12d1246

    SHA256

    7a0fd1cae9fc1b3224c6cb193b0a9ef3721c594b392f0707a1cbc7b4db4f64cf

    SHA512

    4ec7218f836f333cb24347c718543808e86f73ab1f95f8c27c858927be05adc6357b101c641cdc20b0d7c5e8d69983a7e737a37ac22741db4a2dbfb72ffa8218

  • /data/data/com.dromon/databases/SettingsDB

    Filesize

    104KB

    MD5

    314aadc81535964c661557cb8db3bf0e

    SHA1

    e5973b4e304418f2294c7d180a874e5554c2834f

    SHA256

    4c2d190b9aec8f12ea9aaea0a94e547009e6859936c15836837d695b1f4adab3

    SHA512

    296751773dc5e10aa0411da3f511dea502e70b38789301d3e52be061a0c02174564ca9b92d19468a2d9793fb9a1b39f6e0096414de6fea8aae523d4399c3d1e7

  • /data/data/com.dromon/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    b9f7ac368bd7f26b88e13f3ac7573709

    SHA1

    c889d208c0ec71dc1dda374250823cbf3358b166

    SHA256

    1401d56932bfb2be60c029c10ddc6fde39b578e9c1ef850526d046ff55c12227

    SHA512

    369cdacee08ae0bfa59e23b439724c26ebe89bb846ec48cd347168fb5c093888e22abff123100e88346af28f850e82c18db8536cc78784a4ac94d6612556a06f

  • /data/data/com.dromon/databases/SettingsDB-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.dromon/databases/SettingsDB-wal

    Filesize

    221KB

    MD5

    08d26029bef1c8a694d6e6b942a05ae7

    SHA1

    9d28fb68e2cb7d88d98c086c50861dd151057fab

    SHA256

    38d6b7fc53e6ed9e8a2fac004214f2b249a4e9565e31de32113b2dd00cc2a155

    SHA512

    1ec6ef896f0dfd175c4977aff05695b9866cbee37d7326ea66cd963bc42efc554de10106bf716257ce5e71c5afbb900d3ffed5b112e9df3125aa1558c78ccda8

  • /data/data/com.dromon/databases/SettingsDB-wal

    Filesize

    4KB

    MD5

    1a50945d6ac90c66e415619169a0468d

    SHA1

    1a420f6b8b94b80f1b5f18df7d59d08ce8c05556

    SHA256

    ca4caa3c2cc3c1951cf37230b7b0b91a0ae6bcec6dda7ae4aa87283b86ed17da

    SHA512

    545fa61dd5b4cc0ceefb6a07eef7f71a5cdf5e2d54a635d22509eab43a88b10fa4029f7cc6086bf1152bad9986509a1853abaeadfe0982ae4e19f03c628bcf67

  • /data/data/com.dromon/databases/SettingsDB-wal

    Filesize

    8KB

    MD5

    b811836a63aa0331c38ba97c0a07307f

    SHA1

    7f05bcf906fb24f2bbfabe2e86019c7c3782fa8d

    SHA256

    05a5af2aacd08059041b042d8a903209415e02e6899e7a6772a8b0c257769792

    SHA512

    01bfae8938c9d60545b1f48ee3d9b32f3d23ad6a737f4bfbb403d145ddc08dacc00a5c793151c9e08a20a8290c44438ab4d0d9c53f6a400c55f0bc05088ea715

  • /data/data/com.dromon/databases/SettingsDB-wal

    Filesize

    402KB

    MD5

    d88e88a62dc45df73e4710929baed0cf

    SHA1

    ddebc670de5a485d1c6dd503e3b3d2dbeebbdb6e

    SHA256

    fee2f79c011e3813dbab9e5092ee2c6c6ad3736fd36f7699a2ab06a50811eac1

    SHA512

    1bca4db24671cd1dc39d0e10966cd9e4435dd5c9e8965df39baef63c5c75cbf10ac530508e692da2e760c4e5b37d996fee9ab2cde181b73092584afa3741848f

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844C039D-0001-10A2-AF3EB7964BC1BeginSession.cls_temp

    Filesize

    78B

    MD5

    d226dbde76c0eb5b64907d5d772452b2

    SHA1

    c4348f4ec76a69b5422243ae1d4909031867946c

    SHA256

    b734765960f8e03e044c1a714ab5ee31a19c7475d4b19bb86df1a3abcc98a6b6

    SHA512

    2de26d208ef12cc2b0ff9a31a676398e11e87ab3343d6741802f1781269bc5713800918b8f3e36f5464f8edc22c4787fef6240fbe762c9a6957b074ddab0230b

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844C039D-0001-10A2-AF3EB7964BC1SessionApp.cls_temp

    Filesize

    103B

    MD5

    02a80cf930a0f6d07bcd5a9621b21c1b

    SHA1

    c9e6af011cbfb347066a3a3742c4ee448587a5bc

    SHA256

    60aee5c0eeda8048ecf6e1ed7b3e1a517bbd47b748436959924d35261f219225

    SHA512

    2445a41700e70ced153ba8b56d1511d5f58bc0f6209361643d8f208471c77fd484b9dd3a32401e9785e5203118f442e3714037fc017396ae33c626e7c8d2c550

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844C039D-0001-10A2-AF3EB7964BC1SessionDevice.cls_temp

    Filesize

    88B

    MD5

    e01d5f537048077b1aff7074b0c7a60f

    SHA1

    f6457677955c41b9a6110a716d5343efe4eb5528

    SHA256

    fc193504a4d48002cdc5ad48bef680e56dd60d7e2cc69ad6068391fcb3f4c6a8

    SHA512

    dcde27215d059ebfd6ffb25d3c95ed01dd26ecf4e6fe93fe46bfe9392c51a3461804b46e478978ef3c32bd1e75799fa08be523a60e7370e9b1f66f6f6ff9f334

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844C039D-0001-10A2-AF3EB7964BC1SessionOS.cls_temp

    Filesize

    14B

    MD5

    9b3d4522944ce6396563812bfdb92fa9

    SHA1

    6d2a6133c8f01938a48ccc77ef86ad8ca335c020

    SHA256

    d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

    SHA512

    091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844C039D-0001-10A2-AF3EB7964BC1user.meta

    Filesize

    28B

    MD5

    2e24f7e64aa1ff176b3d0bbf66b47972

    SHA1

    d70934a5531757da24fb6b2e4f1ec6c0e16f32cc

    SHA256

    2eb995e182f00f6717ac27cc51e63239bb08a191569141d053d9384397488289

    SHA512

    a2c0350774a38faa053e603c75706e37ecc3db464d1dd4bea1f9692bf663979038e358fd8f24b459198d2b9164854123d61320cd7ab2bde195ab5832f2a6c90b

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844C039D-0001-10A2-AF3EB7964BC1user.meta

    Filesize

    46B

    MD5

    69de0fbc5ecc151462b35f5c0795f4a7

    SHA1

    871ff44a8c5a2c682c0943c0ad522ca1dac22044

    SHA256

    9c01223aa82dbcaeb26cc6500e86c08157e1070eaa0469f20fe2b40a0fae0df7

    SHA512

    e1f367d078f8cb9818c3197442c4479f101f233be9a6baebb0ee20bb69bfea8bb305204e8fa896d66a47b45c860d53693ccd4c683ba73a7d3177f02b925851e4

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files/crashlytics-userlog-670E844C039D-0001-10A2-AF3EB7964BC1.temp

    Filesize

    87B

    MD5

    ddc0c1004d2d6e17f9b3d6d602ef77e9

    SHA1

    0e5dc3235c5125183979e96a46070a78ed186145

    SHA256

    16498faff475a574bcd195e29edbc95bc6d1973e3e3de8a49c18d4174d9bd7d9

    SHA512

    7703ffb222df1926bc28ca7a9f81448ae1f89e4158a7e4d2b9dc9a1356cb6780916c93336e705d1818099f06ce3786d5e9c4ab65339cd72361721e8138998c22

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    409B

    MD5

    8d03a86eab129ddf132268646c39fcf7

    SHA1

    05b32445b84445c9d09e658c915960c89ceea8d3

    SHA256

    08a71e42ae53e0565f7a91aa9421fbe47fd667fe9f49291701d7607c03cdde29

    SHA512

    78fbb7e55dd5bc9cac1c23a9c48fc2770b0703b3123e8e6ecfbb007f1633a0d20302a14886d83a725a96d3a31a2879d93ce14446cc371879c2a8c766c66a4f5e

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    1KB

    MD5

    091ac6b0bcfd95825d2657eb5babe2e5

    SHA1

    28bce8ed2c957ff7e255d3d82d2a48ddcbf3059c

    SHA256

    8f4e8eeb03208d3b7ceae0b8c186626eb0574b207042423c4f319fe0c9713693

    SHA512

    f9c6e0ea78c660392907a356a45699aa9a800694b3a5124b31f6beeb19292be25d1346a80d7326da2a89cafc6608bb32dae87bfcdb1785e398e5cc6835ea3059

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_09d4ee1e-3004-486b-8596-140d9aa7ab50_1729004632774.tap

    Filesize

    414B

    MD5

    6aaad1ee9cee2c12ce8de048432dc329

    SHA1

    d963e7aa66f0d55aa367c3dd02fa8473b4a4befa

    SHA256

    dc92d02a60ced38334ccc800529ba136df19dbf4aeef705e26b3a67cd2a7ccfc

    SHA512

    16b7f6026e8b59369fa36059023615597d43dba2977adc700da8b6863af6399eb1528a10b8fce44c3b110d87213bfecb0ff9aa1f4f4a8b3c7e68737b3ef6b44e

  • /data/data/com.dromon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_87844389-a035-468e-be8d-96f6f604bb94_1729004621553.tap

    Filesize

    334B

    MD5

    3b25dfba144cbd12189554891c16deaf

    SHA1

    51fb65dda537ae9db7e8995b94c8c11c7c0fa245

    SHA256

    568fd6d48a8572e025693f59a6ed7565a953303b065c15650946354cec90cf8c

    SHA512

    8592cfa076fe78387d4c64753ef6b158021a66222e8b5a746e5470e7408dccbc99f3435fbff400301611bc8838a770739fdc3c03c01cc6d2c706d67b4bb304cb

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    46B

    MD5

    1e50a9cb85bdd640ce4c56767df9fdb2

    SHA1

    22d548c2f85dcd4eb84bee7673a0ea3cea68f097

    SHA256

    ec10e56792e31fcedb3752a172bb43489ba0d9a9a273ff5f18b27a8ca6fb6b39

    SHA512

    d30fab9de1d38b682ec0895523b7f737fd4e5890edacf5222e54d9b7c99824bf4dfabbf4cb7fc0ec1d07b3b6ead39d6e2a0367880d1aac984962c81f3bd8dde3

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    59B

    MD5

    6a71a736c95f381b6df830846613c2a7

    SHA1

    08d06dfbdb9b9d046a4f77082bd7b1d17a4c5c1d

    SHA256

    186c671b300e2a5793e690c2dd1683489852a10f4fed63389fe11d5a3543a3b1

    SHA512

    ad708696acd6603c7180e6e00ff085774b4d1fb4710b1f9607063f8d7636d02fe47400247805008cab750cb3e46ff7ecfb87bcf73c9a3a2aa144c3be798c3f5a

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    74B

    MD5

    8ffa7997151743839907a57d92e293b8

    SHA1

    ff08cea4f2882ed9f8f1c40392f6641a70f1143e

    SHA256

    8ab4c817e263036c6ce206599ab5a86dcefd17bf4d7f663ce7d83b3e661a6af2

    SHA512

    15f6dd5d615ff877dc67b4094e13cf723897a0def8ccc6d32115d3398a1c9d7b2a7147233a8928695f7407c826268c6f3d647727a89e5ba0b87f3690b9c03ee1

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    55B

    MD5

    d9830e4bc3408fff88e87c4f537646bf

    SHA1

    fe43e252f72c1804381e906f90c41cf1a27d030e

    SHA256

    fe4bf0b9215270d594edd0cf91144af353e8de83aa80da6647c2fbf2367c4de4

    SHA512

    7714d5065060119c86cd0c0552b3ed6848f7d4dd26f4059d3bfb63fba47a10436b4ebcdc1750463bcd3eada734ab253c71041dfb76f933e0ae112500221858f9

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    48B

    MD5

    ef472cc04d901a94fc2f50c4c575e83b

    SHA1

    707954e94199e5c711da3edb915e4b8dbbf4ff7d

    SHA256

    a33126dea60b808e5a20fe0cc3eb85890f78628dd653b809326edd93b3438634

    SHA512

    9086eb91dacf9720f6b421c5d923258277ba0f90334d075c0264ff85bfe09dc1f5c45efe591a1533411d0c40bd6f2d717f4a576ced41d1e5d20bb89f3ff205be

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    51B

    MD5

    e6f68f2bbc67bff16f54ba11e37ef8a1

    SHA1

    7ef24a5540d93381d10134fff704cc6056f7e527

    SHA256

    1109856b76513f58f056cc7b6bcc4dd28c62a7ff358e977593a3151a8d6011f4

    SHA512

    79d3d645312559be8205d92808c2cc403739e95448b9ad978cc71a66ce06905e40ebd714f44c9df9a9bf2f3e61f234304fc221ec2e1ec90ec8250a4a57a4c188

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    681B

    MD5

    2bb775f1de4c1237f0e23ba5ef6bdcbb

    SHA1

    bc25f99a072832fd18a0af59ece19776c3de8013

    SHA256

    be259ebc695841b897219d94e7b776c8041a9483610821a6de2e30086790b7e9

    SHA512

    327ee722d8f0317c3b641c3e59a1757a7c8eb288c1cca814e9e5ee089f39291e983ab86bd9aa5890751277c48ecb709e43e0ab155163d234a9168e403f1e5af3

  • /storage/emulated/0/.androidmonitor/log_.txt

    Filesize

    4KB

    MD5

    36360ef9a8a3f27b9523a5b27808c6c4

    SHA1

    4561c0c2100b62c62e976e1f320c6ae372cb6a48

    SHA256

    6142f8e99977d25fd43b8a58d8c7552e3f53fb4fb06ff2ffca8a1dfd7a10a8a9

    SHA512

    f7890e5417de56183e2b50423e7c8984e5e8a7829a00f2d8e1e4f3e5608feb9956b94d25a09722d0f5ed188b054d03c585c58c627577c5bf1172acbc2854470f

  • /storage/emulated/0/.androidmonitor/log_.txt.zip

    Filesize

    1KB

    MD5

    5c26d5784fad26e65bda75a5046a42a8

    SHA1

    23c6766532bf9bb14407592d290fa38e8e9b7831

    SHA256

    efdcfd9780cdcb2f5d3871d8b740a8b3ba7cf0d4c90ddc91f6d33b5b46202e0f

    SHA512

    fc6767d481722fd72c4758b8883323169bf2500622cb55421d357ccbf17ca87038a0ff8def6fdee396584d775a3552bdf3b40a046f6be5a861140362bf9f0bb0

  • /storage/emulated/0/.androidmonitor/log_1729004620830.txt.zip

    Filesize

    204B

    MD5

    80e8b4d1d06ac01d9ef53f513c23096d

    SHA1

    3c863f28986b1a2da6577e6a51fb5f983ac136e6

    SHA256

    cf574a679024b0546db23235231eda013b105433fb3f8766ad740cac4b9f2d2e

    SHA512

    9b1a7bebdd0bb7c9bde5b0be73ebc74652a0adde23b0ce763a45c00dcabe806f2045b343a8623a2b4e54c5cd7236e78f1c7f9bbe9d1d166d6f8ddab7e7562575

  • /storage/emulated/0/.androidmonitor/monitorchecker.apk

    Filesize

    249B

    MD5

    73b4318db514a40d8561d7430457678d

    SHA1

    16a734c183cd6df449a58cdcc0997e01ee241052

    SHA256

    3c277292ec24b118dde2746ee7382470c4a0c6a37351757dde5076c45cd69882

    SHA512

    d7c03c1360ea54c2d2e5478bf37b9877061a018f802c6afbdc7142f9a3f6506db7923e2a381f021608a10f580bb412634b8cfece16d2e157e231ac09c5ddcfda

  • /storage/emulated/0/.androidmonitor/prog_class.name

    Filesize

    10B

    MD5

    fd5b98ea58e94fffa1df623df684d3b4

    SHA1

    eaf9952ebeeeee38df60c9648aa728f2d2f7a52a

    SHA256

    73a03ccf7af8d3e9a1270d54680f56749588fb49511b94a424970acf69908d59

    SHA512

    9009ead16766df475cbe0cbde7329aa905512f833b938194603242efc9f33d88ee441495066f66ed0dce55f4d5248fb3bd66233e3176c57ede357663ad705718