Analysis

  • max time kernel
    4s
  • max time network
    139s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    15-10-2024 15:03

General

  • Target

    487abd92a6412fc35a9518bd4c49f5d7_JaffaCakes118.apk

  • Size

    14.1MB

  • MD5

    487abd92a6412fc35a9518bd4c49f5d7

  • SHA1

    094d5889f17421b96bd4fc383fc5932a29ecb7b5

  • SHA256

    f995985d847a78ff1987d7c60786d5372cc8a107b2a9816c5843851e355eb300

  • SHA512

    ff9d4dca41fe0e409756d482949887a0c8f1593e83953248c3e3857ed1b7a91a7d5415ddfe58ba2e787627162c1140f5b6097751fab8780f0d9cfca7d65957ec

  • SSDEEP

    393216:wYS4HEep5BViqsS5vLwuUT0pvWPRtqOJePLkhI3:RSinpjgqvvLPr1WzNJejkhA

Malware Config

Signatures

Processes

  • com.dromon
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Queries information about running processes on the device
    • Makes use of the framework's foreground persistence service
    • Requests accessing notifications (often used to intercept notifications before users become aware).
    • Tries to add a device administrator.
    • Checks memory information
    PID:4506

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.dromon/databases/SettingsDB

    Filesize

    84KB

    MD5

    250cfde9e18fd4cf5da230122c8cb503

    SHA1

    9cc2a314ee1b96fade77706a93a240949a123240

    SHA256

    eccdc5a4ec4f822abd83407b4210d9492704f3bc7feff29ef8269a9bd2de23ec

    SHA512

    a3d4833ce4f1ec02cf307ebf44cc8df4161d299aedb11b688970bf9dc9d6c2416af4add124a028c632d701093c4a7054d05019d5dc8ed05b6cb9dbd7b2ce5531

  • /data/user/0/com.dromon/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    28072e8b681dc94084ec8e2b56f966ce

    SHA1

    fefab2cd0fc50510dda0862c303734f037b6206f

    SHA256

    f2c0883a6706eb2595cbf8a3f4c13530adc61df4c83da192fe242f8f14e2e634

    SHA512

    0e5db7d53bd7f0c3eead073495455dae80c36515b643a397dbefd2b24147e1f58d671f71452347c637c03551322ea95205c917a07d146e9df13682d451623369

  • /data/user/0/com.dromon/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    bb0cef5c2d4556bb81d3503874ea174a

    SHA1

    a18f0640a61982c34b3709ca8aee953425f434ae

    SHA256

    9874f14914b25e2b19cfb073987635acce5fed37fbf24abc4821f92e53b36f1d

    SHA512

    d09de5766d698f6bc53f2169edd28b705a128020c5fe5bfa2ed3ace6e186d17a0b7bacc0f3d6d70523d69c0f55e2962ef025d168f24979a1b64dac50a49878b8

  • /data/user/0/com.dromon/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    e0805f7eb5ba0e721337377a0dcd6013

    SHA1

    a53fce3c7e9d4fdc9b449ead75acb38d6cb6f5a6

    SHA256

    dea108bd8ad1fd8e83d25545a3ee2aab62f9bd4df824b7131c86369d30724b2d

    SHA512

    09f04ae85e6388714dc36ce48156f3ecf53764f0964a918806650bc6a1545655c4bac6de9f30029677143b6d4179c8ccfb6e892a5f61eec052efe0f54a4b47e0

  • /data/user/0/com.dromon/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    67e25b8167e6eae87ed04ca6895660d7

    SHA1

    715663a49f38ba7b9bec193f1f5d5a66e1c97ef0

    SHA256

    24cdae926d13edba776ef438fd762ec3a8c4ae2ef83e9fd68de9f6f318eecc8f

    SHA512

    95f76651505bd0510fb77addf59538a46c9c2b671cc1ba43874e3aabf50e88bafef63c826f9f190cd4a94dfe7719bcb1c5f1df709ac8047702186ac74493e80a

  • /data/user/0/com.dromon/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    0ec39b4494c9ef6b966e75c148a3a81f

    SHA1

    d368f01fcc9be8c6e393f9cd9820dd6ab687cbb9

    SHA256

    51be048c512c4be3f4774089e96bca748df5f3e7c349998b35c9ecdf60dd3ed7

    SHA512

    88d37e5dda340b132fc397c6c0da8a6b2b1c87f2366c405493038ae82cef0a75f749f0c20657ac556010ea5dabd2fe5e16345719306b66cb516ed12a4a23e9a4

  • /data/user/0/com.dromon/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    e2f2c6e3c44f9daa2e546250bdaab65e

    SHA1

    fb1e182e5d5124627b5721c0deaad83c4fa3dad5

    SHA256

    5da129b5c3fb7c5e632007b3d30830da52720971cf4497b8d9009de76fbd2795

    SHA512

    c43eb3ae5e6b9b8ae824ce70db2ca49710ff81d70312a169175d5045f29d282f8bb93f5ae24fb6124aa8abaf6dda5f32ab501ad5055b1c53a5623413219a080b

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844D01EB-0001-119A-9F920A64DC29BeginSession.cls_temp

    Filesize

    78B

    MD5

    442c043e488c2cbb929fc93dfb9c8cca

    SHA1

    e290ff04a9270321760da5731a6a8476f0eb9aa1

    SHA256

    dffa8b8e93fcd2c6a2e2f4820dbf6dcbd1fa3cb8681e2d43fc76a9b1fe3c004d

    SHA512

    fe97b0b15584e70f766f4d6287e000bc6ef0cd4ce415183358e93357f6f0e39a91854f810c61d4c498d1c89e821e7dfcaca35f3ce860d6f0216d5734049b8277

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844D01EB-0001-119A-9F920A64DC29SessionApp.cls_temp

    Filesize

    103B

    MD5

    6f264429aa60a94d16e5711ab802198d

    SHA1

    467da41a06aee4491c9924d5c53400c0960fb32a

    SHA256

    cd60af88c578e2a2647b0f21169f9306fba5ebf3e91e5278d5dfe977d1e7d8c3

    SHA512

    e02d08e791b112919877e5d476073857e2b6ecc7dcaa672d9f1eb0dd6b02e34d39f4d34a8f4622d45e85f93a72a5c1f36a62c1bc38e8d19984774aa1545a61e8

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844D01EB-0001-119A-9F920A64DC29SessionCrash.cls_temp

    Filesize

    13KB

    MD5

    8dc7d580b5927bfa0efc29ed9c23915d

    SHA1

    8b475b77aba5e112b873be2c3577af5e26f916cd

    SHA256

    375ce719a3afc9d067f3713469cf1c3926107168547f99fe81ddda143a7fa424

    SHA512

    1cc3b5d40bc3ee8dabc33f251440acfd8e1caca83e6ee0f029da3a067133e99ed31b0d0174e8169060e6b603a7d928e370084f666bfcb488d2825dbab287ec28

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844D01EB-0001-119A-9F920A64DC29SessionDevice.cls_temp

    Filesize

    88B

    MD5

    25e6025968487b9d7fe1c848159ea635

    SHA1

    92f9b42458198eba0a61d6e8574656563cab28e4

    SHA256

    1d6d26836e39113afbea58109c7fece85ef3da693d64d3c4247c3a7556a5749e

    SHA512

    c88b1a584292b6531e6d6c4f4fcd28f34c4a6f33351bfa90481ad8635da9c256e49fd19cddb68caf5253724867f92df065633af0cc438d8235edbb0cd0e941ae

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844D01EB-0001-119A-9F920A64DC29SessionOS.cls_temp

    Filesize

    15B

    MD5

    b3d9541cc92a9153d14e5160f8d8c008

    SHA1

    2e1ac80eb381dd82a03795b682f92020348c0113

    SHA256

    1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

    SHA512

    78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844D01EB-0001-119A-9F920A64DC29SessionUser.cls_temp

    Filesize

    26B

    MD5

    b8eea30f6e25785206ddd3d19f5f96be

    SHA1

    78f94313acaaa18d9bf8465550765a0607d6df43

    SHA256

    7d1be0076508145d14df4bdc7e37ad98c96aafa4e2035b78c2f1d7bb93cc1cdc

    SHA512

    d0a43886b318320bb55a2a268405f093509af76c852607ace17eb1ddab34c4ce69faa86044f02a08974e5db1be861332f66400bd8d6c75c94b6f9017170aee7e

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844D01EB-0001-119A-9F920A64DC29user.meta

    Filesize

    29B

    MD5

    6f3bf9dd98b2e511bff7eb204ec6d254

    SHA1

    b1eaafe8cddf7b98783a095a725d6fc768133d00

    SHA256

    b2eb715b3b4b639f36fedce1ae2d09233544a0c234821be07f96f16adc0659d6

    SHA512

    0bb7d5e43f6441afd011935a0edb8a8482e169f10e3860ca4b70418aebb7866138fb2f257c72bbe66b9f736a9898fe226b1673c8e11bc6c9845b4821877ea372

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844D01EB-0001-119A-9F920A64DC29user.meta

    Filesize

    47B

    MD5

    fc144e611da462ed2c0aa3aa355698f6

    SHA1

    ab574d0a0c2a2d2facdd725509f0df60fda6e011

    SHA256

    32482b6a4b7a6f806e6ef7e4b407e910fcb188507fb0c3d3dd1af5e95c75d86e

    SHA512

    fb6e0cb39e8a3e0b847796ef8e1da209e9c33dbed5dd1b193cf1a14c24be364548358341e583bda6e27612a56c4865f15d91897a0a7591ecac243e6cc3a895e5

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/670E844F01C5-0002-119A-9F920A64DC29BeginSession.cls_temp

    Filesize

    78B

    MD5

    32f2756b9de9a8da5b25abec81e30511

    SHA1

    80029b144deb5982dbef8a16440c8ee588bc634b

    SHA256

    141a5a6f5eea4aeae89db0c66e41069d7b2df2d510e0c92f467372f2902aa763

    SHA512

    35b64543df06e56e2f860b98f82ebdf8273ddff20513396332f9e28350799e0086e23e938a33652f5d60538a392e27d1bb8f02f9bfdd107162316e23e7bd9572

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files/crashlytics-userlog-670E844D01EB-0001-119A-9F920A64DC29.temp

    Filesize

    88B

    MD5

    070a60c0cf7b2baffb5c44be6ea521e4

    SHA1

    45129c494643429e07f2463d49098854ca73e457

    SHA256

    ebbc4afc8effec61cc379f929b44834be982398c9323443a7d486fd8be93bd94

    SHA512

    1ca87c42ff91ae60c4f9d4ba661ac7c1e24bedcac7eda1448d13517241826f83597f490a5479d657a62086916fd17cfd2cea64ba7c154d77c91935850594becf

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    410B

    MD5

    0949a8a0617da37ad76534e8f7d3ae50

    SHA1

    eafe5142db7a847d6881085c55f0a97ea3a24292

    SHA256

    f24eadae8e94f63f645cd2553d580d50c2b92a5a49c49b0f8336227ed3f5bddd

    SHA512

    61071322bb0349ea6b184bcfd954f1179930546d28fb3925ff1e0b92afc9136b7aa1003a44fc722de61a299d892572f0781ac1a80c7ee9d730b84297b2617d9c

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/user/0/com.dromon/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_e8e6d826-62e1-46fa-96b6-b21e3279c8ac_1729004622080.tap

    Filesize

    335B

    MD5

    36c6c87052500535917cededb730ed3f

    SHA1

    bf577930d20908bed39c90ad60146251ecdab99c

    SHA256

    a097995044e24bb2b87f4f85ec6ed95e7727b7bd4af78bf862bed8e0a25ecd68

    SHA512

    025fb0d7669278759db50b217148ba722ebee4400752f11ddf21953c3c83755108664f0998fa14c11d6cf24324256260fa96ed4c17c167219443f6943c02de2c

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    46B

    MD5

    cbe8ba5c2fe507c676f6f05217fadb08

    SHA1

    2da62e27b69a4db117a78bd0ac67ad4ca292acae

    SHA256

    e8929117b022552be880afd721d1514b5e6e887907d982c4d7fbc5fb389f18bc

    SHA512

    1d243115fcc9852c4c8f3bfeb339afff0ddfecfcd0c9e045847a72ea8b6fd0a6d98063d2d3fa395f6f494f182c1a1c5a5329006470b933517c22fede9822c23c

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    59B

    MD5

    2bd6227cc235a74b200add328bcf5724

    SHA1

    d848841f2ab60dde032d6e3d3a832c18b07fc112

    SHA256

    1020f28ef53deb50c4c0941986708b1febdc989fd227fb7da4e6fc4864316db4

    SHA512

    87aa8ae7bb9f985c2d4cb53f9ac752b5326d1d1a6cbd05d4b837bf8e90887bd49a9a266068b8cb97fa76ef2c9aaaa7add2a7fc5b6fb97a2b7d294d3fdaccdd23

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    74B

    MD5

    cd371eaf255b0f91196c23b3b06fd6c7

    SHA1

    4efcf56e68b692d4eaa536483f8b35fa0aba63c2

    SHA256

    fc7dd64af30dc83d304248c9abc8e337c04ee27e3e66ef4b1c8dc66c6db705ab

    SHA512

    2b894a8d373c5adca34c2f076fae20898de71b861ecdb0f79ab350e3e50843d33286dc0493093fb374251ee121b95deb1ec7e6d1bc60bfdca9deb4210172ed01

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    55B

    MD5

    063cb98c6e0ef139ce50b5a1a7e97853

    SHA1

    ce621c1407e9b1881244ae3237036cba89af292f

    SHA256

    847e0e1f4dabe701b8d6cb7c0428bbb4bd95df57eb73c3fb078118bb1d71f195

    SHA512

    eb10ec97a1168ab7506808b197e867de3b3fe65c4be68f0ed70e6ff322607d7504bb40c93dee9bd4eba8acd3264dee20e28d5aee9dab85a0c4148600a02ddb81

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    48B

    MD5

    85393c34530125c909effd31571a2e5a

    SHA1

    faed423886c3882b2b42882113411832cf50e2fc

    SHA256

    52401d37a4167af2032bf4192884ea40b544d042491deb37602979fedcf2fe81

    SHA512

    c73915bb4fa5995fd471a2c5562c6e23d8f62238ced4489a74b3b5f6c1684095d33e5c119cc1b49f009679707eae019dbe734c88801ca6273f51bcb7a2656bfd

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    51B

    MD5

    e688004a44ef7e62c17fb3a8fb623d60

    SHA1

    6c64e9eaf906d6eb932cf54ab93ad0d0b9dd8f13

    SHA256

    22c8155fb95341ac2f81b3624a46c499b24322bf248024b0b130e81d61070c51

    SHA512

    1f5940aa2a88c32d1c2997dc24af31f431c87e66e25146f4d611cb4eb3ec67b22432c0ee794466a3bd622802cae6703e8a3528ea5b54d7230bc3078cb0ca1ea0

  • /storage/emulated/0/.androidmonitor/log.txt

    Filesize

    681B

    MD5

    f90555d35a4fc9387606ce40eca58890

    SHA1

    b4662091744d5244294760e9f3fe4a88b5429df2

    SHA256

    fef0e951fd7f51aa4fa4d2bc08aacc449cb30b76759af54d6c998e15626124ec

    SHA512

    6ba52af36de8f7cae9d741347100234da49fa960ffe8ff57122fcc21b0df045c797399db3e598ad453125a61d85225aa8ce546ebd14f2d77035b9e64161350cd

  • /storage/emulated/0/.androidmonitor/monitorchecker.apk

    Filesize

    249B

    MD5

    73b4318db514a40d8561d7430457678d

    SHA1

    16a734c183cd6df449a58cdcc0997e01ee241052

    SHA256

    3c277292ec24b118dde2746ee7382470c4a0c6a37351757dde5076c45cd69882

    SHA512

    d7c03c1360ea54c2d2e5478bf37b9877061a018f802c6afbdc7142f9a3f6506db7923e2a381f021608a10f580bb412634b8cfece16d2e157e231ac09c5ddcfda

  • /storage/emulated/0/.androidmonitor/prog_class.name

    Filesize

    10B

    MD5

    fd5b98ea58e94fffa1df623df684d3b4

    SHA1

    eaf9952ebeeeee38df60c9648aa728f2d2f7a52a

    SHA256

    73a03ccf7af8d3e9a1270d54680f56749588fb49511b94a424970acf69908d59

    SHA512

    9009ead16766df475cbe0cbde7329aa905512f833b938194603242efc9f33d88ee441495066f66ed0dce55f4d5248fb3bd66233e3176c57ede357663ad705718