Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    16/10/2024, 03:25

General

  • Target

    4b3558a7df4fd618b3dfb843f49d2a9f_JaffaCakes118.apk

  • Size

    12.3MB

  • MD5

    4b3558a7df4fd618b3dfb843f49d2a9f

  • SHA1

    f88f6431b9ec4653875737f7127ae463a38f1592

  • SHA256

    f67f6b9ae0caa88fa51171d0acafaeabc98855828a9b6978fe1bbfab53fc6818

  • SHA512

    59814bd47c31edaabb9c6eb644f1008d89f0c6cd482408a7db8119b1cc84ab09a6170ff3a68a70e39a62ace4f5e7061d9db90d659a6dab07c491619fd2796548

  • SSDEEP

    196608:hG6cgK39kSOjcTkY8tlXxKXXCXLNe1bvM+ZWD0mOaYWAvNE/qLfDv52n:BK3Clj0b8tzuy4bvM+ZU0mONE/qLfD0n

Malware Config

Signatures

Processes

  • com.duomi.android
    1⤵
    • Queries information about running processes on the device
    • Requests cell location
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4242
    • cat /sys/class/net/wlan0/address
      2⤵
        PID:4423

    Network

          MITRE ATT&CK Mobile v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/data/com.duomi.android/databases/ThrowalbeLog.db

            Filesize

            4KB

            MD5

            f2b4b0190b9f384ca885f0c8c9b14700

            SHA1

            934ff2646757b5b6e7f20f6a0aa76c7f995d9361

            SHA256

            0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

            SHA512

            ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

          • /data/data/com.duomi.android/databases/ThrowalbeLog.db-journal

            Filesize

            512B

            MD5

            4a5f67889cadcb187800208c08a09585

            SHA1

            f8c09c6546f25dbf838181a14b29414c13392ace

            SHA256

            394a598e48efd8fbc58e97a791eca6830651fae9978f10b086b15042cdbf4f96

            SHA512

            4beb386935640d7a81000b42e8c6838509343be717d63e07f5cd02cff797617454bc9d67104c07f5aed5e3196232d9fb9586e54883d54257677175d7dcc3c2c7

          • /data/data/com.duomi.android/databases/ThrowalbeLog.db-shm

            Filesize

            32KB

            MD5

            bb7df04e1b0a2570657527a7e108ae23

            SHA1

            5188431849b4613152fd7bdba6a3ff0a4fd6424b

            SHA256

            c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

            SHA512

            768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

          • /data/data/com.duomi.android/databases/ThrowalbeLog.db-wal

            Filesize

            64KB

            MD5

            6196a64f32c670fd2b1f843d9ebc49d4

            SHA1

            29c4b7b3cf843803c86a2befb057df300271d299

            SHA256

            d01d1b4ff34b29798a81d1e845684d85db2e419fc189f58e835d0af265ccfefd

            SHA512

            ba494fb52c1e103f0da2a8037cbc5daabeb21e4e464a6d2d0cf0c1eb30de52ee3902d7d56f8474aba60a3304d557835dcc7d4bb8a7b51a97cd8b6949a1f9fa5f

          • /storage/emulated/0/DUOMI/cache/-1468876515

            Filesize

            7B

            MD5

            dab5e7dd9aa3f42e12d33fe90ddc4ea3

            SHA1

            67e3fab5acd5c296ecb61f3d57f294c8ff63164e

            SHA256

            263b57467ecb14e1edfe982e39aa1253d88e6763a071568beac717ead1b729b8

            SHA512

            d0aa3c0162217b9eb5765e38196910aae2581ab152efd222ef59be495d5ec27ab4ed637d30b490d9492c983b62767155ba2e31a8906d4dc5dabd0ba4805412cd

          • /storage/emulated/0/DUOMI/docpath/playlist/curr_playlist.dat.tmp

            Filesize

            26B

            MD5

            ca3b3b7a6a624037f3a665d09e3fa3f4

            SHA1

            6e95464ec529a27f42d713944c0215514427342f

            SHA256

            1f584ea8bff3b311c742a133b75235945dcfa9a5fca0884d9e826e25e9ca4f89

            SHA512

            4ac022feb32044f8c7f512fdfd6efb1f1495d3f4317ac7316f17aa95deba75cca5602fd6d9b5151a4cfecbed59e1a0c769dc0f671f963f2eab667c57842f179e

          • /storage/emulated/0/DUOMI/docpath/playlist/playlist.dat.tmp

            Filesize

            673B

            MD5

            9a52f398ca8583b5217d4bc432264531

            SHA1

            5ec8370e55b344731b7faea3750099d02206b988

            SHA256

            f720fcd587b2e60d97534cada8aa3b07bf8344bf6a9a496635c2f8982f887943

            SHA512

            131103a03ad755407ae28627799e5ace3141708ae2be3c97a5b672a1f66d9bc2881168c15724e2085757b10dae5edc4ceb796b1e79a5f93411d408bb5bdf5618

          • /storage/emulated/0/DUOMI/fo/EMF

            Filesize

            16B

            MD5

            30cac26d3a08ff195061078ca8b4ed4b

            SHA1

            ea43602f8a9e803559c687ee5c14fe13ca0ede0d

            SHA256

            515868e15d76248088bcd2b4cfd8b79450c304f079bd8592b248b58190c405fb

            SHA512

            9682f1b1574c4eea9fc531b11c57a4049d26cbd0ee19e3fb43d140ae6995c4d2ccba577ac05edd19a46dcbd795cc266b45ba06cce04fbbbc9456ec6c5316c827

          • /storage/emulated/0/DUOMI/fo/TS

            Filesize

            277B

            MD5

            dfd31ecd9c4a8b68825c92f3bc6e011b

            SHA1

            a83edfc464ea038797f1468c7869b90a1d18d71f

            SHA256

            176ce01db7238b60cc89dc7d7b1bcfc48dfacd6d041c659f144801b3009663a5

            SHA512

            e8ddb46552bfa8bf5b1166b0ca1d2fbe15a4bd20b50086b3425800f2f59fec751927eff28a0524f45f3c2f0bfcf796f4beee0cae096b0280687e218f09ce1984

          • /storage/emulated/0/DUOMI/log/duomi.log

            Filesize

            249B

            MD5

            185033afa4aba4eccf91d7fe5edc7f0b

            SHA1

            0be56591cdaa489e8079d0820fd4ed14066b2534

            SHA256

            120e6f1ba6e71c67753a82a3ac82916c4ff0ae84e13c41c220613495ce7cbcfa

            SHA512

            5df2d900906ccce77fbb974ef990cf43acb4ff9c042334bcccb8e4d33bc124ec673ad49c678901e5aa04b4ad664d72521e10254abbbf3671eb7b4e5042f10550

          • /storage/emulated/0/DUOMI/log/duomi.log

            Filesize

            509B

            MD5

            6aef1101f45adba6f81434298f1ffaea

            SHA1

            58b549daa05c64d5477419203d7083ab9b09c957

            SHA256

            4f75e2983979f66e8cf473b8dd5ac2fa40dd6b19f8c806c73de4bd5ca06512d5

            SHA512

            337919e21b7b0eda6f76d7cb7991b924d4b954938c0e9d1007448d2b52f52411f2836a900b875406e0748f0ba7632b6c0250f04e4572c966c86dd8bc608f6493

          • /storage/emulated/0/DUOMI/log/duomi.log

            Filesize

            735B

            MD5

            1bd4119880f6422ff03b2625d29a4a27

            SHA1

            e4c10c59f242880dd1e446874262db396857912f

            SHA256

            0fa5f023e279e28cab332a042adcc2abe5a1dc3fa9b713e281c30a94f26cc47a

            SHA512

            ce7b8b3050a27dc121ca89b087afcb8bc5b3c13c727e3937be3c2a42fcace180ccccb1a37c138ac7eb645691d7cbf9d82120faa006c3f5de1a0cd0e13b8fdc69

          • /storage/emulated/0/DUOMI/log/duomi.log

            Filesize

            962B

            MD5

            c67c7ad39b7a806b23d77e9a256e83e0

            SHA1

            db466ee33603fdd8cac4a96686013919df796178

            SHA256

            c80f55ead3f5fb4dffe1c2b2948f7604e00bc2a173fbf49aa9d24565b64a7781

            SHA512

            a2510c992d6223d25b03acd8dc0828bb5573779cee776184ea5ec258d27cf810bcf81ce39baaf5b33419b6d7653d29706b0e110f11ef43bfeab193f83a268fed