9077784e2d0b6441557d9df659523c3537d0ec07fbbe60cd740c993ac7ebfa04

Analysis

max time kernel
149s
max time network
146s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
23-10-2024 18:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

702a0cc93e3f677f9d281c9cf4311d01_JaffaCakes118.apk
Size

4.7MB
MD5

702a0cc93e3f677f9d281c9cf4311d01
SHA1

daf8d41e234be8fa8ac8e54a343be4e2d3691377
SHA256

9077784e2d0b6441557d9df659523c3537d0ec07fbbe60cd740c993ac7ebfa04
SHA512

927e881ac8d6168278bd8dc61119829b4c6820a3284045159daf4d2e2eda076c66370add757b4f4f07762b2b6584289361cf9469bbb89ba04c986158d25e1765
SSDEEP

98304:ntg+05XWx/PTyaQ0HUJTvtHDzQfaZ6ewD4FHZY43coUQENOIgK1:H05cyaN8TxQwe4/Y4qNO2

Score

8^/10

discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.feyon.asystem

ioc process

/system/bin/su com.feyon.asystem
/system/xbin/su com.feyon.asystem
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.feyon.asystem

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.feyon.asystem
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.feyon.asystem

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.feyon.asystem
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.feyon.asystem

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.feyon.asystem

ioc	process
/system/bin/su	com.feyon.asystem
/system/xbin/su	com.feyon.asystem

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.feyon.asystem

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.feyon.asystem

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.feyon.asystem

com.feyon.asystem
1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
PID:4258

/system/bin/sh
2⤵
PID:4311

/system/bin/sh
2⤵
PID:4350

/system/bin/sh
2⤵
PID:4369

/system/bin/sh
2⤵
PID:4412

/system/bin/sh
2⤵
PID:4453

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.feyon.asystem/cache/root5

Filesize
13KB

MD5
c110d1870e0959a5471b2cfd2665adf5

SHA1
76373278e47563424ba4970b6720954d23bf9007

SHA256
775b6e3621bdb8c721002832a09a4df43c625f74534df511efe78bc1997464ca

SHA512
8780800d4fbe01e8c1adaf2204ccc237ad582616713529169468e3588a30ba4c5be77ebd30d3a9ad5208bc794e9e156de65d99c5b9c55e9d1d17b2e7a6811880

Download Submit
/data/data/com.feyon.asystem/cache/shared_preference.db

Filesize
46KB

MD5
c74431e432fa983d97587e98f70f39e8

SHA1
b4f7b1bdb5404670bdb1f321bf8704c0e7f19596

SHA256
34c87466339922ee5e23301c5e663ce3293a2a41d7113b95f4937f9f408b0078

SHA512
f9eb99cbd2cb86b02758e168402fd17df0ec17337e9acd2a8d7b0462282778a544c2fb70546b7b864090c36f800e503212fb519eccd2bdfcec55779e877f4c3c

Download Submit
/data/data/com.feyon.asystem/cache/shared_preferenced/379

Filesize
34KB

MD5
c664c7feb7de187f7e8c10010c7cdcf1

SHA1
499119f9c691a49711d46a006ea74ef9ed858280

SHA256
078c49ec0bbcb4645b5d59ab22cca1eed5faad0c918e5da9632b28c9a3d4fb29

SHA512
0206e209ea2c9151004c2c437b060881055c4e043a69d75807887dcaa1f56f468c262bb953f11e84330546784c6907543ba69bc8d83a0f23e32262cbf1195099

Download Submit
/data/data/com.feyon.asystem/cache/shared_preferenced/8

Filesize
11KB

MD5
3b8f6cca5bbe44b437716f180ba2fc1a

SHA1
f160d876bf4b3c1e6df4904f02a1302d31e97c0f

SHA256
4dc9cc7e02d3ba43b0cb01858185bb2180307c3dae3cdb75e502b015f38b6dd2

SHA512
01a08fd2c26449dd428c48e1b280153f024d244a247872324509239c7b6588231b30d481d2775d04884e49cd9452a43f41df533be04875e4c1662c9c272b5070

Download Submit
/data/data/com.feyon.asystem/files/1729706643153.jar (deleted)

Filesize
1KB

MD5
9edd87b7e1898a3af5acd548b3c7f1b1

SHA1
461445432eafbc0a36e6662778ca6a3ce9e8f652

SHA256
ed26295fe9e9a129c7288650331c374346245bba12d5e996bd78a723e0b0f0de

SHA512
4d459a91abd1bac253e19874e347ae89e12b97d275cb4cd1581daea1330147afa87826bc908aa491252c9898304cbd7b841fd84992c40cd6bc1479851e370068

Download Submit
/data/data/com.feyon.asystem/files/NGP.dat

Filesize
30KB

MD5
0a806d9d2bd1c851d2165be89ff753da

SHA1
d9d1d3c2d2b70abde4d5a9352a9e8f8e5e92e30c

SHA256
8593c01e34c1bcffe0ce2c6892ba6db58fc08a1fcfd7496604a227bc851b3abb

SHA512
038de9b26ff2935809d567cdacd3c1373e461cf33441294e826b01f96dda600ad27074905fcad7563b7296b73b3da6c714abf5d9aa5b24e7f75ed1337fcf13f9

Download Submit
/data/data/com.feyon.asystem/files/NGP.dat_

Filesize
30KB

MD5
9cbfb292b977a218970af53ae2d85b64

SHA1
72f7240d65b0f749740ad2f811ba286f12b6474f

SHA256
e5f183d2cf47a594b335a2104d2c47ca3b24c8f4c6a843993ce742ff4a5467d5

SHA512
e88f86fce5da708d72edd4fa9177a9e0c543fa724a11e96e913d75e875efcf2d9a7d36fe6def2e92beccfb613793129c905c1f7ab1fb56a327abcd2a7b8bdc98

Download Submit
/data/data/com.feyon.asystem/files/ad.dat

Filesize
3.4MB

MD5
edec7149b37b9dd46e93836806488f5c

SHA1
43f33c1f986ac2dce464657038732d9b97d842da

SHA256
cea2e8bc2a05848f91e9d43e07fff0ecc2908db6a2cd9c383112c14c38561067

SHA512
891f87fbd056434a13ea1d0ddcdf0adee2fa12cb1c090e9ff0fb0d82ae47ca6e2af1cd900cb9e3e952a15f55521d4107fc9a56b04d013e525a01780f6aebf8c9

Download Submit
/data/data/com.feyon.asystem/files/ad.dat_

Filesize
3.4MB

MD5
b821e9e1a0c65c27553957f550f404ee

SHA1
d25d0aff6edb7a70ef6f6a475fc12c6feb89060b

SHA256
403dbf15d8be09cbb9464ad09a4b9aee97c44811b3df7adaa1418a215ef49c4d

SHA512
9eb9437475b8b080dde92b01f8840f03591878e6f8fa74241a99a8428600e721f3cf6ac21966e8a9d8c599ee9f939699c4f19f5889287fb66c85a976afb1fe35

Download Submit
/data/data/com.feyon.asystem/files/bbb

Filesize
348KB

MD5
78577c3cde14597bd5a0f6dda3eaa166

SHA1
e5195f03cc9f5e8eef1f6eee7744095904b87331

SHA256
1e6613920a37a0b7b7da1cc6a88962bed8ec588de77b9a01638e4ab70234bec4

SHA512
bf2a67051ec36eaa01bed8d7e87e7a6985e7d32b8b2b438adeca563cfb333d19ee95d3642d3ef8c64b07d97b4500b3aae307dd2e1791f3e2f274e85e7ddca27e

Download Submit
/data/data/com.feyon.asystem/files/busybox

Filesize
1.0MB

MD5
94e5efab5f0115baab91376ebfb3ad98

SHA1
cdd4bed059430b078d0dd645314ef3e6d033127e

SHA256
10b4cf8acca6c32cc4ab376795b7aedefd0c43ae6446b628bee98aaee04e2c69

SHA512
46ad5e490cf9d42a0372532970a6742ae96d71f06532affd8c0a6398ea12adac819f8631c7638b83e584fb42c9f119265abbb5eede5fd854a330f890fd5145ef

Download Submit
/data/data/com.feyon.asystem/files/htmlv.dat

Filesize
26KB

MD5
0d7a4baf953be94478cb3ebd93c678cf

SHA1
05ca1a31a770b499b31a129c89c9ae5cea838759

SHA256
3a2d60d10f8e0f80fb61d59dcd25d85ce248c6bca1eab128d7be75688f4ecf6b

SHA512
2d7afe40b267906b81322d4e970c6c1acce3bc6f983d6e5141f488fc26e868f00df2fbc63aa559afd67f2f28dfe017fe1cf666603986a79f1f557a4f5e82f5f5

Download Submit
/data/data/com.feyon.asystem/files/htmlv.dat_

Filesize
26KB

MD5
575b9e2c2d24a063a8f8d20785496c53

SHA1
b6b794009f48a726713349f84562acc8684c8dea

SHA256
491d895c623cce92eddd4ee48f11934254c565d0c18cec0f2728dea18eec4c1a

SHA512
3a0f4bf00a482e5969a6e2c72befb1fd07fa2268bdb21fcf6e882943db13e46647b999df9faa4b88938c7c024d99f7837aaf9a6d5326fb6d06f797c7e21852c0

Download Submit
/data/data/com.feyon.asystem/files/ipau

Filesize
347KB

MD5
19e1bdb8ade412fb4fcf1357c04b5dd8

SHA1
2fadad4d622dd344716f50be0a0004120c729a05

SHA256
4121c1a775ec986439d3ee3cd649e94c7e5f9ed2f2801fd5a302e15d06c76140

SHA512
7db37a261223a64b52613cb569535405f029d750b16caadf64fb78733feef88f05016b0c1fcd3eec0ffe8cd9ddf65ba4f639ce4987b8be5425a0cc7ce77e9b63

Download Submit
/data/data/com.feyon.asystem/files/root.sh

Filesize
2KB

MD5
639b1e01354c810776b9f321837e8caa

SHA1
84783722c289df1f8ac63c98992530e1a832f51c

SHA256
eb2acac038c2aa54a08b22e6fccb8374e54b88ae21ad7083a90d9af95c2094be

SHA512
327a294e893731ac9f490238911cce5e3558ea1f2bccf5695110f932a9ba3f4769a4a10227e758ee2b39d3277c1d631db2dd7c387c34b70651f8317db1f67681

Download Submit
/data/data/com.feyon.asystem/files/root1

Filesize
11KB

MD5
12d29089a56a86f4e874eb07981933b5

SHA1
d8e9175a17127e2a57ca6b3d0afd3cc4a8a59e56

SHA256
d92c891820cb40a24e6db51a353022367dde7b4be3dd89375890c00dfe42e200

SHA512
c8826a80e9102a2ba1b5b0bdfd99593f055beaa14326c1cebdb35ad8c3280ca21050981261d216af9f8beb58a5897a158e2b219c2fe7e0bb84cb7cc31e65be2c

Download Submit
/data/data/com.feyon.asystem/files/root1

Filesize
11KB

MD5
4840b7d03cf020e6c79a1280fc255607

SHA1
95959fd2a0673e2bb593a68e4e14c5c620475275

SHA256
611bc0303def32abba80bb3aaf5013b4593dc509b87c3573791f0676a53ff838

SHA512
52f86498aca21f1217fcc0bfd1a633084d394ea33a1366adf61410aebddaf2682e681290087ae704079a76e3216fd5558dd69591844449056d45c2c6b0d240a6

Download Submit
/data/data/com.feyon.asystem/files/root2

Filesize
11KB

MD5
6785448552ee96c94e9325de29d1f429

SHA1
94928baa4430f0b40028e0377f288d9ffaaa7eb1

SHA256
c17c1222274d447fe0ee3a6e2cb913bcdfe679a58cb957d2f5e8bbc87669307a

SHA512
f7247d92fed3979f991416aed8f3e07efe07bda0c086573d1b76cb8432f55b4563419205b106b63c1a9982f03de3f8770595b49135e8ef119ff3df2e8fe4d0d5

Download Submit
/data/data/com.feyon.asystem/files/root3

Filesize
46KB

MD5
46db4bf9a82fcfeca0eec18952d92761

SHA1
dd6e2f24868679a37b195785261b7e57b7efed85

SHA256
84e0648010dfdca742c86e8cb785978d9123c74fbd0e46655cbb23f58bb3810c

SHA512
485c59ab7bd9721a56488727be03da89c75ff01bdf0a502125be09f439d22b2bb6cd307d8b78219366b3c7a5c136246449a27e68f22b4e160f23ca2e156198c2

Download Submit
/data/data/com.feyon.asystem/files/root3

Filesize
34KB

MD5
c7c6eaea579f351a9e0f4bbf21d6c9b6

SHA1
7e54599431d632491f0139988fd6ad78d9cfd210

SHA256
9244ddbccd042c5887d2a743035a93088c23868ca716ad6a0feaf155f9af5f0e

SHA512
8ebf608b49205c374a4c4f622f216fe8c52191d1ffa959812e580e50096276c20d0c1929e27df178e586b07f0cc41aa67221f1f66df98ef7977198810bd81e6e

Download Submit
/data/data/com.feyon.asystem/files/statistic

Filesize
347KB

MD5
e26ef8dbf9e109017654167f9430de82

SHA1
d45950e5869758693021f595a79000c43bc32310

SHA256
518ad08fc9c18c459dc8593f9fd8f26c327ab6cc921f442006e97d58453cd3e4

SHA512
efe066cbf5922b56e35262c0099da46c77e05ce67da23eea5c95f3e55f43beb547792846a1983b262671ae01faa11d4995f54886b731ccaa014edf7add3423bc

Download Submit
/data/data/com.feyon.asystem/files/su

Filesize
347KB

MD5
03cfbf1c22298db875dd0da56a827c4c

SHA1
83e918b2afcfafc91ce1058d7b80d1ed0b6dc46d

SHA256
13a2bf05aa04b3ccff3eeeea70ab110696df5d0fa06f4f2f14e303531e4c9c6e

SHA512
c60afb6f4e770ef2a9698f6b3b204d46fc6cde067150e4937eea0d0b859ae2984ddd418f5c9cb6286f8e67251c0d1c9d1b684227314a97f2ebc65149968f102d

Download Submit
/data/data/com.feyon.asystem/files/zzy_cjyh

Filesize
3.4MB

MD5
397b86b0576e5e590cab2af8fb755433

SHA1
39f6ea41bd27aead9a41a4fa1f4fb21b249d08f0

SHA256
060045096c90253967f398ddb22e1033783981b4cf0f155cf111f1c815adaad2

SHA512
155861445c462b57272ace7796debe6902e177d96277e1f5787d0d6e7f66cdfb86c76cb2718479f3e5d22fbd33cc947951cfd4cc23a8201200955bc1687ea084

Download Submit