Analysis

  • max time kernel
    147s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    03/11/2024, 11:34

General

  • Target

    8b4733a23fbf49a0e2e51648df5f1fa1_JaffaCakes118.apk

  • Size

    395KB

  • MD5

    8b4733a23fbf49a0e2e51648df5f1fa1

  • SHA1

    d3d7c089283635871557da23decfff4ea3d93783

  • SHA256

    c92777162d08e056f6f26c21334e123e9eed66e7d1093ec45a28ffb427655479

  • SHA512

    60ed46ccefde5ad7a65d53fd6d4d4f89642c738cebe9aa5b6de3c9eaddb66369fbfe73721296942712ab089e3f7cda4c65b0833cb0440c8cdf5584ebe6f96ed3

  • SSDEEP

    12288:JaK0WTK0Wzlo7bkvEWP+0LJtwtyaqvM16:UKvKNosvF+CF

Malware Config

Signatures

Processes

  • com.as.ytb.a7
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4974

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.as.ytb.a7/databases/aqad.db

          Filesize

          20KB

          MD5

          042da595c1b281d8665efe7d8023c92d

          SHA1

          c3b3f6a9e1a8e07665bd2adc535d3b6049d535d7

          SHA256

          5e1adddc1a53b9e7458bff0207e3ad5e247d6e54415732fd36070859f748611d

          SHA512

          c0cf142e976f69c5d6a1c7cfb179ab8c01a123b6544c802dfdf9d053ff4153d317bf25c2a6f19244fbd452eafbad285a6e8c86bbc708f49ea7a9d3a346acb6c4

        • /data/data/com.as.ytb.a7/databases/aqad.db-journal

          Filesize

          8KB

          MD5

          d3cd551a00fe6da9ead846c098af3fa4

          SHA1

          581eb6679134627ac607d05e21321c9b39f50251

          SHA256

          d7ca239236ed838426aea69f23210310e99d0d575adccac3a7e63e688ee91974

          SHA512

          e23bd38fedd200dbbf2d865395e23a3e20239e85fd321563111b528ccc37efb5296749861d89cd792890497773fd24137dc12a742a5148dd9d97deacf709fa33

        • /data/data/com.as.ytb.a7/databases/aqad.db-journal

          Filesize

          8KB

          MD5

          cdcc62b884004d54fd5c3d753642355f

          SHA1

          4091ff307fc3f2a35c7c43bff39f055e266d8223

          SHA256

          9117782aad617003e2d3c8e05ffc6e77a6429027d44729aa1d4f6d24085270c0

          SHA512

          67bf3fc3695dd1483a5cebbe1eb24998a3ece155b84bfc664971886f1923d5fbccbd04e825d4564ecd4f8648288601e99e2a45412bde4ede56ffeb0c65186e4c

        • /data/data/com.as.ytb.a7/databases/aqad.db-journal

          Filesize

          512B

          MD5

          385e6dfee9cf0cb3979441e1346fba6e

          SHA1

          f8dc00e3c1719dcea65c2fdf8173fb128386e918

          SHA256

          692fa63e06a5ec15785fe3b3f08de410c96785e11f8914fc3362b11d9d2869b7

          SHA512

          a319288642857c20aaad4596282f46f132f28712f472cb138acb7d1c5835f865c032ace9ea5742f88aebb1d6213f3ee21ab29f4c81c3fb6a54f6c38e71c950f4

        • /data/data/com.as.ytb.a7/databases/aqplay_downloads.db

          Filesize

          24KB

          MD5

          ddb602583fd836b25f26fbbe4188f4bd

          SHA1

          d7cdd3ec9f464313dabaa49da87715667a1d7b32

          SHA256

          536a89450c4de446cffa3c4ab0e72e85742fad3f18984c56da483bb63f1ead7a

          SHA512

          84af37540e36e56d0a32378de4c96dc1478aac4aaca668f295766d5d0d0fcb17ea216cdc3f97c98ac412cbac7a32575c5d0015ea345890d7bd85186a5cedd8f8

        • /data/data/com.as.ytb.a7/databases/aqplay_downloads.db-journal

          Filesize

          512B

          MD5

          bee4051f7cc273d1fbe34cfd45e80aa1

          SHA1

          e852b65aaf40d946d048b397c6f96598657026c7

          SHA256

          071c24d3f1e79550f832a7197ebf61b0edafb0b5d9a868675db8b70ebb4fcfd6

          SHA512

          509dd9c4aeabd0864c37fc8bd939f8bc93213c2058c689bad4827b32b9f81e3ea272efa23bfd1a49a136b6614e9351a92fc43c2d4b1652e3961c6b83bb2fc1f0

        • /data/data/com.as.ytb.a7/databases/aqplay_downloads.db-journal

          Filesize

          8KB

          MD5

          52446dca45b001c5cdd4d51c63153a62

          SHA1

          bdfb64159cad3e006dbc2ec2b07b339b43f1c9bb

          SHA256

          f7babcaf388f6f9bc0ee6d0599fc7b5d34fa1cc367ed852be180451f61ce0a00

          SHA512

          1f43f9a5b64a4e9cffd9bdea50ecabcb8a3bc6c679673b1407f23550991cb5a7b9a1fe3fe94f553dcd11d2ec1b6e75116cb51f80b94137bf5f15458a072dbd07

        • /data/data/com.as.ytb.a7/databases/aqplay_downloads.db-journal

          Filesize

          8KB

          MD5

          ced01da2363f2992dea7eb9eb7763e5c

          SHA1

          8a9c70157c59c7119aa2dad44761f82d45fc3041

          SHA256

          c9025138d3798e820acff54ba5a3d0a001d9be077fa085d9df1dd9e69ea6477f

          SHA512

          b56f957408594873b1988daf064ea9685ab3d6a5c4f20d79f6c15466119fc68e0f0ea225056f3477d8da7c2dfae70dc6c32a4898022dde128186280ec1ad53af

        • /data/data/com.as.ytb.a7/databases/downloads.db

          Filesize

          20KB

          MD5

          08fc24ae27ee94c6f746b3178d9b6fb0

          SHA1

          ebd2129791479a48d1c9591c850f22ef940dbc7c

          SHA256

          3beada60bdd817274ec656692b9a8564957acfc3b92b5d3afaad873f80adcad2

          SHA512

          3ea6d418be35cb50916c08823d4183f1dbb16bb7c41706379e8d8fe877c10c74004dfdde7ed6393f50c253f7793e215f35a6f7d4104927416efc9190975e7d33

        • /data/data/com.as.ytb.a7/databases/downloads.db-journal

          Filesize

          512B

          MD5

          d4b957c680846bd1b684e111a601afc1

          SHA1

          e34227fea6894c4f1346882b39da72c0cf303035

          SHA256

          f6c4870a9359c84523db11b1ae29c53bddf23aa93e5e6ee68ff960cf5987dd19

          SHA512

          d90e2a08d0e1b6ea80b6e9c0df6d0b54827040a48a80443a25c411be438407e673177504f022a33260033f74ff70dc6a27da4a86da31f53f6ba984577dfd2d5c

        • /data/data/com.as.ytb.a7/databases/downloads.db-journal

          Filesize

          8KB

          MD5

          4c0eb0a9b3145cc51f6116e237f67d0e

          SHA1

          df6db421fc5d010401851b9145471608f1fcc88c

          SHA256

          73c0efbe9052baaabce472a1539d1ca69babe8f2e09fdfe472afa1b992a5b084

          SHA512

          c7d92c4f56278f4142f50cdbe84db1c29fe8d08c9254bfd7868cc0796d9f3da91475a503d3dd91dfc82990b470272485783176c2c88ad09f88fea457526c8ede

        • /data/data/com.as.ytb.a7/databases/downloads.db-journal

          Filesize

          8KB

          MD5

          9c42c9333488d8d2eb236f8900ffeb74

          SHA1

          23f0bdfde977a607d5dee8bc9cd151e2741604a6

          SHA256

          5d79751bc55ac7b30b79a488173b23bbe32c30bde1571afd02ed7748c43bc13b

          SHA512

          9e8dcd5b84e943da694bd49b09d705e918475ab25fe7678991dd9affb461ed8fdf13eac3987a2635fa6872bebd7adf27ad033d9cec8ee8ca42e2f4d5441d4738

        • /data/data/com.as.ytb.a7/dexCache/classes.dex

          Filesize

          300KB

          MD5

          1d55cae517be1f69da2dec1347b21f20

          SHA1

          e75d4cbdf2608bae5ed34dfee93ca7b76e9e5b29

          SHA256

          fdb0ff8e617b44275d17d7198356363c499a10268d4208d6be01c7f9032353e9

          SHA512

          a6615c74345a2d33e261a631a96f7dff55cd3ab47a62990fc7177030fa4d3f28166ac65f3d0e781051af51979ae73e54eca2ad28af625c285890b2829e385e0c

        • /data/data/com.as.ytb.a7/dexCache/classes_dex_digest

          Filesize

          256B

          MD5

          36dee462c0ea21a278041691e272bb50

          SHA1

          32e5419759054b113ee6a8a93885693f148c0673

          SHA256

          7de597c28a059bcd6d1ebd980e80747a8c101db43399c5f32b52ad327ef023ab

          SHA512

          bf252ebf6c49f11451ff89ae07aa26cec1b61f3e7c87b21e25a4c23a86f7bb8163772a89cba5e94b5f73c45209b39c43ce44e492e357783d1cb36604516e36fd

        • /data/data/com.as.ytb.a7/dexCache/clde.zip

          Filesize

          151KB

          MD5

          c5e95f065006412e1fce4950534688ff

          SHA1

          3e63d3a91dc6d43b344130f5394d99c78f89e203

          SHA256

          e6b674fe6603d0b1027c0ac173f2d40771958386a3741ce0cdccf2cacc3a7eb6

          SHA512

          6e6f635e6eff50359a18b6a89e80bb258e7f644bded3c537f7a74ee87ba31db24ce296d565b78d33c91a8179230acd97d09a6b6c2a7b98471b89889c83bb92c6