Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    03/11/2024, 18:08

General

  • Target

    8cceef6859cdee6be42adbd542de77db_JaffaCakes118.apk

  • Size

    9.4MB

  • MD5

    8cceef6859cdee6be42adbd542de77db

  • SHA1

    bf0feb57ee3ca52b06c3f62d5d206b64f898cb50

  • SHA256

    f97141d8d2262d927c34db678fdaf9ff6960c264e715bedbafac7f783d7499ea

  • SHA512

    b56effc0217660a1d2ebd426285045b6454c3fcd1d1bc3b9947df52a4d94243166275de826180b79cc994c781390c954de7d6fc363ca754b9d936422e5c3bf6d

  • SSDEEP

    196608:ZsVdlwQp8iTLoFeU4YlDBUADbJVs4qBLG413Ji7FTV1Lfk3SVqKJ:ZsJd8YLNAlDRbJe4WN3YFHDk3SVqo

Malware Config

Signatures

Processes

  • com.swanfly.lobdwjyx
    1⤵
    • Loads dropped Dex/Jar
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4249

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.swanfly.lobdwjyx/app_jc/dc.jar

    Filesize

    51KB

    MD5

    17e76adc46244c2eb8240f6fa60ea08f

    SHA1

    1b3f04099dbfaffd44b175f2c70443d64652c02c

    SHA256

    8c237818675f2ab34fc3ab2a3b0123621bfb6986f9f3e51bc19bcbf53f40e19e

    SHA512

    110426e67ececa15a31214f06256aeb70e3984eb925becff6a9193600e52f3326939a1102b0e5f42ccc2c35ca5f35653668afda0c65409cfe5f1bde4eae5844c

  • /data/data/com.swanfly.lobdwjyx/app_jc/tc.jar

    Filesize

    51KB

    MD5

    4c04c839c4c1663e740e6b9a6f2b6938

    SHA1

    727f1d98bcf6619fea747d1e0e1744c8a79b04d7

    SHA256

    a0f66d4a51dfe41f03e551c00ecc18b276b0af74c057f5af128ebc1751b1930e

    SHA512

    9fe91d59d0887f7fe99604610884be1a7bad463eca1bd3808a74a5466afac2549cf6d5d1242dfce0ba2999fe595ec7bfcf4ccbe6bdd3a1260beb020a457a1dcb

  • /data/data/com.swanfly.lobdwjyx/databases/cpdownloads

    Filesize

    16KB

    MD5

    c24ad6a897ed9afc6f6a525c81572db1

    SHA1

    b907b6a07dbe7b88e1be3cf6c50096703a1b58b9

    SHA256

    ebb371bc7e91e49add5517321d6c7f02dc4638e6c0b9c51f57ac03e92f036762

    SHA512

    fc5d5a66f1ecceb52f034443f1bcfc738f5871436bf6dfe2e568bc2dc2e40a37f61042317261fa1a4d8dcc577d78b95123970e4f8d5aa199be732ed23229bc1c

  • /data/data/com.swanfly.lobdwjyx/databases/cpdownloads-journal

    Filesize

    512B

    MD5

    29bba90518c9921fc34856dda8803989

    SHA1

    6bcdd8a45f795350f8ff7af7478c8d4508371e4c

    SHA256

    683bf8f66b4c6910268e7014ffbf8e4103123f15f230853a1d4d2fdc9fd22ba9

    SHA512

    ffd12b9ea61a46e3fadbedfb706b1b3b3c0e379f5ee7afb4135ca0a1454ef123caa7136be19994c4851a6ade86f748b85583057c3fa3d0bb1775e34f98c01f7b

  • /data/data/com.swanfly.lobdwjyx/databases/cpdownloads-wal

    Filesize

    28KB

    MD5

    7371e4fc75a4b42e376110b1b72415fc

    SHA1

    910d4cdc98f297684c9219a983130c1c99e7e97e

    SHA256

    a89755ff7684eefbf9f55c3afcc81aabbcd11c6ce13ac51a78095e9c2397c2bc

    SHA512

    4e06fde16c8e927ad20234e27b304fd7b4995f573bfe5fa5fe8751dcaa5d2e62bfdee38469c8ad12e7d85caa0e820f84a652c954f62b31bba308c0ae0977b375

  • /data/data/com.swanfly.lobdwjyx/databases/sldownloads

    Filesize

    16KB

    MD5

    2750adac9317748db4174d805e7dbf27

    SHA1

    88df93ab99971a0aab9d9b16f309a0109d72c3ef

    SHA256

    0da0ffda3419a83ddd919ba7605d052aa267961f9cb6cd4f14ad15e1e4c92f22

    SHA512

    b7895578ce975ce0a9416fcc403547afe873bc52519667a0c441e6f16c32a8bbbbfd5111b3a22e1ee5a9d32070c03bc6a4037bb4d85fc8b289ffd0c5944a4945

  • /data/data/com.swanfly.lobdwjyx/databases/sldownloads-journal

    Filesize

    512B

    MD5

    8a9c2992813d5b3a2493607e78c2f744

    SHA1

    1c04b3c3dd7ecfc45dffbaa47eb3b54b58644ca7

    SHA256

    a7ec3aab56304d19e034371dd1803b0858402f0c1834cbc2de426dcb7ee8a575

    SHA512

    d7341238e1d7a8032a7cd174554c067a9fd90343847b1d238ca33a6e5a5025929e94c0510b4c7703e59b793adf6f9e2507fabced51489e6540649853412d9dbb

  • /data/data/com.swanfly.lobdwjyx/databases/sldownloads-wal

    Filesize

    28KB

    MD5

    6744f7773cba4d59a3670f4ce894565b

    SHA1

    0952ff3ebca616ec4bb2543036d3e6f857d0332a

    SHA256

    cded3e1624f69e9ba93cfe4e9633a35ebbe1f588ae99ab742d39f02cf440eed6

    SHA512

    d8cde83ef7b02be5b3f111a9a0f4b4fb2e96eee80bd0819c4e89ad1f49da1c7e76088c68e2a79c9794f3af38fbc714d254180c2dfcc465f1cac08589ed149dcd

  • /data/data/com.swanfly.lobdwjyx/databases/vdownloads

    Filesize

    16KB

    MD5

    f5caecd4d0feba797eb54a06f01c1012

    SHA1

    7671a267afb8fe5fdd28a8eade9aa9d5aeec711a

    SHA256

    8221cedc03b2457c8800965a5001f084511e3ef0cc6e7cf63ffe235330dbfedc

    SHA512

    83f7973b709da245b82e57ac6266f3f72e6c6a6fcb8704d5b134a8c323e0d9634e72364dc69838e5a409a59ad16bd81ba1dc684c4ebefa5192816adcff1ca8de

  • /data/data/com.swanfly.lobdwjyx/databases/vdownloads-journal

    Filesize

    512B

    MD5

    51ba78c29e880574f95603a30c6759f1

    SHA1

    473edef891b4e021bca043b6355d6c964dbbad50

    SHA256

    b7bb6a05374458363bb7be8be137a6b1f20e78dd9a3c83361de0dfeba67f0ea1

    SHA512

    2c336ba46dd6c7bed37d3e1cb71db416338e36fbd78ea72475ce58823c5e9ae927ab1c89fa5a2345cbe367e60e0609e6494ed9b83f4e817e8261fe3f0213c061

  • /data/data/com.swanfly.lobdwjyx/databases/vdownloads-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.swanfly.lobdwjyx/databases/vdownloads-wal

    Filesize

    28KB

    MD5

    55220d48b28e29e0451f0689e2b07b6a

    SHA1

    cf71244f1b5807234fa903915c8538248424f86e

    SHA256

    65f44c8e1d007fea33846c243889698c96054cb9255a75a79e990028d4d75435

    SHA512

    55e20571b11c538ed3b2d24dd3b2fe09641756f860a5e7458a2f8bfdac4f0b6caf60c9522c77f3648d159293e8625a1768d79b86c94a45307593ddbb32f4a641

  • /storage/emulated/0/Android/data/code/.vapp.dat

    Filesize

    905B

    MD5

    741fd87a8a9ba8eae387dabd17f907d4

    SHA1

    1c80ab063ff2b308120d7e4bd1d68423153c3ca2

    SHA256

    674bc5f6f6362bd5bc2096c182729803f5fc631101f6ea681b35ac0370509cc0

    SHA512

    8187cb51753fdf114ce53943f8513934c1e2d4f6c16553f1e12b93343b04dbf56efecde1a88f9fb4082ce983058b1f9069675ee7c04f719f0db2c6160aeb87dd

  • /storage/emulated/0/Android/data/code/ljk.dat

    Filesize

    58B

    MD5

    2b53b6b030d7bdb5da6ea0d501b6a165

    SHA1

    fa4e9e8d724d91963a3fa3def11790559cac11c1

    SHA256

    d8209526853a232417c586b6c130ed3ec53af8a2928b95d032ddcee37b4698fc

    SHA512

    dceddb69f3c907593c47edd56cea3b5cd68e560f020244e6abf9e63c58263d38b36e8736617758f2c5c7292bffd815af44fee3805217aa9065cd143e0599b128

  • /storage/emulated/0/Download/cp/time.dat

    Filesize

    15B

    MD5

    39f3ef1737f6ba2485a4b2b68bdaefd8

    SHA1

    14c4db5d40606f6aa59062686d6171a46f0391b0

    SHA256

    5c48f84b438c21cbd530e73fac331bf2c82ee878cf965d33fedc1a9e1a189504

    SHA512

    8c296a2d3311451eafe9313d93c6ae96a384428d253044347a543120b5c0d549bc10b65a204e46e4d23c3bad0aa6e7a36b1ae342b2de67e3d61a28850a934ded

  • /storage/emulated/0/Download/vgp/clearT.dat

    Filesize

    50B

    MD5

    c95cfb0ad189b04c48ad9ac77e629a61

    SHA1

    eddebc3401997d53ea90370512138be287dbf024

    SHA256

    d14db32e91db77655b327f136d839db837e5235b47d33adbebc5fb2b1ac0f264

    SHA512

    f83d3b91b08155692b76bd5f2d4e075c84612738b0a491f130dbd73ef5d2a44402f64de08fa31e22e27376f38103574e7d20d47ae43f5e5bea678ef4fc545fc6

  • /storage/emulated/0/ncache/afeq34u312.jar

    Filesize

    7KB

    MD5

    ce8bb67556e0b26dc28ecaae54476bb4

    SHA1

    8adc1899753a24d2028959a63a1e9ef98d5fd91a

    SHA256

    eb099c07a453c2d97c2152d103a4efaa3c8b3e25c99bb3c0f943deabd6df1827

    SHA512

    d9cb81e8456f4164ae8d188e9a82627472004143842d33b80262fd4b09771359f75275af881420e7f44a25fb8b148255ed6840805eb942db77a0961b853ff9ea

  • /storage/emulated/0/ncache/afeq34u312.jar

    Filesize

    13KB

    MD5

    12719079037e160d993cbc122cef5ee2

    SHA1

    260a575f54b79624ae822b4caffe5bc25977ba49

    SHA256

    54ac1093d6934779ac41fdf0ac91efbdefa782d10fdef9c93af7018d88cf3c51

    SHA512

    64fb047d12c44ddccfefb1c428fa2fd731f2ce77daa5868f97b325bbbaab2ee3654f09bd1414d41970c7e09d40465acbef2ab177ee1c748fb07f3004ad62da17