Overview

overview

7

Static

static

6

9e74807e80...18.apk

android-9-x86

7

Analysis

  • max time kernel
    61s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    25-11-2024 23:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9e74807e804e9ac8df0e5766c08bd137_JaffaCakes118.apk

  • Size

    5.5MB

  • MD5

    9e74807e804e9ac8df0e5766c08bd137

  • SHA1

    815037f05467a01cd9a4b4cb76a73ca5abfe9e60

  • SHA256

    3d5cb707d1f0a966d1726059739e17ba229ffde8739cbe98fca2496821906a5f

  • SHA512

    bc4247bb1f38e3d2e1d3ae366e97a50c5068c996d1bca3094b916f578b15beaf1f852e0b7772e2dc7bb36c14d7a2f97562304cdb097c9badaa367457d246e079

  • SSDEEP

    98304:/XkyjQbf3qJ7hZqtgxPItA97GBoPRQl1WVQb5jAVOoa/gphkvQKWcnKOxJdnL:vxkbfq7LTxPSBkQ95jgvh1itPB

Score
7/10
bankercollectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscoveryevasion
  • Queries information about active data network 1 TTPs 2 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.baidu.appsearch
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4246
  • com.baidu.appsearch:locationservice
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4326

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.baidu.appsearch/databases/appsearch.db
    Filesize

    100KB

    MD5

    d6c6b22ad449556b98baa14a36250501

    SHA1

    08b43f6ba8c5524e6932bc0091f6042a298d72ca

    SHA256

    b575d105ffc823f538d40cc8e9fd12a0149f6a49dde518951e23f393f99f205c

    SHA512

    001a058c40a0240b20a9146f345d9e0e9fdccff82ea2324ac6180be2e9fad85461eff68bf15e17b030200cbcf0f9ab97ad6faf8f048266ea683261a3e493027e

    Download Submit

  • /data/data/com.baidu.appsearch/databases/appsearch.db-journal
    Filesize

    512B

    MD5

    83f204d1665bcefe9b74cbc460886f7d

    SHA1

    62cdfb5ca03c02c3b538f760323a94981e759bdd

    SHA256

    3a15b1ba23bc9e9ebd16eb437fbcdfa4b067a8694ef505818eb2930a907aff99

    SHA512

    10c6019d8573da14ee4cab61de301c53f22ef2246387d4df58e1204b3a47692b49db39e7818296f9412395bda13d71a496a543f7991bd02602d1c9a99eb11e0a

    Download Submit

  • /data/data/com.baidu.appsearch/databases/appsearch.db-wal
    Filesize

    410KB

    MD5

    6f2c9e3ccd3b072673fafb35ba3d1999

    SHA1

    a24c96ad72db0c40d7b99a7f7dfd7b53d888f4ca

    SHA256

    cf2a8abf3686957c697f6ddd77f3578691d7dd13574f26dffc575e52363cc831

    SHA512

    66a825b031f7a71706a37aac070d97aea39a1bcb26d556a5f4440f8789a0743427baf9748cdcd050c88a96541ea8a88670157b9104a74ad7b703968d4b8263df

    Download Submit

  • /data/data/com.baidu.appsearch/databases/bddownloads.db-journal
    Filesize

    512B

    MD5

    7b2fb12414b8bb745132d82bd2e9c129

    SHA1

    cf33df9df27af87d6d987f680b2c31aaa900ca08

    SHA256

    252dd60e46767deb615925ec7216cad6655425ef0c6719f46cd140fc2793b46e

    SHA512

    f9cd915c7b8a2cbaef3b9dfb75c53b926855746e134e29bd6258d85c3a0703b9336c039e41d58793ca601c248f9eeafd0c592202173d3b3b6957ec5a683a97a1

    Download Submit

  • /data/data/com.baidu.appsearch/databases/bddownloads.db-wal
    Filesize

    32KB

    MD5

    89c06e6999d8846c01cb844198c21184

    SHA1

    5927e145062c7e08e3a23f9c4ce11985a448383b

    SHA256

    ee4deae845b2a9495180bd7dc7994c53d8ba5686d7a6692a9e7b5a229a594a90

    SHA512

    b9a6c60cfb4302ce4c6066dee1bf029f97d69c47b2ed8dd9f6564a2f295f68723b9db3b643dff427ae1994b079be73a3987e521479d5e5ee5b56e4bc9dd82555

    Download Submit

  • /data/data/com.baidu.appsearch/databases/downloads.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.baidu.appsearch/databases/downloads.db-journal
    Filesize

    512B

    MD5

    29bacdb8b61e3134e28dcd46aa77cb30

    SHA1

    58c4f7993d913c966b8eaeb0d86305abe155a6b3

    SHA256

    eedec148d19e229bed33c593244dd2bb206511755946da69a33540a2ce4dfc27

    SHA512

    95d48fee12f5bcfbe655ea74b2b974510589e80b3ef7484eaedc42fb668a94cbcb515e70ec8be56fe24cbf6f879aa5b63d7eea3ad948df67701bb15d9025b8a2

    Download Submit

  • /data/data/com.baidu.appsearch/databases/downloads.db-wal
    Filesize

    32KB

    MD5

    900cbd07f1eee4b5bacd479d9ebbbe30

    SHA1

    7258702da6bc4e053b0f74e161a3be3826637271

    SHA256

    ec2cc83bfae79e397c5afc2b595122f8cacbef36c9cea190c7e31bedf9b088e9

    SHA512

    cb83d2e4add598c53d946690c1d6f3fd5457a8ab3adc5a4e184c54278ee205c3dc360426b9e060166cf4f62b7343791f96939748efdb08bfc9dbbe96725f3ddb

    Download Submit

  • /data/data/com.baidu.appsearch/databases/myappstatus.db-journal
    Filesize

    512B

    MD5

    d6b2229986a289a8355b5e04ce56301d

    SHA1

    f51bc36f3268fc91b7e199bc0b6101d5e4dab9e6

    SHA256

    3fc99acd120e3df6c9ddb763422dde6cfc45110d4b9acfe6a7e14f80c1c5e600

    SHA512

    24edc698f54a028548bf77639c6ed4732cdd0a174bde315cc656e05bb3c0f7f9349769dd6e566fd7cbed78e1f574b3628f6e640e1cbe0182f1adfd2234307db1

    Download Submit

  • /data/data/com.baidu.appsearch/databases/myappstatus.db-wal
    Filesize

    16KB

    MD5

    30cd66a7703714e820a9416764dae8a5

    SHA1

    d31c8baade124519025f2928ce1105b9da6cd2bc

    SHA256

    8369e2ca76602e9e8c4ba998bb18435ba11cf4ce590c36f875d638f066b6def4

    SHA512

    663934f53cc0c83489bf36496c7b5f641339465778f52a09aaef9733430fb985a1dc94cd53d1c9dfcbc30202623b91d42096008b3b012583f793079f1fafb005

    Download Submit

  • /data/data/com.baidu.appsearch/databases/server_config.db
    Filesize

    4KB

    MD5

    c42775baf1b7fe44570e37fc945703cb

    SHA1

    0a13096e3e50c2095a66784cc146a8b265be7b04

    SHA256

    98d5a29dfb18790bd0772ffeb78c5188a1b93aa8504f3e672af7ed05e82cc939

    SHA512

    db53b9ad388ce723c0d9de9b2b30fda710ed2248d070b148eade00dd23264f230230efb927f8c9f2a928f9cf1b1d9b28fdd81c3dc6e2f7314d68850add4a85f8

    Download Submit

  • /data/data/com.baidu.appsearch/databases/server_config.db-journal
    Filesize

    20KB

    MD5

    fe644bf9ae47accfbd71fa1e06969618

    SHA1

    2465930b7fdcafce7053a971db30604e0c930d9a

    SHA256

    0679994901623e8a1338396703863fe9945b809980146bd343ab13db096c4776

    SHA512

    7d7ef4767e5b27adf9ffed163ff2eff605934afd40ef04cb07a1e9257e2f9062632c77f8b3045e400dad9dee90db4a849438e6f2b1a17bc185bbcff2996cd886

    Download Submit

  • /data/data/com.baidu.appsearch/databases/server_config.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.baidu.appsearch/databases/server_config.db-wal
    Filesize

    32KB

    MD5

    c7f838ec4eef5f6c4fced1cf895c6482

    SHA1

    549c393b38cd223165fbeca46f0ce09d568d5e60

    SHA256

    082085b3208336ede9588c60a5ab9c2359592b186af8bda7cbc7b3dc4f3bf76e

    SHA512

    70634d97bbd7f433e15f385551bb66cec2de0e45287e337c480b67743e6a7168ebe5b356283b5fc8be5d51fc223a891912e7c1f7e4df5fcfb5a3b47743906859

    Download Submit

  • /data/data/com.baidu.appsearch/files/hidown_dir/crossdomain.xml
    Filesize

    203B

    MD5

    dcb95a11389fb00f2ba8e26d97b041f3

    SHA1

    9d44bdd7e44075c344cb0c3bcf7ddbc7d89118f0

    SHA256

    68e557a9be8508b6a602a5c08cb089f68008711ed9f4e7595d5f25d832b11f3f

    SHA512

    71cd6c5e25d2c1bae3ebde034783e5402e52665cb1ce71d28e955071cb95a1a56b39d44cf8aa7548545a0c07d5916913d4bd3c9d98e42d03269939ffc8823d00

    Download Submit

  • /storage/emulated/0/baidu/.cuid
    Filesize

    89B

    MD5

    a53830c92da5e8ace883f3891d8b47a3

    SHA1

    90d24f0c6e23d2e8c497a297e1dc72fcbe90af9a

    SHA256

    e63bfad4d7a059f16f84b72b64d46912669e1c7f24aa34a635acf1a5266a23c5

    SHA512

    4ea37b3bd40bb3c9d27d53d1cb0d8fbf0ffe6da7caf9752772340e3be1022f1e1ca566aa45eaea1fed3bcb48ee28d5889264c344d5896b3c9d42b84bd20fae40

    Download Submit