Overview

overview

7

Static

static

6

9edd6bdf56...18.apk

android-9-x86

7

alipay_msp...61.apk

android-9-x86

1

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    26-11-2024 00:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9edd6bdf56eaf03d6f6c4b39aad63c34_JaffaCakes118.apk

  • Size

    10.8MB

  • MD5

    9edd6bdf56eaf03d6f6c4b39aad63c34

  • SHA1

    d6cc9607ca63f9502569c1029719adde91762038

  • SHA256

    7439a3f4cfb68ea281b8079cd132187b5432d8632022c062b402f548811747f0

  • SHA512

    583e17e403cca1c3f72eaa9b834089a192e52b9daaeb8a9bfb6e96bcdea815e459fcc0511a701946e26722a985da907a81a47b7ffe2f77da26241773e354b9fe

  • SSDEEP

    196608:suG3FGhNObo/2GTHlcQ3iXCXLZRc7g+AgEJd6qggY73vUaKRp5hOFv:s50qi2qHPSylRavArH6qIcDp5UFv

Score
7/10
bankercollectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
    discovery
  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscoveryevasion
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.duomi.android
    1⤵
    • Queries information about running processes on the device
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4254

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.duomi.android/databases/sharesdk.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.duomi.android/databases/sharesdk.db-journal
    Filesize

    512B

    MD5

    ded46318988625068393e422efbbfed5

    SHA1

    14a40fc01672e3d7b45191e4cc494f11c6940721

    SHA256

    ca4daaf73b5419584102ab5d50e8c7564cfc85f20037ea983a523c32805c3034

    SHA512

    027d8be34991f60e01549b39f1aa2f1281008eba72eeeaf0a5a03cd46c5e573648065024b6c541a3a84b794ffee28d61b6d9eebf438b2ebb708127ef759f5839

    Download Submit

  • /data/data/com.duomi.android/databases/sharesdk.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.duomi.android/databases/sharesdk.db-wal
    Filesize

    32KB

    MD5

    30a1e6049d9bcdaf51baa17c373093ed

    SHA1

    3760939343a18c248bc68e529ac64aaeb9fbe7c8

    SHA256

    21ad18d64d61db0b07482a3bbabfa591451034cdade1b85b019e05a84ac50533

    SHA512

    126a47499c0b07748872e1b82ced80473cb736725aba579b334889457e2377d3742c16eea82645057a88fa988a7eb2002f22e26807a24fe4056e47b244f548ed

    Download Submit

  • /storage/emulated/0/DUOMI/cache/-1468876515
    Filesize

    7B

    MD5

    ca5650566c6ab61917eb8bdd8174ab7a

    SHA1

    61b0e7910baa82fe26f8166c7a862257c3dfad16

    SHA256

    c665a983d1911231a2c99937cee92040518092e58639b3c71e38e8a82198eb25

    SHA512

    ecc23ecef74f2dff96a431eb8a938b8f0ade2aaa03dbf00643980f43c0abdefee9d6ba951749a39795fb8be3a3df67eabbce042b6b56910847c754cbb387dd9b

    Download Submit

  • /storage/emulated/0/DUOMI/docpath/playlist/curr_playlist.dat.tmp
    Filesize

    26B

    MD5

    ca3b3b7a6a624037f3a665d09e3fa3f4

    SHA1

    6e95464ec529a27f42d713944c0215514427342f

    SHA256

    1f584ea8bff3b311c742a133b75235945dcfa9a5fca0884d9e826e25e9ca4f89

    SHA512

    4ac022feb32044f8c7f512fdfd6efb1f1495d3f4317ac7316f17aa95deba75cca5602fd6d9b5151a4cfecbed59e1a0c769dc0f671f963f2eab667c57842f179e

    Download Submit

  • /storage/emulated/0/DUOMI/docpath/playlist/playlist.dat.tmp
    Filesize

    673B

    MD5

    50f74236a2279dafbcb58229de15934e

    SHA1

    1d153b37442459b595d9758e72b120875b0fcc25

    SHA256

    4d91388a460e82dacd79e20bd10d79918bd7a4f5d48964dc7e66d283133fd003

    SHA512

    a4c9d937fafd9e46c241baca430049e3c34ea82b7297fa205e45cbe4fd0e86ea45f7fd01408a05d798490466185c9f293ef372d761353133b7fd23fad750864c

    Download Submit

  • /storage/emulated/0/DUOMI/fo/EMF
    Filesize

    16B

    MD5

    e109c419a267a69f5db1e08a027ee14e

    SHA1

    8c18daf24d7431a310bd1944b75deeacf278c649

    SHA256

    6d422d1235241d2fac69e1b4e0087a9ce1b0b7efe1fe2ce624d1af88f478f188

    SHA512

    752a57c2454af15a1107a90c5b2702569fed037a113ec4b006ebb18b7acf86a44f0c5dcf4e9eb4ed1a077b592993d450f684ead8900e666840c4cb3a6e9b3ad5

    Download Submit

  • /storage/emulated/0/DUOMI/fo/TS
    Filesize

    277B

    MD5

    0bb413d258ec18b057e7ea53bee1df31

    SHA1

    d48d156db4495e3b85ff9b7e53859afef86ecadd

    SHA256

    cc7c5c06bfffd34d77a0a8444d2ce00f512d9cd8d2c0d2239cf583a8ea598b88

    SHA512

    5d7f3fca06a6c6d868ee5e6e2303680db6fcb1f3387beccac230625c82e8d05461d1aa1710da3e65061e0dc41a2b7dee167fcab0917a594fe0047a16d2f7f21f

    Download Submit

  • /storage/emulated/0/DUOMI/log/duomi.log
    Filesize

    249B

    MD5

    fac8df7a4e85cbdd3e8acb7a52eada44

    SHA1

    142ee738bfb88d3baf9ce7cdfc38ba291633157a

    SHA256

    86fe7958e65edf5c735f746c6559d8f157ae598fac13f434e0dcdf699ce5bf51

    SHA512

    fe23fb111b84faf93c271647b0f7be367831ce62125ee0345743affd7d0c111123dfd01679485d6036c4c91c493c0ba5303034a9f8ea87e12b9e373a4bf134fe

    Download Submit

  • /storage/emulated/0/DUOMI/log/duomi.log
    Filesize

    509B

    MD5

    ce5c5a806a37c2534bb0014fa719dfe7

    SHA1

    2276286edd1e181ab6024af63ccc435e44353bee

    SHA256

    5510c68f80eda3d3e937e4446178b5c8b057bcd30863dec7d528a118c72a8dee

    SHA512

    79679e4a0426b0c4663d4de596d86d8288b3fa3088338b38b34ca7346e64984df2091bfeece4a459f0d43da64a85f58394338908c7e5a8c9f289298aec93dee1

    Download Submit

  • /storage/emulated/0/DUOMI/log/duomi.log
    Filesize

    735B

    MD5

    ad1217ba14e065806bf98650eebdf99e

    SHA1

    f28b711bcabe361a467d91d13c155fea2007f57a

    SHA256

    4c6f83b0f0fa76cae57d911a723d9d33e1f7629217349a5922f9c61b5705d79c

    SHA512

    6f5c8885347479e708a530499b5d0668d2a8eb54f58e1091732557942f9ba9a94c8ec6eb5b2b6ed6e7604b848866d98dd16474bd70e7bf5b08c5d72038e3c224

    Download Submit

  • /storage/emulated/0/DUOMI/log/duomi.log
    Filesize

    962B

    MD5

    919f23b9b29790acd68094aca5011ebf

    SHA1

    c8efeff77cfdbcf3b6af639bb59d2e7be97330b9

    SHA256

    2f4896719cffc71742b4baf94581cccfa31225ee1db4507eebaead2318bd0774

    SHA512

    05f4ea534646eeeb4b8a605796df30c63e74fb8375f41d6a6041e2da2da242e0c39b936efdd344dd9b72c39c65e2d025dd95987fb3ff577cff5689bd6ec6ca1a

    Download Submit

  • /storage/emulated/0/ShareSDK/.ba
    Filesize

    377B

    MD5

    b63375785ce31fd414c1a19bda45be04

    SHA1

    10ece60712121e0fadd39a1f3b3a7dc89d63fbd0

    SHA256

    6851a2cbbbac57c3b436d57e9393472ee70bea4efd9444ccb7b05730b1b1c064

    SHA512

    7345360c808f3087059e5e3da45ecea405e742003e2f138b594d79dcf6230d0a1d9a2da3b4f0db8ff0ca7bd6ee257382ac3397fcc56c48cf2eebd94bc3d1ef3b

    Download Submit

  • /storage/emulated/0/ShareSDK/.ba
    Filesize

    476B

    MD5

    d3f75754d36346e29fd3d86433ffe1df

    SHA1

    c77ed1d956b3450aaf376336c054664aeaef36e6

    SHA256

    d75246ebc70269c5fa72ebb43b98d79f919dde05b9c662f5a42c38341ffd20ce

    SHA512

    e14b2f467b212296b1017463d25ce739f3197280376ae24f63b39a41f16b334cbe1ae1439a58b0aeeb52c56bbc4535277fc58451b5e02b3f41337e262c2e97bf

    Download Submit

  • /storage/emulated/0/ShareSDK/.dk
    Filesize

    107B

    MD5

    c9383021bd97affc44be4db7018c4d7b

    SHA1

    7e680409d1c86e35149bebc22f2cf8c484f0d23e

    SHA256

    b7b7e032170e3190a84359e5c37adede1d58b6bf4c455ef0c01f73335709bb65

    SHA512

    7303f068da97319891e2d25c1c737035f1cfdc365d75d954102b612000e54d7e2b5dfafe10bdf909563e2b46ec3ff9e546423bff6f0aa9496880eab1c1c36a81

    Download Submit