Overview

overview

7

Static

static

7

AutoKitools-v1.0.apk

android-9-x86

7

AutoKitools-v1.0.apk

android-11-x64

7

.jgapp

windows7-x64

3

.jgapp

windows10-2004-x64

3

libjiagu.so

debian-9-armhf

1

libjiagu_a64.so

ubuntu-18.04-amd64

libjiagu_a64.so

debian-9-armhf

libjiagu_a64.so

debian-9-mips

libjiagu_a64.so

debian-9-mipsel

libjiagu_x64.so

ubuntu-18.04-amd64

1

libjiagu_x86.so

ubuntu-18.04-amd64

1

Analysis

  • max time kernel
    483449s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20230621-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20230621-enlocale:en-usos:android-9-x86system
  • submitted
    22/08/2023, 10:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    AutoKitools-v1.0.apk

  • Size

    7.5MB

  • MD5

    1ea4d12c9646b0b8f7d10a0d9838aad1

  • SHA1

    9c2f05f3847498eee0035bf27e799d91d8f500db

  • SHA256

    25c674badb8516017bacf3f7c6c69623e9bb699a896c07afaab92645afda58d0

  • SHA512

    73139b278844f7e634344272ef8cf416dc5554c36a3f59623ed28f7d63d5fa26485e089928803d50a159f6633b2ab81d5577c22de026d8d5aa2e2b0b67073690

  • SSDEEP

    196608:rmnl+HXTLALg5nfQzCIAIoio0XfCBdHXBmrdRkkdmr7:QiXALifJIpoh0KBVrkE7

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • cn.paplink.boxsettings
    1⤵
    • Loads dropped Dex/Jar
    PID:3986

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/cn.paplink.boxsettings/.jiagu/classes.dex
          Filesize

          1.6MB

          MD5

          9f201424a1ff812976ebe77651d84841

          SHA1

          919ffb8394188b6098d888e2403ceaff5aefe42d

          SHA256

          90f827ba05ce6d7024a9e28bffa0cc569b640bf3de88e921ef835863fd39fd7a

          SHA512

          5ec0001b81fcd7e3659881244c3d5e97b85121a40291c60bb69f14133f0fc7c7d555a873d08917821d36bf3275d127d6ee78325b580f302982a943c861808cab

          Download Submit

        • /data/data/cn.paplink.boxsettings/.jiagu/classes.dex!classes2.dex
          Filesize

          91KB

          MD5

          eccabafe45422bde1dd8c1ece9e2e104

          SHA1

          728a6673b9de66483e2f95949b927dc4020312b4

          SHA256

          45936db8e925c6de53cda828b07e3db0cb8b7d11b54239d2369e78e1921ac74a

          SHA512

          2d4827120423d72aac710734092f6ea2a1721121a52c05ed70d2d98b95b6a95c6bc3bd6873ef864116eb1b9d493d3dd3d8c0a65344d09f534cd6b8ce4421062b

          Download Submit

        • /data/data/cn.paplink.boxsettings/.jiagu/libjiagu.so
          Filesize

          707KB

          MD5

          678b5f4f8ef4c67705092576bccafecc

          SHA1

          210b1b3267a022891b823120480631bf67391225

          SHA256

          6923099f67e6cb93461889f96d8d2d8b704fdcdd7fc7031114e46a7533527539

          SHA512

          884156f0a3893f3bdfcaad557a2c8085622c24102dd94991c3ad812e5664d7947f09eee38fd5d7018d156534861e30f76140a0fbad45e3ac425471ea2f819571

          Download Submit