5da900f210699ef491b05acd9683242b563bff2004291ad087ed0db4839c2b6b

Analysis

max time kernel
7s
max time network
138s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
27-04-2024 22:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

03c1c59b43a10e50da2973c067d2e30d_JaffaCakes118.apk
Size

30.8MB
MD5

03c1c59b43a10e50da2973c067d2e30d
SHA1

b1c4e42e65f1863e6f7258aa2cb4e57fd0aae91a
SHA256

5da900f210699ef491b05acd9683242b563bff2004291ad087ed0db4839c2b6b
SHA512

5bbaa308ea3a92eb5d829efe75d1c655a404038343b0284c1070c77c68a13b7228a622ee0c7110b64e18453c8386343f7f6856877cc6e3fc10dfb7c2574ad1b5
SSDEEP

786432:7jFkE14CkH6i2QbFkH6iE2m/7smkH6iQr9g8Sb:7jFkwHkHlFkHKd7ZkHQHSb

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.cmkj

ioc pid process

/data/user/0/com.cmkj/[email protected] 5050 com.cmkj
/data/user/0/com.cmkj/[email protected]!classes2.dex 5050 com.cmkj
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.cmkj

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.cmkj
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.cmkj

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.cmkj
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.cmkj

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cmkj
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422

ioc	pid	process
/data/user/0/com.cmkj/[email protected]	5050	com.cmkj
/data/user/0/com.cmkj/[email protected]!classes2.dex	5050	com.cmkj

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.cmkj

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.cmkj

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cmkj

com.cmkj
1⤵
- Loads dropped Dex/Jar
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5050

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.cmkj/.jiagu/classes.dex
Filesize
5.1MB

MD5
497d198b1d4ea6ec5306c7d722ffa9da

SHA1
65ce372f8233b66379a5f653c64815c97212f592

SHA256
9c6e4e175f60d5131cbe846c203594c49889ece83f155bce525b6f23dc9f9379

SHA512
8e35dcac040ed4b45effdb8832dcda3569613864782e2a77de865e4408e8f7886f60373e8f75fd66bac5529dc2129093441f49fc309604e575280b6395e1987c

Download Submit
/data/data/com.cmkj/.jiagu/libjiagu.so
Filesize
455KB

MD5
e5a53000766ebc433b27d6a66ec4f555

SHA1
2c8f53f1c03aec2005bcad67d731f07261dabde0

SHA256
78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

SHA512
370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

Download Submit
/data/data/com.cmkj/.jiagu/libjiagu_64.so
Filesize
429KB

MD5
05a8c3ca16893f4e6cc997a82d987fb3

SHA1
76d6c6d19e0bfa83c847e5d330bd144f58994bff

SHA256
82e708e200cebe270ec57231729413621a8904e907efac8cfe71cb2cf16a3c10

SHA512
2a878c39e713fb6ff5b457f94a1fe2b5adc456924d087a1b6abd59afc0b0e9bad68852eddd34c6441e8996e66eb5fdb711ed6f477d6e447dd48cfd151d89fe96

Download Submit
/data/data/com.cmkj/files/.jglogs/.jg.ac
Filesize
32B

MD5
c7c11cd596b5a71e0765f8b64e120569

SHA1
df301dc2c1777159131b2e5aa5dd27cecae452f5

SHA256
a6e622a9862e66872813d539ef94904db263aa805bb775e96af1b7fa55679864

SHA512
7c380e8ec7ad6729a21938c1566950cf56c665097e35326dce575de90aea36ac3732d60ef5fb287405eb6b8866ed98f75f0085799c2aa384f4472844b840d9ac

Download Submit
/data/data/com.cmkj/files/.jglogs/.jg.di
Filesize
348B

MD5
395cc614a7228861e7c4109fcc01f0c5

SHA1
57277d7a385e39d5159e2376fdbb892a1ed47c06

SHA256
dbf00b43f070d60b5e09d090099c56da636e0ff1148a2168b3ffe7a9a0453666

SHA512
b2f292c41c0ea1e70096e5da25ca9374c4e28d739fe8b4c013c3c6c405f45db343005d55d5015fc61dc00c9c9b8eae442acde08017b0cb33e57f486c9b1d7e34

Download Submit
/data/data/com.cmkj/files/.jglogs/.jg.ri
Filesize
314B

MD5
8f995277845333f64e4f2fd0c9a43442

SHA1
077ab0a621585d91a2bad96cad3d596ab03a0b23

SHA256
fc559674a94f56d54317ed8a33cfa5753cc9ec4003554863fc20906ecb9472bc

SHA512
6d700060327442ded2bb03e61fa814f62160480d14a47668d322d002dd133d0ff3e623b158f67ae3f4f5b42522038010ac5ffb5125f08ad2e2c7ea30044379fc

Download Submit
/data/data/com.cmkj/files/.jiagu.lock
Filesize
27B

MD5
eeb544e9d63ae5027f1d5bcdf1745b89

SHA1
93e115e3b7d4a2f458de17e0ddc41fd443bc1d58

SHA256
00561a46d418b12bc2954a6c5dc414cd6df9dae7b23172b088fa3ba1a8826c96

SHA512
4019d0284e58bac71d7ba26dc3d8da66f0aa8c667abc5fabf5114fa86fbe374853759c92b044bb03d5a60a8c3354f6c2e95d517d3a8a5e86d770881ccd11bbc2

Download Submit
/data/user/0/com.cmkj/[email protected]
Filesize
6.9MB

MD5
a8cba55e0dd1c4eda8d02e9c71cfca32

SHA1
0ce4c6f164a6cbfe0c059fd66256d09393c1ced8

SHA256
b4290af4bc5917439756826b867c4982620198232aca26dda286b7b3849c9882

SHA512
5ec6947396f9a60db1b767771576cd86662bf2a17350ad62384d874565080189e0d2345a4bcfb9e2a0eea1827f76cdcc664720eba38306f3bb88bb62bb080100

Download Submit
/data/user/0/com.cmkj/[email protected]!classes2.dex
Filesize
3.2MB

MD5
0d71064ba5fcd55666c11809b81e9114

SHA1
c9e70fd5f26476d53137543e9846691fd74ecb00

SHA256
dedcc1b0d40273f9f2a5a09c7a66c1263245250b61bf4790cca83687429912ee

SHA512
3fe4d90b13aac6c8b68a27fb8cf17e886d0b16926bdd0b900c63c19bae16c3685eb8a7e062e14a056b687f7cc5877648e481d835c7de4ab38b9007d0d3eb02ac

Download Submit
/storage/emulated/0/360/.deviceId
Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata
Filesize
32B

MD5
3b003081089ca7d38d78bb94ea9e72ff

SHA1
e4233509232394e3d07b2a8c584451c57ccb99a0

SHA256
70585f37d1e5270cdc31d6eefbda6d7f6dae84dfa28bb6b9b0880ebe7b1dea3e

SHA512
cde50ac92aeae3d81ba078520bf85194495166481b96a92c38fa980921c94869222dd653c9968e2f2591bfe56d43e6a817b5f7ae2fe13040318ee8ff6100aba9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads