22ef586e8e2e4c8cfca80aaa8f9cdde945562f3eb12b627c2206a67e560f69cc

Analysis

max time kernel
3s
max time network
136s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
30/04/2024, 22:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

0a8c16abdbd5c8253c2ffe554139429d_JaffaCakes118.apk
Size

2.9MB
MD5

0a8c16abdbd5c8253c2ffe554139429d
SHA1

a8bd29c08ebb681c9ebd9dd1e9fdbb1dc06ff393
SHA256

22ef586e8e2e4c8cfca80aaa8f9cdde945562f3eb12b627c2206a67e560f69cc
SHA512

0390b7f04187327009550df215774c0d7daae56cdca64139277472ae8b49ce34f40de847d4eabc973543c58c74689eab0b81c87bad244f4cb7bcb14e3d1697fe
SSDEEP

49152:rLef58GkupKkaoLQqJxYNd1HnaqYsvMMsFMbhA1t0SdnHvuthuhWMlGX/gV+:rLeRebkav2KnHRVQ2OPutAhWMlGXoM

Score

6^/10

discovery

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.bdzy.loan

com.bdzy.loan
1⤵
- Checks if the internet connection is available
PID:4284
- chmod 755 /data/user/0/com.bdzy.loan/.jiagu/libjiagu.so
  2⤵
  PID:4310
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.bdzy.loan/.jiagu/classes.dex --dex-file=/data/data/com.bdzy.loan/.jiagu/classes.dex!classes2.dex --oat-file=/data/data/com.bdzy.loan/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
  2⤵
  PID:4332

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.bdzy.loan/.jiagu/classes.dex

Filesize
891KB

MD5
b1482a2ef8634308270b9f1072dd318e

SHA1
1bce7d758823c8c193a2ff271bbb1b96447e4de5

SHA256
d785438111b9cc9785edcd670203400e7ddc7cd527c879ef34caf1e54cab9e96

SHA512
cfecb2f435eff5e214496279fa4e356d11b824c27199208a2fdb5682cfcb6cb3f1db20de3b61bd607bc879ecc73934bf1fda3c33e6e659bf216041422551e5f9

Download Submit
/data/data/com.bdzy.loan/.jiagu/libjiagu.so

Filesize
337KB

MD5
5cffb3090a405e02f3932b13dfd160bf

SHA1
bbd2e8bed5ba632786c70d8aa8bb61646f4db583

SHA256
5a448089cebfc0088651ead6e1486f98891991ee6d1cefd0d2933f96a7f7fd45

SHA512
9c0044025dc87740936e265e50659238b8cb377852ffc86f956bbb461c3480329bd5e404441cef037102b262660b5bcfd6273865a4121bb619f254b0f5fe278d

Download Submit