76fa3712ce7261884fe57a539292e8a58e355310df9c101ee0da4398306fa304

Analysis

max time kernel
7s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
08-05-2024 04:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

233ef374a1e35d3f490856898d0d53c8_JaffaCakes118.apk
Size

26.9MB
MD5

233ef374a1e35d3f490856898d0d53c8
SHA1

820e51fc34ee894d3b5e43764642dd430f7292e2
SHA256

76fa3712ce7261884fe57a539292e8a58e355310df9c101ee0da4398306fa304
SHA512

2f416c5d55d54cef791198cce9a8c17edf25575999e40c0a81dd2bde84cf608375668b6d0a6519b0f7ebc52f47be29562ab189008422d5754cb87e1107b6b52f
SSDEEP

393216:uXxJt5FjdNyu0HOpPixzuSj/S1pdFyr3hscCQlOm2aKlgVxYadq7BnmCbS/v0K5Q:GH1zpPiNdGL6KzpaGgrYaduBnvE/5KJL

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.uu.uugaming/.jiagu/classes.dex	4254	com.uu.uugaming
/data/user/0/com.uu.uugaming/.jiagu/classes.dex!classes2.dex	4254	com.uu.uugaming
/data/user/0/com.uu.uugaming/.jiagu/classes.dex!classes3.dex	4254	com.uu.uugaming
/data/data/com.uu.uugaming/.jiagu/tmp.dex	4254	com.uu.uugaming

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.uu.uugaming

com.uu.uugaming
1⤵
- Loads dropped Dex/Jar
- Checks if the internet connection is available
PID:4254

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.uu.uugaming/.jiagu/classes.dex

Filesize
7.0MB

MD5
a058473c05e91d1ae888c008cf50e060

SHA1
054df55e8059607eeccf7de26a83447b6e727cc2

SHA256
c1e05c3e4c25e765275b6f2946e502fb179b1453ec8ddee72a3c96382d7733c8

SHA512
e5a4305e5d57fbdf64d71766304c60236c239802c4cac8563d3a0b6928d6c87c2734d60903d426a972614ff4ac8d90ea90154255a998ca9c94015c5bb7576c70

Download Submit
/data/data/com.uu.uugaming/.jiagu/libjiagu.so

Filesize
382KB

MD5
aa01dd97609092ce310e17bf791069ce

SHA1
f000840a8f68ea7beb2e29ea466088daf55609db

SHA256
e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2

SHA512
766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4

Download Submit
/data/data/com.uu.uugaming/.jiagu/tmp.dex

Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/user/0/com.uu.uugaming/.jiagu/classes.dex

Filesize
5.8MB

MD5
ac544a1f9a11fff73da8ce8bf76a7d7e

SHA1
2e13127217977e695b621a982644f2b440fc7f37

SHA256
c649530e9ae8eac99f52abb8eb743a7b3f57614f98236cf98640f4297611b28b

SHA512
2ba8e2fa939d42c1443e36a241d9e1ac0a39cd27e99b0636351c6e6b56257472af89734084e510fab627e64fbc1769ea0a7e21bfd1f187a2f36a288f32bb9aae

Download Submit
/data/user/0/com.uu.uugaming/.jiagu/classes.dex!classes2.dex

Filesize
6.2MB

MD5
59d753ddaddef446cf16663ce9c7cf18

SHA1
b2e4bdbccddcca4b1ab854ad29440caf856e7373

SHA256
b895634928d127b91763f4f81a322f307416378ddb66ab30ee00d359f207dfb9

SHA512
e64adb33cbc42de6315b5dc4e41056732ff0db135edf7462fbc663b414b30b1ee788fe590922272674860d39bf2f29139715b4f0cd89407a0fb51151a92c389c

Download Submit
/data/user/0/com.uu.uugaming/.jiagu/classes.dex!classes3.dex

Filesize
2.6MB

MD5
d0c0a912ddfd3c6c2297879baa265064

SHA1
e234548f59dc21a115b3f3d4bb6a5feb3856cfc4

SHA256
56f0f60d26303e3dba3595c0c7d157ff45d07de2fa78f00aa93d7eb2e2ce74fa

SHA512
99226c7df5e7e84ec4059d79fcea698657563910889d14ae05b4b74c798371614e03529b8caa78e2d76ea1b240a1d1f7266a22bbf1d21a89a2fa3160b854d33c

Download Submit