0b6cde6bb0d1b416c35e5ec78cbd120996c7085417ed85ec12ada1e22b9cc04b

Analysis

max time kernel
140s
max time network
153s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
09/05/2024, 02:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

27d9f6286b3a6d89b450f3182fcb4925_JaffaCakes118.apk
Size

83.7MB
MD5

27d9f6286b3a6d89b450f3182fcb4925
SHA1

9f512b507ae7697c9ae0387041d79f30d1d553d9
SHA256

0b6cde6bb0d1b416c35e5ec78cbd120996c7085417ed85ec12ada1e22b9cc04b
SHA512

84f1be1efa00d149f82590aa5796e101cfd6cd0fcbdb9ddf592b0a7796a2b8e11214eaf6feb1b15121b51e2305ba394d72feecff3832b8789792da858c1669f5
SSDEEP

1572864:Pzes3aAqup+bcVF6GSKRj5exGkksohhxivPBM94qZKaclR5ssp:PSRAts+jjjNhxivJMxZKaclA2

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.joyport.rxsg.uc/cache/jars/lib.jar	4336	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.joyport.rxsg.uc/cache/jars/lib.jar --output-vdex-fd=70 --oat-fd=71 --oat-location=/data/user/0/com.joyport.rxsg.uc/cache/jars/oat/x86/lib.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.joyport.rxsg.uc/cache/jars/lib.jar	4271	com.joyport.rxsg.uc
/data/user/0/com.joyport.rxsg.uc/cache/jars/core.jar	4364	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.joyport.rxsg.uc/cache/jars/core.jar --output-vdex-fd=70 --oat-fd=71 --oat-location=/data/user/0/com.joyport.rxsg.uc/cache/jars/oat/x86/core.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.joyport.rxsg.uc/cache/jars/core.jar	4271	com.joyport.rxsg.uc

com.joyport.rxsg.uc
1⤵
- Loads dropped Dex/Jar
PID:4271
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.joyport.rxsg.uc/cache/jars/lib.jar --output-vdex-fd=70 --oat-fd=71 --oat-location=/data/user/0/com.joyport.rxsg.uc/cache/jars/oat/x86/lib.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4336
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.joyport.rxsg.uc/cache/jars/core.jar --output-vdex-fd=70 --oat-fd=71 --oat-location=/data/user/0/com.joyport.rxsg.uc/cache/jars/oat/x86/core.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4364

com.joyport.rxsg.uc:NotificationService
1⤵
PID:4306

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.joyport.rxsg.uc/cache/jars/core.jar

Filesize
284KB

MD5
ce5d44805f5ab39ce13e55068110b5b5

SHA1
063238d13fdff206995ed7a4e21d6a71e7de0531

SHA256
8462073a0f363a6bc5ee973865c494caceafad6ac345ab306e40ade60c7db04c

SHA512
818b1db2d3671bea6fdcc7df077c7861b0329a5bd54d3ed8bd2db8b18cd4abf264884119e4303f2f1b127b559d689f24e0e3fcc95fd8ac203db80ef91825cd87

Download Submit
/data/data/com.joyport.rxsg.uc/cache/jars/entry.xml

Filesize
1KB

MD5
c1808ae6196e5f6553f46e7431535992

SHA1
e63aa5eaffdabb72ea568a27fead539460b86012

SHA256
42513c83c76ab1a57cf80a02dc37c9db9acbdfa93c7e34fea8b3858bff2ca509

SHA512
40ae27cc381a1b46d17d17b274a6b54f632acb7005500c45772b4a16becd9efbc93e71f97c90c854b0cc9962bba77f545bf598db3b4ce607ace1ef5e1409133d

Download Submit
/data/data/com.joyport.rxsg.uc/cache/jars/lib.jar

Filesize
122KB

MD5
28e2fc21f40de8ca59bb97b8bb19ae5b

SHA1
485ef58eecff1e781d89164d01b80e0acbf8bc96

SHA256
55b4eefe50eb02b8ed808e8f65a7a9265aa10d3a5edafd461b3dcf1df37752b9

SHA512
a0cbb20ec4ffd89b3f478353580de8134e3e658470808d56938c5ccebf55c282b39a65a6dc162a22be17ea51555321e882b3f162f5b88957471e41d760ca71c7

Download Submit
/data/data/com.joyport.rxsg.uc/cache/jars/update.jar

Filesize
13KB

MD5
2a46ab7f20fee0bd36de5610ba191fa8

SHA1
fccc9ef08815cedf9b35135260d22d2e7f15a237

SHA256
c5833f8018fd3bc77a0e0671db88ae981be84f2376c8022c1efd8a2bc209f6b8

SHA512
c6d8dbac23a0059ad0a88edbd404ce3fa38efdc3257345c5eeef67733232dca999c7a62022e687aac4a1a081627cb461a76b351d97e59066fd4d1975f1347425

Download Submit
/data/data/com.joyport.rxsg.uc/databases/jsb.sqlite

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.joyport.rxsg.uc/databases/jsb.sqlite-journal

Filesize
512B

MD5
8ff23186ad59020c9c3e85e8e78817d6

SHA1
b82948a68f81bdf8d76ca5130f5e249a68c028aa

SHA256
7d2b3d93c3a8e574dbdca7ea9a4541d3fe1c283cd91900c5e87847e372b1dd65

SHA512
c74a1192c7156c307ce80ff90e7f7f0e8ef69138491ea2465c379d0febe50d46692cde54e2c82fffbd5122e58b206b770d02540810f559cef264e4d715ba8524

Download Submit
/data/data/com.joyport.rxsg.uc/databases/jsb.sqlite-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.joyport.rxsg.uc/databases/jsb.sqlite-wal

Filesize
32KB

MD5
d650785ad106f49702a86988b28b9409

SHA1
17aca0345213fc07a939bdd76513304d807820e1

SHA256
ab2703389ee3f95dd5493d98345a49133c8e325034cd2eba2eadc4c80baec0b6

SHA512
b9b498734dfcb5fa0fcd146bd1bb639d3d47759191951e75dc35ae9b0594e1bb4c3ae7b95a6e9a75a20cfd094e1c501d28e97d316ea7948109b84754d9c676c6

Download Submit
/data/data/com.joyport.rxsg.uc/files/nireus_local.dat

Filesize
8B

MD5
7d1ed6da78be1327a37abc131c1168b9

SHA1
e0c691525381ba659ee9749e70517078b493f0ab

SHA256
8da053aea4c46c52a597e2bcefd6d3035532e883de38df3d0ba5bdcfd33a7153

SHA512
7ef8d3484e25c49c64385253cbeaf54855ab0e9ba1703975b679409980966ee2dd1371bf6d7f70daccdf362077bcced6cf064900561b119ecc75d1f4297c2b72

Download Submit
/data/data/com.joyport.rxsg.uc/files/nireus_local.dat

Filesize
328B

MD5
2c79f3d5d06010c4896290141e0f921b

SHA1
242ad0a1a0500f3b7e0e9513971538fdf3d2abe5

SHA256
0b9f93d51b8f3613211e259aa2e34ac9ec0ed71ae9c41942639ade8e9f2e1e88

SHA512
08edc33d05d6a08f4f22b913987dea2b177c4f3476555cb6e58f2c2bfa702847de7272cf9f5b163b559a3744f1f81c884f5bbd8aba9981c47c26a3952353bb01

Download Submit
/data/user/0/com.joyport.rxsg.uc/cache/jars/core.jar

Filesize
708KB

MD5
8d581b9e62a33a053db4a72291bd59ee

SHA1
c8d1dc448ddaedd9c89d3af056bcb58b2a5cc032

SHA256
c1881672aa09626af503aa3a083f2519cfb49a0f313a0e36f680a42f213a9738

SHA512
e6c8e5b74e49d21e06ee2d635b6ccacae71a367454c4d84c1162c85e7561807dcd482a88f921a6c2e438d4ad15d4153c1c240fc43ebbc0505cbf80d10c019be2

Download Submit
/data/user/0/com.joyport.rxsg.uc/cache/jars/core.jar

Filesize
708KB

MD5
5444921dee9d9d7acb6101191a69d26d

SHA1
e0b1ad4a9869380071019f218fdfaf73cb3d8140

SHA256
61bdc1e4e74f114ce6eafc1ef6ddd4f42b1ac9784e857f8bc7c9f76074dc5a26

SHA512
f2c1d7f9ee8b41f7fa998ed077658c27e67a5a6f0aad95d7b83ee67e7e8f9b78744f83ffc07f75f0d2135c70d42d36ff94e60de41b5dc7ce6e35726dad6bfc5f

Download Submit
/data/user/0/com.joyport.rxsg.uc/cache/jars/lib.jar

Filesize
319KB

MD5
7bcf10325fa678e09ff2a3d1a7fedb96

SHA1
477a4816b7d41558f170897960250a7eb055b6ad

SHA256
0ea48ef53c4c59fb075737e84809f27836d1e5555168f0ea8519a9ebd1b7a444

SHA512
2ef11fdbfc8e3f61f4a881c0ea594487f2cb7e719fdc25bd7d6077e16791ad2b687869c67f62cd263704029d83c1e6ab3ba1df41875d4af49313a6172d926ec8

Download Submit
/data/user/0/com.joyport.rxsg.uc/cache/jars/lib.jar

Filesize
319KB

MD5
2fd8b2d0871eeb14f609edda3f4477a9

SHA1
e58cf72a5ca60ed3363823a755a0c914adbd43e5

SHA256
dce903e0416999fa2e4fd7b7c4606e696a54fb02ad11b98cb5910793e0179ad3

SHA512
48878b1520a4a199e539ebd71f4ba75d5f7f1ba106cdcc44e8094ba5408b2ec921eb81f3d20d48f7d665204ca70e64ca2c44a762db5926cf226c0c7514358809

Download Submit
/storage/emulated/0/ucgamesdk/549114/logs/debuglog/debug_2024050902.sdk.log

Filesize
55B

MD5
9d92db046de248649808cdaf37c9b551

SHA1
56139525d69cb644561c8cbb4d55ad7c1f3b470e

SHA256
bda2d8c08500a2a0c1fcc030220011df43dc7da012a148df02849b4c6949a374

SHA512
77ac4f69d29efcb727edc63689bc9c2354944efd32abd81b5334fe0543ea3c85e6b2b5b2f619b84a4a01fdb9fd2643f28addc8f919bc2c4ebf97018a8f246a7e

Download Submit
/storage/emulated/0/ucgamesdk/549114/logs/debuglog/debug_2024050902.sdk.log

Filesize
122B

MD5
6873a3a1b61849f5399d09a3a3e7e904

SHA1
2d8bee5c64fac50798b71244e0b5669da8334e46

SHA256
8c4c8a05fa1b22e0c709c53126666e38e97565eb0ad030eb2eac0698e6ebddff

SHA512
85942b366bebb3ebe4aab04e5e324e5389757f32a41e38d669a16ced5f7603b7a17a1d7963f58cb74c005022002ed48bed4d938dfeca7d0704d5513907b56854

Download Submit
/storage/emulated/0/ucgamesdk/549114/logs/debuglog/debug_2024050902.sdk.log

Filesize
197B

MD5
e361233b8dc281b49fbc7821bdec7080

SHA1
5f3636518ae14c01db684309f3637176faa13d71

SHA256
a3c92dbcbe170d42eccf463c9b20ca64cb3a9661aabf0560e46b968c9b1a2fe0

SHA512
769c6e4e74f9f970169764a2d05819ed5fc1f8bc6406a9d3d90bc00ec48471921fa075149acad392d1b08fef483e83c353aa478a61043b04a928d0c63f386e10

Download Submit
/storage/emulated/0/ucgamesdk/549114/logs/debuglog/debug_2024050902.sdk.log

Filesize
264B

MD5
4f4c5871684c4834de4654e92f5892fd

SHA1
660da9a753a125b88174a3e3996609dcd4f7f89f

SHA256
1c680ab61eabe0ba6de9da24df77d55713c6041e025d7a270002debdcf199f30

SHA512
dbe8bb3e7c14cad467fa0cfa9cf881ed1335aea321c0cdb316adcbad9cea8bdfc1846a56baab37f4b271a8fcc4125a0740f03b18571c85d17cc2132cf58f9171

Download Submit
/storage/emulated/0/ucgamesdk/549114/logs/debuglog/debug_2024050902.sdk.log

Filesize
331B

MD5
927a797e811a58dd6636bfc22365c015

SHA1
5489dec8c2f2fe8cc565d6f4b7b627294cc95e08

SHA256
a7ab82036c1ca3e41aa2f857c2426af3ba564d04bdc8235a430bc651af19d248

SHA512
8e4c19f02e2261fb9cd55701cb22c55f75b5e71b688a8c813f04a7616afd97e7242ec390ca1d2f15d4237036fbfdd7361cae9b03256860c3ffea9108a173c674

Download Submit
/storage/emulated/0/ucgamesdk/549114/logs/debuglog/debug_2024050902.sdk.log

Filesize
453B

MD5
f66ff60a1a7de066eec34b491e659824

SHA1
fdcf509954aa74d902bfb42c4dfa3f96ea4cd206

SHA256
3dfd9f0887143e6f990992aad0f9c7594fabd1589a46e194259848942b68440e

SHA512
8d52c756c3f4ef0518bdbb844ca4b6c913acac76cd1f78fff6c2439731e3f4214611178a993c7313a672e21059545cee10acc2e97a205af5e540e949f36507cd

Download Submit
/storage/emulated/0/ucgamesdk/549114/logs/warnlog/warn_2024050902.sdk.log

Filesize
84B

MD5
e01c773f439f0715d506a7f8776cd250

SHA1
50dde9b6a5ddb6502ee707283445a58bf0570c2c

SHA256
c0ae9f1a32cf0f1757f4200d8568d8a191ac7900f34128f4fbe1e187caf1a928

SHA512
0734bd95d1f8779c37f22dd25ccd5ee62347fbf1d69020156cf041543216939ee5f76ff10615fb0ccbca947a658b5bfe5ce8b4fab85b4392c1694958829b8949

Download Submit