Analysis

  • max time kernel
    8s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-20240506-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
  • submitted
    13/05/2024, 06:45

General

  • Target

    3e356eec96d1fdf44bb7deffd8537d48_JaffaCakes118.apk

  • Size

    15.7MB

  • MD5

    3e356eec96d1fdf44bb7deffd8537d48

  • SHA1

    e299e2e54a4f5e3250f42a55d41ef969e9ffcffe

  • SHA256

    74f9afc54ef47525abc388d47e25978ba84d8ded8b8382430252e9eb4a57fd31

  • SHA512

    9f1221837be6cfe15c5f9874722b5e588638c582c691723d9c50cfb40ab27119ce74d1940202bbba57332a43af5126f50f9dca6b4c86090ae45ae07cd3b3117e

  • SSDEEP

    393216:4fgJ2dL0jbECjHuJGIhMIWxCrwR5JXMUSuWPemuLzW2zfqpWHQBu+:4A2dIvECjHuIVxTJ5S7GmaW2bqpWHQQ+

Malware Config

Signatures

Processes

  • com.cloudywood.ip
    1⤵
    • Checks CPU information
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    PID:5144

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.cloudywood.ip/.jiagu/classes.dex

          Filesize

          6.1MB

          MD5

          5c554467252c53c7389b8d96bd7c3372

          SHA1

          e63de9fbfa8f1e4a8f3c628459c8e1261c42badb

          SHA256

          7d5d64cc636d9e06120254ade478294905faa7f936b31189c6b038f8c30f283d

          SHA512

          4b38d146e3a038f35449b2fb57f444c69a4c56d408f957030b01dd49c0999f97d96f7585a385e17249f9b5724c5ed1c201c0574cb7c293a6f564716605fc5b8a

        • /data/data/com.cloudywood.ip/.jiagu/libjiagu.so

          Filesize

          363KB

          MD5

          f7f5e960db0c8a6f3b5b8d1a0427a042

          SHA1

          a8b623f9f87a6e785508befe07314da2fa903bfa

          SHA256

          17ac5b03f2a51ebdf2cce66314bc8e3e1547bfa0dde61357fcc07768aaaecb3c

          SHA512

          ec889d1d9428cdbac082d0b5ab81cf33ac417874a416daf27b02af3d207b1b02ed794fc0b3f0ea266c8edaf3bfeb8f3cef7c631af689405fa629fee948ae8cba

        • /data/data/com.cloudywood.ip/.jiagu/libjiagu_64.so

          Filesize

          349KB

          MD5

          0733255e286b6e6dbaba9cd897e6d6a9

          SHA1

          f7050b691709a83633b7d3cde1b91bd6fff1c2b0

          SHA256

          8ebf467743eb1ac1c31eee127d4d37e3109c23b856e7de94de04a11f8b9f6432

          SHA512

          c3349d02dbdb02e3c0bcf52a752df5f142866aedfedca01cfd52a37166b50acd5159488260ee8f43a7b59da1288dc50bbabb6845a67135c919de1083ef9d678f

        • /data/data/com.cloudywood.ip/cache/CommandCache/89660ab8a3d977c681bb4215cd1d49e4

          Filesize

          982B

          MD5

          492678d134071b33fe3b691e18c3e539

          SHA1

          3ddaa24fc3cb35463b361549f4d9b9c62cf2d86e

          SHA256

          6587951715e8ce3f9c41191bf51a005c643787456349d52858ac46d07f7216e1

          SHA512

          543f57d271d2a6a600b9c9e890415344d7298ee061d96d72b09d4601ceb0349c846f6352cb6f52603d2d019ef162bd20062a95f7b517b7246d673e15345a7de9

        • /data/data/com.cloudywood.ip/files/.jglogs/.jg.ac

          Filesize

          32B

          MD5

          8e2136e373de4952a5caee1c99c6ce8f

          SHA1

          cf3965fe33b918a7e76af58a28b3e9e79a824ffb

          SHA256

          88b05a706ac294a0d97ab487f38faed249ef016a4d0ae119aee199d827e473f1

          SHA512

          53255410e39f81945d70a7dc95594328f4f5a016e9716786c6fad7635d8bb69c7f4a1baaafc38a3ca5c757c10886868f78acb2e9e6820ea474ace4da034f069d

        • /data/data/com.cloudywood.ip/files/.jglogs/.jg.di

          Filesize

          348B

          MD5

          cfc226fa7931f6ac8ddabfc1cca8b4e0

          SHA1

          7c45fb85ae8a5b37104efe3aa776538804c7c664

          SHA256

          8d11fe391cfe5c30de1d6fe2cfa3351b89ee0dfeb652e3df271d5ad1cbe12c63

          SHA512

          f68c1e89503ee969f12e1147b2c91ff5fa4255a5654809e73ee4e5659a19b86343227d7c7962df17b2c669859f3cfbf5133abab247ab96fce80a78d9bdc2e974

        • /data/data/com.cloudywood.ip/files/.jglogs/.jg.ic

          Filesize

          32B

          MD5

          3deefd42149178c1852595dfb10f5772

          SHA1

          561b33f14b77f01a6746897adfee1844aaf7f6b5

          SHA256

          d8b16a7d09b195c00c9e1f46216309223573507bc08c34946757bf701fe2fee9

          SHA512

          eb98d7dba512aff4cfed804e09047cadcf3ad3fbb3e544cc4a6ce6d2f231894209ecb6d36ef0cdb2dfa663303217bde1fb74697abe8a6abf48037860b17df4c1

        • /data/data/com.cloudywood.ip/files/.jglogs/.jg.ri

          Filesize

          314B

          MD5

          df826d93aa697d43511b258d1712524d

          SHA1

          895743d0f732f9a92417af1963404c6ee1a005a7

          SHA256

          5c4ead8ff0434ab59d453f0189472f1f83671e6f544e5796e424bf34f9b26d9e

          SHA512

          7c41e425628608cbfbbe98ba8b4db951485bd20f66c224934bbfd93ab90564565762518ea3137faf3d2a9db25bd5a94c239f17c82006d9b941683b16ff6a7c78

        • /data/data/com.cloudywood.ip/files/.jiagu.lock

          Filesize

          27B

          MD5

          a1d4895f960c116d4b9deba9d624ed4b

          SHA1

          c5b72e71f1641dde86732e13373b24e705db225a

          SHA256

          51cb8e6ea4b055231f5a191aa5c491aad9255ce8b13ce7038a5241b56cbe7780

          SHA512

          148802e94758c75e2419be8e5dfa1b0c1fefcaef5695c59960db9a5e9c25d8021e5e4d33b201cf14f44de28ee1d9715e6a5cd1f7d18cb8119dd40f095b861a07

        • /data/data/com.cloudywood.ip/files/installation

          Filesize

          488B

          MD5

          dc8da7cdabea281d4abc8a0d4aeefff0

          SHA1

          3176ee5ce18c871b7f04bd2a3ab7e1a264b70d00

          SHA256

          d2ce3415c8e507cfeb6077785e72ed441cbdb8081c6c4ce4f5ffea4f3f7a7215

          SHA512

          d30262b422ac6a692a87124cbb50f3938aeda29918a80e01769a0180536fb17ac5053c938faa948d9a5ebac91529892270fabc692b6f5c4fbb6e3717e0f31ab3

        • /data/user/0/com.cloudywood.ip/[email protected]

          Filesize

          7.5MB

          MD5

          d2345b6b061f723c6a5cb4c3ed89e1b5

          SHA1

          1cd88839dc1417d548476af09f3196588c01d952

          SHA256

          087be3526c55211477540818ae404f48f5407a5252e7d606843539f3562aad60

          SHA512

          d7229054ab515667cd291d941470e1fe968144aec02d6a4cebbc865bc1e53261b0adef19454e380e49a5b5de3e554ad13ba38d610b2e38c60b9c4211622e7d78

        • /data/user/0/com.cloudywood.ip/[email protected]!classes2.dex

          Filesize

          4.4MB

          MD5

          d44a708ae7f551643253c378cc139e6c

          SHA1

          655bd823214bdfa630440d264be75c33e496ed77

          SHA256

          4122328d9b125dab5a6e3268e69cb058cfb00f88f16ed7cafd71db66fab67ce3

          SHA512

          977822257440d17d05178dc59b19df1d5a396c8f2a9dfdd9e30408bcaa970aac2fc0337e64795efa25ec0e27a302437321630037e03a23ca5433e898ce4ae33c

        • /data/user/0/com.cloudywood.ip/[email protected]!classes3.dex

          Filesize

          63KB

          MD5

          474b32d4c0e89a526d09888ad01024de

          SHA1

          029bdad358148f4191eabc923ae4487191d11d05

          SHA256

          64849e15813bb028bcaef90294e5ac6505c5a9e95a2e02fc548f9c8fb53ee8d8

          SHA512

          fb9b6363d0efd217b3ac636a6874fa9cdf16375e15d2942c7df0ec5262cce6348f31c659492cb2d2b988284fa723b115143dfd97669b05fc2365c037b5f06e48

        • /storage/emulated/0/360/.deviceId

          Filesize

          48B

          MD5

          4c4c5285293d5141f582aefa4e038669

          SHA1

          e01852a72e5a8e6f7d63a21426b515118196047b

          SHA256

          36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

          SHA512

          097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

        • /storage/emulated/0/360/.iddata

          Filesize

          32B

          MD5

          c05019695300bd729dadef3afe624577

          SHA1

          fc8621409852fd4d1cb5d42d0d04200fd41692bc

          SHA256

          bb45ef26a363fe88026305f348d452a4742d01eacbd2d747ccf28e471224b049

          SHA512

          76e1b32a0b4699ab082962dc13b73c1f872cde6ff2fb3d0997b6de9048586f1fceda0e3eca5bec5a8cd9c2d2d3ad10ee8fcc1741e53a1e23c866b45b20f71ed3