Analysis

  • max time kernel
    8s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240508.1-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240508.1-enlocale:en-usos:android-13-x64system
  • submitted
    13/05/2024, 06:58

General

  • Target

    3e41a3189f5816e580e7a5e653c771a4_JaffaCakes118.apk

  • Size

    14.8MB

  • MD5

    3e41a3189f5816e580e7a5e653c771a4

  • SHA1

    ee83fb61fdac08cb55a24ca584ee7c9ebb611f55

  • SHA256

    6c083c3489fd114b31f6ee890e38803e5ecb5c63b57d81016942929053e1f533

  • SHA512

    fdca84a0b6df78c83d2735782ac85f217772bb69318441cb6c1c459675787ac78bcf2aba060c8ab807cc597bf9573a93e02b69aee7a9e8e384224e1347393e38

  • SSDEEP

    196608:G643nJBOAmDjd9BaXJ3N0DzjsTIurChbKDbYBVveNyDbc8rCsfRnK0d6zdtfBjNt:h43n7nmF94cDz4rnQdDA8rpRnAfhNPU6

Score
7/10

Malware Config

Signatures

Processes

  • com.dada.syn
    1⤵
    • Checks CPU information
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    PID:4249

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/user/0/com.dada.syn/.jiagu/classes.dex

          Filesize

          5.6MB

          MD5

          8aa4ebf070d44b83919fbc31a9714dd6

          SHA1

          3580a4071c27f476f720cea1d5ebc8f139700929

          SHA256

          71599b1a14c7d9904416b515867ec6abe17c563ed038e34d2693991471780d6d

          SHA512

          cc7b56437220762921b2707820a8b89c542355e0a924786541dc296a1f80f7a4368326c81dc8f0782f16f07cffcc6b186aae7c4e3dd7e0c49ea305c0394a58b3

        • /data/user/0/com.dada.syn/.jiagu/classes.dex!classes2.dex

          Filesize

          3.4MB

          MD5

          cb43eafa46bc4a4ec3f5f829b2e003d3

          SHA1

          8026adf7ae582182c36c723deda5d736c48ac666

          SHA256

          dafa5b33ecbba11bc44bc1f9cbdaa22ca13a295b84be7fe3f47e4c33671f6ecc

          SHA512

          8386eda944b8edbe7dd0a3a6f07c29aebccfad5ca448d7a9c270075c606d3580104fd80af11b96b0c1c51536e43e19ad70bd7b9d1d4f0d9451572ee235997b8c

        • /data/user/0/com.dada.syn/.jiagu/libjiagu.so

          Filesize

          475KB

          MD5

          5aea02f4e4c77fbf2e7a27f7ca9cc06b

          SHA1

          522db1748608e9173547b29b7aa82ddc3542c534

          SHA256

          5a1c513b347e2a929769e2be67552c1d591704f08f7b5590282b66cc2c7d7bd2

          SHA512

          5c979a11f5e896829db906f533756efc1cf3c5a7e35ecc9e376a0aae818f2dada013441649feac2e188bd51affbbf35156e32fdc6552e185bddbc547f3850316

        • /data/user/0/com.dada.syn/.jiagu/libjiagu_64.so

          Filesize

          509KB

          MD5

          289fb443987b114ee4237b4dd97672bc

          SHA1

          9b898410845dfaeae3af212b5df41177ba9b8f34

          SHA256

          a55e9ee18285b41a4ea1bf375930a5bdb603dbfc530a3dcb224bbded14e68210

          SHA512

          debbf2720c9b132b5923eaa9fcb372a72a97d574bce59789d06b645925fa2d6a27473aae4c9f1e4968614d44fd98a8b0fb1eec217a595fb5c80bcfc056705508

        • /data/user/0/com.dada.syn/cache/mediahttp/journal.tmp

          Filesize

          36B

          MD5

          37e8e716e0e2f4a0b05cd9571d95b84d

          SHA1

          f8d068f6931707bddb8cd69f706f2224ad1fea3c

          SHA256

          7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

          SHA512

          e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

        • /data/user/0/com.dada.syn/databases/MessageStore.db

          Filesize

          36KB

          MD5

          813ae82180259fa068bea189e07fec67

          SHA1

          67a335e3df54b04f3ad89b53c3f3c4ec1567c515

          SHA256

          fba97e7f2a5671566f1ae652107b14b8ee1c307761ce2f044f41103fb3fd708c

          SHA512

          1284db387240ad2fc91aa0adfc6e9f97e7c098b9843602afaea280adf01e9a9b829f0e7cfe15ad9e7a9f5f482f4260cf022d754db9da06595735e06c1998618d

        • /data/user/0/com.dada.syn/databases/MessageStore.db-journal

          Filesize

          512B

          MD5

          dce978c6b79a3060f168183b0cdf9898

          SHA1

          1c7064346260cf6dbb7db7d8f878ec4da10df767

          SHA256

          aa15cc3bdea82563c4a92ffee9d4830bc37a4819f070bbad7bea4dfcd4557f8c

          SHA512

          949bf5f0ea65bc29b47e11c4b650450965d5fb2dee9f46c3f09f46304451bf0f7c15f01fa3ba19d765f509e80a727547f547bcd312675b921252e68c9aed12ee

        • /data/user/0/com.dada.syn/databases/MessageStore.db-journal

          Filesize

          8KB

          MD5

          020c020240ea45fc62ea201b586512e2

          SHA1

          5a271f8a3ed2b93230d59b51147f8d40c13fae57

          SHA256

          b27ec14d210deb59c1e896d547fd5b0a5a0e273b6d3f8b6d1c0bff76468538ed

          SHA512

          314981f5bcaf925e3fd5bb69bdb2baa6e9852ad6fb64816f7a32a00bf481f27a67f30e9dfd65c507b72b429fa7e9f47bf6d099f237c72cd84589743eb6872c0f

        • /data/user/0/com.dada.syn/databases/MessageStore.db-journal

          Filesize

          8KB

          MD5

          3ee379a1d31a530fd1f70abf2bedeafe

          SHA1

          88e771b63374f1c513416f71c139988bb4001f72

          SHA256

          5ef5037dcd040bcd1cc9edea7f8924a886273b8930481736380e14d6489ef514

          SHA512

          ec0337c98ab8941ea475227204f326d5ebd0f9d0eb6d1929f1538204cfad229fe21cec07a9a54ff11fb4553a7b19e5be762290870520dbc2aabce9019f184e26

        • /data/user/0/com.dada.syn/databases/MsgLogStore.db

          Filesize

          56KB

          MD5

          12a7d379e17bbd9dfb425607991f4814

          SHA1

          bc7c5ed79c42863755432f9adf05ffc1848b0a81

          SHA256

          6e9e6f531496fd3cb33584bf4a1303845743589d5527bf8e96e27e2264b1e90f

          SHA512

          18d678715f1712f8baee18e23487af449890a4130e304ea10d883dfc99b33b7f88f0f1e0b4008ac0c8f1ea6c19f5460b0510d5372c579b039a96785529d980c4

        • /data/user/0/com.dada.syn/databases/MsgLogStore.db-journal

          Filesize

          512B

          MD5

          49b560cf9066ae26e6c128cceccf7ae0

          SHA1

          9e0326ccf7d71bb74ec8f760216f5db2f62e7d48

          SHA256

          cfb219f3e223160d46cca29b82f51835c243562c029b473fd25534e7743912e8

          SHA512

          c8aefbcce29d8225f49589c193cff25892414be62b8f527c6ee7548e735c3ff0bd2df3f018a9e6b84e58b57f5e310a6bfa169b13a83a9e5d4b05f73ea5eec2d5

        • /data/user/0/com.dada.syn/databases/MsgLogStore.db-journal

          Filesize

          8KB

          MD5

          83bfcfadf753038ebb73bfa947a49632

          SHA1

          5965cf7957af39e79a593f42f4458e8629491a78

          SHA256

          13661b27e20ee76624494cbea49a3e09df082d648a798947329a31c2f2b08a67

          SHA512

          3906b83f60147e5109a5f7a4989b67cba5704df42c05f0313387c720ac3ddbb633c74ed909958813df02dff590cf0caac726d200cc45bd75869f864ee34f440d

        • /data/user/0/com.dada.syn/databases/MsgLogStore.db-journal

          Filesize

          8KB

          MD5

          da16f1962a3894f107f5fdac04ae4df0

          SHA1

          7fb3f037a34b5c81a2ab1d6180edacfefc2c0a7b

          SHA256

          8bd2d170b2806bd8ffa94160bd29c9c3413970111e0b5dbec250a21aea053d47

          SHA512

          6444c0505fea6f7cb030c858e3e607c7ac073309646aac2ad2c9ec4b44fffe50a48b08c67f1644d3485348003c8c9ecb6ced797f73906cce2745cfb5c9b7e752

        • /data/user/0/com.dada.syn/files/.jglogs/.jg.ac

          Filesize

          32B

          MD5

          8ecca02eca0f8032a08aaf6736ac7595

          SHA1

          227abcc8f86104bb4bdf004de6180382837a6c5f

          SHA256

          c5c18797bc6aff2f83278e067a3a37c05dfe681e82961b949eb2e88bcb61df34

          SHA512

          7c7d75a684c86471a270d51f54d4b50155da6dc74e815394bae6601816dba0563457ea69932d03209b8a75ddb50cbb879c4f6738251a71a0edaaf820cfa517b9

        • /data/user/0/com.dada.syn/files/.jglogs/.jg.ic

          Filesize

          32B

          MD5

          11e95665c13c5dd65af52e4eeeca28aa

          SHA1

          a9f9f3775d35a77b1f9a73c7c4068166f48279ef

          SHA256

          0af0e02aacac44b0b0afa7f34df74bc1752b06e98acc4fb149bbd8a21d99c04c

          SHA512

          665159275cd39b104e77b54cc4b6be4a782fa91ab693bf9086fb619e446fb46d4269f8afe5104a97d90aa16be1eecab4055d51d84b1b93419333fed574078e6e

        • /data/user/0/com.dada.syn/files/.jglogs/.jg.rd

          Filesize

          32B

          MD5

          6432173f2a80ceeaf03296f8418b50df

          SHA1

          a80c2b1cd6f62881d946da62bfb320748923e1c0

          SHA256

          c00bedae745fc387e0311716f6c79faae5fa38e0e8a50743f4b363e4cf1e454e

          SHA512

          541e1ce3e03e86b7125df22245f6cfd9851958b87f1c4f1c8d7d7f4b5d89b103c9f9c6fa5ba7a604089e7032d8aedf5bea0e7796709af00360e57ce98cd4413d

        • /data/user/0/com.dada.syn/files/.jglogs/.jg.ri

          Filesize

          307B

          MD5

          1e43d2f4d8dcbee72a17de17c553b981

          SHA1

          a8285540773abac0a333ef5bbb30ea19bb62986b

          SHA256

          813a924bbba5b1c145935060df3328e424d59af0612a0a2c59e5b9ce8dec3068

          SHA512

          af34587e28f0cb647e91dbad3149516370570b1dfc567041fec1b384e6864ffed9b61c431b2643e84616072e464bcad694f707e6db562af2395370429dc60c52

        • /data/user/0/com.dada.syn/files/.jglogs/.jg.ri

          Filesize

          314B

          MD5

          7b6555886518a28354ee8c416ee3fcad

          SHA1

          17f4b92e5bdb5db7869f70bc71686f1e95eff9cd

          SHA256

          e4a726e53773ae9af1bf85ebec1cf9de5881c5eb86b9c8c55acdd0070c20c81a

          SHA512

          dce9f865bca3cc78afd4e04a7d818e48bb47a8e50080418a791ddae34ea19cee4bdc9e1ffbf8376b1661472701d44c16bbe4fbfedd1e791f60d41ad67e0c1fd8

        • /data/user/0/com.dada.syn/files/.jglogs/.jg.store.report_pid

          Filesize

          32B

          MD5

          51982a65863cc095368f242f7c75043d

          SHA1

          5e29109513c55faf5fa1a64f2331642048c4b380

          SHA256

          4c73877910e868879f5d52d1f7a49c3568241e0d3472ebe7ef874ea2d069f41b

          SHA512

          dc6424d4bad5b706d55170ba819ddacc2d7f9a03eff7e3b3a0fadc5bbe27613acd1ddca1f00085bbc74b2d1ba36474d937f4887a4e65f1a00c5fe9289e0c06d9

        • /data/user/0/com.dada.syn/files/.jiagu.lock

          Filesize

          27B

          MD5

          cc73b895afa37b0dd84b2d9d3e0bc0c5

          SHA1

          d8a0600ee5ebd89a1dfa5aa40702277748c7d6bf

          SHA256

          61bfc2c18b4df5a62c7cb0efdb58dfcb06a1e0eea4f43b75f6cd9d2b111b7350

          SHA512

          c48b69856d630653521d6241e36cd2f160a55a70fb9839a65981db5ed0e49470e554abe2dac0b1b6e989d7de4a119d30286fbb273796123bd5011da96d919188