Overview

overview

7

Static

static

6

3f5b60f6f1...18.apk

android-9-x86

7

mimo_asset.apk

android-9-x86

1

mimo_asset.apk

android-10-x64

1

mimo_asset.apk

android-11-x64

1

Analysis

  • max time kernel
    48s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20240506-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
  • submitted
    13-05-2024 11:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3f5b60f6f18745f7b9c74f0f4ea3c934_JaffaCakes118.apk

  • Size

    16.4MB

  • MD5

    3f5b60f6f18745f7b9c74f0f4ea3c934

  • SHA1

    dbc2b4d507a24e10557cb2f016ec8de7e5aa2128

  • SHA256

    cd112be7e4ae9aa4a2cd784e1ee1e5feec2b1faec3490f422405c4b20b5227ed

  • SHA512

    ab413eae833fba928f9862028ecdf981032d831bbb114d2bb37e2ce380589ef6961460c7f87d10fc813c5ddb06a03e5e9e3b1ee0bd07d8f7c502d8ada0a217da

  • SSDEEP

    393216:0iJX4/dhqXk8YGM95JNqwGN7/3jYIdqmqlPxetoOrylnQWzIzNq:08o/dhq0JlpGZTgEryzANq

Score
7/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 3 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Requests dangerous framework permissions 15 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • com.lywx.gddmg.mi
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4187
    • getprop ro.product.cpu.abi
      2⤵
        PID:4265
    • com.lywx.gddmg.mi:daemon
      1⤵
      • Queries information about running processes on the device
      • Queries information about the current Wi-Fi connection
      • Checks if the internet connection is available
      • Uses Crypto APIs (Might try to encrypt user data)
      PID:4214

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.lywx.gddmg.mi/files/001.leyun (deleted)
      Filesize

      2.2MB

      MD5

      9aabd14c05431c1becce151f5c669433

      SHA1

      2e6fa239bf2c80f7c2728b23917ccde2de075ae4

      SHA256

      6a04a91dd0971aae1b057fa1111382a8feacb39abf1a37b772093e34f78a6119

      SHA512

      3d911fc1461059452caed3bbae113f10cb9a2d7c3361ac477d3c03b2108355fe161d5d48c48b34040e26ecd321c0c855be3614952ab230a3c663059655ad9bf7

      Download Submit

    • /data/data/com.lywx.gddmg.mi/files/lygame_plugin_GDTAds.apk
      Filesize

      534KB

      MD5

      b04308d056a5b4c0347e45478e9f1329

      SHA1

      8553a78d7c15b4483ea0928fca551359043b6ba3

      SHA256

      7cf14288dc24da5be54933ea3116e22e53500c8c25805825c115e0735b5ed90d

      SHA512

      2980d37129dc78cad557f90eb18de0330c261cdde2e418b533ed288dd8451b96157f593779c5f3d442d3dda9ab8682ae114caee579c13c97d7662475eabafcf4

      Download Submit

    • /data/data/com.lywx.gddmg.mi/files/lygame_plugin_OnewayAds.apk
      Filesize

      94KB

      MD5

      0ef2f2342d10cd754b330e08648595b5

      SHA1

      bbc5ae813e805aed1f586b6d47e975ef080f8792

      SHA256

      764bae0b061e0125ae2f2e128516e4e52ee027e30a23348eef4d9b394d19a778

      SHA512

      b84222ae93f2ae02629bf39325afd8594681af7a2ca83a123d91753ab544cc51b3b2c094aa859b8d82a7003a6a8abbd2f89f13cdddd888cf4eb6130bc7ae13d6

      Download Submit

    • /data/data/com.lywx.gddmg.mi/files/lygame_plugin_TouTiaoAds.apk
      Filesize

      510KB

      MD5

      aa3b7a6d2c79e179f728f024a97a9311

      SHA1

      468b76473a7d065c7b7dfd0537ffa45a22d008b1

      SHA256

      1e662710f4f782b33ed0f99c266fed49981cba6d99aadc6dd575f502bb5b8e55

      SHA512

      1a707c5399a9d5b43118ea2cec89a26f0f33f32c359f9f3fcee23b1f7582a2c6389e0d96d11e8dfc3b7c28479a5680fe66a8b29484460ede40ee68628f96311f

      Download Submit

    • /data/data/com.lywx.gddmg.mi/files/lygame_plugin_z_Ag (deleted)
      Filesize

      533KB

      MD5

      9732d3cbaaac0c1cc7d07e5a47b30e57

      SHA1

      acea3703020775e87c4f31c61958532625d64d11

      SHA256

      b38c5c9f0844a5c4f11140cdd6896d2dd4671b634ec60c44fde680b7f6021333

      SHA512

      b0369432e9f10ff0a5664e0bafc98bf79a4eb3f2b0db97c8be22eb3cc9f634677dff003f280dd986389eb40ce397dc4962203559f572185e008dc582274e4a45

      Download Submit

    • /data/data/com.lywx.gddmg.mi/files/lygame_plugin_z_Aow (deleted)
      Filesize

      94KB

      MD5

      68cf11a6c1354dab3a008b1c51b7ece1

      SHA1

      def6cabac9819a805c44ae2a4a96f5c70d6afae3

      SHA256

      e7968cb4113d020605548d5b140a838bcdefc71ff82dc84de0dccc06c516028d

      SHA512

      e61c1b2cfdf50967df1b858a8f6666dde978f9ad6d63533e5cd8c723f874183bd03a71eae353a28043bce1f7fd5dbd0335af8fb72593669bab22577a7fe344d8

      Download Submit

    • /data/data/com.lywx.gddmg.mi/files/lygame_plugin_z_Att (deleted)
      Filesize

      486KB

      MD5

      0a661884c3b4d2a54886fca6cd889c6d

      SHA1

      6adad9d9f1abb99bd8ed926641c4f630f7adcd79

      SHA256

      40b021c7a3ece35e9ef8e0ef1c06ccb8e3461dc72a15f98afeb59eecdfbf01e2

      SHA512

      e3595a90e6b0aae72f1935efee04c1272e61d3fee9f8aecfb1498d85316fb7a5eb79d6902f15c2df893455ff15cb1bf73463c9fb81f6ef714d74605dff8bd1b6

      Download Submit

    • /data/user/0/com.lywx.gddmg.mi/files/lygame_plugin_GDTAds.apk
      Filesize

      207KB

      MD5

      d5ba952ebf1153d1d924d596111d70c4

      SHA1

      afb528e0265b5ff3f63131afb5a2dc63357e80ed

      SHA256

      753fdde763127462005f53f3b1b2861b8b016c485f7fd2fcaf191167cf870c70

      SHA512

      fbcdc4d47c0b8f9bc41af0acc2262e7ac51fbf567a4d82322d34cb1d1b0c04e716bfb87385fc68a90281ab1048607c71855f93d728ec0aec5054ad76c8550ec1

      Download Submit

    • /data/user/0/com.lywx.gddmg.mi/files/lygame_plugin_OnewayAds.apk
      Filesize

      258KB

      MD5

      3a7f63054694ff5134471b61bba60edf

      SHA1

      2f6fec05957acd8f5fbfa38386680ebc1361776a

      SHA256

      ed80f106565504aa6e114ee19f8bc59a269ad7e5f31863a57dfe84faca188d2c

      SHA512

      9b8847ac09d9a21edf4eb86d2d1224a9ee0b94cc856f0dce8614d1468030f755b98bf185bba511b4b6116c4efad5001dd1a4d00b99c4c7f02cc5b6e17614c641

      Download Submit

    • /data/user/0/com.lywx.gddmg.mi/files/lygame_plugin_TouTiaoAds.apk
      Filesize

      1.2MB

      MD5

      c15e4e2d41f5a90e1e96e181dc639d92

      SHA1

      5cc5dfa12f78b74be82f5ad0c4343fef2a80f45d

      SHA256

      e92f1c488c493e973e350405e09dd2ab57a6ba03ab839a41f7bf0e3aecb2aec5

      SHA512

      0376075fda7f8efecd9ad034be7b911b3917df43ea51ef60761a7e4954f0ea56ea3ac77503c16cabb17547156c7fa65654160c59a35d6e54f491ef6dfa6793a8

      Download Submit

    • /storage/emulated/0/Android/data/com.lywx.gddmg.mi/files/tbslog/tbslog.txt
      Filesize

      34KB

      MD5

      43b326d2110b1f514be2501bc06578a0

      SHA1

      2187a305a78ed2a397f496790ef671dc841323de

      SHA256

      bd5f6a727772475a71b3f309a2d41771d3687858bfccf164655da751c6fea4d7

      SHA512

      d636a62209004c34145caf4c74a79613ca49f268358e1f4495592fbd95ca7a476264f3231859a960dcd9d53409e8b5487d5027161402a1f26ae864eb4a7bbfb0

      Download Submit