Analysis

  • max time kernel
    34s
  • max time network
    168s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    18/05/2024, 07:41

General

  • Target

    53a516db611a3d600f12155b01e1ff74_JaffaCakes118.apk

  • Size

    11.2MB

  • MD5

    53a516db611a3d600f12155b01e1ff74

  • SHA1

    397c19d4189b7ec3d913c3ee1f731237de8e95c0

  • SHA256

    b9e7fb383c21308a930c82e206497390824d40ffc63b5f705889212f26a7a359

  • SHA512

    13c99d275238f0828ac3d362d87bd63c5af48161f9aa3b635c0b9b6f26c5239d4fd0c7bec2e1a9411368fea079ae89f9f16759f0b6706e4a75ab19f679572cb9

  • SSDEEP

    196608:itKp5efMDE7BVxIjJH9czr7TP8q5j09ZdluR8fjV7YQUgizcFyyHNzI5HtmtX:r5cMDE7BVWjcPPxUZ/C8Jcz+3HNzI5H6

Score
6/10

Malware Config

Signatures

Processes

  • com.xmoo.noface
    1⤵
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4290
    • chmod 755 /data/user/0/com.xmoo.noface/.jiagu/libjiagu.so
      2⤵
        PID:4368
      • chmod 755 /data/user/0/com.xmoo.noface/.jiagu/libjiagu.so
        2⤵
          PID:4437
        • /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.xmoo.noface/.jiagu/classes.dex --dex-file=/data/data/com.xmoo.noface/.jiagu/classes.dex!classes2.dex --oat-file=/data/data/com.xmoo.noface/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
          2⤵
            PID:4458

        Network

              MITRE ATT&CK Mobile v15

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/data/com.xmoo.noface/.jiagu/classes.dex

                Filesize

                4.6MB

                MD5

                f963850443b343123a5521b7100a9eb1

                SHA1

                9841b70f218bedd0026c3f585a0698da1c8a86e7

                SHA256

                d6d066261ef4ef0a86ad6c9556e5ab01619f90dd4a9020227fce469f4fabc864

                SHA512

                3450cdbac91812273c4fd92a96ef3ab1080169e8ba42a5bf855af46197170d4bdc2f7f0008861ab0ccb6171ed9b3d5c3e1996ed87b7e1c115fbbb5f93cda3233

              • /data/data/com.xmoo.noface/.jiagu/libjiagu.so

                Filesize

                363KB

                MD5

                acd3a64e22c56dc0628edd7615a74ab4

                SHA1

                ec22ef7fa9dca4b475af2724d483bda140370ca7

                SHA256

                c57cffd4175fcd618f29d48eeba1b8b30e2bfd4ce9e05c6c5b0bc4378914d008

                SHA512

                ec93027efd827742d3f9db70c4d4aba51e817191ff888aa2337939f2ce518b98f1c1f7ed3d49d25d3bff47738f68ead6348b1b309c54a17e18c4460cc2142e3e