Analysis
-
max time kernel
3s -
max time network
151s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
18/05/2024, 08:23
Static task
static1
Behavioral task
behavioral1
Sample
53d24598e0ff806d09301fc132464e4f_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
53d24598e0ff806d09301fc132464e4f_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
1.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
1.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
1.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral6
Sample
21.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
21.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
21.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral9
Sample
9.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral10
Sample
9.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral11
Sample
9.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
53d24598e0ff806d09301fc132464e4f_JaffaCakes118.apk
-
Size
23.8MB
-
MD5
53d24598e0ff806d09301fc132464e4f
-
SHA1
ce9ee88ec5e0cbe68e3338ef37078c3181bf5f4a
-
SHA256
9cf7218fc92e4f01efb27444a28ba124efa6ad45891b8bcb46c2cddbb4b7eb41
-
SHA512
2f1ea92a89b20c72a4f14c024ae79689cf89885aa5b7de70c6430e7f61506844faaa99ef268621dcf23ed048f76f8dd10a4e205a958a0985fe53ab270757a62d
-
SSDEEP
393216:eQFcHPXqVaW6ACXGN9D2DJbgJ01roqzzp5VyxJfy5yFOZ4wOoXKCVnbhlg2GhO2e:ecgfya5HXGN9D2Fb2kr5vwqnVnNlFU3K
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 6 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar 5167 com.qingshu520.chat /data/user/0/com.qingshu520.chat/files/beacon/comp/9.jar 5167 com.qingshu520.chat /data/user/0/com.qingshu520.chat/files/beacon/comp/21.jar 5167 com.qingshu520.chat /data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar 5167 com.qingshu520.chat /data/user/0/com.qingshu520.chat/files/beacon/comp/9.jar 5167 com.qingshu520.chat /data/user/0/com.qingshu520.chat/files/beacon/comp/21.jar 5167 com.qingshu520.chat -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.qingshu520.chat -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.qingshu520.chat
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
70KB
MD5fbc9ad99563091d07cfdfaed823bcf3b
SHA1906f5b3e984ddec5208bd01468901cd0262cc1e9
SHA256d320347a935fb3a98ac3858cb55a9193965cd5f9b04ad97838fb493c612d1010
SHA512ea259833bf55b9174f55b84ab62aa9a586287e0c1375f266668519d8ee273c7fb5c7419cdaaedcf1ea40c758531a65353d5c2a3083858d7c65f553b1f80149c0
-
Filesize
2KB
MD581b45de6a47986d607e660539f02e21f
SHA1d2f1961e00bc48dfcbbf76a3d5648544e5812afb
SHA25643919275b8694ddc0de13559603d2b8fefaf80aaab7a596d0617e324dac130af
SHA5127e99792b4d6e6f0f35b4966a934942a1658c6eb27341905cda65adfc5d8aa496c33229f3bfdfeb7fb8a047e603bcf5463efa34c233800df723b26943f7c28466
-
Filesize
5KB
MD507e7f8974d3ebde93b2d85aca8d96470
SHA172afb51e234cb6f6b99c50739b2b73d0182d78e9
SHA25615c5291d63d9425aad8a2374804589ae6a0d377af59319715f35e09bd7fd1674
SHA512cab58123d458d3b37880569b5e6b40dfd711a4ce259a17292a02935c885866e440704f8075cc2485108c425b79ff7fd032fd7bae6f09264fa5ec9de204a61a54
-
Filesize
292B
MD5813152cab052283d49c4179ce57a514e
SHA1885e213e7965a04eeb815a3df06b22bee8bb9ffd
SHA256d730e93123588663eb31a5ddd45171a151e8ca4273220279b2fed32c8db222f2
SHA51211b82598c09fc4a789735f997ee638bfcc4793e0aa22ebf18214918e7ebdef701537b5fd2042dd264a6057a95896f7ea1f91b61d9a8a5cb8e8325315e9a96001
-
Filesize
5B
MD5c06857e9ea338f3f3a24bb78f8fbdf6f
SHA1c5a0a2529d2deb60fec041b4fbd722a2ebe31702
SHA256957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027
SHA51229f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1
-
Filesize
1B
MD593b885adfe0da089cdf634904fd59f71
SHA15ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA2566e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
SHA512b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee
-
Filesize
1B
MD555a54008ad1ba589aa210d2629c1df41
SHA1bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA2564bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA5127b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339
-
Filesize
149KB
MD5400bed053ad682fd97b6b6c29ca56850
SHA16510943291adc21449784053910d1c6b3b6ac25c
SHA2562d6b9d05d52ac688020ab87693a919766d3bf297206c73414e265e9fec20bde0
SHA5120aefd2f3364f92c69e9421c0c072c61e5d3eb786cec7ac4bb6229af24374153f73fec537bc61ad16c838f489179c1d217ff40518832f9ffe5d9ce5c62ae31dde
-
Filesize
4KB
MD595fd429692f1c425d2ba645bf8aecfd0
SHA19deceeda826681da904e5072354e29f10e2ca0c1
SHA256f739e9eda14c551de612e4d796bbf66259c46a0fd436ca9cfcd22502c52be3f6
SHA51251c1bf3723a9f80b607cf9ae67fbc46af4688fd8eb55b679c90a36fcdc54f16c14119fbb54026f59c528f6cfc2fcf13313173591065fbd21042923cdc8631ebd
-
Filesize
9KB
MD52107c300b3b0233ed34d07baedb7f239
SHA10f43487085a81ec035af5f5534f0ba36c7eebc90
SHA25647a25b67b95adc93403e37577e8f8d366ba935724ceb0aa3c02930f69748a55f
SHA512d9be4b41b1e1a8e507f3146b44b5e05e1c96a67f79c61083e2736c486f1ba9fa61839216c47de656e65f5f597adb659982239a5d49887ca8dd566542c2a999a5
-
Filesize
31B
MD58c92de9ce46d41a22f3b20f77404cc1d
SHA18671a6dca00edb72be47363a7071be65cf270373
SHA25668bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA51230f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56