Analysis

  • max time kernel
    6s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    18/05/2024, 08:26

General

  • Target

    53d60ec7aa348149772c1ff09622f3e9_JaffaCakes118.apk

  • Size

    20.8MB

  • MD5

    53d60ec7aa348149772c1ff09622f3e9

  • SHA1

    2eaf93a89178a9258890b6334369ec1e58b2f5d8

  • SHA256

    c890f65f89c17da6f0646856e0d57c98f3f524dc9bd9e522d0b0ff11eeb4ae1e

  • SHA512

    33faaea0ff8f874642ccbe2db58f58ccfec3c4d8e70161ad0d73d7dc77c557dad3993aa59492f97f5dc202ecbd46d53fd55b7fd7361d4a1ff6cb68db88e12ac3

  • SSDEEP

    393216:U1i4cN4ucBaJpkOZKSpJJ9Pi2QyADGPDvCtN7WcT+76MUrXudaC8Z:U1i4H7MHJ9Pi2YDi7C3W8XyaXZ

Malware Config

Signatures

Processes

  • com.ald.aldfinance
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    PID:5150

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.ald.aldfinance/.jiagu/classes.dex

          Filesize

          3.6MB

          MD5

          48dd7edb1096aa8f720e4684989d3647

          SHA1

          a67eae30f9ddfba807b2dee9dbd8d6368d04b728

          SHA256

          2e65946a7f7079e8f031db7191fcc55b2be0862b3819fa8b958006f0db093963

          SHA512

          98015e19c4b0d9b90997e798b8833db5bc14e9c67b9a7d2495a1e2335bcbd2d56b489772ea3b87bfa0ef3fa2b299bd395d58df65cda76cd462581d6b3f94c093

        • /data/data/com.ald.aldfinance/.jiagu/libjiagu.so

          Filesize

          382KB

          MD5

          aa01dd97609092ce310e17bf791069ce

          SHA1

          f000840a8f68ea7beb2e29ea466088daf55609db

          SHA256

          e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2

          SHA512

          766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4

        • /data/data/com.ald.aldfinance/files/.jglogs/.jg.di

          Filesize

          340B

          MD5

          3540059d2393cd3b9d15385127038fca

          SHA1

          34855bea02c712dbc49e924171953c47aed5092f

          SHA256

          1836cd07a2399436888a650f901e6d45783257da3ff22ba0c85dd87ef22472e9

          SHA512

          3408dfdd0bba932f1d1b5a9b4aab4d0a50e6e165d407afc4727da714b7ee7938fc10dffa9af8380e49d351af7bf00e701e235357fcbbc74b7ed59b51f35f5d58

        • /data/data/com.ald.aldfinance/files/.jglogs/.jg.ri

          Filesize

          314B

          MD5

          933535dca0bfa798e4ad6e6de52afbfb

          SHA1

          f184f1b2aef42547da93d81b463c73e8a6d29ac5

          SHA256

          e20a0a5e19d49ea04e608a82253c10f90736f3b2ce3631a12d9d8f2f90a4a521

          SHA512

          b94e559a20dfd3a09ea4804ef750fc885cc454a69301dd78d17a88af4687e382a16114b961b08da695fff1b500bbd076356a131748b8d21567f46c95ad50743d

        • /data/data/com.ald.aldfinance/files/.jiagu.lock

          Filesize

          27B

          MD5

          b5561d5607d7e4570c87ec5c905f647e

          SHA1

          cc06324beec829210a88b4fb85287ae40c14dd5c

          SHA256

          517aaad59c7dde6ee01335be634b957bbcb92d45d1a821773a058993b79829e9

          SHA512

          455bf7406948df8b1feb63fe9fe7b0710725e86457b9ae834b21795a180ce77ea0c086e84f53882043c0529d5f9ba984f9d6462a3cd203018fac8ddca8cd0ee5

        • /data/user/0/com.ald.aldfinance/[email protected]

          Filesize

          6.3MB

          MD5

          72eab4e8c98d22dff28cac881cd40b9c

          SHA1

          829c92dfca3811887078c79668c3c5489b7d2cc7

          SHA256

          2a28efe21ded8e88983886c12e93c4b635946f118efe54317b635d63602bacf9

          SHA512

          8b60765179db24133a5f37dcea613df528fb6e4f6e2109c3089bd362502bb806ba9d2886ae098b124dd8dd5d1c3b844253eaa709d4179e13f59e6a800f1be0c9

        • /data/user/0/com.ald.aldfinance/[email protected]!classes2.dex

          Filesize

          423KB

          MD5

          6b31d6c8d124c0fc51c94ab9002410e0

          SHA1

          9060acd243600b22ef5d1ce5b885ca01b4cf0835

          SHA256

          3b7eebff931946989b13ed0824495fda8110cddd6775673eb03bb6f0ae7b6140

          SHA512

          668d726a5e8c280cc6fe04f8197cb14604efce399df3aa51c0be54d10cdecbf3c31f665d742edbf9f2f21026bf9d7dacc4e1da75cf42f14da02bcb66c26baaa7

        • /storage/emulated/0/360/.deviceId

          Filesize

          48B

          MD5

          4c4c5285293d5141f582aefa4e038669

          SHA1

          e01852a72e5a8e6f7d63a21426b515118196047b

          SHA256

          36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

          SHA512

          097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

        • /storage/emulated/0/360/.iddata

          Filesize

          32B

          MD5

          27de052c4eb26caf33ab1553000ff104

          SHA1

          52f298ca628c3fea5b42fc26a2b26cca30d2c1dc

          SHA256

          fcdc029b5c62f439b8bb0f98226c8aa2997ab50f673dcc35a144ee031fa8a374

          SHA512

          1d698ffdd6a3843b5c2dd6cf00ee9d020405305d1ec7997776e5a0f0f38eb56ac5fd67d56a69106f71bfa57c289dcbc8021df25260c81016b872d6bd1c29dfa2