Analysis
-
max time kernel
10s -
max time network
139s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
19/05/2024, 04:19
Static task
static1
Behavioral task
behavioral1
Sample
58824f303341985caf4d6f78feebfc50_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
58824f303341985caf4d6f78feebfc50_JaffaCakes118.apk
Resource
android-x64-20240514-en
General
-
Target
58824f303341985caf4d6f78feebfc50_JaffaCakes118.apk
-
Size
14.5MB
-
MD5
58824f303341985caf4d6f78feebfc50
-
SHA1
80b125dfd97dd13fa217663164e6f5dbec37dbcd
-
SHA256
cb5e7148d142bdac750c820699703e34001c7af419f048235f154416a2bcf420
-
SHA512
4b50b7f134a66ff2c10542bf694f08fd455e4bc61681f5c42f37671874a56a59ac48dfce6c8f0bef7b298ce9d8ea3ea8a9924b12e97e6f1d9194d73d34ef9ada
-
SSDEEP
196608:BfHVGzuPs5PNE13P6TP3oO7SG+8Lg12VL+fnFuCp9L4jEwPx2Y0H+WB2FNGItvxb:BfHDstOWP4oS2VL+duy9LwKe+2ntvN
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.xgbuy.xg/[email protected] 5124 com.xgbuy.xg /data/user/0/com.xgbuy.xg/[email protected]!classes2.dex 5124 com.xgbuy.xg -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.xgbuy.xg -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.xgbuy.xg -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.xgbuy.xg -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
7.1MB
MD51965e1bb38c289850e4b52fed42d7972
SHA19d2c75b400801b402e446ab0e762458114d56d58
SHA256e833d7742813edd2c6aef2e3b6b623b20a8a50b21ed82e0b77b9ab56ae311d30
SHA5128af03946a4a3679db4b7aad6b62778c60eb84091495ea4011f77b6e0ea47ddd937ccb62be7e549f4cccfdfc19fc06e403c9733e98a8e5ae51a0d27c70c6d0d44
-
Filesize
382KB
MD50e2958fb6d7b2ff1d1930d98eecc2362
SHA102d543831b4c4b9307aeed15a8bb2bc063a26a4a
SHA256d578b74fca77f54b0f8c33dc68e91937fdf57d50b5bae4a2411819289732f2b7
SHA512952765ba1c306d7da6830dfd1b09adc4d610bbab383a154728a123bc0a1d8f0d576fd007f9ea4a809e3f318867c8cb0a9d43b63f31c1e3624b6a6929842b4551
-
Filesize
340B
MD528ba4d2c5a7b86a5a6bc2fad7456bcca
SHA1d5b4e2759b1533a79941ea683214c2f1e529df6f
SHA256badd64fe5918b9e7adbde63f992347ffa2267f3b144c34a4de259b482d9195de
SHA5129f2d1c04a7ed679f949bafa45efee6f21d65b2d5dccd92a34006a6a6f1412d0c272d1bde63d31c52ab4c9d098b7ee412dbe73af8f130380fd126871fd08c6dff
-
Filesize
314B
MD597e7ce3991e628e52d7d8353e86d4024
SHA141d67376d71af349634272b50c7abf56ecb56752
SHA2562379e85a1268f916c53b56c9ba0fcd961d290f939fa42b225f49cbf0cf7d71e1
SHA51267fbaab401abab0a7d56741b98a7624677348da9056bad0ebcc382b5d496ceacc1259a0f8d4b9750de22f1d3ae2360f61a4f4912b2b848a6fdc8d9e43b746bfd
-
Filesize
27B
MD5b8371794fb795deeb034034061c9b731
SHA1dc433d24aef9fa9e3448d2578046ee5f2d200202
SHA25631200e1eab5fd8d09aa1cfb0eb0f23e2d8865252b217f9019f6f842d1083680a
SHA512d70af863fd4c48cbeccd6000e86c8e7581ec84a8c487dc65de57fe9da3eb1136cfa6bfe7f57d8f9ed18c4fccd51dd392b63979b42e6a928ce7c6fe4495c72993
-
/data/user/0/com.xgbuy.xg/[email protected]
Filesize6.2MB
MD563fc865b7765f587895d81d6a80fac9b
SHA19321b3cfdafe0530a00d99f112bd9714d6036632
SHA256b9e199751c6bb19a66ec161748b56085a9119dc7fa432c0e911f0672cd64152e
SHA512e7236e95d4de7d3dab93ea34d4f421b3aa6196d4e2646a289fa2db361d9a53f05664688fb4a627266ce2e382533737c8e4480a38c67aabdbff8b04eac83f1950
-
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex
Filesize6.5MB
MD534f231874b58dc18c8c8dc5c5aacf41c
SHA1cdd5b680bca4760310c17505ba709c1fdc482264
SHA256ea5d90d35e04d8d09a363bed5bf525fb3eef47cc335ee56537b484c899e9375c
SHA512c47ab48d2fe484c2e7b9a3781bd551418a031cdb08ae927256218d84e8261db864a4d9f1188776f7553bfab62f13e8239cadd9dc0111dbeaae37728997ab73e8
-
Filesize
48B
MD54c4c5285293d5141f582aefa4e038669
SHA1e01852a72e5a8e6f7d63a21426b515118196047b
SHA25636c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731
SHA512097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399
-
Filesize
32B
MD5b41b57ba3d1d291c624d1197a6d4c0b9
SHA13694858f9181aab9f3e80bad7c93d8fe5c77c034
SHA256405fc4ee796121fc004955de4e6f8a1f9d756566a34d7e29342d187e88579408
SHA512301424392477ca91d693df78248f5e5e9a40eb1d1cf621ac07d47440826ccd4d68fccd11aa7b57735ee1c883dde4896063fb0fda2eeaf9bf0bae47d66d9bff67