Analysis

  • max time kernel
    10s
  • max time network
    139s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    19/05/2024, 04:19

General

  • Target

    58824f303341985caf4d6f78feebfc50_JaffaCakes118.apk

  • Size

    14.5MB

  • MD5

    58824f303341985caf4d6f78feebfc50

  • SHA1

    80b125dfd97dd13fa217663164e6f5dbec37dbcd

  • SHA256

    cb5e7148d142bdac750c820699703e34001c7af419f048235f154416a2bcf420

  • SHA512

    4b50b7f134a66ff2c10542bf694f08fd455e4bc61681f5c42f37671874a56a59ac48dfce6c8f0bef7b298ce9d8ea3ea8a9924b12e97e6f1d9194d73d34ef9ada

  • SSDEEP

    196608:BfHVGzuPs5PNE13P6TP3oO7SG+8Lg12VL+fnFuCp9L4jEwPx2Y0H+WB2FNGItvxb:BfHDstOWP4oS2VL+duy9LwKe+2ntvN

Malware Config

Signatures

Processes

  • com.xgbuy.xg
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    PID:5124

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.xgbuy.xg/.jiagu/classes.dex

          Filesize

          7.1MB

          MD5

          1965e1bb38c289850e4b52fed42d7972

          SHA1

          9d2c75b400801b402e446ab0e762458114d56d58

          SHA256

          e833d7742813edd2c6aef2e3b6b623b20a8a50b21ed82e0b77b9ab56ae311d30

          SHA512

          8af03946a4a3679db4b7aad6b62778c60eb84091495ea4011f77b6e0ea47ddd937ccb62be7e549f4cccfdfc19fc06e403c9733e98a8e5ae51a0d27c70c6d0d44

        • /data/data/com.xgbuy.xg/.jiagu/libjiagu.so

          Filesize

          382KB

          MD5

          0e2958fb6d7b2ff1d1930d98eecc2362

          SHA1

          02d543831b4c4b9307aeed15a8bb2bc063a26a4a

          SHA256

          d578b74fca77f54b0f8c33dc68e91937fdf57d50b5bae4a2411819289732f2b7

          SHA512

          952765ba1c306d7da6830dfd1b09adc4d610bbab383a154728a123bc0a1d8f0d576fd007f9ea4a809e3f318867c8cb0a9d43b63f31c1e3624b6a6929842b4551

        • /data/data/com.xgbuy.xg/files/.jglogs/.jg.di

          Filesize

          340B

          MD5

          28ba4d2c5a7b86a5a6bc2fad7456bcca

          SHA1

          d5b4e2759b1533a79941ea683214c2f1e529df6f

          SHA256

          badd64fe5918b9e7adbde63f992347ffa2267f3b144c34a4de259b482d9195de

          SHA512

          9f2d1c04a7ed679f949bafa45efee6f21d65b2d5dccd92a34006a6a6f1412d0c272d1bde63d31c52ab4c9d098b7ee412dbe73af8f130380fd126871fd08c6dff

        • /data/data/com.xgbuy.xg/files/.jglogs/.jg.ri

          Filesize

          314B

          MD5

          97e7ce3991e628e52d7d8353e86d4024

          SHA1

          41d67376d71af349634272b50c7abf56ecb56752

          SHA256

          2379e85a1268f916c53b56c9ba0fcd961d290f939fa42b225f49cbf0cf7d71e1

          SHA512

          67fbaab401abab0a7d56741b98a7624677348da9056bad0ebcc382b5d496ceacc1259a0f8d4b9750de22f1d3ae2360f61a4f4912b2b848a6fdc8d9e43b746bfd

        • /data/data/com.xgbuy.xg/files/.jiagu.lock

          Filesize

          27B

          MD5

          b8371794fb795deeb034034061c9b731

          SHA1

          dc433d24aef9fa9e3448d2578046ee5f2d200202

          SHA256

          31200e1eab5fd8d09aa1cfb0eb0f23e2d8865252b217f9019f6f842d1083680a

          SHA512

          d70af863fd4c48cbeccd6000e86c8e7581ec84a8c487dc65de57fe9da3eb1136cfa6bfe7f57d8f9ed18c4fccd51dd392b63979b42e6a928ce7c6fe4495c72993

        • /data/user/0/com.xgbuy.xg/[email protected]

          Filesize

          6.2MB

          MD5

          63fc865b7765f587895d81d6a80fac9b

          SHA1

          9321b3cfdafe0530a00d99f112bd9714d6036632

          SHA256

          b9e199751c6bb19a66ec161748b56085a9119dc7fa432c0e911f0672cd64152e

          SHA512

          e7236e95d4de7d3dab93ea34d4f421b3aa6196d4e2646a289fa2db361d9a53f05664688fb4a627266ce2e382533737c8e4480a38c67aabdbff8b04eac83f1950

        • /data/user/0/com.xgbuy.xg/[email protected]!classes2.dex

          Filesize

          6.5MB

          MD5

          34f231874b58dc18c8c8dc5c5aacf41c

          SHA1

          cdd5b680bca4760310c17505ba709c1fdc482264

          SHA256

          ea5d90d35e04d8d09a363bed5bf525fb3eef47cc335ee56537b484c899e9375c

          SHA512

          c47ab48d2fe484c2e7b9a3781bd551418a031cdb08ae927256218d84e8261db864a4d9f1188776f7553bfab62f13e8239cadd9dc0111dbeaae37728997ab73e8

        • /storage/emulated/0/360/.deviceId

          Filesize

          48B

          MD5

          4c4c5285293d5141f582aefa4e038669

          SHA1

          e01852a72e5a8e6f7d63a21426b515118196047b

          SHA256

          36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

          SHA512

          097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

        • /storage/emulated/0/360/.iddata

          Filesize

          32B

          MD5

          b41b57ba3d1d291c624d1197a6d4c0b9

          SHA1

          3694858f9181aab9f3e80bad7c93d8fe5c77c034

          SHA256

          405fc4ee796121fc004955de4e6f8a1f9d756566a34d7e29342d187e88579408

          SHA512

          301424392477ca91d693df78248f5e5e9a40eb1d1cf621ac07d47440826ccd4d68fccd11aa7b57735ee1c883dde4896063fb0fda2eeaf9bf0bae47d66d9bff67