Analysis
-
max time kernel
108s -
max time network
183s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
19/05/2024, 04:47
Static task
static1
Behavioral task
behavioral1
Sample
589d6fa413e083640fc16ce9afec65b2_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
General
-
Target
589d6fa413e083640fc16ce9afec65b2_JaffaCakes118.apk
-
Size
23.7MB
-
MD5
589d6fa413e083640fc16ce9afec65b2
-
SHA1
6ae92be13a52c105a534f578a64351a5ba6a75ed
-
SHA256
45df5e19c65c28725ccc53908b531f43e8df7887f5dbd9f91f5ce790d20fddfc
-
SHA512
2d342078d4efd46061c482751e8c851222053fb6d5972fd86ea17a41790091d5297145c3affe46adca3cbdf0ec5e2ad88da4c80bdb65c02402fc3195ca425fa4
-
SSDEEP
393216:q9QumRjyzfKaSVE/TcH/QRdh4IyL5n2I8WQH0sOu1siikELPgZYiyHa7VO:q9Qum5y2ErCMh4PLmUsOu1siDkHHuM
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/cpuinfo com.ldw.xiaolirili -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo com.ldw.xiaolirili -
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.ldw.xiaolirili/.jiagu/classes.dex 4499 com.ldw.xiaolirili /data/user/0/com.ldw.xiaolirili/.jiagu/classes.dex!classes2.dex 4499 com.ldw.xiaolirili -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.ldw.xiaolirili -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.ldw.xiaolirili
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32B
MD5892a67f61d91246db75cc39fac164f98
SHA1b243fd584fc39714cd5b1ae3c3d9cbb4428f2c6d
SHA2564e772b8bcc92eefe3000ed19c884817f4c627c8a2d9cb9d97560778dc70edbdf
SHA512d88447a17c8dc841ae0c726d06d2b35150292d0720e49cd519b06b9a81ddb6c504b03e42c8d5e5c7cd84f1c081c6c1e2971392f45a454979bcf5fa1e680e978f
-
Filesize
32B
MD5486413efe3c0f8c5646f2ed9408b1fe9
SHA1c4ae6004107be7b2762a7626f9450e9366aef855
SHA256dc3ee62e914f3c46f923f07e4dd822975babe515aa08df28fe4a2b5357e779e4
SHA51224b6af045270f11e35c631fc528afb3a80228f44ad0251cf5375ef0a0572d1241ef9e461805c2854424aef771bd3c2b5412c3e2d98df0420cb6ae2649f39f542
-
Filesize
32B
MD5c20f5ffa7737742401fe4968d61b80ec
SHA120c822ee7508ba2d578f17bc44140a4df24fd12a
SHA2569f2fa0cef2d4c34fdc089d08dfc98beb07eb50543a992240260391793da7a3b8
SHA51224b68c59ba2053a59f37aeb66f922b41738b0ad96f5e5bb7e3fecfc23eeca965655c83765caf6af36c98fe24b29504bee18725223d1e82638425e52274f7c6fd
-
Filesize
64B
MD57c30ef5a25d5f1f5843ce8179d238580
SHA173caffbf5cf0905e5169c08c27948fed6016bafd
SHA256ad700568f93cd3303ccddf94ea9aa221fc3bd896206543fe2206b9d41b81c7d7
SHA5122bfd61511fd3b622cebf173a725feb1446d4fa7e02d1c2c868a2e57b08454bdc88a570aeea5dd4987793fa379d86a168a43944bf8c8230701bfaec2a60983c52
-
Filesize
32B
MD5de97b290c04009a4a5d7da3dab315cb2
SHA1d4db70f80431cd249162523d6aad5f14eec31b8b
SHA256aa1cbb52a85fe5b69d4d2eba7c6a82815eeffcc0c584d2723a181cb7306d24f7
SHA512b2d8f6d2dcae7f91c461e5e736bc2dc2ff5ca5dd603ed59a9f87745e6c16ae007d476d0e94591f684dd8ee092058100964a2c76f4a4fbbfcbf329545a0724b4e
-
Filesize
307B
MD5caf21d89bd8c49899c5e3e73c83c2653
SHA1f90ece82c5d265ce3e3e1b8c23ea876feabf423e
SHA256ead513031eea2a12f38a89103af2947f7c8dbbb40390da86374196ef43d287ab
SHA51287e533052c47f2ee98eacdf6841e84d83df8cf398707ead150bf87b8dd21442f40245e13a9fd138e1d92f033b50bad122f3c69b88d37356150ece871da788104
-
Filesize
314B
MD5301591140f04e31b9efd8565fbb50239
SHA19bb05e6b074f982aa19e6c6d4a50886c2534a1a0
SHA2561c5994a5a443135cf3f266c58b133e3009c824b105830b6af9e036f556dcabef
SHA51205bbd15c8b05fe7b3fe8566ae5636d3a6a636465557d28c879faea7d4a35c8027169d1626fa47eb37e76dc1c8e1dc80c5d275b351ac8206322a005d4674680c6
-
Filesize
32B
MD5c9aed6fadcd29cb0d89c4913967f1020
SHA14e23383ce2f6714f3d724b214cfb9f186cd68d52
SHA256656821c26c1342e1770f67d60e90c25bd19e5c400789e5d5f38f4e34c8f29684
SHA512fd2f13647b5a60e4da22ab1b7f4a6460dfa2872853470b2160270829baf8e09ce919bcf735d4e3f3ce9990f640e2c46d5de3cccfa195b8307b51d6ed29e4477c
-
Filesize
27B
MD52cdd46eb36d4a318c0faec52e4a52cdd
SHA1dbe5841672a06bf4ca27a9515ce6fb564488c96b
SHA2564ddb765848871d816f78422eec58fadee92d84a82a701c9b205186d4ea340847
SHA512d4aeeb3e4b7886158fc19e1ac8e8fe70d50ebfe05ed4eab06ede77e20fe7dc66d4897e92cec0ce30aaec8e559dd887a81d3e72c5f0dd01c473dadc4183aad1b4
-
Filesize
5.9MB
MD5b9f9931b72aca62ab85f5dcf8453c13d
SHA1a6e3386cfd33ccf92b19b3b047ded7ad38fc162a
SHA256f004e201fe30837615cd45d2173f44d928cfa497afc2f34e43ca1ef8557f688e
SHA5127c9f29134d9591081377c2149ff2b374a56d7886fabb8223f50e50c822529f8cbdce7e29cea5bcfa39a449745c9c3a59e0e675ba3a043274bfee1faf51ce77a3
-
Filesize
5.2MB
MD50c56981f0d52eb30a6c3dc4f62c09993
SHA1a2a5fb7d344f558046fcf41003658da35340f980
SHA256edee9d3c501c4672c0d15da0adbf24b09fc177f62a4b8202435faf55b1151ab5
SHA5126b4f4724d4dec7ec701dfa5adde92cb4f0c19fdc8220eeb211ce3e7ff5d10bdd42b6759202ea43a01f8f266fe4055e409f4f18a19615ca3da16a3d04880ce87f
-
Filesize
558KB
MD598736de515958ae37ae93a0a0e997098
SHA172d0f9d43f7c9bdc9f19d13834c0872f5652c0f9
SHA256335091dfc73a9f792cb720389c5d94eb6642764a38d70d4b6b7a8afd34038421
SHA512cc4974ce398bf7f4a20160ad30e4c4b5821ff0d7f2cc9fa0aead73ddc036585266edf429add276b53d6db8dd24a344d709469b9c839451deead6b621e70c92cf
-
Filesize
396B
MD579920c27a24319cc44825556cbaccca1
SHA1d086a3051ca0b104d017eb28c018412fde40e986
SHA256d92bfe3cacf4165c05fe8c142ec1e1b5e08ed0097bd824d67865b2e1ad766a4f
SHA512f54f8a1470087d2b80d9f49160f121a5308794599dfb1721adeb7aaa43b3ea94511f65f7f9a7c522839a3136332a180c284160d22d1f36c8b0c1f77d916ebb46
-
Filesize
5B
MD5c06857e9ea338f3f3a24bb78f8fbdf6f
SHA1c5a0a2529d2deb60fec041b4fbd722a2ebe31702
SHA256957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027
SHA51229f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1
-
Filesize
1B
MD593b885adfe0da089cdf634904fd59f71
SHA15ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA2566e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
SHA512b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee
-
Filesize
1B
MD555a54008ad1ba589aa210d2629c1df41
SHA1bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA2564bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA5127b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339