afdd9faa82785b7dddf0c92129262c183fc1a274cc55ef923f7cbd19a0daa35a

Analysis

max time kernel
32s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 01:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6585e36cb428825224a1d9b186f5b403_JaffaCakes118.apk
Size

26.0MB
MD5

6585e36cb428825224a1d9b186f5b403
SHA1

4512219832ac364c5450c81793bc45bd1f0dd7a9
SHA256

afdd9faa82785b7dddf0c92129262c183fc1a274cc55ef923f7cbd19a0daa35a
SHA512

a969e3bfff0183754ab5aa30e9f35be06cb69f701385258a4e056cfabbf724bb4f41311cbc2bbbbbbef4ce5341e3fe7d3e07cc281c233288c2e96c40648198c1
SSDEEP

393216:ICsl5G1FTETMlJuzuCTpMvzfuKSFRp4Yy6vMSNnOdgSqEvMTXBlxVPthk4yfZpXh:qOEKgJ8qKMRmkDOuDxVPthkNN8aJ

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.zhuoyue.peiyinkuangjapanese

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.zhuoyue.peiyinkuangjapanese
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.zhuoyue.peiyinkuangjapanese

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.zhuoyue.peiyinkuangjapanese

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.zhuoyue.peiyinkuangjapanese

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.zhuoyue.peiyinkuangjapanese

com.zhuoyue.peiyinkuangjapanese
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4322

chmod 755 /data/user/0/com.zhuoyue.peiyinkuangjapanese/.jiagu/libjiagu.so
2⤵
PID:4349

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.zhuoyue.peiyinkuangjapanese/.jiagu/libjiagu.so

Filesize
363KB

MD5
acd3a64e22c56dc0628edd7615a74ab4

SHA1
ec22ef7fa9dca4b475af2724d483bda140370ca7

SHA256
c57cffd4175fcd618f29d48eeba1b8b30e2bfd4ce9e05c6c5b0bc4378914d008

SHA512
ec93027efd827742d3f9db70c4d4aba51e817191ff888aa2337939f2ce518b98f1c1f7ed3d49d25d3bff47738f68ead6348b1b309c54a17e18c4460cc2142e3e

Download Submit