Analysis

  • max time kernel
    8s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240514-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
  • submitted
    22-05-2024 02:26

General

  • Target

    65aef2f5f4dc2f9ef5715998349b97c6_JaffaCakes118.apk

  • Size

    6.1MB

  • MD5

    65aef2f5f4dc2f9ef5715998349b97c6

  • SHA1

    1c1126263ebfba8aef885049aab2cf4343c1f567

  • SHA256

    850d1fb8e6a4bdfac25ad7201cd87387a6997cc92ddbfc5ebf926eb14a5dc2e9

  • SHA512

    b1c1a7cc1b1df73f105e85c28aaae22f4c935061f1429f096f1256d7da26a5a7b37d3433b4b3dbca3e00e97671b16d471f9350a93f9e0f17c348f1d2bf091bbe

  • SSDEEP

    196608:kp7fPwVZnfHbH843vHd9pr5rGjN/yVVGCb7Q7uwteyoteyinP6j:QcdbH/Lpr5rGJ/yVvc+iPg

Malware Config

Signatures

Processes

  • com.fyjx.qipa
    1⤵
    • Checks memory information
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Checks if the internet connection is available
    PID:4248

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.fyjx.qipa/app_libs/core.jar

    Filesize

    442KB

    MD5

    f84ba6f0daba937e6d435442c99e8387

    SHA1

    038c9ca9c9ed1c3321bf7fa641975be25fd2241c

    SHA256

    428827b1d99667c2608ac1c8708b9e3c87018134c1e640b1990cd73adbb77088

    SHA512

    9a8091c2cd339187341868c4f7ac473852c9cff788d53e6148f99e3093ff6129155cdf985be556dfee4d58b1eb9ca39093fe82bc04d3fab147534dd47781a50f

  • /data/user/0/com.fyjx.qipa/app_libs/update.jar

    Filesize

    6KB

    MD5

    3eea0fcda4a513b99cedf31c7452aaf8

    SHA1

    071da147eacf17f1c10fc6362ac43839ee96d5a2

    SHA256

    2a9b79160a4eae5fea2e7fbd3e0498eae8af9d0e8d784b18ac81c3468da6e0a6

    SHA512

    12a20677a8f36778ceeead1e35a9a20dce8ecc9999803db2e3e40312b74847ccc9efbc649b4949dae38520287b7a01bd50c81dbf9fe1db8fb7e9ecd070801880

  • /data/user/0/com.fyjx.qipa/app_libs/update.jar

    Filesize

    12KB

    MD5

    a052cf31f70cab7dc772b4c59911d43e

    SHA1

    08a2a8dd43484ac2adf0eb2681d57c2173360d6f

    SHA256

    f5f594fcb6fe90cad0632fbf30f8fe7fbf9a87f06dca9e00208e6eb85c778747

    SHA512

    80fe152fe391ca50f026b6144b364bfa889d4e85801a836b8641ddfe7e9ffe435796dc40e6314a05da0a1e9df781c09c681a88d32a9b0541e93b4e67f2dbd8a2

  • /storage/emulated/0/Android/data/com.fyjx.qipa/files/tbslog/tbslog.txt (deleted)

    Filesize

    1KB

    MD5

    5cf1d5576636b3c6867668cc8ffb91fb

    SHA1

    51499a665fc7b94d2aaa29a2407775cdcc64c168

    SHA256

    daced66851f99ae059ace4eda0ec87b8c5415385bbe574b9093a82740a7b040b

    SHA512

    1d60fb0d44c9d99fd0c1b16656edaf052c344ecc03fec2db5c7e283f9edaca4d06fc0f89d7db75522a7eaae4ba443b299a8e410cc471339df729dfc2ad320a7f