3d9f785470e8ef52680d3147e58dede7513ce67a2c7fd7170a7f17cb0cb9bf96

Analysis

max time kernel
3s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22/05/2024, 06:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

665cb92dbf8476a6fd625ceb389fa2c0_JaffaCakes118.apk
Size

2.9MB
MD5

665cb92dbf8476a6fd625ceb389fa2c0
SHA1

99c0b4ae245e04f3fe83c6f862f7f2357d51ead1
SHA256

3d9f785470e8ef52680d3147e58dede7513ce67a2c7fd7170a7f17cb0cb9bf96
SHA512

a3ad4d085bb2e12e12fd649cc9626731d2c15e6a6eae9f2015f39a03d9aa53b3000e5b9aeaed1ce47aedaaa0007bf294fe6a7f2549a69d58664493da535b53bf
SSDEEP

49152:CQnS6+pp4rPRiIBpf+3DlG48SH6rtTVUZV47mh+VY0aFtE+wuBEiBZlMtk:CaSLpWz8gpf94N6rtTV/Ch1tE+wJtk

Score

6^/10

discovery

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.bluedon.cloudfence

com.bluedon.cloudfence
1⤵
- Checks if the internet connection is available
PID:4203
- chmod 755 /data/user/0/com.bluedon.cloudfence/.jiagu/libjiagu.so
  2⤵
  PID:4293
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.bluedon.cloudfence/.jiagu/classes.dex --dex-file=/data/data/com.bluedon.cloudfence/.jiagu/classes2.dex --oat-file=/data/data/com.bluedon.cloudfence/.jiagu/classes.oat --inline-depth-limit=0 --compiler-filter=speed
  2⤵
  PID:4322

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.bluedon.cloudfence/.jiagu/classes.dex

Filesize
1.0MB

MD5
5ecca267c92258369ae8620737df8ac0

SHA1
67f6269cfba7400ca0098c91c998728f23cee932

SHA256
a92a0f42952580356e46e4e60603adb251f91f27cac6cab367f3c4fd32081a63

SHA512
532a213e759505a51b37b73834410847e9ee57b90d10d72613edf31d3f4df3c784fa9f12d6e15ededd7486eb324534e669b4c7d3c8afd6de6ccfd96ade1b8eef

Download Submit
/data/data/com.bluedon.cloudfence/.jiagu/libjiagu.so

Filesize
358KB

MD5
92914ae5c428e8c1d676a4620df6dada

SHA1
0b20d48763e2a1246746b90794cccfbbe59ddd5d

SHA256
4f63b87acc01178c5ff246fb500d5c3392da9647dc641f6315cf3625975bf068

SHA512
4b2ee1f99245f44761e8d38d733dce990ef76186a2bef1848b83fc8c51fdc901f02f180e922151ccfcf74879d227f78464ed6f7b7e2528da3f487461c04ed97b

Download Submit