Analysis
-
max time kernel
178s -
max time network
172s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
22-05-2024 15:37
Static task
static1
Behavioral task
behavioral1
Sample
67c13a3b9797d1474ed7ea8d2871cf77_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
360AccountCenter.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
360AccountCenter.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
360AccountCenter.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral5
Sample
alipay_plugin.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral6
Sample
pro.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
pro.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
pro.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
67c13a3b9797d1474ed7ea8d2871cf77_JaffaCakes118.apk
-
Size
11.2MB
-
MD5
67c13a3b9797d1474ed7ea8d2871cf77
-
SHA1
16f5811c98c7d3bc6543cf6c733a82aeb8cd3f87
-
SHA256
78d6f2b8069c5a464ff8e00d42a2130d1a88ec2c24c09e4aeeef8d93d9af22b3
-
SHA512
73d253f66f3f60c77948c18bb9d7f4c04143a7e9b59155215d253a6dbc40954adfc4f0b6fae78d64631c9f5b8d3ff6728005a3fbb1a4b08ae93a2cc97b75bb73
-
SSDEEP
196608:QTfcVZiZH9FJdpNAc5wdFV8Qtyb7i1XT2aRJVInL+yZvJq3pb+bB4bUWJx9HGhyq:Qbv1dXAJVrtO7i1Lf2nL+YJepidkUWlC
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
in.dapai.xsjnndescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo in.dapai.xsjnn -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
in.dapai.xsjnndescription ioc process Framework service call android.app.IActivityManager.registerReceiver in.dapai.xsjnn -
Acquires the wake lock 1 IoCs
Processes:
in.dapai.xsjnndescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock in.dapai.xsjnn -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
in.dapai.xsjnndescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo in.dapai.xsjnn -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
in.dapai.xsjnndescription ioc process Framework API call javax.crypto.Cipher.doFinal in.dapai.xsjnn
Processes
-
in.dapai.xsjnn1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/in.dapai.xsjnn/files/act0Filesize
95B
MD53b2d8dbbf3e471690ff9f38cece48f1a
SHA1ce7d681ccc1abfb05eabf4f983579f7398849f44
SHA2560be89e4f810520f2a467fe656aa9e0307b8eaebfc9b2dd0994930622a546cc92
SHA512ded4095b0cac449ba0318590efbf0b97952cd0baf6b0dcf0528abaf15a5560b6c8f8de579f3587c296c7e6fb8fd4c1fa554f65ed823e213925ee332c38257c67
-
/data/data/in.dapai.xsjnn/files/mobclick_agent_cached_in.dapai.xsjnnFilesize
121B
MD5db1323c3df2d6a42edfd5f7fa2d6304a
SHA13d88ed4ee9df314330746b4ebd0849be1934ac20
SHA256eb0256f0a53d4e9dc270fc5cef69e2c777e1927bf35c0e84a40be9a4c739da88
SHA51290460adcaaa10bf5a956c43e627a1ae263cf4936d5b38106407652edf45c1cd198d48251e89090e427d0663eaaa15c902399e8b3efe10410c977e47d5c8bef19