Overview

overview

8

Static

static

6

67c13a3b97...18.apk

android-9-x86

7

360AccountCenter.apk

android-9-x86

1

360AccountCenter.apk

android-10-x64

1

360AccountCenter.apk

android-11-x64

1

alipay_plugin.apk

android-9-x86

8

pro.apk

android-9-x86

pro.apk

android-10-x64

pro.apk

android-11-x64

Analysis

  • max time kernel
    178s
  • max time network
    172s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    22-05-2024 15:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    67c13a3b9797d1474ed7ea8d2871cf77_JaffaCakes118.apk

  • Size

    11.2MB

  • MD5

    67c13a3b9797d1474ed7ea8d2871cf77

  • SHA1

    16f5811c98c7d3bc6543cf6c733a82aeb8cd3f87

  • SHA256

    78d6f2b8069c5a464ff8e00d42a2130d1a88ec2c24c09e4aeeef8d93d9af22b3

  • SHA512

    73d253f66f3f60c77948c18bb9d7f4c04143a7e9b59155215d253a6dbc40954adfc4f0b6fae78d64631c9f5b8d3ff6728005a3fbb1a4b08ae93a2cc97b75bb73

  • SSDEEP

    196608:QTfcVZiZH9FJdpNAc5wdFV8Qtyb7i1XT2aRJVInL+yZvJq3pb+bB4bUWJx9HGhyq:Qbv1dXAJVrtO7i1Lf2nL+YJepidkUWlC

Score
7/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • in.dapai.xsjnn
    1⤵
    • Checks CPU information
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Acquires the wake lock
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4306

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/in.dapai.xsjnn/files/act0
    Filesize

    95B

    MD5

    3b2d8dbbf3e471690ff9f38cece48f1a

    SHA1

    ce7d681ccc1abfb05eabf4f983579f7398849f44

    SHA256

    0be89e4f810520f2a467fe656aa9e0307b8eaebfc9b2dd0994930622a546cc92

    SHA512

    ded4095b0cac449ba0318590efbf0b97952cd0baf6b0dcf0528abaf15a5560b6c8f8de579f3587c296c7e6fb8fd4c1fa554f65ed823e213925ee332c38257c67

    Download Submit
  • /data/data/in.dapai.xsjnn/files/mobclick_agent_cached_in.dapai.xsjnn
    Filesize

    121B

    MD5

    db1323c3df2d6a42edfd5f7fa2d6304a

    SHA1

    3d88ed4ee9df314330746b4ebd0849be1934ac20

    SHA256

    eb0256f0a53d4e9dc270fc5cef69e2c777e1927bf35c0e84a40be9a4c739da88

    SHA512

    90460adcaaa10bf5a956c43e627a1ae263cf4936d5b38106407652edf45c1cd198d48251e89090e427d0663eaaa15c902399e8b3efe10410c977e47d5c8bef19

    Download Submit