f3047a26ce2324eaef32ae0ce75c8ac94c6868b810b12eea838fe864f4b172b0

Analysis

max time kernel
8s
max time network
157s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
23-05-2024 03:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6987d5d692b94b7e70c5e989b73998f7_JaffaCakes118.apk
Size

14.5MB
MD5

6987d5d692b94b7e70c5e989b73998f7
SHA1

08d0a2d02f7784fd799ab613b8539968bb937d3c
SHA256

f3047a26ce2324eaef32ae0ce75c8ac94c6868b810b12eea838fe864f4b172b0
SHA512

446205947d3cccedcae94b82bdaff9e9f76dbdc6621dc3a838143926c4a8fdfbdd1edf55f7e4dc1ef8731f7ff66156ca590720f8d9bdcb71293a4716eddbbe0e
SSDEEP

196608:AsTQg25hhXAATXIINx+yjqPkO71G+8Lg12VL+fnFuCp9L4jEwPx2Y0H+WB2FNGIW:AsTyhhJT4INTo12VL+duy9LwKe+2ntM

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.xgbuy.xg

ioc pid process

/data/user/0/com.xgbuy.xg/[email protected] 4630 com.xgbuy.xg
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex 4630 com.xgbuy.xg
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.xgbuy.xg

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.xgbuy.xg
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.xgbuy.xg

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.xgbuy.xg

ioc	pid	process
/data/user/0/com.xgbuy.xg/[email protected]	4630	com.xgbuy.xg
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex	4630	com.xgbuy.xg

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.xgbuy.xg

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.xgbuy.xg

com.xgbuy.xg
1⤵
- Loads dropped Dex/Jar
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:4630

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.xgbuy.xg/.jiagu/classes.dex
Filesize
7.1MB

MD5
7fcbd0da52e4833803951eca0d673744

SHA1
cbe03a6267fc9cbc32cf8b8f36d7b1526d32f814

SHA256
6ce524b736e41d1d63921421f53c2553b8aed981d5ed19887a50c182f4e7bc05

SHA512
1cd79bfb29384683e6ea1915e82598f1600571af453beabceb96fc3f37d26771be1d8a283db9952179c60a292ce74159fb77460264cd9d9b796890e16826fc97

Download Submit
/data/user/0/com.xgbuy.xg/.jiagu/libjiagu.so
Filesize
382KB

MD5
0e2958fb6d7b2ff1d1930d98eecc2362

SHA1
02d543831b4c4b9307aeed15a8bb2bc063a26a4a

SHA256
d578b74fca77f54b0f8c33dc68e91937fdf57d50b5bae4a2411819289732f2b7

SHA512
952765ba1c306d7da6830dfd1b09adc4d610bbab383a154728a123bc0a1d8f0d576fd007f9ea4a809e3f318867c8cb0a9d43b63f31c1e3624b6a6929842b4551

Download Submit
/data/user/0/com.xgbuy.xg/[email protected]
Filesize
6.2MB

MD5
93a02967a53a659c102c7821bcac5ebf

SHA1
35f13019ded790ff2786a89377ab06c6c36c1d7f

SHA256
e54433efae267ba5e31457c6ca8e53ac6f213aa00158d9434399e2b27c4ec2b3

SHA512
1b90bda5c2f24de36890ea177695f900979399319ccc630568646936a50bb87f2f6b15fcf36908ae6d228e9fcfd43a5a7422322cf12554bbbc671eff32c93347

Download Submit
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex
Filesize
6.5MB

MD5
4e4094baba4b8b113d791600dcb32e7a

SHA1
5d4fe2fcebf9c0be4835ba82da184f58ae35e016

SHA256
c68e273e8dc70f01e9ef069cc04e1f5ac1041519dea607d244bee4a595637ab7

SHA512
acb25d6a0981ce4982c540826780e93f0d66782369c6bc697777244e27b030a817a2d6827405e0c8a4c687b781f023f910e4279eda7643e650060a2f05afa7b7

Download Submit
/data/user/0/com.xgbuy.xg/files/.jglogs/.jg.di
Filesize
340B

MD5
45802de6f607780ed5866cfb2f4d2192

SHA1
a4e90e6b0a1d563c687c219b36bfc2097b775655

SHA256
7a102fa3aff00a4f8b7441cecdf9ca54800a5b304437738d5dd920886e494f23

SHA512
27b8a344e3cac00ce6ca642674b8330e54ebf24e0cfb4fc257cfd9eaf9bb33f8ed374508ef664c8603658512673672072653cb84602d7fa6eff352ba4858ab29

Download Submit
/data/user/0/com.xgbuy.xg/files/.jglogs/.jg.ri
Filesize
314B

MD5
0fd63a04262dba7c7859fa1efca2e691

SHA1
a1fb9176f81d9fc3370ab6afa37cd692a4cc309d

SHA256
de0bcba8348ee803a90a538c8dcfe14167eb6255b50fd81edefa5bce7ce98a46

SHA512
c42b6c6216505d54dbf76be8ba87b550da3655051e585fda2e94fa8c682b84c0fc70510d28bb6b8e526ac554da44a568009e0d37ce086d9f2f22eba9e61d449d

Download Submit
/data/user/0/com.xgbuy.xg/files/.jiagu.lock
Filesize
27B

MD5
f018ba42dadd28025846fe9477815f6e

SHA1
dc5eb6644a4b2d87763bd10c70a6c107aae48c75

SHA256
12cbc13b7edecde6d9caa87043e6675e376e470c161292460a8066873a3e66c1

SHA512
b2a713f386ce2454e04ee74ba53228a91ed8c15c39aefb983aed84a8cac72fee0b742242360628b43039186def11db8731dc5dc4b869fbedd8c84dc57fa64904

Download Submit
/storage/emulated/0/360/.deviceId
Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata
Filesize
32B

MD5
bc317b3abebee77b74c4a6237adb87f1

SHA1
9c0ee6e285d8a91749debbe85fd489f1e9f9b68e

SHA256
f8d808e6eaae530ffcf0c5b1701272a7e7f448b8c839a6ebd53be9bf3805d8fa

SHA512
65bce3fdbf8972a9e0595cc14246ff034d3ed34cf07da6c19fe057868c4d1bd5185e1a3f4c3bfdad2b239d58e4be2d8982ba8f69ae0712fa8cc81368d421e629

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads