6ddb16b1a0aa4adc1bc471af2a7893f180ce699633cd2be3ba6a92d17bfe8990

Analysis

max time kernel
93s
max time network
188s
platform
android_x64
resource
android-33-x64-arm64-20240514-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
submitted
23-05-2024 08:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6a536f2a08176261de89f145cccb33e1_JaffaCakes118.apk
Size

10.7MB
MD5

6a536f2a08176261de89f145cccb33e1
SHA1

42fd7d7e5b73a56169fe637d432e035ab60e4081
SHA256

6ddb16b1a0aa4adc1bc471af2a7893f180ce699633cd2be3ba6a92d17bfe8990
SHA512

28afab02dfdef4e5462df58043eb60becd667db36f755697169fffa631ea7861424fb5c0d23a6f629198ed5ffd6a66df56be99cf605a7816e6e06c81b97232f2
SSDEEP

196608:J4sWC74hpKwl+I/cFyT6lM3qhiovyBZlrZ7kwEclsBQPW8XXe5BYYZMMaQTp1LIt:Gs9gTl+zyGl1m9wwEQ4mwndnLXpaoCQ0

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.ylwl.webshell.xiangyouwangluo

ioc pid process

/data/user/0/com.ylwl.webshell.xiangyouwangluo/files/PUDDING_DroidFix/code_cache/YLPatch.apk 4305 com.ylwl.webshell.xiangyouwangluo
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.ylwl.webshell.xiangyouwangluo

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.ylwl.webshell.xiangyouwangluo

ioc	pid	process
/data/user/0/com.ylwl.webshell.xiangyouwangluo/files/PUDDING_DroidFix/code_cache/YLPatch.apk	4305	com.ylwl.webshell.xiangyouwangluo

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ylwl.webshell.xiangyouwangluo

com.ylwl.webshell.xiangyouwangluo
1⤵
- Loads dropped Dex/Jar
- Checks if the internet connection is available
PID:4305

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ylwl.webshell.xiangyouwangluo/files/PUDDING_DroidFix/code_cache/YLPatch.apk
Filesize
62KB

MD5
d9f33a4c98f2dcc179f8925debafe68e

SHA1
a3ecc0116c91b7d2fad2c0b9ba607731805816a2

SHA256
8f1d6d7ed552acd9ff97c27a22e68cf5a29b109718d7122c4e6d9e8b362e56a8

SHA512
a18603c1fbdb2b5b0f63d8606df6ce06c894b75c210f588ec52bc48d53dc6caeb74c353c06d9f6144df54cc2968edb2faf158646f321c61224b7d98eebebbd32

Download Submit
/data/user/0/com.ylwl.webshell.xiangyouwangluo/files/PUDDING_DroidFix/code_cache/YLPatch.apk
Filesize
84KB

MD5
848a80183b0283f55802d1461ce14d62

SHA1
71c7e673898ceb717e401f494161838352cdc8bd

SHA256
c99bdcd5954dfd8edce89b8c9a162fc67b6470c850966b43cc847e0432ead3eb

SHA512
04b2e2eb003f05a968481c74c1defc1b60bef5aebbf630951ae84a42da517e5fa5c6c64d4b7c26da6f3adf1a94b22337a4467e76ac72c36347bc66900e6291d5

Download Submit
/storage/emulated/0/YLSuperSDK/Log/com.ylwl.webshell.xiangyouwangluo/2024-05-23/Log.txt
Filesize
143B

MD5
ba1eb02d71919f2ff2f4496ce133378a

SHA1
e25c6ce4980d36aed2e07e2eef8681772021f718

SHA256
05a50a03ea9858be92eb5ada63b7eda03af37639d1b6e9e9e284a85ed4d116c0

SHA512
0a5116d5958115216f901bde88807dd34e1e49fba99558c52253079cb113469f5cff68c8abe3b6f862a65f6537e8bdea9d5cdf4a22692585065ddce3f8a2bafb

Download Submit
/storage/emulated/0/YLSuperSDK/Log/com.ylwl.webshell.xiangyouwangluo/2024-05-23/Log.txt
Filesize
225B

MD5
955193c5adfadc78f3ea38db35dad1f3

SHA1
edf484970409ae866214515870f74f462911aef9

SHA256
17df398f3b508e61ac5edb1231c8474c78234bce7336f17bfbae94005d8f61ab

SHA512
4bcf3400d80c3361317d5805c07a22f8b4aa8d4d4b298050709da359a9b64f68885b421bc2f3d17776caa35dd44482be10b34920262d8e88fcdc765a83868967

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads