133ee36d22eae99ee4a32cbe8c47ac27b479a982ae8f65e00dc78318d349f3ca

Analysis

max time kernel
10s
max time network
163s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
23-05-2024 08:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6a5656de3b8b4a3a0db7295ff75e32d5_JaffaCakes118.apk
Size

14.5MB
MD5

6a5656de3b8b4a3a0db7295ff75e32d5
SHA1

6f57eadea0307d545f6e0e572d7bfba0320d6c49
SHA256

133ee36d22eae99ee4a32cbe8c47ac27b479a982ae8f65e00dc78318d349f3ca
SHA512

d7a0a0c4ffb94735df9a653ff4f036f73070e7fc980091ec3b2a1fb75474ca6f54c1448c9e08f1d0259c6db86196116ba9f9ed02446101e9720add2901d994f8
SSDEEP

393216:QpOpBstqTvEnBVwOov2VL+duy9LwKe+2nta:QpO8HB0196M

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.xgbuy.xg

ioc pid process

/data/user/0/com.xgbuy.xg/[email protected] 5100 com.xgbuy.xg
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex 5100 com.xgbuy.xg
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.xgbuy.xg

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.xgbuy.xg
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.xgbuy.xg

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.xgbuy.xg
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.xgbuy.xg

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.xgbuy.xg
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422

ioc	pid	process
/data/user/0/com.xgbuy.xg/[email protected]	5100	com.xgbuy.xg
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex	5100	com.xgbuy.xg

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.xgbuy.xg

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.xgbuy.xg

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.xgbuy.xg

com.xgbuy.xg
1⤵
- Loads dropped Dex/Jar
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.xgbuy.xg/.jiagu/classes.dex
Filesize
7.1MB

MD5
5217121d2a4b07ee89d832a23ff9e7f3

SHA1
9bfa98b3ae10f7d79a48d00aae20bc22c65d9c34

SHA256
bbdefd38992f3617bd508474e5d3d96735d25d4485679667cfe1ea57136f1b4f

SHA512
f9ece569f74b236778ab42b698185b9e5df08cdc8b91836eafab0e203f7619649361d89f937ed1418da738ebbfa3a0da7b2982f0324489060761a185fcd0a638

Download Submit
/data/data/com.xgbuy.xg/.jiagu/libjiagu.so
Filesize
382KB

MD5
0e2958fb6d7b2ff1d1930d98eecc2362

SHA1
02d543831b4c4b9307aeed15a8bb2bc063a26a4a

SHA256
d578b74fca77f54b0f8c33dc68e91937fdf57d50b5bae4a2411819289732f2b7

SHA512
952765ba1c306d7da6830dfd1b09adc4d610bbab383a154728a123bc0a1d8f0d576fd007f9ea4a809e3f318867c8cb0a9d43b63f31c1e3624b6a6929842b4551

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.di
Filesize
340B

MD5
cf6dd5920bf49f9616ca7138a0aa4484

SHA1
a55157f073b5e4ca9c4517ae6ddd4c63eff796f1

SHA256
5ed79bae95d3849bf4e3d70f6856693e43f01b872d2d458850955259e8ddf3da

SHA512
a14270da216835e2ed772743f7d5b2cb595dcf76edb4c4529abb9413e0e67637ad19ecbc675aa0e1d04b839fa7a88307f4269e18748dcd4689bd235f15b1960e

Download Submit
/data/data/com.xgbuy.xg/files/.jglogs/.jg.ri
Filesize
314B

MD5
ba7da82bcbdab738fc5c23a504a709b3

SHA1
13f69f092bf7fd44ba0f2772b39390cae03a26fc

SHA256
8701da8c76ece60808b12302e991edb0e921c1b53a233424716f2e3ccb91a2d3

SHA512
07713b2c96a5a14203d8c8467a6e0c2af036bffbae846eabcd4e6af186732a3814e0a6585ccddf35c145bd10eb1380001f823915dca9f9428cf9b5d3715e1d24

Download Submit
/data/data/com.xgbuy.xg/files/.jiagu.lock
Filesize
27B

MD5
64c48d7f736d27c5b6344ce8e8097c2d

SHA1
3e918572ccb2e13fdf62041bd5c602ebaabf8f9a

SHA256
e4f279157c277e1a44a9bc6f69b706129916176707425041d6ae57c3afc85631

SHA512
f4947c36454186cb4555889b4ae81d671651ef400d3f39969f90d5ec3a5f6cddf20e6c71fc7422a1b7c0e5ec75201bd0ee7a5e9b5f92172994eb232663f20c28

Download Submit
/data/user/0/com.xgbuy.xg/[email protected]
Filesize
6.2MB

MD5
04a76fe810b2102deb740bb90fd0a990

SHA1
37f3340d3edd6e4d6ce1bfc48ddee7a225f8edef

SHA256
fdb11977e871302440dd08195c183c836f4734a0533b3e90532f1ea9cb40e2c9

SHA512
1c1f3fb2c87652cb56256035b7a3f9a8a4177bc3fe99246ddb215a84cdb26ce55b72f829e8be681ab3b7fc8e5631489b093026c3690319f4d1de14e80a49ac99

Download Submit
/data/user/0/com.xgbuy.xg/[email protected]!classes2.dex
Filesize
6.5MB

MD5
45c3fcf2d36f890d313cbb0c8ffaa391

SHA1
1dfd16a0b1b7bafb2cbafe806139e9cad770e5a1

SHA256
d984982401d4adca36c5b79775e5123c553dbb05594d0876096ee38c5d90faec

SHA512
a7c3674ff14a3ebb468dcf6dc9f1a190bc14a493cad5623e4cdc273cfd9d0cb83b5d1cd0322c7dbf03559116d826321387d0db3e397a2ab4e60cd90ef081ec52

Download Submit
/storage/emulated/0/360/.deviceId
Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata
Filesize
32B

MD5
b41b57ba3d1d291c624d1197a6d4c0b9

SHA1
3694858f9181aab9f3e80bad7c93d8fe5c77c034

SHA256
405fc4ee796121fc004955de4e6f8a1f9d756566a34d7e29342d187e88579408

SHA512
301424392477ca91d693df78248f5e5e9a40eb1d1cf621ac07d47440826ccd4d68fccd11aa7b57735ee1c883dde4896063fb0fda2eeaf9bf0bae47d66d9bff67

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads