Overview
overview
8Static
static
66a63de7d56...18.apk
android-9-x86
7alipayplugin.apk
android-9-x86
8autonavi_R..._0.apk
android-9-x86
autonavi_R..._0.apk
android-10-x64
autonavi_R..._0.apk
android-11-x64
gdtadv2.apk
android-9-x86
gdtadv2.apk
android-10-x64
gdtadv2.apk
android-11-x64
plugin-deploy.apk
android-9-x86
plugin-deploy.apk
android-10-x64
plugin-deploy.apk
android-11-x64
Analysis
-
max time kernel
7s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
23-05-2024 08:48
Static task
static1
Behavioral task
behavioral1
Sample
6a63de7d569256a82739cc6b25bf5d07_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
alipayplugin.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
autonavi_Resource1_1_0.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
autonavi_Resource1_1_0.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
autonavi_Resource1_1_0.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral6
Sample
gdtadv2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
gdtadv2.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral9
Sample
plugin-deploy.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral10
Sample
plugin-deploy.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral11
Sample
plugin-deploy.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
6a63de7d569256a82739cc6b25bf5d07_JaffaCakes118.apk
-
Size
17.4MB
-
MD5
6a63de7d569256a82739cc6b25bf5d07
-
SHA1
6ccd7b79ccb7d86e5efdd9384e9af56a2e21eb26
-
SHA256
d1c24c66d5b01de5d9f3a771458afcd6a4747ac13587dd438e1a8cd7a6bbbe5b
-
SHA512
835d18e16ac893d6f6a1ab4ac06aa038beac3c2efe60d4249acdc2c3d2e75dba287afb5bdaba178925d4ee7bf8b6ae1f75394b198962111c13b0107fd7ce0144
-
SSDEEP
393216:unEonUGIzIb1qHDEe5RYtFz/ra1NL66MQQA7FDK:3onUGIzWzV/raG6Ms4
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.ffcs.surfingsceneioc pid process /data/user/0/com.ffcs.surfingscene/app_push_lib/plugin-deploy.jar 4260 com.ffcs.surfingscene -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.ffcs.surfingscenedescription ioc process Framework API call javax.crypto.Cipher.doFinal com.ffcs.surfingscene
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.ffcs.surfingscene/app_push_lib/plugin-deploy.jarFilesize
202KB
MD5610ae20fa40cb991ef4670582bc3996a
SHA1bad8dbc9b7226fbd4f1b97dabe777c36605ccc9b
SHA256010690c6a9fe3d6e21c33940453cb2a5c41e26ac24ea42e3732111613701eede
SHA5128584fa3850e97276d6afef61dff9401531cd7830a3a7660fcc3b75c21c55196a59efad46ad763f1695f59c99874e29aa285ba9d9f43a5989d004a0e115d76b1b
-
/data/data/com.ffcs.surfingscene/app_push_lib/plugin-deploy.keyFilesize
174B
MD586896cfc29159ebebbdc72a7fea66d3c
SHA176f71e17f279e9010cd1f16d9c979f75bb9cbdb6
SHA2564040246e2cd23768965dd2720eed8ab30b0891eb7324201ac1592e8e39eb7697
SHA51289d4d3e88c41bf4c9cd527ed6c7af45e14545019b1d86414fd7965fb6dac79a6a8f1e8c4b4de4503e6bef2b98ad32f37d319c7e29e807b2b83d56cd867ab9ca6
-
/data/user/0/com.ffcs.surfingscene/app_push_lib/plugin-deploy.jarFilesize
507KB
MD5058c9e49195a1ab48863deb84a028f63
SHA1a35b0dc7822174cff3683e1aa2b5cf85833733df
SHA256ce04c452c6c3dc56dee78205f036a779c7144eb607dede07aa054f93f77ad049
SHA512081643598f3bbda4d2f560975f6e6fec8da94c8a578d80c05cf6f035ed3766db65de21cbe3ec92a16060e5ea1c1aebe37bd339de76365daf67648fd5967e5c47