Analysis
-
max time kernel
33s -
max time network
137s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
23-05-2024 09:44
Static task
static1
Behavioral task
behavioral1
Sample
6a87282b6991b4fed9702d8d2d17a666_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
baiduar.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
baiduar.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
baiduar.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
6a87282b6991b4fed9702d8d2d17a666_JaffaCakes118.apk
-
Size
21.7MB
-
MD5
6a87282b6991b4fed9702d8d2d17a666
-
SHA1
7583d5425af1a1b2ceeb4d78f4d2ee1328d9e0fd
-
SHA256
e05619bc564f88c306374bb3eac88deb60e8b917402b9b508375ed1f5a4e7a77
-
SHA512
cd6012f8174acb9d42614e58836cb1e5ee5c58bafc8725c9112fdfbb0539f046c90f0f56f1742d9660a2bfd7ed27edb020cf09ffb28c81feb0cbea12e4029d3b
-
SSDEEP
393216:gkseDF9swCzdnqDXQVD37X6rhbSSzsF94oU2xTRiF123eSxDugCkhVF5:1swswCzdwcShbvpcA23xDTrX
Malware Config
Signatures
-
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.baidu.searchcraftdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.baidu.searchcraft -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.baidu.searchcraftdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.baidu.searchcraft
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.baidu.searchcraft/.jiagu/libjiagu.soFilesize
363KB
MD51383b616dee6678b3591e577ace67225
SHA1f2b0f5968b52f9c3ed022f3b3ba67e6142df89ba
SHA256945e12ea3019404a01754579a234b21ff3c7c17c175750e514c0d404e9f30554
SHA51272dda5b9833701c52e44260d979f6b91dface07899aa20ea686ef3d09f3225826140b7e8c336072aca21d51e88151a3fdb6952fc53b9749051f16197e8086b60