Overview

overview

7

Static

static

6

7b1be90fcd...18.apk

android-9-x86

7

7b1be90fcd...18.apk

android-11-x64

7

Analysis

  • max time kernel
    47s
  • max time network
    146s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    28-05-2024 00:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7b1be90fcdd7db6356bc6325db77ec4b_JaffaCakes118.apk

  • Size

    13.8MB

  • MD5

    7b1be90fcdd7db6356bc6325db77ec4b

  • SHA1

    7ab174c36d4329dd2dc7ea1b77419b8bcbeeb534

  • SHA256

    6ad290c1d3fbee9644f6e8ff2c220d39f536e506b94192d8ae7e935ce84cbe5a

  • SHA512

    ff5bbd7b505b9f44b88dea2f4372ebf7001615d70b43090fad75f3742dc68caa454f91426b17aa5efd3bf5d5a92a5edd356e4e0ad7822955f04e4e86dbf0d028

  • SSDEEP

    393216:723qjwXrgtICNeQd1rdNYmKg6OGoUNQvFfb2kf/Lpg01F68sR:7Qgyr4ICNx0VNmRf1gc6/

Score
7/10
evasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 4 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.jx.hz.app
    1⤵
    • Loads dropped Dex/Jar
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4244
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.jx.hz.app/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.jx.hz.app/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4320

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.jx.hz.app/.jiagu/classes.dex
    Filesize

    4.3MB

    MD5

    fce5f89a25e4cd8f8ab3e232ff88da37

    SHA1

    3c47c9c7dbaab0486da0fa563813eeb0bcc54479

    SHA256

    fcff7c584fb63229c929a1c6ae9617124d4281c6174a7e1745ce08e46770e2b0

    SHA512

    81c20f86fdd46fcdf6992187507e3579a1a8a0bda998643b512d1e96802e98280dcc406bc6e3b0d73c47b06a3e9d07e718f9a3166024b09691bec0848214121a

    Download Submit

  • /data/data/com.jx.hz.app/.jiagu/libjiagu.so
    Filesize

    558KB

    MD5

    98736de515958ae37ae93a0a0e997098

    SHA1

    72d0f9d43f7c9bdc9f19d13834c0872f5652c0f9

    SHA256

    335091dfc73a9f792cb720389c5d94eb6642764a38d70d4b6b7a8afd34038421

    SHA512

    cc4974ce398bf7f4a20160ad30e4c4b5821ff0d7f2cc9fa0aead73ddc036585266edf429add276b53d6db8dd24a344d709469b9c839451deead6b621e70c92cf

    Download Submit

  • /data/data/com.jx.hz.app/.jiagu/tmp.dex
    Filesize

    284B

    MD5

    f1771b68f5f9b168b79ff59ae2daabe4

    SHA1

    0df6a835559f5c99670214a12700e7d8c28e5a42

    SHA256

    9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

    SHA512

    dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

    Download Submit