dd2ab8a1de7c2478d5a5ad146fad283e25d69d8cf94b8db297e782d496ce6e2d

Analysis

max time kernel
4s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
28-05-2024 04:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7bb776b6b3cc97c1126d2f1edf456b4f_JaffaCakes118.apk
Size

5.9MB
MD5

7bb776b6b3cc97c1126d2f1edf456b4f
SHA1

808929434a3f2264e668c5ab8c1de7e752309836
SHA256

dd2ab8a1de7c2478d5a5ad146fad283e25d69d8cf94b8db297e782d496ce6e2d
SHA512

6a9b23360d623748b15850c1e65a7b7e4dd8026dd00d4f8b5918b78c10bf09f0ae191d66cb35f5b13f12a838b6dd38847e4a8f1724bee1d78364ce26ca5df905
SSDEEP

98304:hmobkoq7mY5TmizAjH5xTg7fHk0dHJHr3w+qAFe/g2YBXB7tw:T30mY578jH5a7Hk0dHhULie/0U

Score

6^/10

discovery

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.gzfn.cardealer

com.gzfn.cardealer
1⤵
- Checks if the internet connection is available
PID:4291
- chmod 755 /data/user/0/com.gzfn.cardealer/.jiagu/libjiagu.so
  2⤵
  PID:4318
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.gzfn.cardealer/.jiagu/classes.dex --dex-file=/data/data/com.gzfn.cardealer/.jiagu/classes.dex!classes2.dex --oat-file=/data/data/com.gzfn.cardealer/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
  2⤵
  PID:4354

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gzfn.cardealer/.jiagu/classes.dex

Filesize
5.0MB

MD5
8d7ae842e6388acf2314dd7596595ecb

SHA1
b77385d9316ccc7c56e4874e50b0f8376c5cfee4

SHA256
fc77fc9fc4c15ec8f353ae92c88ebb2d6f03eeae55f9fd683dac53629b74dc19

SHA512
0e4dff990b10f4b20abd64e81e918571b92da388429d19d702d80874e437a2b2ac23528acbb35102312066068c0cf8e932064cd9beefb2ae8b6c5450e13d3e0b

Download Submit
/data/data/com.gzfn.cardealer/.jiagu/libjiagu.so

Filesize
344KB

MD5
f07c10fa1727a4d7395f07d20d77892d

SHA1
a7c2f367daea205bda6035a739bff81003554b4f

SHA256
b33b45d44e01f762b2678eb5fda5a804650b74cced4ea7362e3a19b37049e2b3

SHA512
83411cbcf78a99fed70dbebc46d626c85f61ba729ea0b3c93d2e109c63bbe6a739eae09d61af7fa0ff127502f3a13034d45a130f581e8ed3f66db892712736f1

Download Submit