10c0ce8254fc042884ef5b14cef1bbc917fe70ea5bf90d8a703546380597b5f3

Analysis

max time kernel
13s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
29/05/2024, 09:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

804bce7ec47089e1bc88a79f8a1ac154_JaffaCakes118.apk
Size

25.7MB
MD5

804bce7ec47089e1bc88a79f8a1ac154
SHA1

f805968436c17fe9099a41dbf3bb5519998cc162
SHA256

10c0ce8254fc042884ef5b14cef1bbc917fe70ea5bf90d8a703546380597b5f3
SHA512

9343d48132b9c993072af925b9fee58ec035ccdd55d50c6c82416378de46a075d78463023dcee2afb0bf3b60a878adf3df491f3e7dc681bd62b482c5309babc8
SSDEEP

786432:+YUPqoVuhQ2sbnm6UcJyfsF5FXf+VnYQk92HdWGBR:eQhQ2sbnmtf4bXmVnm9GR

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 3 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/net.imaibo.android.phone/[email protected]	4623	net.imaibo.android.phone
/data/user/0/net.imaibo.android.phone/[email protected]!classes2.dex	4623	net.imaibo.android.phone
/data/user/0/net.imaibo.android.phone/[email protected]!classes3.dex	4623	net.imaibo.android.phone

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	net.imaibo.android.phone

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	net.imaibo.android.phone

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.imaibo.android.phone

net.imaibo.android.phone
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:4623

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Process Discovery

T1424

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.imaibo.android.phone/files/.jglogs/.jg.ac

Filesize
32B

MD5
8904bb82d8bbd3cc4d078c78e359811b

SHA1
994c3f0b0e3997a668338265b67c2485d44b283f

SHA256
f0439ed2a98b8b26365509513a90847dcdae6872731a4bd73690b3fd042c06d1

SHA512
e47d11e2da04cbba08958efa09a0bd259c3e130c40d60b167e9de8a84fe26ec769a29f70d790a9783be3532b2dd8ab437277e0781d7d934821d4651bc13859ea

Download Submit
/data/data/net.imaibo.android.phone/files/.jglogs/.jg.di

Filesize
340B

MD5
dc89f75e088d747e4de29086fb7a7abc

SHA1
193aa5bf093e5ecb98061d80a5400bff75db0d27

SHA256
89308a11cd4b1363c3f292e1940d79a06b2eef09cb4be462c8f63f0ee14c0ff1

SHA512
55542ffbbde244192447da5570e64cef539fb7125e335148c7e73d6f556dc7e11c60ad58f46941fdc8df03aa223a8c09c83b1af7d258fe92f27428552688e9fd

Download Submit
/data/data/net.imaibo.android.phone/files/.jglogs/.jg.ic

Filesize
32B

MD5
80d349e3bbde334d6ee8ab1d09fb4710

SHA1
ed0c5e74b3a952f79131bcc8fd76ba72a9dbede8

SHA256
3e4e79bb8d04c38f2290215fb9b5765ee8c5effd7d1b2299a16d0ba794669a04

SHA512
7bc9b1245df9cc6023205c07dc701d920043f5e29e8693eae59dcb1a0eb06ad55fd92c084b9f68ca3ed46555dc0d5f8236d2b133e6713a0dbfecfd1048b0f699

Download Submit
/data/data/net.imaibo.android.phone/files/.jglogs/.jg.ri

Filesize
314B

MD5
8f132f212440ca9fdd0fdd93d219fb24

SHA1
1bf0f1f0efcdb9020c1f9bc81a7cafdae7b3b9fb

SHA256
d3ea143ad6d1f292bc4838ec035f0555afad4cd0c8a4f6b282b345caf6c11865

SHA512
444ad25d451feb64940d336e6b065691336f041a6e1bf1b0122d63070d362f7a05ee39666930d77c447f2e27c424f64471fe2a79f3c9f18a39d87958fd3a6f5a

Download Submit
/data/data/net.imaibo.android.phone/files/.jiagu.lock

Filesize
27B

MD5
01d71dead4682e378821391803b61ae2

SHA1
52b54cffff62fde27c0f2d0275d943d77e435957

SHA256
3cf7af6d7007f7622c70b05576e8ff5bd9ba566d89ab35554d439ce578b6a023

SHA512
887b0e3596579addd3ec707b78542b46b30a15523cf14c45c039ee1ddc92abe748a8beabbb0fa5abff02ccb6672da70c33fae04d9452c56fde612f0a83cb1818

Download Submit
/data/user/0/net.imaibo.android.phone/.jiagu/classes.dex

Filesize
8.0MB

MD5
889b3fccc4952baed0a2dd216cb6cd5d

SHA1
21ece163f7ec4a7c0f7d013f4756420ff5b2b5b5

SHA256
1fc7f3a17186c3568e3d65be015d509ccbaa3a6e9ddb7ec0021fb1b7fb03a2fd

SHA512
b1cf6816f53d9cd9970170214802b8212495386a28cbe2d46321451dc31d674ed21b17bd68fff86661a24fb72e5b5bd3a05133cfc4f655addb7f9bcb59f82d5e

Download Submit
/data/user/0/net.imaibo.android.phone/.jiagu/libjiagu.so

Filesize
455KB

MD5
e5a53000766ebc433b27d6a66ec4f555

SHA1
2c8f53f1c03aec2005bcad67d731f07261dabde0

SHA256
78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

SHA512
370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

Download Submit
/data/user/0/net.imaibo.android.phone/[email protected]

Filesize
5.5MB

MD5
a67d1a1827ebe68383398c82a7a8d429

SHA1
6130607495c1e5ba080a6586e68df1e1cfbbcc4b

SHA256
cc1f0b4a890a4e5fead0c108e909152ea45c48dba5e56d4fec925b310e9d6140

SHA512
705160ade669c56b30a626dceacc958a07c9bee21420c0bc05cf82d2008371dc52690d1d7bb69ba5ddf9fe5fad0dce93f0dfd94aa3265ac54d458a384b7c96c5

Download Submit
/data/user/0/net.imaibo.android.phone/[email protected]!classes2.dex

Filesize
5.6MB

MD5
684213a89b9b903fc1d8b4d675a6f727

SHA1
538c4f361d006aca1dddc196b623a136410d6f1a

SHA256
7b393c0a29d72c28b84bd47b4f68dc67c89faf0cd4ce74e35cf32c9148e452d1

SHA512
4bfa5325993038a2d4f300fa031d92fa544ad9064f042922d64ec8607bf9b93c942c03c868fec7337bd3d2192402da0e536da1e14224a20ffa6784a288f668a8

Download Submit
/data/user/0/net.imaibo.android.phone/[email protected]!classes3.dex

Filesize
5.6MB

MD5
b24a7201d8ec4a8351458f83a69fe87f

SHA1
3ce1727f6d566b655d4711df7dd54f3701142947

SHA256
a8eab6452a32cfbd7d26aa111aa4282839be5e6bd873d414e2d8f256c4db1366

SHA512
92b8f16b650cc37715ca9e65d5bc176d9c68f4648064360c1f977be7f1831ba4747bd13ad6c631cf7a440022fc174dea6bf98b22af4ff6517391f75284114e9e

Download Submit
/data/user/0/net.imaibo.android.phone/databases/MessageStore.db

Filesize
36KB

MD5
f1abc67cc72bf5fe66779fa5dd1dfeac

SHA1
660f6d1cffa2bf57ec29105e40d08ab103cf18ad

SHA256
a953ef381606a6d98d98f3278e94fc1d5b58a0778f8ea3e305111586b759c14a

SHA512
dfbe97f3c1f3a3ebd63fc5bcee1b1dd1b91dfe01ac95af8fe897f44079e852421fa0c4cf038da6e43264d50f3e612ddc2be9aa17bf47ef604ca428fafe0858de

Download Submit
/data/user/0/net.imaibo.android.phone/databases/MessageStore.db-journal

Filesize
512B

MD5
7630811ea1d45ed4015b1aca6f947034

SHA1
1f17c6fefeda33cdab91e47902525daf038ff0b2

SHA256
24dc8f39bb8b33042560a1dae96ef0187247ec115187e1d4adfdcd9463e567a3

SHA512
856f9b764914e85660d16432eba8c1ed4bb6b5013a44d9596a90e992d2df901816a0087f3fe5084d7c1ac90bffe9dcd74ca82e6ebc3be194bc8874077a56956b

Download Submit
/data/user/0/net.imaibo.android.phone/databases/MessageStore.db-journal

Filesize
8KB

MD5
f7cb5a0cf471bbf10b54ef4df893f949

SHA1
59079c05b51add455fffbb9a86474d62ce835ee7

SHA256
6d48fdb651e61ee4f9b4b1f8fc261fabb6d2beb24c517cf2e4a61f83936aca8e

SHA512
86d33e52c0be10e658b74e0d61bf30052fa6e698c0f9e5ddcf1e6af2d6ca8d628a4be1cdcd923b6608e31c549ec9bb25e81d2f02583f5b666f575c7e9abfd2bb

Download Submit
/data/user/0/net.imaibo.android.phone/databases/MessageStore.db-journal

Filesize
8KB

MD5
512a3f42def3d0492bb9536096de8d81

SHA1
ed65c0637ea40d1466f6133e5eb6cf486f475319

SHA256
eb71bd1839ac83447f7a45539d3edced4b86e6f8623c0078cd6a5edc1a698e29

SHA512
8260948c3b8320ad8d80650f0e9831350f0bcca42ee4d45a8d49398e6a9b9431361813f68f4425bea22bd13592cec3d8ae2b762d4fc56e4cd87d61ca3e99e51b

Download Submit
/data/user/0/net.imaibo.android.phone/databases/MsgLogStore.db

Filesize
56KB

MD5
a860ba3e3a648f73fc11269ff9ea9c16

SHA1
7167faf1666bdb05633e945dddc3d6af6c35fd0b

SHA256
4087524ad761d0669a39007849311b2b0a32c1a62d0a7ff04d4a77d702bfe27e

SHA512
279991548672e18e99522e1402ab96a3b1887a6ccbfa350cab5c5f5096807beb647b9cef0a5668755798f8032e243aab9ea5f1cfcd934671153d54fce48ef8c0

Download Submit
/data/user/0/net.imaibo.android.phone/databases/MsgLogStore.db-journal

Filesize
512B

MD5
b34d2cbbd643e910918559c18958789a

SHA1
53fba5d1e8dba8917d69d041ac1b1ee141cf4419

SHA256
aa5d2689c704d5d0d7e2ba642f125d6918232ab70bd3f69f1ce5e5ca6ad5f7c2

SHA512
deb3802e1d60414da6c5159435d275b7390703256ec13da4a72134108c338ca4b3516bd520928f3ac461704cf7cf2a4cea70615d5c72c0cdd0353c9912addbcc

Download Submit
/data/user/0/net.imaibo.android.phone/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
0a7de11e57e2b9eec7b7efe58eb065a7

SHA1
cc42f0fe23d6e938d0ef50ee5650495ed63263a8

SHA256
93f16995f4053ab031240a9c9a42fc231b6789715c569f6d2359419391f707d7

SHA512
dfcd8dd67d90230c459edf89d67d2074f6f717f578e354d9c5c5c9c09324335dbf5c11dc20429c029a0c12616d376cb76522ba5302d48f83f5d1f8f43c86f6a0

Download Submit
/data/user/0/net.imaibo.android.phone/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
cff4dd2adb6647237604564117893762

SHA1
be5b310ab3dae624577b3d9a6795c67c4a708aad

SHA256
3dbcc00b679c4df4541a29e5e3e6480baf40d8088755c3854ba4b42c199b036e

SHA512
2ec2f053337183da80c6eed1a94700a30ef7129f7460e077ed70a3cfce2427f06c5a70b5d8832af6f96a0faaeed89ad718b0faf742768ec77dd997719f537d2a

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
a955ede121391b81da20aa607161b1c3

SHA1
c27d5a723f004d9d670c09be1e7a904ded03c044

SHA256
7570f6a980705f00428efa02b893ca323f99f8fa00a027646b0fb820490bd565

SHA512
02e41690df22d81404b807e7584f20456ee6b2233dc53133a9deb9ef7fa452d797539b97d0069c7a4b47ccdf3455d63485d50b34da58bc43a509e3f3bdf0175c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads