Analysis

  • max time kernel
    7s
  • max time network
    130s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    01-06-2024 03:34

General

  • Target

    894015828ab74e0f16316bf2234c54f6_JaffaCakes118.apk

  • Size

    30.4MB

  • MD5

    894015828ab74e0f16316bf2234c54f6

  • SHA1

    e6a468a7cf893c267be287f1eaf91746acfc9757

  • SHA256

    31cc19df16995af1ab100caad371166002bbb79160507d06bc26f1b4cda53ee9

  • SHA512

    eca53a8705c00233d83eefe9a375404575d48c49ccdff89b222621897a0ff94e2dcf68b3a4d9229a8f27cec50ecd65981e327ce210cdc9b2afdca1569bb42a47

  • SSDEEP

    786432:J8hvjjtkvOW1LHm5H85TwPDv4bL9BskWNj:JCvjjtkmWdHm5H85sPDvwZlU

Malware Config

Signatures

Processes

  • com.zhihuielectric
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    PID:5117

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.zhihuielectric/.jiagu/classes.dex

    Filesize

    4.5MB

    MD5

    f12239ef6ac8369038ff7c3c36acb650

    SHA1

    ce3a5977209e62fbc170500fc9d496768e2a704f

    SHA256

    f542b93a90da786afeba5647dc13d3a43bb4d59c242d56d2b93c52ff250bd92c

    SHA512

    3c390e1eead0b4ee0af11fb03457380ef9d3520c64c34e57cba189ca609006169756f20f3f4ee91ef7f5471d581049fa681da9712e05e27fedc092f209cc8d90

  • /data/data/com.zhihuielectric/.jiagu/libjiagu.so

    Filesize

    455KB

    MD5

    e5a53000766ebc433b27d6a66ec4f555

    SHA1

    2c8f53f1c03aec2005bcad67d731f07261dabde0

    SHA256

    78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

    SHA512

    370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

  • /data/data/com.zhihuielectric/.jiagu/libjiagu_64.so

    Filesize

    429KB

    MD5

    05a8c3ca16893f4e6cc997a82d987fb3

    SHA1

    76d6c6d19e0bfa83c847e5d330bd144f58994bff

    SHA256

    82e708e200cebe270ec57231729413621a8904e907efac8cfe71cb2cf16a3c10

    SHA512

    2a878c39e713fb6ff5b457f94a1fe2b5adc456924d087a1b6abd59afc0b0e9bad68852eddd34c6441e8996e66eb5fdb711ed6f477d6e447dd48cfd151d89fe96

  • /data/data/com.zhihuielectric/files/.jglogs/.jg.ac

    Filesize

    32B

    MD5

    6c122c7a9338d9e87dee5f4356229abe

    SHA1

    df340c2730c0ac228d27f407e022f036262ef972

    SHA256

    7557e6a202b432402365e72239396d33210af0d8ad4d253c498aaf74a7542ac8

    SHA512

    c4b6ff2c2c12300a9d21e01d7dd312cf655841d8c2e7324dcd4c7cc03cfc277a49b7f4d2c2b684d4ef5b210c9bf6d9a861857662a05546981318875af5f9b084

  • /data/data/com.zhihuielectric/files/.jglogs/.jg.di

    Filesize

    348B

    MD5

    8b53c56b3fae29d71936acb675795311

    SHA1

    c9ad14864d5cd87e6e42a68f5bedc4da0128cb99

    SHA256

    045a8f1479d341b7ecb2d80437d9daf52ed93699185a55c014c24fc65efaf7a2

    SHA512

    5a8fb4ca0cf294827d1c953c2c38d554bff1efead96043dad58a6a684bd388882b0a6ccd6cb07473c59c041129f3505227d268e907ac026243d92659bc341d16

  • /data/data/com.zhihuielectric/files/.jglogs/.jg.ic

    Filesize

    32B

    MD5

    e6f5a2166dbba8a74e4a3a78df564331

    SHA1

    8b58309ee139baa57656f34f45d5ac34a1d6c7d3

    SHA256

    29375b08d2cb6fc1c8702c432fec260e6268b9aea63d6fb5ec3b197776f8098d

    SHA512

    2cc12d660e84433c1ab008bbf2f1f07678b7148115927598b511a4b491e4938ed2a9d33aebbc4a08095556ab0ae2385cd8bc272665dedcaf78da4a4f44b96a06

  • /data/data/com.zhihuielectric/files/.jglogs/.jg.ri

    Filesize

    314B

    MD5

    7babb6aab21cae32ac213e91349b6868

    SHA1

    844b90d3cec69191b6f30508caa4a3a316191909

    SHA256

    799f90d214f9eb8bccc43106137b4b4ef0ae74bd1e7cc1f372b12cad55692959

    SHA512

    b32b539d07f680ef9477575ebf203b18ae03406207a4737584f96cbe668d6386bb5f20681cd6b3649ea6714c936f09897264da8f4855825b549d6407561a5aa7

  • /data/data/com.zhihuielectric/files/.jiagu.lock

    Filesize

    27B

    MD5

    c6f5d30b1416bb2db854ae6b54c5037f

    SHA1

    51a77d04b6d68fe5b08986a4fadfd0dce8864e70

    SHA256

    0973b5cd9ee383f6e1de6064ca5e276d4698d36f7b7d89037c4d05ae8f2d13ce

    SHA512

    7018d9bc46c2cf2d7720b9571a646523e2fa7577726a97c36c455c910f9339569136dc56e7c358d5110fa10aaca9f46066cb8162eeac6babf6cdf33e0f75ec97

  • /data/data/com.zhihuielectric/files/libs/libBaiduMapSDK_base_v5_0_0.so

    Filesize

    506KB

    MD5

    83ee7a3bd4f3b1c84cee3c03c56b30bd

    SHA1

    6e6202faa7bc1a914b50455e9b359f2b235a124e

    SHA256

    eff3047efdc4456ddc004df4055957d5d3881c7304198ee7ce41e47b431c0327

    SHA512

    a9eab40e91c1ef5cbfee0a62e30e17fd9258107256ca1c9858cdf956918258fb1b008ad641c58cc1f7aa7aee7e4fb14e50a2618d9d953e247f390b4a8411d4c0

  • /data/user/0/com.zhihuielectric/[email protected]

    Filesize

    6.8MB

    MD5

    732ad3a3bbee7ef7efab19fbb1691d77

    SHA1

    849895de2d44a4309542de2814b0182d77c8b422

    SHA256

    fa21d912046e5c33b812f208622ac7ee7c7e7958db8b89ff7a1e62acd808997a

    SHA512

    5e8d92adbb335cbfe1c6395b8b01bf327e40e0aeb616d1ab825aa8ba06c1d77ce65c494cbb7d34812c6c99954e909422e91ad21c2d1670317336029a47ef0447

  • /data/user/0/com.zhihuielectric/[email protected]!classes2.dex

    Filesize

    1.8MB

    MD5

    2da7b01eb6b5b4b57d2307d2e1580c13

    SHA1

    2786297b172ea30ab5775e92d7439207a6c09416

    SHA256

    8c496b53f6aae9f07cef792320f7ad027fcdc1c08fa5813b1ae72b4dbdedeb15

    SHA512

    2e8fdb96981891c8cd457702225785488a4a6f1b3ecd7491275fb2c0097dc2758bc1e413df53d653072059e75738a0f8d99ebf057a620be2c329ae3244de2892

  • /storage/emulated/0/360/.deviceId

    Filesize

    48B

    MD5

    4c4c5285293d5141f582aefa4e038669

    SHA1

    e01852a72e5a8e6f7d63a21426b515118196047b

    SHA256

    36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

    SHA512

    097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

  • /storage/emulated/0/360/.iddata

    Filesize

    32B

    MD5

    200dc5f3f81de00d3f1d58a58ae6a4d4

    SHA1

    be89726863f7dddc130804914dd927893cae3216

    SHA256

    af1fbf588316a9e19d73bf888362517d5e190532ee89aa50d04f422600a9ba5a

    SHA512

    8440c15e79d53115bac991f6a4e79980706ec350720260654388228c5d009c29edf518050680d8de6a7b7f11f02585593cee7a87dae5e8305aba3f3f185b5b1e