Analysis

  • max time kernel
    42s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240514-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
  • submitted
    01-06-2024 03:48

General

  • Target

    89475a793dc1e74bd5bd6f2d4e9867b4_JaffaCakes118.apk

  • Size

    26.7MB

  • MD5

    89475a793dc1e74bd5bd6f2d4e9867b4

  • SHA1

    44903e6a607a039ff4fcfcdd615ba912e3274df4

  • SHA256

    989ad5e75622095706fbe9cc3329ded2d4010a6e5987d027e7d577ee3637f5ed

  • SHA512

    c1afdc32363b61847477ae36b897c63c162a4c5d686159950ba4dcac1324b4904f7d015e17772c813dfd4a562658f49addf16381973ab891e86c4a8b3a550f34

  • SSDEEP

    786432:knA5WeCPiTmWBh3xMn/Dbhui+UzaNo8UyK7hLs9:knA9CCZW/D2U+IyKhI9

Malware Config

Signatures

Processes

  • com.chaoxi.weather
    1⤵
    • Checks if the Android device is rooted.
    • Requests cell location
    • Checks CPU information
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4327

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.chaoxi.weather/.jiagu/classes.dex

    Filesize

    5.8MB

    MD5

    a0c0f9b2fa7994d906ae85a91ac2773c

    SHA1

    a33ac80de47e0af5304929cc0cc547586da252e6

    SHA256

    d27e71a1666d2357c3e025c5c86f3a335ae395b0284c9898d78dc967c497ee7b

    SHA512

    eb4a92c43a921104e3768ebee8a30d7f3842e6aa80126973770187965dbdb327b0c877bc3ba89ad531c97c04ef1069f17365a483428064c4189cecf018e2a14c

  • /data/user/0/com.chaoxi.weather/.jiagu/classes.dex!classes2.dex

    Filesize

    4.2MB

    MD5

    18794cb038d4c7a39736bd1f4956d897

    SHA1

    0ad7810e087e3d3f50d42113448b923dc7e7bac2

    SHA256

    430da1f9f4861071edddfdd2a535531eb5159e933baeab9ac218c77435f7ab59

    SHA512

    5f2df51a3f425a2cc3bf3722dd46e5b93aa0fba5db6451a255af34536313f9a502058bedfb03db9d19607d5e68d12e8316208c156e22ea87d5e12b3f66fd9da5

  • /data/user/0/com.chaoxi.weather/.jiagu/libjiagu.so

    Filesize

    475KB

    MD5

    5aea02f4e4c77fbf2e7a27f7ca9cc06b

    SHA1

    522db1748608e9173547b29b7aa82ddc3542c534

    SHA256

    5a1c513b347e2a929769e2be67552c1d591704f08f7b5590282b66cc2c7d7bd2

    SHA512

    5c979a11f5e896829db906f533756efc1cf3c5a7e35ecc9e376a0aae818f2dada013441649feac2e188bd51affbbf35156e32fdc6552e185bddbc547f3850316

  • /data/user/0/com.chaoxi.weather/.jiagu/libjiagu_64.so

    Filesize

    509KB

    MD5

    289fb443987b114ee4237b4dd97672bc

    SHA1

    9b898410845dfaeae3af212b5df41177ba9b8f34

    SHA256

    a55e9ee18285b41a4ea1bf375930a5bdb603dbfc530a3dcb224bbded14e68210

    SHA512

    debbf2720c9b132b5923eaa9fcb372a72a97d574bce59789d06b645925fa2d6a27473aae4c9f1e4968614d44fd98a8b0fb1eec217a595fb5c80bcfc056705508

  • /data/user/0/com.chaoxi.weather/cache/image_manager_disk_cache/8757ac4fd47db724a11276397fe457edd27753098b1b426264f2a861957831fb.0.tmp

    Filesize

    76KB

    MD5

    7275aae782f14e432edbac161a629ecf

    SHA1

    7c281c12f67a6171ef68b1222a4fee8259c74ce7

    SHA256

    ef05ec36f625eb0806c87f593587c74cf380eeeb3b956c7ea6f5b7f074068d25

    SHA512

    02c8ff72633bccbd5c0ac27c10252c187283a6e8a4a0d3fd0409f04ed91c5c3baa191292ce466374703ea0abb1a255ed3c1c494c6cc8f2a5690d08ab4dd056e8

  • /data/user/0/com.chaoxi.weather/cache/image_manager_disk_cache/d8ac8ba3c3dcf5e6aeaf37cfae4deca5bd56f221c2efbd3bc47729684d62f640.0.tmp

    Filesize

    25KB

    MD5

    19adba9d3ce25a4c92693e97888a45e3

    SHA1

    b60080a92c7999dd8ce41ada8c1aaf9278dc75f5

    SHA256

    a6ee080e5c3128b004e846992d4e560ff8c5692cd2db875938eef111d8511529

    SHA512

    ca29a82b4811d46ce3d7529947caaeed60d47e88fc93c10da56795061e4273fac2c7a8a77f45edcd8a8351045a91bc862ec91cccc2f7e18ef7664fed2cd3dac6

  • /data/user/0/com.chaoxi.weather/cache/image_manager_disk_cache/journal

    Filesize

    327B

    MD5

    a2f451297f56dfa74ca49112a287adfd

    SHA1

    fa36c4b7b19963fb22fd4582a1b996668ea39682

    SHA256

    d7476abc9b058c3dc7344c91553364b72f798d0f9e99deb89fe56811805a223e

    SHA512

    b82ad9420887559be88c64ec08554565f88026e48ea462ea6a4bd2c22d539a2d37f16c81daf16d564da4d0592f0bc5239c92403ff8936723f8d778710e219f3a

  • /data/user/0/com.chaoxi.weather/cache/image_manager_disk_cache/journal.tmp

    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

  • /data/user/0/com.chaoxi.weather/databases/koudai.db

    Filesize

    48KB

    MD5

    011d5cb693280f91a686bf5b8513d69a

    SHA1

    db80a21a0e7142ee322e8930d81a86b649448f63

    SHA256

    1c6cca811e07ddd717cc256bc3f494c08d354e94f667c9a9ff581a3dd1ec6227

    SHA512

    c034fa991837a97b7ff756c9d6d1b33942b57f7c97a066055faf0d7b92eac0e3c02572182de9bc450cfcb99b75514bf003f0ac3fb8faef4785c3cd7aecbc3bd6

  • /data/user/0/com.chaoxi.weather/databases/koudai.db-journal

    Filesize

    512B

    MD5

    23751d0307bc5c20f98108f1882bfde1

    SHA1

    9844609f571ce3b3be25ab5f542f188ee4aa26c4

    SHA256

    918cf51f6116b3c4f781a633382e952c0cee3380b4c84c3fe6a4f443784950e0

    SHA512

    8b4e526d248c6964e0ae6e65855d52fc9225d4099aa84df70b0518026b20bc517076d053540840a5fcaae44753c34f08a4fb8f74fe39c6a5fc8f517b7620097c

  • /data/user/0/com.chaoxi.weather/databases/koudai.db-journal

    Filesize

    8KB

    MD5

    f9be80c231617356fdc4fc4f6d6b6305

    SHA1

    26076a874222d8dc4d558a7199e6e6862839f6c9

    SHA256

    cb6365a09ae6ffb1c850dc912e04e6bb13cbd1b57f3706b2283abe8996ea8847

    SHA512

    2ff14467e9625fa2111da10614bf6dcf9f904d1efe661a758114edaba7ceb6c40b6df6a880d69fe1fb2e19d943dba59f2ca825b6cf6d74ec0b354dac0937a3b0

  • /data/user/0/com.chaoxi.weather/databases/koudai.db-journal

    Filesize

    8KB

    MD5

    ce4a4937d505ced5adfd13ffaed56217

    SHA1

    a87e729753df029a59f275bde1374ec24bae9f97

    SHA256

    2f5e96007b1995c7ac42307c5d70147a60c00bbc04a29b8814ba9229a72f6ff5

    SHA512

    9beb340d6a646ac697bfb116fa3a6119caf7a68adc3f022a6204b59a684ba96ec64fb5ed58bf58ebaeb01ef68cc34c5a3a628c84343135b951a6597d8faa9c17

  • /data/user/0/com.chaoxi.weather/databases/koudai.db-journal

    Filesize

    12KB

    MD5

    3ad8acdaa6facef67738185beaa09154

    SHA1

    9c7cd9000d579ce82cf13a64ea7decffc69af9b9

    SHA256

    e98de7086ad008a91d05e0581101b681ea7f5bcf20a0dd1831c1e97b331e5444

    SHA512

    4527f32e9c093d0e90a7675a2baeac731de87ef45fb962530807e15e4374a00ec287f177ff4dc9cbf4ac40f3816b9803501cf8ebf7224881274eb7deb22e56ef

  • /data/user/0/com.chaoxi.weather/databases/koudai.db-journal

    Filesize

    12KB

    MD5

    7ed5bcce02ac01fb4bd5838aea277214

    SHA1

    321ba834b0e41c81199b06a5018f5f310124fdce

    SHA256

    0f309cf6d9ef019e5b349a98be819e413a58e596b0cb044679cd722d32c7e64e

    SHA512

    b3bc28be3411a6d82f5f45ebcdf1f981007d88c29e36fe60f969c1f41445c8e17076f8590e7d04acfaf42edd712574f0af3454cb1c43bbeb7d5d72dc0c69fa7b

  • /data/user/0/com.chaoxi.weather/databases/koudai.db-journal

    Filesize

    16KB

    MD5

    3489342a664fe859673eb3261eff6a76

    SHA1

    9e3a3af8d1e1358835ad6e8f426c079a9f2f7c48

    SHA256

    7a64768bce651d3a7826b9897304f189a67aacf2176bd041d34228d02bc8f444

    SHA512

    6320700e2d447e9937941060c63c2666908a95b3c8ba96f3e023e478c82bbb374dc64d05e582d3cadd404916a713b7f1dcea116f241652aa32887f75583ef42d

  • /data/user/0/com.chaoxi.weather/files/.jglogs/.jg.ac

    Filesize

    32B

    MD5

    00fc02c6ec985c26f5cd9cb5edca26b5

    SHA1

    5e132f11cf0271eb1f87dd610e4c63c2f56a4adf

    SHA256

    10a3c0ff573b107f26c8e9f11837a9c01e4f07bd26d7baa834bf8bb59cd1caf4

    SHA512

    bfc74490358ef8a747b9492b3fe37d071ae6b6580e5b2f58950a2180f7e038956479c935cdaafc88050c028b815ac7087a58964d9eeecf2580ee5837fda5d51d

  • /data/user/0/com.chaoxi.weather/files/.jglogs/.jg.ic

    Filesize

    32B

    MD5

    9a6185f2623013eb7c1d84edd120f681

    SHA1

    90045e636098c4553df13b43f2e76cd8598cdd69

    SHA256

    5278eff3270890b22569e52fbc5b8e0983492748be483f8bbb7e2dc64197c5ab

    SHA512

    5930ee9f0302faf6c60d394cac978a285a10a5eb218c3df3e7d852c9a664536cc35636b914ea03cf50a662d9da215cf0ee4a8c653c7e2fea93fbfaa6fcfede47

  • /data/user/0/com.chaoxi.weather/files/.jglogs/.jg.rd

    Filesize

    32B

    MD5

    7904b92292e819f991e1029ebe862f55

    SHA1

    06f8ca9dbd2140bf1d825c9c4e79aae7532639c3

    SHA256

    f01edf3edfe175f1e4d02916fe55fb133c4bb1a7d365c005f8fba7e9f8a35bdc

    SHA512

    7446f818a45f01b56920b30a0bb0d8d067a14088fd13e0dad400652a6aa29b183b269a478dfd6eb7b6afbdd1d9bd78a535a7949b19b75bb84aee94b598ec557d

  • /data/user/0/com.chaoxi.weather/files/.jglogs/.jg.ri

    Filesize

    307B

    MD5

    795131162b2cf840b0d52e14ecb93c90

    SHA1

    e8f4d2ca75f6f472db99b162f0b0fdd87b564013

    SHA256

    191ce88fd8ee65326ca8ce1c397516d8fadf2296675f5163979082c8187549aa

    SHA512

    2d544882427af90097d7c3ac091574c3f25d1e949c5a04ca189c700ad3e44d34cee3dd4648ac28a22ef2bd9bc510ee4683fa0b6f33f1dbe3b62e6c154ac5ec17

  • /data/user/0/com.chaoxi.weather/files/.jglogs/.jg.ri

    Filesize

    314B

    MD5

    9fcece230c3124596cdf34696b70c065

    SHA1

    f06330db9ad146136901c8f35c41c9ae23642807

    SHA256

    d77c8931f1e99379ef1f12b3692e0ee9c88620c2a003e406764a02a088c6a77b

    SHA512

    a7c38c0619207f73cca7bf782a879dd54a9f1ab636d23688c46315b1e3373ff8301fa7ab24bdd7ed1f92a8ac4795f4c54291e3b4fc605572df7f59ed983db774

  • /data/user/0/com.chaoxi.weather/files/.jglogs/.jg.store.report_pid

    Filesize

    32B

    MD5

    21405b3fdc7c021457df4ecfcd90da58

    SHA1

    0ff0bb98b7087e4412f23fb834152533af4a7153

    SHA256

    af349d91f101c404e428df6da46cdb02fc6b2598c035b36a130d77a06cbfd27e

    SHA512

    f5250fda99af29d6947e81d878b0e7bb06c1cce04ebaf3a11f52c06bcd80bb81ab816158f156de58108a12621ce68a87110390dfd29fd27c0b787914b74a4aa1

  • /data/user/0/com.chaoxi.weather/files/.jiagu.lock

    Filesize

    27B

    MD5

    ba4d1274da866be4d086b692ff86293c

    SHA1

    07ba23690260107ef31c1d37183fb5b1a3e4066d

    SHA256

    b8b98d84075509d11d73df92fdad0f400113aab74da239cb173a7b683a264305

    SHA512

    a4703e89266903980b280e3e651fbc03ecc78d00cf637101fe69527cd34736c74f98c1b13cbfc14c29e317933693ba3dddb550dcac58e41c830454cd63a083a9

  • /data/user/0/com.chaoxi.weather/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE3MjEzNzE5NjQx

    Filesize

    1KB

    MD5

    c5d0eadbab68e0aed1959078abbed1dc

    SHA1

    f7eac85114362d11b329ff0b10c103c55e6f3117

    SHA256

    026f3558aa3d74af2a041911fbb00fae4c8ecd143b5d73c3e6d72227126dcdf4

    SHA512

    3399dcceb38e78276c578d5ff7bb9534030b6fc7daddddda502a39a124a8179bc056b0c87c3c6a9d6bf0784ce1cbaa99c2b8f38b856a4314208188619c1539a7

  • /data/user/0/com.chaoxi.weather/files/umeng_it.cache

    Filesize

    350B

    MD5

    c1247c3a4dc3ee183e14b8d0e62c43d5

    SHA1

    a054f74da62ba74c7babc7c73bbbb16b737fbc39

    SHA256

    48f2f61668636cc39149f2030b6704c08814d1edc5f6f3ab5758b0b77b731e34

    SHA512

    7602b755a11305cc04f51d180e5f94c36d04fb295a6b3e6cb128b53eba13a55cd60f9be89f67b185d177a38c5ed0938b6a631925262b06dd51703195a2cd7267