5df6efedd445132515d1e2274eee5bc0976e057052988c578085edb6402b060b

Analysis

max time kernel
4s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
02-06-2024 04:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8ce9049bad5d191af2b2ea9f356a8020_JaffaCakes118.apk
Size

8.8MB
MD5

8ce9049bad5d191af2b2ea9f356a8020
SHA1

c19da3f10744c61caf1059b4bab5baf949a180c3
SHA256

5df6efedd445132515d1e2274eee5bc0976e057052988c578085edb6402b060b
SHA512

a05ccb1866dc33be061bd7e00ca0f7d69cfab87286b2c6f0116d3d159942d7f8a8a7eea22701a61a897f064755387e0e4bb63f917be0945e5c38baef8ccf7fe9
SSDEEP

196608:iplXmAdo1xnRaa5pPfhYLqzFbTlxQmKJQdvz0beQ/KJQdd:/vjnRV5NhjFbjQm6eQH

Score

6^/10

discovery

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.nongfu.customer

com.nongfu.customer
1⤵
- Checks if the internet connection is available
PID:4332
- chmod 755 /data/user/0/com.nongfu.customer/.jiagu/libjiagu.so
  2⤵
  PID:4360
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.nongfu.customer/.jiagu/classes.dex --dex-file=/data/data/com.nongfu.customer/.jiagu/classes2.dex --oat-file=/data/data/com.nongfu.customer/.jiagu/classes.oat --inline-depth-limit=0 --compiler-filter=speed
  2⤵
  PID:4381

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.nongfu.customer/.jiagu/classes.dex

Filesize
2.5MB

MD5
34805f9b237efaef9c52b98fd65f4fb7

SHA1
9c19c7fe2ebcddedb7dedbb3ab2d1a4acb6b24f9

SHA256
4fef1b688c27b1e2277bf4aa5c83cca8e49d4d39cd59e21d46391b392ec94073

SHA512
1114002635356669f72d3a371aa4d14460dc88c02bb2277e0d2f5afb3f6a806c608a8b538adc511d0f5c063e38a783fb04e2031609ddc165de7861bf96cfd108

Download Submit
/data/data/com.nongfu.customer/.jiagu/libjiagu.so

Filesize
358KB

MD5
0f988c9a7d52923d162bbfe4d2ea8171

SHA1
0084318df7665847bc5cabac2f4b7cd2bdc02a34

SHA256
c548db6ffa4e11cf80c934aeb77d40397e7aeed067a89799262467d552921bce

SHA512
926bbdc706705674e3cd19186990b5c30d1b7b7141c6dd7ace9876899f2bd92275793a5b76e7becc8c6de82766a3dd075ebab9fd8ccb11d3e077b49c613774b9

Download Submit