f39c58038666954591eafc35299eaa3b484710dd017c1629590abc41eddd5a81

Analysis

max time kernel
12s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240603-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system
submitted
04/06/2024, 22:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

966fb0b361a44eea210a1dc452ec697a_JaffaCakes118.apk
Size

6.7MB
MD5

966fb0b361a44eea210a1dc452ec697a
SHA1

009c73d4b6ff230334861d76a26f0651b8cc406d
SHA256

f39c58038666954591eafc35299eaa3b484710dd017c1629590abc41eddd5a81
SHA512

8dc0748819e6305232d60cfce31ef4078857b7e06ae4aaab1092df3ca88c14e795b0f5e4fba4a85cf933466751f15cebb83e08e869a9381456a86f5872849dda
SSDEEP

98304:6Xe+ASAJxtd3Dsls76GZzgtBS8PFOPL8mrd5H2A67Sy7BQnzYiF:6umw7d3Qi7rcROIfNSy7Cb

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.fdoesf.edfqwe/.jiagu/classes.dex	4712	com.fdoesf.edfqwe
/data/user/0/com.fdoesf.edfqwe/.jiagu/classes.dex!classes2.dex	4712	com.fdoesf.edfqwe

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.fdoesf.edfqwe

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.fdoesf.edfqwe

com.fdoesf.edfqwe
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Checks CPU information
PID:4712

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.fdoesf.edfqwe/.jiagu/classes.dex

Filesize
5.5MB

MD5
3c93913783408d190ba33c4b741596f0

SHA1
1a337c33d46a51d3627f2232598ae9fab9329fdc

SHA256
4c65a191cf9afc9bf76b748d672187c2e70fbfb239f64954fad65962a6c3f0e7

SHA512
94bf8bf0c86f2888836419853c7470f9dcc0a4377d383e148b34f1c936dd13f3087359ca62a40c6fc96cad786c3744052befcc8d7f7f743d4208a8511ce5bde7

Download Submit
/data/user/0/com.fdoesf.edfqwe/.jiagu/classes.dex!classes2.dex

Filesize
1.3MB

MD5
f138c8de4a07d02f550f31e42d1b35f2

SHA1
4c56771e1e4cf3d8ee24b044799c9ce7f0b1d74b

SHA256
e8c0dcffb0e5e0b345b4f8e2d881ffebb82f332e5bf68eb5cf45422a8a3d4f7f

SHA512
f1b26d711788171edea22c5ce9538b85b3152088d91cd62332fed2ebcb69f75a38c3d21a53e1d3db927bd3abf034fff69475d54b086716a4f88981e988b45ac5

Download Submit
/data/user/0/com.fdoesf.edfqwe/.jiagu/libjiagu.so

Filesize
568KB

MD5
40b17436e92b03b70e0098a4b2ddf83c

SHA1
c8e8b1c0a86e291d0441b606a3b70044823ca474

SHA256
c7845ea6921498271c29010673d0ea315c34e9a3fefd95edc3ea62a3ff670283

SHA512
ddf08eaa3c226bba312e81501e8963435da312182ce21aca9b518bce2c7e9f835f9c8d3516210f67633c607c243ff7f6ebf366635256818a559c2c40c4a443c6

Download Submit
/data/user/0/com.fdoesf.edfqwe/.jiagu/libjiagu_64.so

Filesize
579KB

MD5
15b50869e32b6531dfc1923a2f87929c

SHA1
1c92c78a8a31672c11a6bbeede0170e8833b4c55

SHA256
3b5a2c88372aede4c701899f1e1246e0e0ce643a53b6cc3f98da535cab82c1f1

SHA512
b4a1238386cfcfeab94e712a2eb6820c8177b535fc488840b72a1359bdfdabcd7b0d04229d1a05fc9a13434f63271e9703a125f90dc70d5f3a0e1e911854168d

Download Submit
/data/user/0/com.fdoesf.edfqwe/cache/ok-http/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit