Overview

overview

7

Static

static

6

943123c983...18.apk

android-9-x86

7

943123c983...18.apk

android-13-x64

7

Analysis

  • max time kernel
    15s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    04-06-2024 08:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    943123c983dcbfae35ebf11ffd83a06a_JaffaCakes118.apk

  • Size

    9.3MB

  • MD5

    943123c983dcbfae35ebf11ffd83a06a

  • SHA1

    76a51b3a8d86fbc948a4ae060f420d2b9df356c6

  • SHA256

    b23740891b764ddf43f753b1a0a67612576f35a7db2a821fc2c0798b209fb64f

  • SHA512

    dd49dfcb409939b9366255f40e979b68d7a5e81cd95e20e6bcd03fef086e4cb693950f00b60999b44073a62b7d53873e7b0b9b8dd106d95677ff1bc11f14078e

  • SSDEEP

    196608:f6nHYiLbkSUTzVfG+R2YO61AI0LOi8ChjjoiIDm5ghBhfjac/WZghEC:G4+kSB+kdQAIi1oiIDm3cOI

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.xrzh.lfh
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4277

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.xrzh.lfh/.jiagu/classes.dex
    Filesize

    6.8MB

    MD5

    25a4fb820c44eabba349508ecf28cec1

    SHA1

    783fe0b2a571aa53b8f4928cec1d2b40b011683d

    SHA256

    97b80a4d53aad4a777b9dd853511587aa725e75de33c8db03ac59ba9511a9ad4

    SHA512

    9fdfd4f6bf9dd36cdbfe0122c7942ace2d98e453b38de7730da26239b281b95d8dce2fc9d516b9f5fe9c228b6589f6f985f44292436d6685597acd3a4021df65

    Download Submit

  • /data/data/com.xrzh.lfh/.jiagu/classes.dex!classes2.dex
    Filesize

    100KB

    MD5

    4343a074adc7a68dc2b98fd5b0981263

    SHA1

    963540bcd11e7f1d7834e1e1cfd142a9de9006d1

    SHA256

    be42b107857380d496b815b8f38790bb47d754f0c791687588d27388bdf47303

    SHA512

    c441652c446c1fc5fd8e187db1aa340ddf56a1be64649ff0e19d42a1077438c1385393bc5a2adc3a4492afe28869fe37ca44d23229ea166b8349911a28771e4d

    Download Submit

  • /data/data/com.xrzh.lfh/.jiagu/libjiagu.so
    Filesize

    477KB

    MD5

    39d77dcad8e2a44dd7226f442b3a6c92

    SHA1

    6560fa96c6b5a038abaeee5f139a16e46088d9d7

    SHA256

    99cba035cae818dbdef989e70e738463798528b8ca52dbf38d2b8a72152680c0

    SHA512

    7ddfc6c05839160813e58e8f8c50d2dcda7e7b5e7f1d27cffb802ee91de4bb664bc5c257137d39152ed6e8cad0d3c1b067bf8aeb7e53f884893887b54480a5e5

    Download Submit