Analysis
-
max time kernel
22s -
max time network
180s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
05-06-2024 07:55
Static task
static1
Behavioral task
behavioral1
Sample
978bc36a8537914ae4a836de6dd912a1_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
978bc36a8537914ae4a836de6dd912a1_JaffaCakes118.apk
Resource
android-x64-20240603-en
General
-
Target
978bc36a8537914ae4a836de6dd912a1_JaffaCakes118.apk
-
Size
9.6MB
-
MD5
978bc36a8537914ae4a836de6dd912a1
-
SHA1
0a8c6e5c77e0114797d6690b0f5b7bde0eb89bc0
-
SHA256
5ffbe7b1867699514b1a5abb95f5179380d0cfba37af6df7f0c2e1bca35c55fc
-
SHA512
04d0fc8d9e39ef7f297611c93b1365e2605a6867459feb05c7f7ebf9902d421b69d1a47ad7cfb3bbac8b6a4fcc61c21edb76612c553f65108209811c1e32b556
-
SSDEEP
196608:bLGlSkymt1cejpTdnGE9cx0TxWEQ+Hy/cuQUYttqB8:bLGlHymDcEnGEceTxWEOcZUYttqB8
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.dianxinos.dxbs/.mbj/dex/classes.zip 4254 com.dianxinos.dxbs -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.dianxinos.dxbs Framework service call android.app.IActivityManager.getRunningAppProcesses com.dianxinos.dxbs:local -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.dianxinos.dxbs -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.dianxinos.dxbs Framework service call android.app.IActivityManager.registerReceiver com.dianxinos.dxbs:local -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.dianxinos.dxbs
Processes
-
com.dianxinos.dxbs1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4254
-
com.dianxinos.dxbs:local1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4299
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
373KB
MD50aca234fd3c71f5fad4f7f6f4538fc62
SHA1beefe3771a03889c404ccdc74bad45f4154d2a65
SHA2560c5f01cf0c05302ffd9df5ddbc92a1115b6c3c7ccb84f97f4f27572385aa57ea
SHA512a44a3fcf57b1ee6c0944520c2660a3d6e7c99d9f71454dff3bebc52ae2c74f448682da7c26c639a2fae52f0328e52db1f370e818b55469002bcde62401a490e6
-
Filesize
512B
MD596223f47d3c7f9f82a98d20358ffe2f0
SHA1b07513643c478442b9f1c4ebefdc57b4149dbbd1
SHA2565e86aca1902587af3e67c5c606d120cff8376c72e16efd0da146e03e5ccf5f96
SHA5125e0109e869f80b29d4a26d2041e945342ec34dbe49dedc024807fff5f62ef859a2971af048162b140aa2abd89dd06e047459e52763c7c838e6dea11c8c91b068
-
Filesize
108KB
MD59394b0d6ae5fb0587eac410145a18aa2
SHA12dedc9be1ba357bd9cfc31c97dd619f4797e5efc
SHA25681099666daea8e4dca972968e6a8523a2f96026154757131f748f2f142d43442
SHA512a567366b38979b61c7f662a97a09e8ab314f75bc801ee8ce4fd8efb5e83b295e783379c41b29da27d7f219e2ae14aa0ff8f61f8723875138322ab7c58c587254
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5236346d693c1b16e76e56665b46e3e2c
SHA10cd01510f51c25e8ce559e31b4e94ef832e08d89
SHA256bcdb75f7a4cd25f61daa035645ec4fb17d3ab973cf555646125443d4c91d3f17
SHA512ab4c409ab7108804d257f6422596aa010e6377ff667e18b1e52a0341bf6b2f7aba35702418f2955b3102cc9c9f3d714a8f3cb4b3b212d1032a4ac2f746a4cca1
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
32KB
MD545dc08ee648779c95953b8af2bb02fe6
SHA17309b84013651958276d73e41cda99b36dfc27cb
SHA256fd01c8ecfe9f88f3109f7faae0331dda68da91328406384571cbfa92201c1ee6
SHA512c25679a779f039cd8a30116b2b042090e6cb4a5e432a059b531e7ecaf3ebdfac43cfe1521173f351f9328e05ebd67a6b0b55277d133c1849b0f556faedc47cc8
-
Filesize
915KB
MD5cd91205f1ff564cdc4513edc7ce661b5
SHA16ae133d5ea19f1b575d68bbd9d0fa33d4685c112
SHA25682f5f4ec5b2d8b97ba1c079a01f16b686fbca973fbaddbfc22d0e2324483a9ec
SHA512a74b53d95286b74f7bf7307e2b14588b2fb64c3d57d2883b4adb5c258cd91118b1a337b47b2afd5f224189bc0dd33d5ca49be627cdb804b9f45db099cbbe782c
-
Filesize
31B
MD58c92de9ce46d41a22f3b20f77404cc1d
SHA18671a6dca00edb72be47363a7071be65cf270373
SHA25668bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA51230f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56