Analysis

  • max time kernel
    23s
  • max time network
    188s
  • platform
    android_x64
  • resource
    android-x64-20240603-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system
  • submitted
    05-06-2024 07:55

General

  • Target

    978bc36a8537914ae4a836de6dd912a1_JaffaCakes118.apk

  • Size

    9.6MB

  • MD5

    978bc36a8537914ae4a836de6dd912a1

  • SHA1

    0a8c6e5c77e0114797d6690b0f5b7bde0eb89bc0

  • SHA256

    5ffbe7b1867699514b1a5abb95f5179380d0cfba37af6df7f0c2e1bca35c55fc

  • SHA512

    04d0fc8d9e39ef7f297611c93b1365e2605a6867459feb05c7f7ebf9902d421b69d1a47ad7cfb3bbac8b6a4fcc61c21edb76612c553f65108209811c1e32b556

  • SSDEEP

    196608:bLGlSkymt1cejpTdnGE9cx0TxWEQ+Hy/cuQUYttqB8:bLGlHymDcEnGEceTxWEOcZUYttqB8

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.dianxinos.dxbs
    1⤵
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Queries information about running processes on the device
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:5156
  • com.dianxinos.dxbs:local
    1⤵
    • Queries information about running processes on the device
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5210

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.dianxinos.dxbs/.mbj/dex/classes.zip

    Filesize

    373KB

    MD5

    0aca234fd3c71f5fad4f7f6f4538fc62

    SHA1

    beefe3771a03889c404ccdc74bad45f4154d2a65

    SHA256

    0c5f01cf0c05302ffd9df5ddbc92a1115b6c3c7ccb84f97f4f27572385aa57ea

    SHA512

    a44a3fcf57b1ee6c0944520c2660a3d6e7c99d9f71454dff3bebc52ae2c74f448682da7c26c639a2fae52f0328e52db1f370e818b55469002bcde62401a490e6

  • /data/data/com.dianxinos.dxbs/databases/notify_items.sp

    Filesize

    24KB

    MD5

    15bf426ae143799df4432ba89d4da124

    SHA1

    abbde64bc1c31040b716e4e4e16678afa1a54d62

    SHA256

    251f485e54231fdef7c4f44deb4f8a861e884ed40c01b5adfff9028a3543c320

    SHA512

    ba3e61e4cba1f010620ac992a895a32708df660b1d06a5620938a86a1f2a9caec6548b485ade5d53836b41cc2db43ec9d66d0c85afbacdd1c73d027114cced4e

  • /data/data/com.dianxinos.dxbs/databases/notify_items.sp-journal

    Filesize

    16KB

    MD5

    a69139aab7c4d36016fbdf6fa2041fd0

    SHA1

    c7986b201db63e726c283755bc64cae0df1ebcfb

    SHA256

    c695c4815845695547c3745bdb58558674ee5b7f4f590aab94dc2cede04e899b

    SHA512

    b5794b2f26b370dca95790ad1a4496bd00980cb3b318647ed4a708165f8019af8ef75d62e5455c4ed170cd91be29b652437ce34682e340549bef9fed6ec9620d

  • /data/data/com.dianxinos.dxbs/databases/notify_items.sp-journal

    Filesize

    16KB

    MD5

    10cdc828be6f2dbb6c25c62c81169e72

    SHA1

    5b466ff850a8997e9fc27db5d1c9dd684f197611

    SHA256

    17cb7a114d6b8d2ba193918747754a26968f6fbd9616d158063f408338686075

    SHA512

    edefa871e3996dc0a1d3158783924ef9b6772e4c82cdd4cef9eabf3ea358594261fc8f0ae763dd8049d591e7fb541f0b2d38be95fe1038683c821b656383d41c

  • /data/data/com.dianxinos.dxbs/databases/notify_items.sp-journal

    Filesize

    16KB

    MD5

    41e67f09d0ec8ee8e03c9a7b33335979

    SHA1

    cdb8e99610bee555c8f6ec3a1f1e77639825b5a6

    SHA256

    8b64a1982a0b577e1824b13c1616637f8be17299ebb59c42069fcc04d0753cf2

    SHA512

    11275aae38dcf6ec24d2c2abddbf10cbffa82fd414d5eb5c96b87bf39ee51d36d28b912ef1071da624b930b9054909cb35413d1d829a8e300b60a3b3c955ce97

  • /data/data/com.dianxinos.dxbs/databases/notify_items.sp-journal

    Filesize

    512B

    MD5

    468efba4a7dd77212f076da63e97a4f1

    SHA1

    9e9e87c7ca57fc841cd4f90ca10099698b0a8a57

    SHA256

    4f18afa75624dded664ed3501dbeca67e65cf117910c08d3189628e3959d3559

    SHA512

    5c982ae957381be74015a30a8c424daecf7ab06e44a3ba6bb6a5d23bef640969f5ed7832fe084ada24120fa8096bd737d44372e8bb3753e15b999c4fc0df96fd

  • /data/data/com.dianxinos.dxbs/databases/notify_items.sp-journal

    Filesize

    8KB

    MD5

    cc085c82b8fd0924a0f4ee7f06b09ec4

    SHA1

    2b898ad66937effd6e20bddf22ef764dcdf585fb

    SHA256

    848f6133421d5ec10454f4c4ecc1e6f3f7a8c04ecc062e351bf7dad56a3b04cd

    SHA512

    6976601af009c9e1540afbf5c22fd7bf5a8c587f225637b374b23d83ea08dbbd844c3b90172208d9bf7ed77ffc3fd761e668aa9df4d8c136723169dfcff3f09f

  • /data/data/com.dianxinos.dxbs/databases/notify_items.sp-journal

    Filesize

    8KB

    MD5

    a4b6a1cd5668c751de8a598f8678ddad

    SHA1

    cbee3f607968fc655242e73ffb9a0ff507d8abb9

    SHA256

    9dbf496a558292a65f1ca01d5dcd7374f89464c24914c9129d94f0e9b53c7a5d

    SHA512

    fa8b329aff4f6be50fc73baf5e03dec1f9eee70dfaec2be13f67d2339613dbc27b65e5cfdcf2966bb338b708ac30f91e7c96a09fefd9c617cf2016eb83810b76

  • /data/data/com.dianxinos.dxbs/databases/toolbox_ts.db

    Filesize

    20KB

    MD5

    50c5d17286b39e4e8019d3a39f3e7fb1

    SHA1

    e2cd48de5ee603c7ab46e1c3ebd876ef15f511f4

    SHA256

    288165132a6480c2014eac40ee4efc3c8f80c38b7bbe79947802ba8b51c2f3dc

    SHA512

    3245f98e88f5e36f44d0226f1883a9b794c4f0ee81d09dc1d8314b5aa7dc0f95d675d2aa04d0ab98cfd4c65565aadd042b45bed3ee0c82d1a463c9d0d5502f60

  • /data/data/com.dianxinos.dxbs/databases/toolbox_ts.db-journal

    Filesize

    512B

    MD5

    bda72165f01f68675049322e4a0e1fc8

    SHA1

    bb340ae2c905ec15ae7dabf104392a8fa7910b2f

    SHA256

    f0992eda43456976061a6d9c82db6474aab3c2edcd9a325a7e480fa00aceff79

    SHA512

    0b99b80c259c00b64b4bc6cfc0e03e9e238ada732fd90a912ffa05e93cf1d393081a04441c870a3ec143688a661b988f6e482f8cdb338eaa9b40a6b536559dca

  • /data/data/com.dianxinos.dxbs/databases/toolbox_ts.db-journal

    Filesize

    8KB

    MD5

    ad08ccaa05602358c959fb477ac65678

    SHA1

    ac32acaa6df93f11a8f716e55e1e14f08407a2cc

    SHA256

    40530caa4ed0ac99f4e0ebfdc8a8002eeddad9cbf963818e55ce8910e80cfa4f

    SHA512

    ae96dad4910aa00d25f8d0018d8308932f519607ec32a1fac0f251aa4fdcebfb8fe584299fe75354f6c4aa355c4412c762593969b2ad274f87f4af1a62cdcbf0

  • /data/data/com.dianxinos.dxbs/databases/toolbox_ts.db-journal

    Filesize

    8KB

    MD5

    fabbe8643a7cdee87f99b44755a25cbe

    SHA1

    7deb5e84ec42bcbb2155504c282b9e1b78e17cc5

    SHA256

    662dce9caef75d8879692d00f4c93e835cf3f4ba85c80609c38662ed6fd69623

    SHA512

    3532116be8233433898f04a1e278fd23e84e40646e08bb0a0df9c74cf14cb56b3e8ecaac749c40d47ae12f9ddd5180d1896cd5ac6bf423d46ac190e493e3cee4

  • /data/user/0/com.dianxinos.dxbs/.mbj/dex/classes.zip

    Filesize

    915KB

    MD5

    cd91205f1ff564cdc4513edc7ce661b5

    SHA1

    6ae133d5ea19f1b575d68bbd9d0fa33d4685c112

    SHA256

    82f5f4ec5b2d8b97ba1c079a01f16b686fbca973fbaddbfc22d0e2324483a9ec

    SHA512

    a74b53d95286b74f7bf7307e2b14588b2fb64c3d57d2883b4adb5c258cd91118b1a337b47b2afd5f224189bc0dd33d5ca49be627cdb804b9f45db099cbbe782c