Analysis
-
max time kernel
23s -
max time network
188s -
platform
android_x64 -
resource
android-x64-20240603-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system -
submitted
05-06-2024 07:55
Static task
static1
Behavioral task
behavioral1
Sample
978bc36a8537914ae4a836de6dd912a1_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
978bc36a8537914ae4a836de6dd912a1_JaffaCakes118.apk
Resource
android-x64-20240603-en
General
-
Target
978bc36a8537914ae4a836de6dd912a1_JaffaCakes118.apk
-
Size
9.6MB
-
MD5
978bc36a8537914ae4a836de6dd912a1
-
SHA1
0a8c6e5c77e0114797d6690b0f5b7bde0eb89bc0
-
SHA256
5ffbe7b1867699514b1a5abb95f5179380d0cfba37af6df7f0c2e1bca35c55fc
-
SHA512
04d0fc8d9e39ef7f297611c93b1365e2605a6867459feb05c7f7ebf9902d421b69d1a47ad7cfb3bbac8b6a4fcc61c21edb76612c553f65108209811c1e32b556
-
SSDEEP
196608:bLGlSkymt1cejpTdnGE9cx0TxWEQ+Hy/cuQUYttqB8:bLGlHymDcEnGEceTxWEOcZUYttqB8
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.dianxinos.dxbs/.mbj/dex/classes.zip 5156 com.dianxinos.dxbs -
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
description ioc Process Framework service call android.accounts.IAccountManager.getAccountsAsUser com.dianxinos.dxbs -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.dianxinos.dxbs Framework service call android.app.IActivityManager.getRunningAppProcesses com.dianxinos.dxbs:local -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.dianxinos.dxbs -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.dianxinos.dxbs Framework service call android.app.IActivityManager.registerReceiver com.dianxinos.dxbs:local -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.dianxinos.dxbs -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.dianxinos.dxbs
Processes
-
com.dianxinos.dxbs1⤵
- Loads dropped Dex/Jar
- Queries account information for other applications stored on the device
- Queries information about running processes on the device
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:5156
-
com.dianxinos.dxbs:local1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5210
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
373KB
MD50aca234fd3c71f5fad4f7f6f4538fc62
SHA1beefe3771a03889c404ccdc74bad45f4154d2a65
SHA2560c5f01cf0c05302ffd9df5ddbc92a1115b6c3c7ccb84f97f4f27572385aa57ea
SHA512a44a3fcf57b1ee6c0944520c2660a3d6e7c99d9f71454dff3bebc52ae2c74f448682da7c26c639a2fae52f0328e52db1f370e818b55469002bcde62401a490e6
-
Filesize
24KB
MD515bf426ae143799df4432ba89d4da124
SHA1abbde64bc1c31040b716e4e4e16678afa1a54d62
SHA256251f485e54231fdef7c4f44deb4f8a861e884ed40c01b5adfff9028a3543c320
SHA512ba3e61e4cba1f010620ac992a895a32708df660b1d06a5620938a86a1f2a9caec6548b485ade5d53836b41cc2db43ec9d66d0c85afbacdd1c73d027114cced4e
-
Filesize
16KB
MD5a69139aab7c4d36016fbdf6fa2041fd0
SHA1c7986b201db63e726c283755bc64cae0df1ebcfb
SHA256c695c4815845695547c3745bdb58558674ee5b7f4f590aab94dc2cede04e899b
SHA512b5794b2f26b370dca95790ad1a4496bd00980cb3b318647ed4a708165f8019af8ef75d62e5455c4ed170cd91be29b652437ce34682e340549bef9fed6ec9620d
-
Filesize
16KB
MD510cdc828be6f2dbb6c25c62c81169e72
SHA15b466ff850a8997e9fc27db5d1c9dd684f197611
SHA25617cb7a114d6b8d2ba193918747754a26968f6fbd9616d158063f408338686075
SHA512edefa871e3996dc0a1d3158783924ef9b6772e4c82cdd4cef9eabf3ea358594261fc8f0ae763dd8049d591e7fb541f0b2d38be95fe1038683c821b656383d41c
-
Filesize
16KB
MD541e67f09d0ec8ee8e03c9a7b33335979
SHA1cdb8e99610bee555c8f6ec3a1f1e77639825b5a6
SHA2568b64a1982a0b577e1824b13c1616637f8be17299ebb59c42069fcc04d0753cf2
SHA51211275aae38dcf6ec24d2c2abddbf10cbffa82fd414d5eb5c96b87bf39ee51d36d28b912ef1071da624b930b9054909cb35413d1d829a8e300b60a3b3c955ce97
-
Filesize
512B
MD5468efba4a7dd77212f076da63e97a4f1
SHA19e9e87c7ca57fc841cd4f90ca10099698b0a8a57
SHA2564f18afa75624dded664ed3501dbeca67e65cf117910c08d3189628e3959d3559
SHA5125c982ae957381be74015a30a8c424daecf7ab06e44a3ba6bb6a5d23bef640969f5ed7832fe084ada24120fa8096bd737d44372e8bb3753e15b999c4fc0df96fd
-
Filesize
8KB
MD5cc085c82b8fd0924a0f4ee7f06b09ec4
SHA12b898ad66937effd6e20bddf22ef764dcdf585fb
SHA256848f6133421d5ec10454f4c4ecc1e6f3f7a8c04ecc062e351bf7dad56a3b04cd
SHA5126976601af009c9e1540afbf5c22fd7bf5a8c587f225637b374b23d83ea08dbbd844c3b90172208d9bf7ed77ffc3fd761e668aa9df4d8c136723169dfcff3f09f
-
Filesize
8KB
MD5a4b6a1cd5668c751de8a598f8678ddad
SHA1cbee3f607968fc655242e73ffb9a0ff507d8abb9
SHA2569dbf496a558292a65f1ca01d5dcd7374f89464c24914c9129d94f0e9b53c7a5d
SHA512fa8b329aff4f6be50fc73baf5e03dec1f9eee70dfaec2be13f67d2339613dbc27b65e5cfdcf2966bb338b708ac30f91e7c96a09fefd9c617cf2016eb83810b76
-
Filesize
20KB
MD550c5d17286b39e4e8019d3a39f3e7fb1
SHA1e2cd48de5ee603c7ab46e1c3ebd876ef15f511f4
SHA256288165132a6480c2014eac40ee4efc3c8f80c38b7bbe79947802ba8b51c2f3dc
SHA5123245f98e88f5e36f44d0226f1883a9b794c4f0ee81d09dc1d8314b5aa7dc0f95d675d2aa04d0ab98cfd4c65565aadd042b45bed3ee0c82d1a463c9d0d5502f60
-
Filesize
512B
MD5bda72165f01f68675049322e4a0e1fc8
SHA1bb340ae2c905ec15ae7dabf104392a8fa7910b2f
SHA256f0992eda43456976061a6d9c82db6474aab3c2edcd9a325a7e480fa00aceff79
SHA5120b99b80c259c00b64b4bc6cfc0e03e9e238ada732fd90a912ffa05e93cf1d393081a04441c870a3ec143688a661b988f6e482f8cdb338eaa9b40a6b536559dca
-
Filesize
8KB
MD5ad08ccaa05602358c959fb477ac65678
SHA1ac32acaa6df93f11a8f716e55e1e14f08407a2cc
SHA25640530caa4ed0ac99f4e0ebfdc8a8002eeddad9cbf963818e55ce8910e80cfa4f
SHA512ae96dad4910aa00d25f8d0018d8308932f519607ec32a1fac0f251aa4fdcebfb8fe584299fe75354f6c4aa355c4412c762593969b2ad274f87f4af1a62cdcbf0
-
Filesize
8KB
MD5fabbe8643a7cdee87f99b44755a25cbe
SHA17deb5e84ec42bcbb2155504c282b9e1b78e17cc5
SHA256662dce9caef75d8879692d00f4c93e835cf3f4ba85c80609c38662ed6fd69623
SHA5123532116be8233433898f04a1e278fd23e84e40646e08bb0a0df9c74cf14cb56b3e8ecaac749c40d47ae12f9ddd5180d1896cd5ac6bf423d46ac190e493e3cee4
-
Filesize
915KB
MD5cd91205f1ff564cdc4513edc7ce661b5
SHA16ae133d5ea19f1b575d68bbd9d0fa33d4685c112
SHA25682f5f4ec5b2d8b97ba1c079a01f16b686fbca973fbaddbfc22d0e2324483a9ec
SHA512a74b53d95286b74f7bf7307e2b14588b2fb64c3d57d2883b4adb5c258cd91118b1a337b47b2afd5f224189bc0dd33d5ca49be627cdb804b9f45db099cbbe782c