Analysis
-
max time kernel
34s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
05-06-2024 16:47
Static task
static1
Behavioral task
behavioral1
Sample
98ab999fe68b6acf58db5c671892c3f6_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
General
-
Target
98ab999fe68b6acf58db5c671892c3f6_JaffaCakes118.apk
-
Size
13.2MB
-
MD5
98ab999fe68b6acf58db5c671892c3f6
-
SHA1
4b2e605f7adb31fe6ad76a2503063f9cc53ed5e5
-
SHA256
091b35b1278e431cbdb97ee05657a3efbd3a6f889148289c99a67cfdc32d9fb8
-
SHA512
760c9b2b88806a979134ce4f410bd3a715cb7c4ad26b040f024ed484bb44f9fc703e722416f6869e4ce621c583bf0cf69e89a38b91ce689a8e6270e8a78dd248
-
SSDEEP
393216:gZE7dcwxbbw6J9h48uKXRTOwcaIOaVF/rYs3akrP:gypxbEq9S8nyfGiF/rYKHrP
Malware Config
Signatures
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 6 f.appjiagu.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.glela.huixiang56 -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.glela.huixiang56
Processes
-
com.glela.huixiang561⤵
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
PID:4276 -
chmod 755 /data/user/0/com.glela.huixiang56/.jiagu/libjiagu.so2⤵PID:4303
-
-
chmod 755 /data/user/0/com.glela.huixiang56/.jiagu/libjiagu.so2⤵PID:4370
-
-
/system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.glela.huixiang56/.jiagu/classes.dex --dex-file=/data/data/com.glela.huixiang56/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/com.glela.huixiang56/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/com.glela.huixiang56/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed2⤵PID:4391
-
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.3MB
MD509fce1ceb80e395a20b99ac9b08cdca5
SHA1821340a6fd7b3a155a046cb96f1a8fe391d8508f
SHA2564546e49ebbcaf1d8ea8244b686b41ca8fdf2a3c823966703ec9fad2c94015d37
SHA512a04cc840ed9bc40368d6bd7a2c64adf38d7dffc9d9e2c043057a4e8d6a89585d15f7db4216f56659c5e68c4794d4a8020b2f79214007bf92f485e462ce43a559
-
Filesize
363KB
MD51383b616dee6678b3591e577ace67225
SHA1f2b0f5968b52f9c3ed022f3b3ba67e6142df89ba
SHA256945e12ea3019404a01754579a234b21ff3c7c17c175750e514c0d404e9f30554
SHA51272dda5b9833701c52e44260d979f6b91dface07899aa20ea686ef3d09f3225826140b7e8c336072aca21d51e88151a3fdb6952fc53b9749051f16197e8086b60