Analysis

  • max time kernel
    35s
  • max time network
    166s
  • platform
    android_x64
  • resource
    android-x64-20240603-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system
  • submitted
    05-06-2024 16:47

General

  • Target

    98ab999fe68b6acf58db5c671892c3f6_JaffaCakes118.apk

  • Size

    13.2MB

  • MD5

    98ab999fe68b6acf58db5c671892c3f6

  • SHA1

    4b2e605f7adb31fe6ad76a2503063f9cc53ed5e5

  • SHA256

    091b35b1278e431cbdb97ee05657a3efbd3a6f889148289c99a67cfdc32d9fb8

  • SHA512

    760c9b2b88806a979134ce4f410bd3a715cb7c4ad26b040f024ed484bb44f9fc703e722416f6869e4ce621c583bf0cf69e89a38b91ce689a8e6270e8a78dd248

  • SSDEEP

    393216:gZE7dcwxbbw6J9h48uKXRTOwcaIOaVF/rYs3akrP:gypxbEq9S8nyfGiF/rYKHrP

Score
6/10

Malware Config

Signatures

  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • com.glela.huixiang56
    1⤵
    • Queries information about active data network
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5130

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.glela.huixiang56/.jiagu/classes.dex

    Filesize

    6.3MB

    MD5

    09fce1ceb80e395a20b99ac9b08cdca5

    SHA1

    821340a6fd7b3a155a046cb96f1a8fe391d8508f

    SHA256

    4546e49ebbcaf1d8ea8244b686b41ca8fdf2a3c823966703ec9fad2c94015d37

    SHA512

    a04cc840ed9bc40368d6bd7a2c64adf38d7dffc9d9e2c043057a4e8d6a89585d15f7db4216f56659c5e68c4794d4a8020b2f79214007bf92f485e462ce43a559

  • /data/data/com.glela.huixiang56/.jiagu/libjiagu.so

    Filesize

    363KB

    MD5

    1383b616dee6678b3591e577ace67225

    SHA1

    f2b0f5968b52f9c3ed022f3b3ba67e6142df89ba

    SHA256

    945e12ea3019404a01754579a234b21ff3c7c17c175750e514c0d404e9f30554

    SHA512

    72dda5b9833701c52e44260d979f6b91dface07899aa20ea686ef3d09f3225826140b7e8c336072aca21d51e88151a3fdb6952fc53b9749051f16197e8086b60