4ec28e96b91666c9621996f7a3534c2b8b505b834189468142f1638f96678210

Analysis

max time kernel
5s
max time network
140s
platform
android_x64
resource
android-x64-arm64-20240603-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system
submitted
05-06-2024 21:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

994baec2cfe0477cd7ca8a1a1c2c4817_JaffaCakes118.apk
Size

11.4MB
MD5

994baec2cfe0477cd7ca8a1a1c2c4817
SHA1

1c59a2945e50f1485d2d79fb720699565e991044
SHA256

4ec28e96b91666c9621996f7a3534c2b8b505b834189468142f1638f96678210
SHA512

2a3a8460e4e52e7fe74b73563af64aa55cf9c94094215a78a4d8860c5f1008bda3150d5feab64af7e305db20d501370bd55d0015a0e848bebe0a11ed38f9f80c
SSDEEP

196608:geAvHX00VxsCjq+pkFWoG6S5uqNPBB8nzNfjvd/qemTo8z8QmXaK8K+W3og7ZZE3:geEoGjuqNgnVvp8WXau4+jE3

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.cpt.bwin223120/[email protected]	4528	com.cpt.bwin223120
/data/user/0/com.cpt.bwin223120/[email protected]!classes2.dex	4528	com.cpt.bwin223120

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cpt.bwin223120

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.cpt.bwin223120

com.cpt.bwin223120
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Queries information about the current Wi-Fi connection
PID:4528

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.cpt.bwin223120/files/.jglogs/.jg.di

Filesize
340B

MD5
884be466f78ab2b4e0bd1e3fba08d1b0

SHA1
88d63c9441cbc0fdbb93a102ae461dd65cfcd3c8

SHA256
8d88445f3ae13f696cc82134c52c84641bc9e28d02e704b71b8de3ab3deb11b8

SHA512
bd199a6ee5212a886669a6fb4ac862654f7f934c00ae7812f7435d1c99141e8c383412e992a294c890381d7feda2c492452ff9ad4db613d615e73c0dfb5e70d7

Download Submit
/data/data/com.cpt.bwin223120/files/.jglogs/.jg.ri

Filesize
314B

MD5
64fa856987d101c4339e55facd15edde

SHA1
43447a1b9b4c98aa4ae547f768484499f303146b

SHA256
b926783cce5de01db72bb88d216b66f6862720e6894fc417640e8224e18858c6

SHA512
012779d9660b630f7afdf20a4876a6f56dc68c4b706327d51469396b9b4a09e9cc95e0a417ef63ee18a1bc04edd6da34e3a557b3756c5068869dbec99d8dcf94

Download Submit
/data/data/com.cpt.bwin223120/files/.jiagu.lock

Filesize
27B

MD5
eea79e3a6f97d4b939b5b483fb5b13e5

SHA1
22498964a1f10d96f6044038290afd6243e69f50

SHA256
65c89010acea5f116926b68c7eb70070faf7ee2aaf0bc0acd56a5eb930548554

SHA512
c9117c51a67a61abccc8c7abf5f10908c072696c1e3cfdf1c368347582e60db0f597e47dcacf30d4052fcc4ffa80a83d25b1221888eaec9f401f6410e424d019

Download Submit
/data/user/0/com.cpt.bwin223120/.jiagu/classes.dex

Filesize
3.2MB

MD5
3299f3988d8167a7abc1ae232df09fb5

SHA1
f17be1aff064aeb00036ead09603641165aa62d4

SHA256
fc1780d4d1c021ee4f6f1481f6aa3855e9134973724ec9c69f5ee823edca0b50

SHA512
1dcddd58abeb3a6cfcf3d90767f6b4815b7595e0d5512314a8cebb6315c128064066619640ae9ef4db4f3c43c2a8f25304036c5201af6e351e8ed2c9031f1178

Download Submit
/data/user/0/com.cpt.bwin223120/.jiagu/libjiagu.so

Filesize
455KB

MD5
e5a53000766ebc433b27d6a66ec4f555

SHA1
2c8f53f1c03aec2005bcad67d731f07261dabde0

SHA256
78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

SHA512
370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

Download Submit
/data/user/0/com.cpt.bwin223120/[email protected]

Filesize
6.0MB

MD5
0de3243d5a032793a3626be5126e6af7

SHA1
0d006e42b6d6e6f9fdc732c4247bf0bb2679949d

SHA256
d7ed8d29c0d97867e41c566f4df4c1bd8a8b8b02d924c9d33bcd33d171a2cbb0

SHA512
d596ebabfdfd9cd82a7b50a9aacde1e7d3af2bd0c22983f074642a18e85d8c5021cfc6f86dd1cdd147580076bd7d205d1060f034115f2143825ae4d3d98436af

Download Submit
/data/user/0/com.cpt.bwin223120/[email protected]!classes2.dex

Filesize
438KB

MD5
413c3aa20e32042b2f76b870d30cd0e2

SHA1
f5b26a1373231b448bc666d0dafc96523cf0d06a

SHA256
61c44ad8e3a762b9519b3091913e7add8fdef86cdf20d7b753ee9eff14fe9ccd

SHA512
6252ab622a4c11978b6634a1ceba8df12bf9e0f67357d8bd1ca828fbb317a5b108275c2a95cdae9e32028aedafe9cd2c0374079343a872b6a1c9c951fe032bea

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
46d3711aafaa31e61af51ef3ca2c9864

SHA1
0b2c95ca3052525d0a43ac1309c58a2933638115

SHA256
7bc88ac63475321d17722cbb2e02c264a736b4274ce40794bd7163dcb49107d4

SHA512
8c938fce120c9cfeda3b81b624ea57f9a984ad88411a29d4d4d1c271eb3cfaa4bef39f8a31cf2c6dd26be51d4625da51d6ce5957473c06ca601c58e4057a6c5e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads