0469094b50b53cb65a3db00332f99cad8dc7d86fe453a37f4f48807b72a41f43

Analysis

max time kernel
35s
max time network
131s
platform
android_x64
resource
android-x64-20240611.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
submitted
13-06-2024 09:36

Target

a4e1a0a12e07b3cbb4cab9ed2ec1b1d8_JaffaCakes118.apk
Size

10.9MB
MD5

a4e1a0a12e07b3cbb4cab9ed2ec1b1d8
SHA1

b637f578bd1132af84cc633d882de2d33a7b390e
SHA256

0469094b50b53cb65a3db00332f99cad8dc7d86fe453a37f4f48807b72a41f43
SHA512

89a0467f485b1d038214c5deb72e81be82ed766dd006bab16d3c262c0eb51c82d988ca038b3045a6b134651feebd9d649ef5f762faa80a801ae98b4035f3913a
SSDEEP

196608:Sog8DZ/S0OGVSiiwA+4p9Fprf7vHUiusN1sn+NJ6P0cWYm:SN0OGVRidp9PrbHU6++NAg

Score

6^/10

discovery impact

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

Processes:

flow ioc

2 f.appjiagu.com
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.vmall.client

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.vmall.client
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.vmall.client

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.vmall.client

flow	ioc
2	f.appjiagu.com

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.vmall.client

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.vmall.client

com.vmall.client
1⤵
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
PID:5004

/data/data/com.vmall.client/.jiagu/classes.dex
Filesize
3.7MB

MD5
e445957967ab5d558fabce455e563d7c

SHA1
b6b655ebebdb49426582ee1793eb48c81964f6a2

SHA256
348c6610439b8ad3d153f2f8fbe2680b1356812977168430f28cbcc6a84fb7d1

SHA512
9505ce5b43efeb11405b2ca2d79dd1c4a35ba1674c4039932efa4138cc9bf3a0417e769f3c92451846cb2c3cdb6d97589a986091a37514e6966954d9827b1ac1

Download Submit
/data/data/com.vmall.client/.jiagu/libjiagu.so
Filesize
363KB

MD5
6c9d83b90aa9c9f904d22eb9b16f8f95

SHA1
4d5e0ce3c55a22475b58a982d67ab9aa84384c40

SHA256
2432ac0b864b33cd599129578c42c43811461dbcb83e2a21301ccb8d0810c5e7

SHA512
07d16f67cefc986c0d6974e3bbc38d95b5b184520ec8f3c9ae59a2f0e76213d359b35dc507d482322d2c045ee75183def8e3d7659ff5fa78f6afff931084e90b

Download Submit