Analysis
-
max time kernel
6s -
max time network
131s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
14-06-2024 08:16
Static task
static1
Behavioral task
behavioral1
Sample
a8b1a6b725ad093201c68e90c2c673c3_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a8b1a6b725ad093201c68e90c2c673c3_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
General
-
Target
a8b1a6b725ad093201c68e90c2c673c3_JaffaCakes118.apk
-
Size
11.8MB
-
MD5
a8b1a6b725ad093201c68e90c2c673c3
-
SHA1
0d90574a8642f8ac8a3666252f98b9e11ebe944b
-
SHA256
8e7473fe36e123b21eb41c6a7694438ac7d084d7379a0f602e88f181de85a99f
-
SHA512
3fc8243d0ea5452b5a01c2831d569d73568e52619aa7bb0ecc2c54081a40c1e285b0b37f19af933943c26028adef583bea6b952ff04d34cdeacbc92ddc4e6ae2
-
SSDEEP
196608:uY3OVzjMT4JAu0a3mb1Yc+YX7eNDKeBveyNiUyVvwtCHXL8IoFTAjfbpUuwZTj5:uLscJ9j2bLtXBQveyNiUywtqdoWpJ0Tt
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.webao.webaoioc pid process /data/user/0/com.webao.webao/[email protected] 5007 com.webao.webao -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.webao.webaodescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.webao.webao -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.webao.webaodescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.webao.webao -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.webao.webaodescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.webao.webao
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.webao.webao/.jiagu/classes.dexFilesize
1.8MB
MD5a52553150069cb7276768945a102a3eb
SHA17bf939353b151ffb3587fae55fcbe5f8c18ff9eb
SHA256ca85ab3374d5740b14d3761fee5ea1ee45242e679f3a88412199786efa732a89
SHA512ea968d18a91ffea9b945774f9ee86c0d9d6b4faefebbc89948b9daed229c4b6d14e37d1a900516abfb2d4c2fee2cfbe45cdd962d2f9576a3a9464944e52bf96e
-
/data/data/com.webao.webao/.jiagu/libjiagu.soFilesize
382KB
MD5aa01dd97609092ce310e17bf791069ce
SHA1f000840a8f68ea7beb2e29ea466088daf55609db
SHA256e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2
SHA512766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4
-
/data/data/com.webao.webao/.jiagu/libjiagu_64.soFilesize
363KB
MD5164b659b1b75016c75a025e050ec82d1
SHA153f0156f39800db2ac4acebd1f3f97ebcf9138f9
SHA256aa8d5d52b64309ea1b5337fa5042874a3f81fcf5fe286205ac9a49bad2db88fd
SHA512a8e9696f179ca5915536e1d600d18c452bd90588a3d8e8bfe1a94b1ecba166cf627a3e2036421294afe4acae2a4bf12d95786d26e180440794e48f7de96fe88a
-
/data/data/com.webao.webao/files/.jglogs/.jg.acFilesize
32B
MD58f3687a9597ee2e90a3b00146ed4496d
SHA13abbbc70273ef5a17edc99714c16380c9bf37efc
SHA25673bb2e5f71de2274cfa397637471a541e3bca5bb25095781617db69db01f5960
SHA51291be25c4e9b5671d0a99f0123d7bceb4d5f5fbc2a4b359a7105ed690f3009295c379976e57bca90cec651d7988b1957760203de6186fe25146326940a377dfb1
-
/data/data/com.webao.webao/files/.jglogs/.jg.diFilesize
348B
MD5e6a6ff35a859724dee8a4a03c574c0df
SHA1099087f99f6f897035f717468bdf462fd72ce7bf
SHA256f5a73164d27d3cb53a4806086348743a54683e7b8a42bb563a64af2feaed06b6
SHA5120e9c7bffde610a330dbccd8e5236380f3eb6d4552b4b4ecefaf9a325019cbef16ac0743b7b250b3d566d9132472c087dd4fbff3f66cdd43952ec79508aa2dad5
-
/data/data/com.webao.webao/files/.jglogs/.jg.icFilesize
32B
MD51e8a045e7e9e5330a0f5d18d5d72e2ef
SHA143cd912b784a262ec2db0e91ca67defa86a13da2
SHA256039e29beed557e770bcbfe2462f58785e5befaece8c3f9990d0979a9253fd25d
SHA5121114e8dddc105c491b9147dde3ebcb0e270b67f8bbe31c304a044826ef122b070a8d4dcb7179a23a12ff130ddd1c27ee563151d85a223ea8cdad63d0152b4a53
-
/data/data/com.webao.webao/files/.jglogs/.jg.riFilesize
314B
MD564c5d7b53c1c7d08ec92263c63026947
SHA19e0d1ea4b28367896be719932cdb51863ac5e7e7
SHA256a2aeee00eb8af3ec4889c1a9f10a5dcb2aba83ae2827bdf8806c9c2e1e3628c1
SHA51293e9570f0e1b49a10031eda03327c08f4a7220ba85cb86dc7f7288191442df47737fa221ab08afdc947df0872f4f31bdc851b469fc1b2b106cc375623a5cd9bf
-
/data/data/com.webao.webao/files/.jiagu.lockFilesize
27B
MD5e318ac82554d2cb5e41da227011d6509
SHA1ad57f6d7f82ac034cb54b81fbeef3ea8dcd7bd6b
SHA2565148ba4d0e2b601f979dee313830af358e86dc0dcc5b32dfbf86a333462b77c7
SHA51265057aa264cea4370dc356965f9ef16e878742c8f1285f385591220ad787dd240cc22ad54e1d93cf59b2c76310b3b96657a1f0a3979ab9c7ade24e19de95db50
-
/data/user/0/com.webao.webao/[email protected]Filesize
4.5MB
MD51bec85d698fb7b61f9a50674c60cecc4
SHA1502cb0d91159bf89d5c5b3cc267ac15dd2b47768
SHA256fc18325cefdcca5311fbe128bcfd7032a9f6c2940c5baf95bfd905493de66847
SHA512942656dc9f9c2b6fe532379f8f19029ff071c6f04d81f6408363d496973d760fef6ae7c0cb546aa5bd521ae9b46a36e78499cfbe5dbf92a6fed0a2ab32adf38c
-
/storage/emulated/0/360/.deviceIdFilesize
48B
MD54c4c5285293d5141f582aefa4e038669
SHA1e01852a72e5a8e6f7d63a21426b515118196047b
SHA25636c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731
SHA512097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399
-
/storage/emulated/0/360/.iddataFilesize
32B
MD5a7514529248673ece682e37fa2a7f845
SHA1722b44ca6e15a9fef6c33dc348a2e37786596fcd
SHA2569c767f4a3f344c70215f9f8a9ead120aa2a8a3cea61304fdc656081945cdbaf0
SHA5123234452e795a6c219a9aba1bf464ce85b2bf2e6aa0f4e629f5fb39605a4951eeab9b06ff6015d2bf85555207f11d013daf9a070bd4d37308f9454cbd0080cc85