Analysis

  • max time kernel
    2s
  • max time network
    161s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    14-06-2024 08:42

General

  • Target

    a8c8f67e00c198984043a0449c58a2dd_JaffaCakes118.apk

  • Size

    13.0MB

  • MD5

    a8c8f67e00c198984043a0449c58a2dd

  • SHA1

    015209d9499f7e1e54d06dbeea90bc69b03694c0

  • SHA256

    a8e987a5d4dbf117201b8f0aa2e185968e08cd14d4b69ddd51edaec6e6d8ae1e

  • SHA512

    8b87deac79ee0f1989eef5e0a964eed8664630e37f4ee81e4b35b21308bcd21dd2354c13f8c01647574cdbaebd1eda024db5b9fa75c944b4f3f814fac4d8e7bc

  • SSDEEP

    393216:F5LQyeKXCXiil4PtbpoBoWBWtABJgRNl/0qS:jNw/41FfSmRH/S

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • com.shuame.rootgenius
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4282

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.shuame.rootgenius/files/Data/Bin/busybox
    Filesize

    10KB

    MD5

    6a2981220018d857a6372e93d63636b0

    SHA1

    fcf6434ebfdf2d28cff6577becea3af00dc1a104

    SHA256

    416299b0a604a5370c349be30279e2294eec620af29a70c66e570d53994da903

    SHA512

    fd4a15a53395e33010ba30fe04b049d8b40f94629f6dd1fa53c647a28c4e7f43501f2294dc0578730de75731ab607a2b644772351711e83923b393dad74c474d

  • /data/data/com.shuame.rootgenius/files/beacon/comp/1.jar
    Filesize

    70KB

    MD5

    4f198eb855b4409968888cc350a4d65f

    SHA1

    5bccbd8f60564cbf7930576119b790cc311a13e0

    SHA256

    d4f5a27326ca3b146a84122d04f01365459fb0cd63c34576f9957dce0df130f3

    SHA512

    5bf1db583b205fa84fa8c6637c80eed639f2a1acc3a0a73711c5f51444b064116bfbde23df15110d8cef78cb7792d744a6bbd6526adda65f842155c30785b371

  • /data/data/com.shuame.rootgenius/files/beacon/comp/5.jar
    Filesize

    3KB

    MD5

    0f007704fec9b983054009f7d9dd593a

    SHA1

    3ab6b7d14f326d4aa6279eb41465a98b1603abfe

    SHA256

    696a941f6a45156144e4baacef4a8b8ae187a70c92137d9f6077995334ba45a4

    SHA512

    c5725dcf0c21112b20a0b89274bdf077d78b97986d57ac546e5c9b48ba4ea9b68e74bc4dddf873d368a32397bbccb3f9a83707c6f8fa7856315ed9ca27715437

  • /data/data/com.shuame.rootgenius/files/beacon/comp/9.jar
    Filesize

    5KB

    MD5

    78fda54d578e58f8eb258237c776f472

    SHA1

    b906eba1749b99a5119aaacabcb7fc0ffd16bf3f

    SHA256

    7f7e8e10a3d14416c033231ab70c649bff6b4ec4af9a8f34cb177b64182998d8

    SHA512

    d36331fb108e464fd18d4f35f79d0fc30ee0ab8575e4acc2bcbe332686cf1b1641499c09b2c0f8f0d28d663e7ed2d1dd8f16f7ab23a53a38ebdb9c58ee6259c3

  • /data/data/com.shuame.rootgenius/files/beacon/comp/libBeacon.so
    Filesize

    24KB

    MD5

    a99856a4a0b5766f911370d5adf38fa2

    SHA1

    f8e2a1cc14f1156e833bf6931069acab3953a640

    SHA256

    80471bf1bdb73969bb4b75ff0050fb5e400a1fcd6053c9d0ae859eb993bb38c6

    SHA512

    6fa88c0a04ae114107060c8deb3b0944fa5d9b7d58420d9bdb66af34d2a1711617ee2246dee2b28fbdf35e219b8346ba22420f8c957ec4f2116b47cfa244f6b8