78b39793d76315f55280b4b09de1179ec83abe9203baa3ca9ac27a5c54c43653 | Triage

Analysis

max time kernel
3s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
16/06/2024, 10:18

Sharing

Report Analysis Logs

General

Target

b2fc3d2a4360ca800e17cc1d74a10924_JaffaCakes118.apk
Size

24.0MB
MD5

b2fc3d2a4360ca800e17cc1d74a10924
SHA1

b096d9ab53f9740a7fb1ab7330cfd7ce118d2c07
SHA256

78b39793d76315f55280b4b09de1179ec83abe9203baa3ca9ac27a5c54c43653
SHA512

a83e7b0a533ec807b4ca57ea35f4920459a9b50348ff88bd27e6e979cde378df2f0f18040216675db54bdbc6527630de38d0635fe914fe7084de1045145671bd
SSDEEP

786432:xRSBnWBcl9D2Fb2krXo9NXFcfKIRkkCPZFlwz:7OWBOZks9N1MK5bFlwz

Score

4^/10

impact persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Broadcast Receivers

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.qingshu520.chat

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.qingshu520.chat

com.qingshu520.chat
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4274

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.qingshu520.chat/files/beacon/comp/1.jar

Filesize
70KB

MD5
fbc9ad99563091d07cfdfaed823bcf3b

SHA1
906f5b3e984ddec5208bd01468901cd0262cc1e9

SHA256
d320347a935fb3a98ac3858cb55a9193965cd5f9b04ad97838fb493c612d1010

SHA512
ea259833bf55b9174f55b84ab62aa9a586287e0c1375f266668519d8ee273c7fb5c7419cdaaedcf1ea40c758531a65353d5c2a3083858d7c65f553b1f80149c0

Download Submit
/data/data/com.qingshu520.chat/files/beacon/comp/21.jar

Filesize
2KB

MD5
81b45de6a47986d607e660539f02e21f

SHA1
d2f1961e00bc48dfcbbf76a3d5648544e5812afb

SHA256
43919275b8694ddc0de13559603d2b8fefaf80aaab7a596d0617e324dac130af

SHA512
7e99792b4d6e6f0f35b4966a934942a1658c6eb27341905cda65adfc5d8aa496c33229f3bfdfeb7fb8a047e603bcf5463efa34c233800df723b26943f7c28466

Download Submit
/data/data/com.qingshu520.chat/files/beacon/comp/9.jar

Filesize
5KB

MD5
07e7f8974d3ebde93b2d85aca8d96470

SHA1
72afb51e234cb6f6b99c50739b2b73d0182d78e9

SHA256
15c5291d63d9425aad8a2374804589ae6a0d377af59319715f35e09bd7fd1674

SHA512
cab58123d458d3b37880569b5e6b40dfd711a4ce259a17292a02935c885866e440704f8075cc2485108c425b79ff7fd032fd7bae6f09264fa5ec9de204a61a54

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_deps

Filesize
292B

MD5
8e3634ddfebae0dbcb3520cfa7e47936

SHA1
d7001ab8dfe7e02890ff56b34c41b2df28d51c89

SHA256
826faf704851a04cd3a55dfe094e6183c413d52dc721d582f1550753fae1a8bc

SHA512
3db47371d7ce6dd63c2d677415bf754e8b8da3fbf8de95da855e6a8a8e93d75df602af387aedaf917374932894bc668520a1070c65c76320c1623c7cb57cf8ce

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_manifest

Filesize
1KB

MD5
ac91d59650f052003b97d5d7f7b9cacf

SHA1
f4c8939eb41fdcaa003f5692cf6de6e9e95b942b

SHA256
ac32f515e4743e1dea9661cce9031f4f43f846556b810b6b1330a0eb299e21cc

SHA512
fbdce0a4d21d782a425023f41ec521fa6aca2fd14a537591d54b77d6306fa32540d69f8963ca9202cb5e4d2ed2c6728bd412b0831b2f56d1876fd17c7fce06c9

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_state

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_state

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/data/com.qingshu520.chat/lib-main/libQPlayer.so

Filesize
422KB

MD5
f4f71cd6092b94b28965d82b13bf702d

SHA1
5310fb9ad98c7a960ff45f2fff1d6a5e05bdee2e

SHA256
d5c8628d8466cc8856689f498e13465585df90344497fc4462fb7831f47dc2df

SHA512
a9b485c05e6a424d0e25f73be4bb7627961468f224b3c1b4c86243918ce6fdd43b8d72788d039fb1639ba6b778d97162a0ae79cf0bb7c76ab63a2e09f0e82610

Download Submit
/data/data/com.qingshu520.chat/lib-main/libavcodec.so

Filesize
5.7MB

MD5
9f1223502338f1680c1b9f887de91ae2

SHA1
cd928cfc805ae47e510e641b3d342b9b632fde63

SHA256
8b1de1ae8ef2268340ef3c83e9b488247eb29a5314c702e3f5471e7629bf158f

SHA512
58305b78cbf813db3de601ed87b68383fc7ae6c61d91440eb200612fdb6d2c1be9c680ac516dab310a8fbc714ba8e3aa436a23bcbdffe8288d10cd945ccd7888

Download Submit
/data/data/com.qingshu520.chat/lib-main/libavformat.so

Filesize
1015KB

MD5
95858ce09859ded9b9d77665e25d1b49

SHA1
1e9f87e50c902d7b37fcd4e5457f9efcd7608899

SHA256
49919cb937caf9a9af67b977eb1c1e893ccf145b4bd4878bfc16fbc495314d33

SHA512
509b469ff86d21fefa579008e4a73cd295956060a22f07b5991440d8ab2d43db9667a61065d81ebeb1f96ef3c100231604568802bd625124d7c981f512558450

Download Submit
/data/data/com.qingshu520.chat/lib-main/libavutil.so

Filesize
249KB

MD5
6d89546b9b4f21907169272d34301ddb

SHA1
3bece0f6d4ed1340a0204a66b4c7ac7340c62206

SHA256
7df0e3dce972509f75dc569885cb9dae13af1a5f57b5889cdd5782fa8383d33b

SHA512
82d8341a10f65c69d0f00ae057a7787d929fafb3ee8e9c73d5e4e4e4ba2535faab82d9d0aad1f3ab74ecb6a89f8e12a2f87dd1feb19fe8741873ca2e55cad315

Download Submit
/data/data/com.qingshu520.chat/lib-main/libffmpeg_mediametadataretriever_jni.so

Filesize
49KB

MD5
1cd16ba815473fa7a3f3b0dd7739ce1e

SHA1
7d511f9d6860e519ae3b7cc6d471925394f3c088

SHA256
e539e7b86e7f22700d73055f5df0a96df7094a77a21684f7806eb6d7eb3c789c

SHA512
daf8aaba8e2277d269b257b0b7980aa7e3286425aed5c6cfe5b9b0a8a7dff694f98955a5a38aa469066a55e036f06790414ef755c18a132919840bc63f11cc67

Download Submit
/data/data/com.qingshu520.chat/lib-main/liblocSDK7a.so

Filesize
33KB

MD5
3a334bd0ee8562fe5ea137979c3da025

SHA1
3ed0d42733657f26a39ef39cc9f653b3ba448e10

SHA256
c1864e9f029d477609487e27c36a862f306a1077ba1ebbbebb8e88c882616d5e

SHA512
feae0f3633d84bffa6ba21214de2cdb2d9b0c0b41943625171e40c06883926df01c68655e0b2495f863d8e65a4dd383b82f506d0de0f0ba4ea4a87193c27747b

Download Submit
/data/data/com.qingshu520.chat/lib-main/libonlywechat_plugin.so

Filesize
53KB

MD5
3d7b0b2ac561f3d9f2e8b3658ef00a47

SHA1
726c6e3fe35c75596cca114499d0300267f5dc1e

SHA256
82999caf761218fc97717c8d7521381f47fae9028b1f3a7d2204d8e423440388

SHA512
bd79c5c11e65ce6c59021e216cb22e84cd1960c442b42089564eaa0579ca3e7f499d31def43993436bb2d17a4ce010f1420ce5051cacc92fcdfec9f0af9e2bd9

Download Submit
/data/data/com.qingshu520.chat/lib-main/libqcCodec.so

Filesize
2.2MB

MD5
78fb6510a4efbdfe4941c4460b26258f

SHA1
5a2f409bde21dd5296ceb698019521b81286be44

SHA256
8e9f366f4fc61837c3ab4fc26d0e4bf6e572a75f2db517bf284a77e094c732d4

SHA512
5b36a4d3a2cc3012c81131a137d3c7685be3045485be806ba8253de8372ace113f61c353ba184e5979126c0b636ebfdc7e3a7a783815fc0b855b772e4d72b048

Download Submit
/data/data/com.qingshu520.chat/lib-main/libqcOpenSSL.so

Filesize
1.9MB

MD5
965a504dada68cd8fb606841c6e3b4e6

SHA1
9c1594233c1f56d54b891649d6df54f3873e45f9

SHA256
b769f67db02f5267c373679add48fb6bffea346a549b5d3e846ec012e00a8842

SHA512
b65e7e8a91347542a8e25db3b1aba3eec7ec5f55cb18175725556bb9c4311f1af101af96c7f5c92d72292b6a9a1a3a04f8bdce34858d500307c59d7c93b12285

Download Submit
/data/data/com.qingshu520.chat/lib-main/libswscale.so

Filesize
317KB

MD5
b6482b64907448b8959ddfa4191de569

SHA1
4fb7ea8ffdef2cfe056b855786be94e303462c23

SHA256
38ca644a9d568438b5ae4780077d06701873e9f1005f6bf17900fbb7bf1cb80d

SHA512
3c256a9d25963b97c481170f9ec4e32c3fd05419bde3a83aa86180a402377877821c1137033ccf580c65f6f0e9fc2a481a8750d53b1ead3f2ef51f8056365cd5

Download Submit
/data/data/com.qingshu520.chat/lib-main/libzegoliveroom.so

Filesize
10.2MB

MD5
7425d3f2a6a09c7c19e46e820eea99b6

SHA1
eb068745aa5a68763400ddbd33a79ae9668f6a0e

SHA256
5e60a0414586c53deed35c9a66f27cad4e38acde04665f7778fab079e7e992d9

SHA512
6dfc0cac305520854c7f3e828f85b05c1b33fab145b2ca52374bfb3356bd3c8146d6a1c49612350f9054ed6d50e5c562aeb46a88c1662a01de14e2f8f3e39fd5

Download Submit
/storage/emulated/0/Android/data/com.qingshu520.chat/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit