f68a71f696c2cf42bc1e6717644d7cbe975435cb28bff24f5dd4328f7f0c22a8

Analysis

max time kernel
5s
max time network
140s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
27/06/2024, 08:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1542de6835d0a97b7edd7eb2f21aec79_JaffaCakes118.apk
Size

1.5MB
MD5

1542de6835d0a97b7edd7eb2f21aec79
SHA1

5addc9b49993dd1cc0c7243f00e975c81b5d6135
SHA256

f68a71f696c2cf42bc1e6717644d7cbe975435cb28bff24f5dd4328f7f0c22a8
SHA512

146e2ae62c1897a6ad505a075498009d058f73ae6e922171b48d1838f196e9883fad445ad7bb66e9a9aebdb8a5a4251502495f8a78cd813226e04c5b00f425a4
SSDEEP

49152:wy+a6u1yQfS6pFJoo0Eo9AOOniENtADy3MGI:wx3iSkFJo28OiER8GI

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.ddccv3/[email protected]	4476	com.ddccv3
/data/user/0/com.ddccv3/[email protected]!classes2.dex	4476	com.ddccv3

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ddccv3

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ddccv3

com.ddccv3
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Queries information about the current Wi-Fi connection
PID:4476

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ddccv3/.jiagu/classes.dex

Filesize
534KB

MD5
815252536c3949fa3fb91ff969d92dd8

SHA1
6d3b366163cbc8074a4d81cd87010f2504f9d582

SHA256
60370b905a022cea81a810a1262ddd7f1628b34270d462aed89fbbf53d3c5677

SHA512
fa2e6571105e7d36de8e445567086c7286af399d2183372b88d8667ae77acba177a902da09d1e55b38d7ac78679069db64052bae77f8312ea2f938da3d8ace4e

Download Submit
/data/data/com.ddccv3/files/.jglogs/.jg.ac

Filesize
32B

MD5
d2a664b6fdd7a93ac1b21df147505cd8

SHA1
f5670ee12c71c764d4850b0e4aec58858a639fdf

SHA256
9fdbaeaca9685c7f725283ccce53c4738ca94019ea275e175b7589a420fff60e

SHA512
3074abf24c55e2753134b87665aa0a5542cb22168da5a86e63087ba9f4fd1df5bf9f6f7f0ff072c85b6f50dadc99d5578763dd18ac96b88d429643c9d1a9fed0

Download Submit
/data/data/com.ddccv3/files/.jglogs/.jg.di

Filesize
340B

MD5
7eeec528dc85745e0f2a651d24692e36

SHA1
09c5698cc9d533b63a970b90384322885be1871d

SHA256
683bf8c34914f691b93eb58444374780df93e75cebef5e7e87f83fa68a72c70f

SHA512
484481585dfa68700ed249f5c1cbab3004f782b52476f98a8b3a0177ebca79ffed3f8ce004fead9b46b400651bd34dfc52d6a6f61806a41e909547bebaa22a60

Download Submit
/data/data/com.ddccv3/files/.jglogs/.jg.ic

Filesize
32B

MD5
30a30122dc49e19d78c9133fecdda607

SHA1
4ba54a1c7c0255e11ee140ac540f1006ff796507

SHA256
45f9c996013b816edd89a624e570d981ce5f3d164de13da600dc4d37372a1229

SHA512
0bbaef97e2e4297e3f6199bfdc4d980700a8a452bc2e999a0ae98eba8501d63de860b75e39208935d809c39b240d3c0677ffd82d15f5b1444a4a764c9fea2caf

Download Submit
/data/data/com.ddccv3/files/.jglogs/.jg.ri

Filesize
314B

MD5
4d13430a8066f82cdebdac2535bc3d21

SHA1
5bcb385a26ecd2dbb5f6e9f4a08f0cc50fd275e0

SHA256
0b61419699c421f5de30cc6d1d6abf1b076faf72174e0f4390bff2103acfed44

SHA512
78b2874175a2a54b3188394adc64df9358450aa4e07d114162de24d911a2977b74343f2c1e4a8b1e3c378d5bc7fd982df7fa6250c221c637b289bd81b497de3d

Download Submit
/data/data/com.ddccv3/files/.jiagu.lock

Filesize
27B

MD5
b91001d4d165507d815205e68a1e6ee3

SHA1
c51c3114cf33555bfb2acc47dc6024172f3ed248

SHA256
a1de3eefc7de0477ab8c634b2551649e6679ca9603b5ebd8a7d34ff2710bd970

SHA512
3d7e3455e275c0e744bac89c69736602459b36643bafc5fefb985b641f03a7932fc2ca83e3bb75e4a69d249a37e92c03bcf7f1a11e90e7c022f4b6d856e14353

Download Submit
/data/user/0/com.ddccv3/.jiagu/libjiagu.so

Filesize
363KB

MD5
f7f5e960db0c8a6f3b5b8d1a0427a042

SHA1
a8b623f9f87a6e785508befe07314da2fa903bfa

SHA256
17ac5b03f2a51ebdf2cce66314bc8e3e1547bfa0dde61357fcc07768aaaecb3c

SHA512
ec889d1d9428cdbac082d0b5ab81cf33ac417874a416daf27b02af3d207b1b02ed794fc0b3f0ea266c8edaf3bfeb8f3cef7c631af689405fa629fee948ae8cba

Download Submit
/data/user/0/com.ddccv3/[email protected]

Filesize
1.5MB

MD5
20898dfd3e3d0ff8a6b99ede4a08e92a

SHA1
c6a9756c2d58e723ace9d22367362edc92535ee0

SHA256
0e8fbb64fc0cad28aa62e46951ce317ff0975461fc76e58316eb4970dc37f7df

SHA512
7983c46d3b2cca27de118e466595c45d4d8ad43e06511fe0a453cd14af013d7ac4db980d8882b735a5851d290830d6367253e74de94798d907c319250b1a4762

Download Submit
/data/user/0/com.ddccv3/[email protected]!classes2.dex

Filesize
83KB

MD5
893dfcee96dbc85834e5345669d40d67

SHA1
be338a037e53ac2155d9b3664b0ca2a7c993102d

SHA256
41790ad9f29fc47051e5efebe54dfb93d2059afc73b136ccc920ffc72d5204fd

SHA512
7791ebbb0240ceb0900a24aaae18bf71b835ccccaf93bda7e78cabba381ea467fc0dbd3f67d698dbef076a0b043ffed4ee09d68b5151032abd0e3d4cfd01e112

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
46c4561e7921002eabc4f30d1d00e673

SHA1
14de956640d373d0d4d62157b5005cbf1a8e730e

SHA256
98ef05af365e14a65c194b723725b9204a6bf5854441938b2b2740ad0c4d4be0

SHA512
62d81dd64e2396ac21464019bf3a94b0906bdfa8478f3613101513b37fb01c03a93ad6eacb6aeed6e965ff0f27bac76184fe9b18ba16c9373840b02edaebf5a0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads