Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

a003a4b24a...18.apk

android-9-x86

7

a003a4b24a...18.apk

android-13-x64

8

Analysis

  • max time kernel
    7s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    16/08/2024, 21:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a003a4b24a25a53ea3048505dea9c007_JaffaCakes118.apk

  • Size

    26.5MB

  • MD5

    a003a4b24a25a53ea3048505dea9c007

  • SHA1

    33acf6b578275bcddb843af5e98a7aa9bdf7627b

  • SHA256

    05bc5dc7066d96282ed923e4e547bfa2c6c94193d6fecac3113da206a02a183c

  • SHA512

    8fbbb9be4914a2b036e6a6e449f47b300322ba60c677456a1f6388d48d2b834a298beed0efd3ea086a8c85e3705ce2a7caf162b624bfa40d0daae366751b61d6

  • SSDEEP

    786432:WnqtWc7N14gQAIa0621E8wV206hi1XbFzZV+1bFI73:gIWe14RdEQThi1pZ8ET

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 5 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.swkj.share_earn
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4255
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.swkj.share_earn/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.swkj.share_earn/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4285

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.swkj.share_earn/.jiagu/classes.dex
    Filesize

    6.0MB

    MD5

    b3c03492b0d052a8929a1dbc0bf23831

    SHA1

    517573c16ec6d646945b07f6dd885df4a7c28593

    SHA256

    d19c3c3a9038dc48ef20cb0e9f9bfae7467f976aa0ab28f2659b1a5ab8afa29e

    SHA512

    c42b715b6658863b80a46ad80158556d300078e5e38bb9d03d06463367a1144c45311fa0afef79c70be886e7d542d06e4c551f3f70b5178e48aa58041686fb29

    Download Submit

  • /data/data/com.swkj.share_earn/.jiagu/classes.dex!classes2.dex
    Filesize

    1.5MB

    MD5

    36c5bdfbfcb715dc0928df75327ced5a

    SHA1

    048d580b5fce3be09c0306733ac6fcf307363904

    SHA256

    7ebc7420960454c66c7da228bf9af96dbf8505f5a1548b60596c0e5c4039eba6

    SHA512

    9e43834390e3de5ed31c00a2b1793279b486dd71b68bed698d1a4da9c79b353b85ea24c3cce057758a893bfd56cb6fb913fe3594aba5ce620206682dcaf7cee8

    Download Submit

  • /data/data/com.swkj.share_earn/.jiagu/libjiagu.so
    Filesize

    496KB

    MD5

    f07656a2f51ecb23edc102003c32b764

    SHA1

    3ef18f74b609313887b9e825c56a54b5a9eef20e

    SHA256

    f6847402ab69102f8495aac58b9beddde9a71dc52470c5de17e382eec2a6b913

    SHA512

    34b337d2cf98ec3009f80ff299e43984a1c911e5f9eb5942a915915cb7b5b591ffc9f1b79a7989534c2583a703a3f0857e74be68cdd71388f68d5bef354f7238

    Download Submit

  • /data/data/com.swkj.share_earn/.jiagu/tmp.dex
    Filesize

    284B

    MD5

    f1771b68f5f9b168b79ff59ae2daabe4

    SHA1

    0df6a835559f5c99670214a12700e7d8c28e5a42

    SHA256

    9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

    SHA512

    dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

    Download Submit

  • /data/data/com.swkj.share_earn/files/.jglogs/.jg.ac
    Filesize

    32B

    MD5

    f3d4693031e004d85ddf62fbd5546a50

    SHA1

    9289bd9f245d7129a3c3e3adca8b9e3fc8d8d487

    SHA256

    9e24eb9c5a98f448110972406c409a55dc5c93fe54659bde7ca08807881217f1

    SHA512

    b5a7b9a18229f546885b11b49838f414e82f23bb1b149ff2f1847df94ffdc5dc121dce1b307bda436851feb68e0cb0eed931aa58233b5158ff70036397809d15

    Download Submit

  • /data/data/com.swkj.share_earn/files/.jglogs/.jg.di
    Filesize

    340B

    MD5

    d24eae1d06bfe6e16736ef0929768964

    SHA1

    c55868311776d233a2b2f5c555ac2c56eec78caa

    SHA256

    fdfcb35efb85cc38fa7f7be82166023912b47cd7d26703e846d000dfe61730c2

    SHA512

    685804375b52347cbd968aea1576974c199faa8d6c32d1a22b29412dd79d27af83920e8c371219f2bde9393279acbf38fb3526158a6b3ffcdbf21c32122892e9

    Download Submit

  • /data/data/com.swkj.share_earn/files/.jglogs/.jg.ic
    Filesize

    32B

    MD5

    163b1403b199d52fa7e867ad56bf6e4c

    SHA1

    adc72d5a08d407f9dd1d5d3f47b76d49fa6da464

    SHA256

    bb39a9dec016ca6de9c2e25765e01d4f9924ad3999b6a0c4d81fe0c51b8945b1

    SHA512

    9fb5f041a5d78f995b5f0933531bd99e99e356fe579d9ae1df8a2208d4177577006394138cc5425d8ac47bc53e6476594658f6169e6f9b56a51f648e77ab94b6

    Download Submit

  • /data/data/com.swkj.share_earn/files/.jglogs/.jg.rd
    Filesize

    73B

    MD5

    d1f28687898e78ad0450132888c12d81

    SHA1

    2089d02cd36f83b2d4797eff410a9385a27bf76b

    SHA256

    3e3da3c360623eb69ebc974c272b03109c5510c6c7f9b9c0654259b7d97a268a

    SHA512

    aeee882dfedffc3d80acef614ea8dfb213107cb23f2c88f83541438ad0206b16a448c5116049759d01c18644aab3cf1f568a1d9bb28aba9719afa795e0604140

    Download Submit

  • /data/data/com.swkj.share_earn/files/.jglogs/.jg.ri
    Filesize

    314B

    MD5

    6d873baa4b74719b79eddbbe5474a676

    SHA1

    8023623da43f5027cbe3957123e7ae091d1b1d45

    SHA256

    4b3cf40f8b43a17245bae0ea3cdd360ec96039036e9aa141e1e80ad6d7bdd310

    SHA512

    9049959a2f4ac5a4aa6d72827d7bf467d40073eeaa19b9ed821590c379260f2a5411080578e482e2928044e86a7fa2d9c1b1c4af25fdc70b42a18365b9966316

    Download Submit

  • /data/data/com.swkj.share_earn/files/.jiagu.lock
    Filesize

    27B

    MD5

    424fb97a0da4f5d52935cd4b6718cece

    SHA1

    99907d69a0ed91d860d091d7d88c028b9b9a3e93

    SHA256

    7c166d7d480f578da860b2ae3da7a5306fb05a53725d69b3c32217426a935734

    SHA512

    ff6628b87398c51732981761ed64c5cda87a2623805f9aab618547f55e7b562095a492f7cb5906e8530113d4941a83759ec9a3bdb97b8223359e98d9e5ed523b

    Download Submit

  • /storage/emulated/0/360/.deviceId
    Filesize

    48B

    MD5

    1d8d16c4e3b19ebf18988530d9b9a757

    SHA1

    bc94c1cce05cd848a53271ecb9c5311e27ffebf5

    SHA256

    abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

    SHA512

    4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

    Download Submit

  • /storage/emulated/0/360/.iddata
    Filesize

    32B

    MD5

    ae23e88dcb3b187f9db79f31c26ea51a

    SHA1

    43aa9697e44c8e26609862edafe3474622b1cb72

    SHA256

    4ed45d547dacb5818c51eaa4376af829964f521dcb2431c020df110e38ff541b

    SHA512

    f9cdd18ecd246a45e9725f4fe35547c70f7bc810578dc232b39a6cc3d9cb4957c9eeef601fb33b38b657ec672536c23000ce31f7451a8d94f17a6a100f3183d0

    Download Submit