2f99bfeaad94c07d8d670e690756929f35c5518f28f7492de6bdc9cfe1ea98ab

Analysis

max time kernel
2s
max time network
175s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
18/08/2024, 12:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a6b87166081dbee2746f08a1b9f68b24_JaffaCakes118.apk
Size

23.6MB
MD5

a6b87166081dbee2746f08a1b9f68b24
SHA1

e64adcbbc5e8f78becbdf30a3cd73102e2dd067f
SHA256

2f99bfeaad94c07d8d670e690756929f35c5518f28f7492de6bdc9cfe1ea98ab
SHA512

a5ca9ff7b4926711e8379845de98486c80f306d33d241570d9f548fa4e833972d2a349beb1fc8b0959d1d00a3c694e94edf89324baad540ac096f742c6c99dd3
SSDEEP

393216:mQFcSDk52ZlWQZGN9D2DJbgJ01roqzzp5VyxJfy5yFOZ4wOyXKCVnbhlg2GhOUrw:mcm8xGN9D2Fb2kr5vwEnVnNlFUrc

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 6 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar	4980	com.qingshu520.chat
/data/user/0/com.qingshu520.chat/files/beacon/comp/9.jar	4980	com.qingshu520.chat
/data/user/0/com.qingshu520.chat/files/beacon/comp/21.jar	4980	com.qingshu520.chat
/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar	4980	com.qingshu520.chat
/data/user/0/com.qingshu520.chat/files/beacon/comp/9.jar	4980	com.qingshu520.chat
/data/user/0/com.qingshu520.chat/files/beacon/comp/21.jar	4980	com.qingshu520.chat

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.qingshu520.chat

com.qingshu520.chat
1⤵
- Loads dropped Dex/Jar
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4980

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.qingshu520.chat/files/beacon/comp/1.jar

Filesize
70KB

MD5
fbc9ad99563091d07cfdfaed823bcf3b

SHA1
906f5b3e984ddec5208bd01468901cd0262cc1e9

SHA256
d320347a935fb3a98ac3858cb55a9193965cd5f9b04ad97838fb493c612d1010

SHA512
ea259833bf55b9174f55b84ab62aa9a586287e0c1375f266668519d8ee273c7fb5c7419cdaaedcf1ea40c758531a65353d5c2a3083858d7c65f553b1f80149c0

Download Submit
/data/data/com.qingshu520.chat/files/beacon/comp/21.jar

Filesize
2KB

MD5
81b45de6a47986d607e660539f02e21f

SHA1
d2f1961e00bc48dfcbbf76a3d5648544e5812afb

SHA256
43919275b8694ddc0de13559603d2b8fefaf80aaab7a596d0617e324dac130af

SHA512
7e99792b4d6e6f0f35b4966a934942a1658c6eb27341905cda65adfc5d8aa496c33229f3bfdfeb7fb8a047e603bcf5463efa34c233800df723b26943f7c28466

Download Submit
/data/data/com.qingshu520.chat/files/beacon/comp/9.jar

Filesize
5KB

MD5
07e7f8974d3ebde93b2d85aca8d96470

SHA1
72afb51e234cb6f6b99c50739b2b73d0182d78e9

SHA256
15c5291d63d9425aad8a2374804589ae6a0d377af59319715f35e09bd7fd1674

SHA512
cab58123d458d3b37880569b5e6b40dfd711a4ce259a17292a02935c885866e440704f8075cc2485108c425b79ff7fd032fd7bae6f09264fa5ec9de204a61a54

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_deps

Filesize
292B

MD5
4e5f279ef5767813e0d20a400defd576

SHA1
4b0c93949e66cb7b2f347b3aa3424eded44ca89b

SHA256
f1cde3d8a4f7fb66fb2a5d7e66ca689134510739d661c67068e5e5e97e876de5

SHA512
305690b407b78a31a92fe575ad3a79508e6aba57151d9b9b48b772174f431cf804997dcb44d09be08497e2211b79f9b098d88e9529bcee45c9f9db4492bede18

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_manifest

Filesize
5B

MD5
c06857e9ea338f3f3a24bb78f8fbdf6f

SHA1
c5a0a2529d2deb60fec041b4fbd722a2ebe31702

SHA256
957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

SHA512
29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_state

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_state

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar

Filesize
149KB

MD5
400bed053ad682fd97b6b6c29ca56850

SHA1
6510943291adc21449784053910d1c6b3b6ac25c

SHA256
2d6b9d05d52ac688020ab87693a919766d3bf297206c73414e265e9fec20bde0

SHA512
0aefd2f3364f92c69e9421c0c072c61e5d3eb786cec7ac4bb6229af24374153f73fec537bc61ad16c838f489179c1d217ff40518832f9ffe5d9ce5c62ae31dde

Download Submit
/data/user/0/com.qingshu520.chat/files/beacon/comp/21.jar

Filesize
4KB

MD5
95fd429692f1c425d2ba645bf8aecfd0

SHA1
9deceeda826681da904e5072354e29f10e2ca0c1

SHA256
f739e9eda14c551de612e4d796bbf66259c46a0fd436ca9cfcd22502c52be3f6

SHA512
51c1bf3723a9f80b607cf9ae67fbc46af4688fd8eb55b679c90a36fcdc54f16c14119fbb54026f59c528f6cfc2fcf13313173591065fbd21042923cdc8631ebd

Download Submit
/data/user/0/com.qingshu520.chat/files/beacon/comp/9.jar

Filesize
9KB

MD5
2107c300b3b0233ed34d07baedb7f239

SHA1
0f43487085a81ec035af5f5534f0ba36c7eebc90

SHA256
47a25b67b95adc93403e37577e8f8d366ba935724ceb0aa3c02930f69748a55f

SHA512
d9be4b41b1e1a8e507f3146b44b5e05e1c96a67f79c61083e2736c486f1ba9fa61839216c47de656e65f5f597adb659982239a5d49887ca8dd566542c2a999a5

Download Submit
/storage/emulated/0/Android/data/com.qingshu520.chat/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit