274448a0c1cf8b812ba0ec5a33a89fefdf84c457b9bf5eab040eb3fabda30a0c

Analysis

max time kernel
4s
max time network
143s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
08/09/2024, 22:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d52c325040428c8a83d3aa37d27134f4_JaffaCakes118.apk
Size

10.1MB
MD5

d52c325040428c8a83d3aa37d27134f4
SHA1

1f82809175de14dd0339dfceeb5385b760dce14d
SHA256

274448a0c1cf8b812ba0ec5a33a89fefdf84c457b9bf5eab040eb3fabda30a0c
SHA512

56dc06da6d41a20ef8b4bd5c98b750a587068113b800fa3453dd358f2529a521135a2e53973b50033fec1808330b147b2fc648c7d14e388d1366e7685330e51f
SSDEEP

196608:3L2WEmaEpyfsB5N+1WvVAe4lf0sQE1P95a1kdFcuSYBMwo32Fp/wUWlg:PFaEpyflcfw0sQiIUueU3ApYDlg

Score

6^/10

discovery

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.daihanqiao.jdy

com.daihanqiao.jdy
1⤵
- Queries information about active data network
PID:4298
- chmod 755 /data/user/0/com.daihanqiao.jdy/.jiagu/libjiagu.so
  2⤵
  PID:4331
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.daihanqiao.jdy/.jiagu/classes.dex --dex-file=/data/data/com.daihanqiao.jdy/.jiagu/classes2.dex --oat-file=/data/data/com.daihanqiao.jdy/.jiagu/classes.oat --inline-depth-limit=0 --compiler-filter=speed
  2⤵
  PID:4353

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.daihanqiao.jdy/.jiagu/classes.dex

Filesize
3.4MB

MD5
ab1ee7d45f6f26deaf6d4f3826da275b

SHA1
7669fcf3efd6ff92b63b25cdcdbd8d3aa4ddba5c

SHA256
50d42ddbccd6e84eecdcd7085a7d7edff01b4f30a32f0997822a013b92e05d37

SHA512
392ae6fb6d60e000bf54e3b8d65e2fe193f5ef9519fffe5b001456b64772dc8f7e2e4877e03b21001cbb70b922d016623d4add27a3f41624476725154ea3b5c6

Download Submit
/data/data/com.daihanqiao.jdy/.jiagu/libjiagu.so

Filesize
358KB

MD5
0f988c9a7d52923d162bbfe4d2ea8171

SHA1
0084318df7665847bc5cabac2f4b7cd2bdc02a34

SHA256
c548db6ffa4e11cf80c934aeb77d40397e7aeed067a89799262467d552921bce

SHA512
926bbdc706705674e3cd19186990b5c30d1b7b7141c6dd7ace9876899f2bd92275793a5b76e7becc8c6de82766a3dd075ebab9fd8ccb11d3e077b49c613774b9

Download Submit