40e8da21e95267362aa766095d9f34177a94837f38b0b24348b430f491038347

Analysis

max time kernel
1s
max time network
150s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
09/09/2024, 17:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d6ca88a2df631206a7cd9ee11db3168a_JaffaCakes118.apk
Size

24.1MB
MD5

d6ca88a2df631206a7cd9ee11db3168a
SHA1

cd0d2d5e11745bf3b5b71ea876f440c044cd632e
SHA256

40e8da21e95267362aa766095d9f34177a94837f38b0b24348b430f491038347
SHA512

b98fdbe1e0ddae53034daaa244c49f10c7306141d30354154da35134b8ff679e633a42f09da2d1cb3b57deaf9843d0c5deae38721a8840d3e24143bf5f038b2b
SSDEEP

393216:ZPwisCnYlqCbq65WPBEd5OZUQGC3f4IMfFYW98UcCHVPRPoCkZNEbA49j:ZwuYlqCbq65W2d5UfyfV98UbPxLeNEbH

Score

6^/10

discovery

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.touchmedia.daolan

com.touchmedia.daolan
1⤵
- Queries information about active data network
PID:4332
- chmod 755 /data/user/0/com.touchmedia.daolan/.jiagu/libjiagu.so
  2⤵
  PID:4356
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.touchmedia.daolan/.jiagu/classes.dex --dex-file=/data/data/com.touchmedia.daolan/.jiagu/classes.dex:classes2.dex --dex-file=/data/data/com.touchmedia.daolan/.jiagu/classes.dex:classes3.dex --oat-file=/data/data/com.touchmedia.daolan/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
  2⤵
  PID:4379

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.touchmedia.daolan/.jiagu/classes.dex

Filesize
6.9MB

MD5
915ece926b8820c89e7bf9cd3d4434ae

SHA1
fdd7e6ab89492413293fd9dce22b7c4ed971fd8d

SHA256
5381e7e91436cdefe488dd406646ed5f0aa1af766411bd4b95d85431538cf3b9

SHA512
6592b44ed456251907109a760cc83dcbd052c94410761e68d0e0bdc0da6804c4db7f0ef1e7f4d2c74dcd7c1d501175dd09e409c9056bd0dd480345e34908f56b

Download Submit
/data/data/com.touchmedia.daolan/.jiagu/libjiagu.so

Filesize
351KB

MD5
6525dc34d4a2656b93c41bc4223fddd2

SHA1
5c2333cb8ad87abc747d13d6352d5f19dc18997b

SHA256
744cdb26f7cf86d52fa8b214813a346952fc7476826400b85a3db96356f5047c

SHA512
b98dc08115cdefc31b2c0679d046a34e788936f985bcd70bb789b1828dcd59d949b023388a3b56ef017bafac31e79c12ebd6f6b623f01a38ea0e6e04a9fd1fc8

Download Submit