Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

d995705be5...18.apk

android-9-x86

6

d995705be5...18.apk

android-11-x64

6

Analysis

  • max time kernel
    34s
  • max time network
    136s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    11/09/2024, 04:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d995705be5dd3f3e3f52d1cc53b8f226_JaffaCakes118.apk

  • Size

    11.6MB

  • MD5

    d995705be5dd3f3e3f52d1cc53b8f226

  • SHA1

    cabfbcd4e101f34676ccedaf62996af15bdb4a71

  • SHA256

    a4a2c79306df2dbd194232bc88fbb9897b3ef35dc66700774427014cbdfb85ac

  • SHA512

    ea4f78dd79374173bca89bfda03e447e2557ecf18245bcb6c2cbe5b7248ecf125d242fc7f69b59ac8d14f36e63f477f88ac37333c7ecc22e8cc1c2806572ce76

  • SSDEEP

    196608:LLtKqEnjRBoDel5s6xHy70FcvFziahi3VnN1G+1BVLhfKuEL4jEwPxc4GFvEdsLO:LDEnjRSa3s6xHzFkziahilLlVLhCuELU

Score
6/10
discoveryimpact

Malware Config

Signatures

  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.xgbuy.xg
    1⤵
    • Queries information about active data network
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4211
    • chmod 755 /data/user/0/com.xgbuy.xg/.jiagu/libjiagu.so
      2⤵
        PID:4267
      • chmod 755 /data/user/0/com.xgbuy.xg/.jiagu/libjiagu.so
        2⤵
          PID:4315
        • /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.xgbuy.xg/.jiagu/classes.dex --dex-file=/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/com.xgbuy.xg/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/com.xgbuy.xg/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
          2⤵
            PID:4337

        Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.xgbuy.xg/.jiagu/classes.dex
          Filesize

          6.7MB

          MD5

          9af845a5b508e093159935bf8efc5c91

          SHA1

          1f10a1e7ffb3ed823fb847e0c667ba5d239f5df2

          SHA256

          d368838be3d7f22b7277f4c7acfd48deae72ff6ca06aa1a0ecbbc166e2b5943b

          SHA512

          a0c332a4b937c81cedd3032471b1d8e9de98787e01fd87202845030fc9dad2143e92fdfa7a2cc98d68b18a7d6d539d8c9e723bbe9dc057e8ca97665c6a06cb77

          Download Submit

        • /data/data/com.xgbuy.xg/.jiagu/libjiagu.so
          Filesize

          363KB

          MD5

          acd3a64e22c56dc0628edd7615a74ab4

          SHA1

          ec22ef7fa9dca4b475af2724d483bda140370ca7

          SHA256

          c57cffd4175fcd618f29d48eeba1b8b30e2bfd4ce9e05c6c5b0bc4378914d008

          SHA512

          ec93027efd827742d3f9db70c4d4aba51e817191ff888aa2337939f2ce518b98f1c1f7ed3d49d25d3bff47738f68ead6348b1b309c54a17e18c4460cc2142e3e

          Download Submit