f9412c8d7e238f2856f0a7654a967b671ec08467bb7eeaf1039de038a016a601

Analysis

max time kernel
7s
max time network
136s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
19-09-2024 06:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eabc46e347a709f4f4932b4de612cde1_JaffaCakes118.apk
Size

22.0MB
MD5

eabc46e347a709f4f4932b4de612cde1
SHA1

3334db25bb9c389edf043843d5c052ba1cbff063
SHA256

f9412c8d7e238f2856f0a7654a967b671ec08467bb7eeaf1039de038a016a601
SHA512

c94a86bf8812bf966bad553cdf833f4abc8cd7083ec6fd67a3f0c66e6bc1a7af30b28c17b74b2073d0d101c689053b5cd2c6f44362ac5678caf3ca49eaf1885d
SSDEEP

393216:Hm88F6smHKcSCgqPd2ILAry5cYEhhrGp/MZFPA0DzVizw1wUIgP+12:GV6IcLPeydEhMpk/Px1izw1wUIgP+12

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.jianjiaonet/[email protected]	4936	com.jianjiaonet
/data/user/0/com.jianjiaonet/[email protected]!classes2.dex	4936	com.jianjiaonet

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jianjiaonet

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.jianjiaonet

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.jianjiaonet

com.jianjiaonet
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4936

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jianjiaonet/.jiagu/classes.dex

Filesize
4.7MB

MD5
8840b2c1dcb09deeca421b4e7f53555d

SHA1
f3d8d5e092345864502b7b93f682b8a5ecdb6efe

SHA256
09f64d3907aa551ed8d7fc5014c4924402bb100e679c9dd3dd1fb1e2c1eb1414

SHA512
49f2b788be18f08d885d1eb2e7fc732a2552297a948382c6deccb1fe63cfef50ebc3706c842036778e875ca32a3979c3c3d47bdf9cc1f13f26f895ab2e972928

Download Submit
/data/data/com.jianjiaonet/.jiagu/libjiagu.so

Filesize
382KB

MD5
aa01dd97609092ce310e17bf791069ce

SHA1
f000840a8f68ea7beb2e29ea466088daf55609db

SHA256
e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2

SHA512
766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4

Download Submit
/data/data/com.jianjiaonet/files/.jglogs/.jg.di

Filesize
340B

MD5
d597fe03d647ece5d0165944fcec14de

SHA1
9827e48a116e573c6ce1b6678c826149b11a9347

SHA256
6aa8b8e9b55515cad70422ce21496c897260c4beedfae508c76e521903ef9c32

SHA512
c42363ec47586ad3826432a3fb6459230d6d467c83465a23629dd239fff0af5c484899330c237ff76e47681a7fdd33ad4e3bcdb7478abe23a19133098b402c9b

Download Submit
/data/data/com.jianjiaonet/files/.jglogs/.jg.ri

Filesize
314B

MD5
b27f1e7da564c5c81b687477d20c5372

SHA1
1e7d91bcce155baa1eeb30a65e3b0c512bd89bc5

SHA256
f49b20e76940a68505fab2668d66d4554fa106d8ec1737a308d2eb836bdac762

SHA512
ce9eb37fcadc2d1618e67b4a73c38e36bb2cd676d2276afcdb22424e27feab25b26c32c1c76f208968381269ed6a47a27e419a755a7169aa126c2f2ac02f508a

Download Submit
/data/data/com.jianjiaonet/files/.jiagu.lock

Filesize
27B

MD5
6031b0ca7c0e36aeb56739a0a18fc582

SHA1
9d0b0d9cff5ee0a7e8c8890bc10fec0d8f83d82a

SHA256
8543c080cb1fa1164dfde625d4b71365b5b5287ad15a7de79f6205eb9e4ac8e4

SHA512
275bca1b20593ba1fa548fd4e75b9c4698cc24ee4ac5139a70ad1ca333ceb43a0ea66d9451708022fe49612ee4d5359dc5b0f16cc3103c62aa0c5e1babd94a64

Download Submit
/data/user/0/com.jianjiaonet/[email protected]

Filesize
6.3MB

MD5
f574c423a2dd2c7b1c9b0d9b38702b1c

SHA1
7e665f0b03f8fa5721bd3a9b8099373cca802ffc

SHA256
d7c966ae9ca215d3ba2ce32fa066f2a79740246fea34cb60e3d08577aa6c99e6

SHA512
fd8057a688d59b56e584c8df6ea2c3fefe0962931d1b38165ba55a10c73bfe6695ae9da58af552762a9abcb31240bc2d6d4eba5b591424ca93b493f9a90b68f9

Download Submit
/data/user/0/com.jianjiaonet/[email protected]!classes2.dex

Filesize
3.8MB

MD5
fd08c29a0a3a8332034d33e69daba295

SHA1
1c13304cfdbece81fddadf4a6a5c5996494efcd6

SHA256
0ca58516a1a19c805c4ac1ec6bd8da1a6a4ffeb492e030bd907e7f4b7cd91a26

SHA512
dbabb3213981e07f03e4ab1e75bb6350b21b315781fb7c7b26f3e7bf467e2b48de6a7fe15b2ea9a18de5b1c827e6dfb23d91779fc17c7d40ced616a51007be2c

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
c2c11e5f7c833af413a01930d1bb5046

SHA1
f0d5eff0dc8105e9c66fb3794f8f18532bae7501

SHA256
41bb86a944960626f461b1307103edd7bef6da31ab5b6d69b34355fbd3f02be1

SHA512
d557ab1cbcf198c4b5f6ed5d07bb09c7eb0a053581e94c6164c6a85a47ef3ba10181a9662c6d0c600bc356b1c31f2ccc5a59fc62efb754a31b65433556e913cf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads