Analysis

  • max time kernel
    8s
  • max time network
    134s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    27/09/2024, 11:57 UTC

General

  • Target

    fa5c8a8999b1152146817779d6565054_JaffaCakes118.apk

  • Size

    30.8MB

  • MD5

    fa5c8a8999b1152146817779d6565054

  • SHA1

    48180767b76020f6821e8b9846213bcf14e6d275

  • SHA256

    ccec8fef747a2d395bc660f607232a5a282b64ddf05a996495677029a432955f

  • SHA512

    4a226186e05e67a237b4071d5f769d75d40b238ab25a77c99f50206e873a07e235445365560d77a6562a34cbc833ee3274092b86eae484eb1ff5902330a29618

  • SSDEEP

    786432:GE2jDwLHPyh7Y8yFxdosPL4ff8ZU+czy5U22DpMkQixUoaBX4b2No:i+vIY8mdoOLEgUlfWkQMUplNo

Score
1/10

Malware Config

Signatures

Processes

  • com.wanhe.gstudent
    1⤵
    • Checks memory information
    PID:4314

Network

  • flag-us
    DNS
    rcs-acs-tmo-us.jibe.google.com
    Remote address:
    1.1.1.1:53
    Request
    rcs-acs-tmo-us.jibe.google.com
    IN A
    Response
    rcs-acs-tmo-us.jibe.google.com
    IN A
    216.239.36.155
  • flag-us
    DNS
    remoteprovisioning.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    remoteprovisioning.googleapis.com
    IN A
  • flag-us
    DNS
    remoteprovisioning.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    remoteprovisioning.googleapis.com
    IN A
  • flag-us
    DNS
    update.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    update.googleapis.com
    IN A
    Response
    update.googleapis.com
    IN A
    216.58.204.67
  • 142.250.187.196:443
    www.google.com
    tls
    1.0kB
    4.6kB
    9
    7
  • 216.58.212.238:443
    tls, https
    1.2kB
    40 B
    3
    1
  • 216.58.212.238:443
    android.apis.google.com
    tls
    2.9kB
    6.9kB
    17
    15
  • 216.239.36.155:443
    rcs-acs-tmo-us.jibe.google.com
    tls
    1.5kB
    6.9kB
    11
    10
  • 172.64.41.3:443
    tls, https
    938 B
    40 B
    6
    1
  • 172.64.41.3:443
    chrome.cloudflare-dns.com
    tls
    6.1kB
    8.7kB
    38
    21
  • 216.58.204.67:443
    update.googleapis.com
    tls
    1.4kB
    1.6kB
    9
    4
  • 216.58.201.99:443
    update.googleapis.com
    tls
    5.0kB
    10.8kB
    20
    16
  • 142.250.187.196:443
    www.google.com
    tls
    10.4kB
    34.4kB
    47
    46
  • 172.217.169.68:443
    tls, https
    327 B
    40 B
    2
    1
  • 172.217.169.68:443
    www.google.com
    tls
    2.1kB
    7.1kB
    17
    14
  • 142.250.187.227:443
    tls, https
    154 B
    40 B
    1
    1
  • 224.0.0.251:5353
    3.7kB
    11
  • 142.250.187.196:443
    https
    144 B
    70 B
    1
    1
  • 216.58.212.238:443
    https
    3.9kB
    6.9kB
    10
    11
  • 1.1.1.1:53
    rcs-acs-tmo-us.jibe.google.com
    dns
    76 B
    92 B
    1
    1

    DNS Request

    rcs-acs-tmo-us.jibe.google.com

    DNS Response

    216.239.36.155

  • 1.1.1.1:53
    remoteprovisioning.googleapis.com
    dns
    158 B
    2

    DNS Request

    remoteprovisioning.googleapis.com

    DNS Request

    remoteprovisioning.googleapis.com

  • 1.1.1.1:53
    update.googleapis.com
    dns
    67 B
    83 B
    1
    1

    DNS Request

    update.googleapis.com

    DNS Response

    216.58.204.67

  • 172.64.41.3:443
    https
    3.8kB
    3
  • 216.58.201.99:443
    https
    29.7kB
    19.7kB
    78
    79
  • 142.250.187.196:443
    https
    5.5kB
    10.4kB
    40
    31

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.wanhe.gstudent/databases/bugly_db_legu

    Filesize

    60KB

    MD5

    0df6616d8747715e7255e39ef7748955

    SHA1

    38235e384344193566b6776cee864e11845e985e

    SHA256

    32f41079a827d256aa5b4b279dcf229e0c7933dbb545176d6ef9453ebd04ed08

    SHA512

    3314291d12ee97dafed157265f1ef1571dc454fee046a73dfb034240ca3a6f5429793592b35e601a0a75898dd2caa019ac1f79912adbf26db65c5999c34da4ae

  • /data/user/0/com.wanhe.gstudent/databases/bugly_db_legu-journal

    Filesize

    12KB

    MD5

    d7ec942710ea43dc84aee174eba1a086

    SHA1

    46f89d47a53081a96674e4b7493af21a1459fe9b

    SHA256

    f263cb2cc773e2c0a7064129a402fd7b3a5d29f120abedd9a5935779486a86e5

    SHA512

    886cbac56db0182c491c59a8ec6792f1b1d4589a9ea9dc7f841d679ec04ea7fb249b7f9ee3f75481ddbd94d50e8f2d88633b8ec745a081eabdb011632ca97142

  • /data/user/0/com.wanhe.gstudent/databases/bugly_db_legu-journal

    Filesize

    512B

    MD5

    79d507c7c5579d0116b7c0e63d7a478f

    SHA1

    6048ce224198539bb18c648ea3c1b4e444de6a17

    SHA256

    84ef0825b07692a8ca76743a06ecd40c464d6e6f37c75cd47557ddcc1b5aac75

    SHA512

    711b32f399ca020263cd5da9b8515d93df4bf2b6c84c3dae5632c39257af5f585865777c18189841bd07b5a0d7f9eaebf11764a68644160a0fb6e92deb7a876c

  • /data/user/0/com.wanhe.gstudent/databases/bugly_db_legu-journal

    Filesize

    8KB

    MD5

    2dbfd7115037bb0f548fb422286eb1d3

    SHA1

    403d3d7c83c1f3c53273d60ab0ba8fc598e1948f

    SHA256

    3f01c7e2ca2b0fec674ca3d78a77da89c092bc0f5fbf5e96ee228c7945872ce4

    SHA512

    4a7d5c073fa400efffa3fad96d8cd76277f43b640eb52aae61a1f31109da69f20eaf8275e6b56532d21edb4a43d94358701d7dc764aa16f8b52012fb89b44665

  • /data/user/0/com.wanhe.gstudent/databases/bugly_db_legu-journal

    Filesize

    8KB

    MD5

    5eb34385578bcf9cd3fce846158dc49b

    SHA1

    700d33239f6962fee6e5cce02c9d740478e7162a

    SHA256

    6f9ec66648ec0c15b5808eaf543a6d6317d803b166f37de697c38627276259ef

    SHA512

    1591c472418107aec593ef923e1b30f541606431e422c1533f60bdf1ee8f92d5f4eab82a94fea01499d53853cc2061a4ab27595156228f04b7854e08285edccf

  • /data/user/0/com.wanhe.gstudent/databases/bugly_db_legu-journal

    Filesize

    8KB

    MD5

    15aaf77d9c5dfa10e9b09d9080d1110b

    SHA1

    4962978552cf4933f7be91de57432d0d4aca9440

    SHA256

    8a6e4042f4e0e75341f02d7ba8e430ddb92ce900c59a4cb615aa13ba1f523138

    SHA512

    8982437e060f2c7804afdb9504f6349f126fb7a36ca22b459a9591e11d995c58564f8da9c2a299d57fcf401aa1bbf49e87d8fc4f36a9fa78efe17cd2bc36bcea

  • /data/user/0/com.wanhe.gstudent/databases/bugly_db_legu-journal

    Filesize

    12KB

    MD5

    2b5d4f4535083ac5414f79e001e6cdef

    SHA1

    9a0e16f8b10d951f36c7b0ad609cfa92c02447c5

    SHA256

    14ce2b03597184b0b661b30e9889ec8bec36701aefe320dec107197c222bc6af

    SHA512

    9d3a6b28b75767d5e06f6b3f7b5d8d7a62a56c1da2df9812d98769537707a6ee0d2919baed7ca44dc6e421b524410e208ea72abd655eb2734688268aebe33817

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.