Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

fd34195848...18.apk

android-9-x86

8

fd34195848...18.apk

android-11-x64

7

mimo_asset.apk

android-9-x86

1

mimo_asset.apk

android-10-x64

1

mimo_asset.apk

android-11-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    129s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    28/09/2024, 21:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fd341958489c25c9ca057de2576d5c5e_JaffaCakes118.apk

  • Size

    31.1MB

  • MD5

    fd341958489c25c9ca057de2576d5c5e

  • SHA1

    90bdaded39353e5d4b5768ea89b4bdb5b028d826

  • SHA256

    436abf7c2172ab01914502092a198898498ba87003d441b8758300d2b2a75fe9

  • SHA512

    be6909a8846c8a8d3c58a987d9337046e980ddc995c595c33c1f6ace8279127f6de963808b65e3791b20e91f888b6ad21bd579ad56f5bce132db62c4a47cdf6f

  • SSDEEP

    786432:gPW6K3yT+MaoqbmNDNZ+ozw20lRVhmhTs4yS2:rTyKMaFbmG25hIJ

Score
8/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 5 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Acquires the wake lock 1 IoCs
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 3 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.twodfunclub.swimming.pool.repair.gtx
    1⤵
    • Checks if the Android device is rooted.
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4246
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.twodfunclub.swimming.pool.repair.gtx/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.twodfunclub.swimming.pool.repair.gtx/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4276
    • cat /sys/class/net/wlan0/address
      2⤵
        PID:4377
      • sh -c ps
        2⤵
          PID:4399
        • ps
          2⤵
            PID:4399

        Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/.jiagu/classes.dex
          Filesize

          5.6MB

          MD5

          6dae67fc292545b590bdbf4b7be497be

          SHA1

          5597597358e8025a5282c86c5590c40dde8ab67f

          SHA256

          5d8b2f2ccc785e8de60742692cc8d2303b551d3fd4a88e19bb88aab3ec3a3eb1

          SHA512

          5d54a3a899fe7248334f87f81dcb137c67fda7c4ffe7b1a7b9caa77d8c57f95af30f737acfa228a53ef5be39212cc3433f911c2c8684c464a0061b670ab3065b

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/.jiagu/libjiagu.so
          Filesize

          482KB

          MD5

          f380717bd1e3916c7b697fab8d46c5d8

          SHA1

          04f51f0d16097214e38be517d93be44cb0603a88

          SHA256

          8455632be7bacb221468c4daab2f9b5ee33739f08b22244ff81a36a02bec36cc

          SHA512

          b78fe11f77d2c0ec5b36850e8cc3b955661b31641405233c8842b91205e44dc16a30d7fc1ef18dde1b066c1b98959ae9c18be5472413d2b398b7ab6a6b52c07e

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/.jiagu/tmp.dex
          Filesize

          284B

          MD5

          f1771b68f5f9b168b79ff59ae2daabe4

          SHA1

          0df6a835559f5c99670214a12700e7d8c28e5a42

          SHA256

          9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

          SHA512

          dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/app_ebody/res/xmtok/37673/uuloi
          Filesize

          2.6MB

          MD5

          a4be05e15ad132090b309f396e91ff58

          SHA1

          8c8b8354188d80d9abf60f4f63883d2b92a553f2

          SHA256

          e2c35ba3e0b82ced9693b57da9c9c57a1e9914d272a8f94f9f39b40ec3451016

          SHA512

          1db29d80bdec4939d19566a9714cb400fcf7baf17b306b6b65ec92f573aa1910262cd4b51d9791af38b5951ef39bbb499a9003b9e0c528c31a2a21e45f09f341

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/cache/.chartboost/requests/99431646530
          Filesize

          126B

          MD5

          6861971bbf7d28792457e4d61dd83c79

          SHA1

          35c8bcb1ab284ba6f32e844f972e2b23fc5b18ed

          SHA256

          794c436eb5c24d3b78c2f3ccf960831fdd6e2f995c7d21ae71514baba92a4404

          SHA512

          0e511f5f3ae3acccdb751e0cf303e63ff1b52b1607ceb469cf0f6a4e5f1945e093ac8219c258d9c40cb20c1702406f49fa809ddbc3f003808b7c0371105b28d0

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/cache/.chartboost/session/cb_previous_session_info
          Filesize

          189B

          MD5

          1d2f3466ced3999398e46bb056429028

          SHA1

          8e19e2e35f3b939d83f4c8c5cc0c066efad1bcb9

          SHA256

          4ded37f124c4b8767b28cca6d29fc9e584d7128b5711aa0e07945e54e3564f99

          SHA512

          13f068d12e3191e20ce286c226782b19b44fc462093fe9a0b290a91b5a2fdd6a7aabc81e1ab39103fd1566a8f370b7f22ceff3e3ca2fd51c2cb36c0dc7ffce53

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/databases/cc/cc.db
          Filesize

          36KB

          MD5

          5d7ea1a23af19b4340cc8d90f28297d5

          SHA1

          4cfe95b23a9e98378d69c4290af81b51fbe76aea

          SHA256

          474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

          SHA512

          33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/databases/cc/cc.db-journal
          Filesize

          512B

          MD5

          867ae11d691adefa824ff39fb48d6aa4

          SHA1

          d08c7954780a39967311f3824a7cf8752bfdb193

          SHA256

          a5cd0eec0549e283860c8d9af2e74654e8a63661abb3a735062d12d6d98809d6

          SHA512

          6fb0149f9ccdcbc8532e1042045c23f33bf61689ed885b888d5dd3263c9929a79230bdd34f176b044bd843fe694e06de7f3e2786d0dab07eb8f04da62a09d180

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/databases/cc/cc.db-shm
          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/databases/cc/cc.db-wal
          Filesize

          48KB

          MD5

          f7f26dfb77c9827c1ed31254f937ce0d

          SHA1

          9fcd99d7bb246ae3bdfb15195d2c37efb1c3925c

          SHA256

          881eb17177eaab6e632fed1bbc1b11ba649c207f26550c281645001c72b8e2e3

          SHA512

          04cc7f0e150686c2cdcbbc882a512360d6c98f3c1f0543eb97dc5e3ea7c666e932af6e7f965750e0406fb8e0df67ecd6a73a02f4ce36fea8c168c664e46ad924

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jglogs/.jg.ac
          Filesize

          40B

          MD5

          1ba9d96c4d86af554cab5bc1440a03b5

          SHA1

          2c235e800fa36a4253a522cf533259d4c2c37459

          SHA256

          caa5020df4c703a2f45957a39e3565e0ac4ed401a889e41ada4b5ea9143cd510

          SHA512

          044d3473e7f119987cfb49d1e64269c19f967357e8549ef42bab7bc7499f8c1ff7ac9b972a0f285a000f7ea601f159e27ebf13e2210a25698e0005b8a631676e

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jglogs/.jg.ac
          Filesize

          40B

          MD5

          d742fb014fea1b3cdc9610ea35f1bb58

          SHA1

          63a2bbcf24542113255b41c5042d79b673577faf

          SHA256

          2bb7f204843c153407cbd4037f27d1aad7f5e962b38406ced452746ebb7dd69d

          SHA512

          bbafa601794754a8f56d1867be86c8bb1d902bfa09cc49730de8228741db9c7e5e75c29faf7032420c7d1a15aad88c37ec16bec12bc134620bbc414d87f2767b

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jglogs/.jg.di
          Filesize

          340B

          MD5

          44b94ebdea8b860dca8daa8dff22b7d4

          SHA1

          4ab96d06a716f046c52fab38885668aa42eb85db

          SHA256

          8ba79f6900d8c4610be7c97abb96239b06128f033368731a86662595ad22fa4f

          SHA512

          eb2f9e5b9936af134563f96eb71c6fb2187903c4859462023f4a92f90e2b813ab108d0d051df882d692ec782cd1a1b3b59b2cc7339c47e533b9399f026a9efec

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jglogs/.jg.di
          Filesize

          340B

          MD5

          5a0063266f4f3e155c3045c62ba33b80

          SHA1

          7868e1a6bb93765b2847b88e0ee9f43501caa7e4

          SHA256

          4fc9127a1d8a0226a39e5ea6f4a8b200daddc6e041134ae27dd960ad31aaeb88

          SHA512

          3156e5451bb757f2c3bc0e8e4f26387dea29641b736ba893cac70eebdcb053afa15ae33acd4c391ff2367704e7e81ecd9fed33fdc3a6bbc0a3034eed9017dd19

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jglogs/.jg.ic
          Filesize

          40B

          MD5

          e712c76f38b37745b5a09509d8386c2f

          SHA1

          ee225347d3a9c87231d73962e8d7a490e4a98e77

          SHA256

          4ed4f1435bf8c1b88071370a01831570f72d1f43a4cb16677cc3dcb16d8ab063

          SHA512

          ab1454354b3c2c4e6dac361f73be1a932a93108a85ac49fef1be8df93aac67b38a7ff5bba2ccb9ccc8c3ae572115f436559e02cc820ae4252d7d5c821a718381

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jglogs/.jg.rd
          Filesize

          73B

          MD5

          ddbdefd29a779f13c3a7d311b3426963

          SHA1

          e1a8657f738bc6f101965d390ff19619d38df1e8

          SHA256

          8794f52f46d1105fdf893117262f6f5d7a49c099446a83d0f77e51659fecc417

          SHA512

          1a3497558a45ac382a3f439b91ac4913f57ec5f7ab2228c565eadf1700f6a8daffa213a2268f20b4020f5598be8c39776012665766b5023b35db805f450a6625

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jglogs/.jg.ri
          Filesize

          314B

          MD5

          c202ef05cb52c73287c40f9fa153bb56

          SHA1

          8a54347ae4790aa2db9c2073b928ce8e17efed3f

          SHA256

          ccbd775d3ba4b812fc79a7ba04625d1948daa607a496273b0343a9ef88a67ce7

          SHA512

          53f9f9e170bbc2424da97fc2a6eecde34899fad0509901785916b9669918ff087193e2ef157ed49145439586986db858c593780534fc7b1e6a7df571b080bf7f

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jglogs/.jg.store
          Filesize

          127B

          MD5

          9b8e949c45370672b2f1f15b6b4a9efb

          SHA1

          35eb9e81993d340a289852955aa9027dc271b85c

          SHA256

          438c79097773967bf0cad37ee1c38ca95ecb6f8a2b1ab29ef56bf9799efd6c28

          SHA512

          7bb6e47610a8835c0c8520f4fd4fc1726d59648ea6628b9ec49794f6276ffed571c633ad37a470adc3958964e9f2701624d16908fb902415aa71066e2b1c6145

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jglogs/.jg.store
          Filesize

          32B

          MD5

          448e391c59eef34ee1defbe4dee4c41f

          SHA1

          df1f890987371d7d8e6963c68b787856e42bc146

          SHA256

          55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549

          SHA512

          ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/.jiagu.lock
          Filesize

          27B

          MD5

          3a1446de3050226ed160397d10ffc543

          SHA1

          6c62749da6e31269e6b7b974de164883938d9612

          SHA256

          23dd42efd8d0c6ac35a3186e9a74d8f804acb0b8c8fad4d054a0becdbedc55e8

          SHA512

          ea03659afe70926a52e95703687c51ab52f664b1a52152d9caf5cdfbf8b39191b5fc1f3bd020613558f88ac53401f799a837cf46d960c7f45fef94c51785a484

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/ebody/as/cheuu
          Filesize

          8B

          MD5

          b847eec9fa4c83609663d00e04e8fd2a

          SHA1

          9643ba93c27579c26f487825ab34b2f039c25779

          SHA256

          fc1bf01b6ff14c7c0b08ab250ac35281e7a3500e9ceb57237824139727c93277

          SHA512

          d22fbf74feead571c213fb5da114f335248bd7876db3729526f95ca2736c515562130d5ecca111ba1e8eca6c5cc768809b47bc4641f93644ca067615c61868bd

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/ebody/res/37673/oat/vva.jar.cur.prof
          Filesize

          378B

          MD5

          af8bb828c04c6766955f9fa46d716e35

          SHA1

          6d816a340058cff13435fb64bac5d5a2db446355

          SHA256

          bf06cb4af766f14df64e4794920dd083dd087d4d856b9b29f302f9fa4cb70d49

          SHA512

          222c5ac176ab22939047e75a75578df02c29c86b5ad3b547cd3be8385b2b6d0c466c578250859c91098acfbca061248ac7b3eaf7882b49d7b579bb8094e68a36

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/ebody/res/37673/vva
          Filesize

          2.6MB

          MD5

          c7464d7ac75c59a56ff2f6a0f9374094

          SHA1

          e18fb726a5a36039aa18c383b265e79a343479e4

          SHA256

          c22c33159bbba233c5747086b13a5ee067c44bc7726267e4d02b8993fde1f344

          SHA512

          93fd8ca48d0febfc386b9cfb4eb01e5aaf72ff0f9e1abd4720884fa0c93d422728f61da7edebabc1267a8aa2c4f6aa831c8d5a596d08f6b64ef696e19188a9f9

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/ebody/res/37673/vva.jar
          Filesize

          342KB

          MD5

          c575a286b11bbafcf8e4905d27f30977

          SHA1

          92f75a7425564f8e5ced10e4ef098c378a0748bd

          SHA256

          185c4ce6748aecf146255ae05828bb01d88b523d7c930e058c851ea5d329beba

          SHA512

          f71571ee69dbb5fea7ac72572b1e50bfac1c7b0a577a5163631410d9f002ce38ebc1e3da4b43000a3575b68b30c70609269c48d165e1cd326474d3e46e19087e

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/ebody/seey/tmd
          Filesize

          32B

          MD5

          f22d1c9d8805a03089a14cb8f0a077f0

          SHA1

          fbf44eea9680293a31ffaefdf4a51fe76b661b96

          SHA256

          c799bb41ae4a0e972aa7f51fa42bddcb39740813d1549c792a1bfd1cb159be49

          SHA512

          9c14964bf702554b46136efa6238920b25cdba7f228d72eb66de2efeed0e7f6a785770fc97bbd53819538c23add5ec41ed99933809c30ff8a95311728b044ae3

          Download Submit

        • /data/data/com.twodfunclub.swimming.pool.repair.gtx/files/ebody/seey/tv
          Filesize

          5B

          MD5

          1c4ec9002d8f6c1ddae5c151e48cf718

          SHA1

          2425cc273831d722bee4906c14c03fe497b99c08

          SHA256

          f6c857ed9fb74036aad1662f0450a84601f9eaf5f9eb0e6943136fa6ffab21b0

          SHA512

          6371c3db3d1dd610f1d22a8a5c5ba3efb8e4d0fd8df158f0dcc001238072717bb1d385152e4b8f67d7283eaf41d0582f6381e859f83f673e8b4ec48ce59d76ac

          Download Submit

        • /data/user/0/com.twodfunclub.swimming.pool.repair.gtx/files/ebody/res/37673/vva.jar
          Filesize

          1.0MB

          MD5

          7eb039aa7728169a015707a82e1b41a4

          SHA1

          adeae37340af1ce383c908cdc4d375b270b30a60

          SHA256

          9e4e34e3db9a85d0e2f937c85255f2c924df7465284c9f8d91f9ab4ed8f2c49c

          SHA512

          c60f5c867ff34eed8186741ed2947e21ea7f3264114347ff64c90d9e04381238f0a3fbae18ef4ddc3c4b390935a21ebcfa311815384615574e9c9f90a825f7ca

          Download Submit

        • /storage/emulated/0/360/.deviceId
          Filesize

          48B

          MD5

          1d8d16c4e3b19ebf18988530d9b9a757

          SHA1

          bc94c1cce05cd848a53271ecb9c5311e27ffebf5

          SHA256

          abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

          SHA512

          4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

          Download Submit

        • /storage/emulated/0/360/.iddata
          Filesize

          32B

          MD5

          3629a2f10ac3cb02351d8c81a6b12cfd

          SHA1

          bd28a712363deb2a84b22f689ae884084e016641

          SHA256

          e08725a51ec6fc1792bf880fa3b8dd61c6e2e754388effddd92707e1deffc9a6

          SHA512

          04469648b28531bf790e2809cdf52cc2f4e6c9e23165d5df601cd8e790695140a3a913e90d7ea586612021f98f7bc08e6581568875a83a4c0a0af6419ddf0780

          Download Submit