67479697b84c6732a9bb4df731b28bac95f34340f4e42bef97066679ae0131a1

Analysis

max time kernel
3s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
03-10-2024 04:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0dd8019a808297a6bdb5f5697207f248_JaffaCakes118.apk
Size

10.1MB
MD5

0dd8019a808297a6bdb5f5697207f248
SHA1

46286062abfa3fb3632e3cbfb04aff41c698785f
SHA256

67479697b84c6732a9bb4df731b28bac95f34340f4e42bef97066679ae0131a1
SHA512

2c2245b1c07f4bfb88eeadbd29a784bea6eb10ca855a7b2780bbc292016957e2ac5ffa6bc21edfc4744f2d9b8a07c37fcaeb03bf255e939d408ed6347f5c1324
SSDEEP

196608:uXmUfEpcH1pR+ivq5xkuYJpCGQXa3MaLn/0jWAtSVb4E1xVXt2Ta6gZ:uXmUfkcH1pR+isfrK3MaLsttMb4EHVXz

Score

6^/10

discovery

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yuantaizb

com.yuantaizb
1⤵
- Queries information about active data network
PID:4309
- chmod 755 /data/user/0/com.yuantaizb/.jiagu/libjiagu.so
  2⤵
  PID:4334
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.yuantaizb/.jiagu/classes.dex --dex-file=/data/data/com.yuantaizb/.jiagu/classes.dex!classes2.dex --oat-file=/data/data/com.yuantaizb/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
  2⤵
  PID:4356

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yuantaizb/.jiagu/classes.dex

Filesize
3.5MB

MD5
1ea9268da6b40b9966d8714da651fbf6

SHA1
dd0ed0e18a5f494e07ee4c9190000426060cdc13

SHA256
da802547eed338ef08ccd2cb9da83ffde47c3551828ef1d2601ba96c7bad8337

SHA512
07dedb5108c6225f0df53383b34f56e1552d37ef44992150d7b2e83f4a98335d0f9a2c82ea9a9f13b88983f89d56f846c1e01c3b4485361b3c574522b397a20e

Download Submit
/data/data/com.yuantaizb/.jiagu/libjiagu.so

Filesize
344KB

MD5
f07c10fa1727a4d7395f07d20d77892d

SHA1
a7c2f367daea205bda6035a739bff81003554b4f

SHA256
b33b45d44e01f762b2678eb5fda5a804650b74cced4ea7362e3a19b37049e2b3

SHA512
83411cbcf78a99fed70dbebc46d626c85f61ba729ea0b3c93d2e109c63bbe6a739eae09d61af7fa0ff127502f3a13034d45a130f581e8ed3f66db892712736f1

Download Submit