Overview

overview

7

Static

static

6

11564068e0...18.apk

android-9-x86

7

11564068e0...18.apk

android-10-x64

7

Analysis

  • max time kernel
    64s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    04-10-2024 01:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    11564068e0104f7b4f9b17ac6c9cc295_JaffaCakes118.apk

  • Size

    6.2MB

  • MD5

    11564068e0104f7b4f9b17ac6c9cc295

  • SHA1

    949e18b06f230867e9aa34e4738c6f47901f1038

  • SHA256

    9850e03b7c99c4927e8b9d26a7c80e3afdbce6c7dfa3d24c7b14fa70d23ef880

  • SHA512

    d16eb91349f95639b9a172779354349e7476c66a82a134f610e88e51eb962c9002ba26455c5c6ea08d8c1ad30345402705642f1c9da9a4b45ea0feab8dbcfbec

  • SSDEEP

    98304:xF0jyf79tNMtKZU2MviNrRw4ukxT5p04ASEap77Ccksld3YVLCCzk6ZWNO6XuykT:Jf6K9MqdRw0TsRSE0DkM30COhWokU7

Score
7/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs

Processes

  • com.bj8264.zaiwai.android
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    PID:5064

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.bj8264.zaiwai.android/app_push_lib/plugin-deploy.jar
    Filesize

    213KB

    MD5

    e70723b8f6c4c7c09a6019733022cf53

    SHA1

    e3ca32166c65e4dc73c21347ab22d54a7b5a9a83

    SHA256

    32d35cd80b0302e3fcdd7349b4ff9a7b689ce080435109607ff79a834ff710d5

    SHA512

    461c0499193c5ef5aa4e2e5d358031e7d28c98c8e1e38d22b710271bf3b561c28232bfaadbc2c275357e31b7b0ad6bca798008328ac3cff3701c1c9cca2ddddd

    Download Submit

  • /data/data/com.bj8264.zaiwai.android/app_push_lib/plugin-deploy.key
    Filesize

    174B

    MD5

    1ea8459a688352c3573a8e80727c2644

    SHA1

    9b47864e96eed98798a6da2b8860c8f8a68f089e

    SHA256

    be2c0f9e472138a78d35f29013fc43dfeae991806dfebbc5be5c8dc86b8a1093

    SHA512

    99a26c03e760fdac91546a47e18e58851996b7e38e93812a6be23f1eee64370323ac492c4c224bd419d91566356fcb8eca3989ff4f2ce41db3d16301fa9dd75f

    Download Submit

  • /data/data/com.bj8264.zaiwai.android/files/mobclick_agent_sealed_com.bj8264.zaiwai.android
    Filesize

    525B

    MD5

    134ed1f0c31fd95eb6757e011825237e

    SHA1

    05800d390abbaa1c658239208e110028da173ba2

    SHA256

    7b4166d6ca2a79f3348bcfe5db13c5fde349b5c783d0b3cfaa6e7ccd47e472d6

    SHA512

    742449afa3642357cc93ee98aec6b12afe2322bf1e8f65c8ced80e4a578e5374dbfd1ee35419c236de422b892c37205c2247949a161d80d88e615433be31b161

    Download Submit

  • /data/data/com.bj8264.zaiwai.android/files/umeng_it.cache
    Filesize

    148B

    MD5

    a27acade8e128d5e5fc5a3aeb12c0066

    SHA1

    3eba14778fdd4498e68a59c9a44e3bf81699941f

    SHA256

    c651b368d51dd75c51a4122766d0b6d36364baac33578ae687f667940122abb4

    SHA512

    53ec58ed4e2bd976b7e142affa7327ae581062d539a63b5f3015f08a1a110a77e7cf9c9d483af3a3077fcd9db8420cb88a3ff44c7cac2dd0ca3f8ad5e8bb6e80

    Download Submit

  • /data/user/0/com.bj8264.zaiwai.android/app_push_lib/plugin-deploy.jar
    Filesize

    530KB

    MD5

    bdfa71feb08b80b649fddcd7488b03b4

    SHA1

    bcacf11199fd2c353034a7271b5dbfe2dd4cbddb

    SHA256

    f8bd07a7afce2d102976afaadd33dc70336a0b06682ac8d6fe9544a08d086d1d

    SHA512

    37dc848b995def498d0c832a76ed0ad429db18f26a5e9659c2b77a63bff555560160b6be4d22387eb529b2291bb27ae21718ddadb315bd1aa4c092d6330f049a

    Download Submit

  • /storage/emulated/0/Android/data/com.bj8264.zaiwai.android/beijing8264#zaiwaiapp/log/20241004/000.html
    Filesize

    113B

    MD5

    b16db7cd8d86c45fb6fe4adf44dc5202

    SHA1

    b45643bba5861b6f478eeb8da6b31a8982dcf136

    SHA256

    eff76c081ceea3bbfedf3b983804fb361cb9749d1742b121ffe1ab8c6e10ec0d

    SHA512

    bae5adbf3bb0201535ff60e12eaa287dcb0e0cbdf1be94a195bfc757e410dcb824e99d43f3a3b63adba2b640133ee441d829404d1f0b84e6cfca2e49d67b7609

    Download Submit

  • /storage/emulated/0/Android/data/com.bj8264.zaiwai.android/beijing8264#zaiwaiapp/log/20241004/000.html
    Filesize

    10KB

    MD5

    8490aa0a8961f44b363d77a5255219a3

    SHA1

    6be19545f3e359662610a22a796563e82f4c4821

    SHA256

    f51119101d194d3661d72f7520a53cf98189c627e405670b649d507218cfe00b

    SHA512

    2d0164e756ecdc9ef78b1ade3219419a594ae123046a05cddd9ef5b74b8cdd93408ef90f792e86732725ae10273b6ce8f7cfcd2be13a846cf61a89516441aca1

    Download Submit

  • /storage/emulated/0/Android/data/com.bj8264.zaiwai.android/beijing8264#zaiwaiapp/log/20241004/000.html
    Filesize

    172B

    MD5

    9ddd6b84ad977ee864520ea8fe4b87c7

    SHA1

    299d64eddc3193acc19ab3e0b09f95288b041e73

    SHA256

    d554c6c87b6da90a2efa11b0d21cb6c78bcabbbf0235f03115e217384033c601

    SHA512

    c3fce6e8023b349b3937683a3daf91021a3cbb72ce47f180208842794cd8b31fd56df999dec8257b8eccf8594aca8293e6d326aa0c3eba443e1ed38b76af14b4

    Download Submit

  • /storage/emulated/0/Android/data/com.bj8264.zaiwai.android/beijing8264#zaiwaiapp/log/20241004/000.html
    Filesize

    85B

    MD5

    768a0ddc6b804bfe7c24a929ef77c6c0

    SHA1

    a820dd3fcec5351b4e3e32fc8a1f196116409b09

    SHA256

    69e4d13d89e9b6005e14267991616fc7085199781da45c579655cdd84efdae23

    SHA512

    817420c6977f8a0531db9c22e55cb9e68adb2e4534fb51cef16164aa15a45e682a0caf135d4e5bf2f2f9bec6421f2d47588081a36351d1633d2a8139854d4a52

    Download Submit

  • /storage/emulated/0/Android/data/com.bj8264.zaiwai.android/beijing8264#zaiwaiapp/log/20241004/000.html
    Filesize

    82B

    MD5

    6be140f640e17dabdc48608853f7b7de

    SHA1

    5e3abe75926ac11032973a37adba9ac4cc87f241

    SHA256

    a29ff0f730f9dd310542cff8536e05c54e997fc9809ec8780a636b5d0f704ce1

    SHA512

    87451fee2b00daf5b53f6182790ce2a6c29bcfcd717c17338ffb2f34c8cbda9870671e60605e7383253da93e1dc0c716a2c193612eecd9990244b623ff2d9024

    Download Submit