Overview

overview

7

Static

static

6

3bf021ac49...18.apk

android-9-x86

7

Analysis

  • max time kernel
    25s
  • max time network
    127s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    12-10-2024 20:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3bf021ac49000257a993768a8b7274b4_JaffaCakes118.apk

  • Size

    1.4MB

  • MD5

    3bf021ac49000257a993768a8b7274b4

  • SHA1

    9d78aa12072a448114b1f11e9964878ca6c9e947

  • SHA256

    23fb305511dff73fac4a05f2cab49daf40036d5ba3479d35b4980cd3e9439e5c

  • SHA512

    c4d31138b23f8e4f0c1e06023611c6ddad434983a3ae9d831baa36202c7f20948d242a2d9b5a102a85b6cadeddd443a52e37ee20538ac40232f441d0bb9e5223

  • SSDEEP

    24576:u4v0feTMvIsngLG3oIWHqLD7YxLuAvBh+9s8iXGelDrR96S9GpZhKDmR:u4v0fZIsng64bHKsIApUC8WVlD5MVP

Score
7/10
evasionpersistence

Malware Config

Signatures

  • Checks Android system properties for emulator presence. 1 TTPs 2 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • ojiimg.tjouj.pcqsgcjb.uqd
    1⤵
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4228
    • /system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/data/ojiimg.tjouj.pcqsgcjb.uqd/EOZTzhVG.jar --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/data/ojiimg.tjouj.pcqsgcjb.uqd/oat/x86/EOZTzhVG.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4266

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ojiimg.tjouj.pcqsgcjb.uqd/EOZTzhVG.jar
    Filesize

    814KB

    MD5

    385dde4ea40f2fe7ebabf6ae1e3d05a3

    SHA1

    3bb1391600aa7a532695ee5f3495f87313a5af33

    SHA256

    bc907567ee577720bdf3a934220908056ae691c14adf927cfca10180cc58c253

    SHA512

    177b4e598119decc508502cf20e0fe8a4c53710a581b112636ca6cece946f616d7edbacf1c79c12bc7d60feae55a0f689a683ae8c4e4341a6fcc07e42ac77b0d

    Download Submit

  • /data/data/ojiimg.tjouj.pcqsgcjb.uqd/EOZTzhVG.jar
    Filesize

    1.9MB

    MD5

    cf7dce4ac3de2369891ada7ad6e7f2f8

    SHA1

    c20f6153667076305275b33f489bfadfea6a29b6

    SHA256

    de0e70e421eea122166046373f646080dc79a7d3dd5f93fa1baedd6168e82b0b

    SHA512

    8b925f470ce8079a1551364835d5278345b9b9f67c487565400d262caf2c7fc5e42601efc3b23c175397fd457fcf8871db1167441345edfabb911707e285a5ca

    Download Submit

  • /data/data/ojiimg.tjouj.pcqsgcjb.uqd/files/.deviceid
    Filesize

    32B

    MD5

    a0d910d346cc2a602d146f6e0c308e7e

    SHA1

    2b53576a72b128e3c8dfa83f684735d77d2791a6

    SHA256

    bc4dee9dc16eae03adbbb83bde43ff85d9c323cf0b5f9fca415c59441ce00d98

    SHA512

    040ee877381932f88f0ac4873fa8cd28d76bf527835ea60ac3f05a0e5f94b4d4c8ae93256448b0c950109bd8ee60fd1dd451f9ec19a2049747b59d7d025bb6d7

    Download Submit

  • /data/data/ojiimg.tjouj.pcqsgcjb.uqd/files/.libs/libsdktools.so
    Filesize

    65KB

    MD5

    37f04dab3ff209479acf20493b213137

    SHA1

    509882e2a333b42257df2274ac3a0a8f45099e12

    SHA256

    e540c525d66846852b802c85a936d77bfe25cd67e7b5e59d86ef97cf7527f902

    SHA512

    5552cf3a7c9e7ce58b88d41ba8b9d1d4f22e93be4915410a37f0105df1531cb3936a3ce99a1c4de023c0f83e85baf491dd2ab66b4d5e974731e8ada2a545b9a9

    Download Submit

  • /data/data/ojiimg.tjouj.pcqsgcjb.uqd/files/qdbh
    Filesize

    5B

    MD5

    b7a782741f667201b54880c925faec4b

    SHA1

    8a12a315082a345f1a9d3ad14b214cd36d310cf8

    SHA256

    39e5b4830d4d9c14db7368a95b65d5463ea3d09520373723430c03a5a453b5df

    SHA512

    0e2134196b6f11ed59ea3beef72e61ec33831c68c8a1f51bd3541f973f554d5d2c007ea1535b9def540684f8dc0a4b249add011ce9f132a4870fecb9f19f1041

    Download Submit