Analysis

  • max time kernel
    8s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    03/11/2024, 21:18

General

  • Target

    8d8c9ed9ce3e312be5bf31498882332e_JaffaCakes118.apk

  • Size

    20.4MB

  • MD5

    8d8c9ed9ce3e312be5bf31498882332e

  • SHA1

    f9c232e00e3545c1885ecfdf885f5f67e9945348

  • SHA256

    e0288d76767030e73e8c9f9438db1107165b07390eab63ca3c1a6a465803ae47

  • SHA512

    a5a6e4c122250735d230469ba5db87d81de7ef87847351670cfb29051051ec03e8388eaa73288164348ded45cf364df6ebc36187ee9eb33f542365b1a9a00e82

  • SSDEEP

    393216:Nq6Rjnkd0Dx4sAEAqeys35Cw0F04fUVES9BI4QeUI31miJU:M4jLDxSqOGFIEiB6eh3Iiu

Malware Config

Signatures

Processes

  • com.yyt.customerapp
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4447

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.yyt.customerapp/files/.jglogs/.jg.ac

    Filesize

    32B

    MD5

    78ab567ccb4c9b9ffa269041d0ee8a6e

    SHA1

    550708bd701d0791754de8f50cfb0ca3fcc29f71

    SHA256

    0bdb618bcfb35f7e2ac241c4a75a4a1dfe3d1fd04c92f5c78a8572b62a5de16c

    SHA512

    f1b54a2b83e321496719c2684e22a3e1d8fca9bd49bdbe253882aed89e7e8f9f005776f22e96191c46deb6e799520efd66594b8559c17b4d6b073578fd99938f

  • /data/data/com.yyt.customerapp/files/.jglogs/.jg.di

    Filesize

    340B

    MD5

    83d65b9052ca1ed07ad93fcb724c8521

    SHA1

    424851717c3c76b171a471983d5fa2bfa7e0e142

    SHA256

    ced2e73479d54a3d9c587523d4ddf415b1bacc618205c31f5946a63ec3600b8b

    SHA512

    a302319a06e1875bbb5afaf692002c1b916771554ca054b52cfed249942490763697d1d6ba0bdbaa007ba4e8214a37eedd2b92f3a2861e17e84b44780371ca4f

  • /data/data/com.yyt.customerapp/files/.jglogs/.jg.ic

    Filesize

    32B

    MD5

    b1bfca75fdf8a66d81bb487c7c845461

    SHA1

    7dd4f8540535824ed4b4025afeab7a6d5b1a0fef

    SHA256

    0d5f02c6c97cb759aa3521afbb26003e1092e8b606316840f5c55b43873e9c88

    SHA512

    8def2ca83b56e6af90692e48329a9b19b5863d9234135d6c40bfd897280d01155f5222d8367b33beb77494e2938a8f37b68d277dfd6897bece183cc81ec17cc4

  • /data/data/com.yyt.customerapp/files/.jglogs/.jg.ri

    Filesize

    314B

    MD5

    111534798cbb5a163d602e684ec57736

    SHA1

    cdb4e96bb972fbd0c39726a99a4b721e0b8338d2

    SHA256

    b120f1f9222a1abe51cf89cbe7c471e04fee2ec2838d14183569f24a01d2ec16

    SHA512

    2a05893d0951555f53be4c2d382b2382ced9e2c3648a8eae5d3ce854ae944a73aea57b5d98371c4acb9f9eef384c88d23032d3ef39a2840d5a1402e666f23492

  • /data/data/com.yyt.customerapp/files/.jiagu.lock

    Filesize

    27B

    MD5

    299493bc8f504f5f1f9fd69f062dd93e

    SHA1

    4d3166d88568c05e4c2c78b4b2186f7e12581e8b

    SHA256

    25ef9f533f3d7ef4ed9334415f128c5ee876abc9f3ad016a8ce8d7bcb1d40d2a

    SHA512

    179edaf05e56b135ebd5b1063ba22d674697e9796bd1f093e0cff40c44a94b0fbb1ee6443bd5a0939c6a8cea82f36f6c0b52bdffd1fa74e209d7e673222ecc2c

  • /data/user/0/com.yyt.customerapp/.jiagu/classes.dex

    Filesize

    5.4MB

    MD5

    cb6547051eb26fcfa52a74b152857d68

    SHA1

    ce1c4b18e25bb14d2b3ff5e0dbc698081bf6cb03

    SHA256

    e149b87affdc79666c49ad6876397a50245ba534efa0941b6665dc160898d240

    SHA512

    1f810e8a761ebc3b6a7a5a2658d4651ccc63046654b29d1fe59da1ab412bccd8bdce80b0ffb02106cedd477eaa4b2d99653c0f2fda82a023feefe00d1b4b4021

  • /data/user/0/com.yyt.customerapp/.jiagu/libjiagu.so

    Filesize

    455KB

    MD5

    e5a53000766ebc433b27d6a66ec4f555

    SHA1

    2c8f53f1c03aec2005bcad67d731f07261dabde0

    SHA256

    78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

    SHA512

    370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

  • /data/user/0/com.yyt.customerapp/[email protected]

    Filesize

    6.3MB

    MD5

    907387d989770d240441336e60800490

    SHA1

    6f98a909a755339a5594669c1406a67eb29eb646

    SHA256

    565922761325a78efd6f781cdc145cdf973132522d5fd6e2219520681fbc4824

    SHA512

    69916ec2b7e94d447815a36670e07de9384a887a27b4286ed41c41c6be599e50007932ac0f55ae0e849a73224cf723f5eea32f994f12dadac22d54a07f683e56

  • /data/user/0/com.yyt.customerapp/[email protected]!classes2.dex

    Filesize

    4.8MB

    MD5

    dfa24c442eb5768811792f9ec6df4689

    SHA1

    8c726234b5ea3892159d655434235f55e210dad2

    SHA256

    c8f83349ed09d04d08fc9ec71cf4df3fea38210ad4c3068f4bedf8be7789d888

    SHA512

    8dbf32dd0f95b755cdd7bb4b9db4b721dca9d0933fe25d15522caa7b20a2a3efa2f48367ce2ce9251bf4b5ffe170c51216da312cf6740028799c658e46b1c6b7

  • /data/user/0/com.yyt.customerapp/lib-main/dso_deps

    Filesize

    200B

    MD5

    042182b3d82315ed51cc50c26c7b4320

    SHA1

    ff0671edfef497a657e63c45d47185f813ebeb8c

    SHA256

    0fa6f3b7177837d66585058c83ae31de88d007f256df58a274c1f2da8f16bf24

    SHA512

    cbaf17d8da6bc0cc43a3de9f8afcab72d65272816856484cda967e216f67e9fd18c68635f3e6d9f6aadb1d6a4d18dd413e82b44863f76b6808cd3522c9291c54

  • /data/user/0/com.yyt.customerapp/lib-main/dso_manifest

    Filesize

    5B

    MD5

    c06857e9ea338f3f3a24bb78f8fbdf6f

    SHA1

    c5a0a2529d2deb60fec041b4fbd722a2ebe31702

    SHA256

    957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

    SHA512

    29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

  • /data/user/0/com.yyt.customerapp/lib-main/dso_state

    Filesize

    1B

    MD5

    93b885adfe0da089cdf634904fd59f71

    SHA1

    5ba93c9db0cff93f52b521d7420e43f6eda2784f

    SHA256

    6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

    SHA512

    b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

  • /data/user/0/com.yyt.customerapp/lib-main/dso_state

    Filesize

    1B

    MD5

    55a54008ad1ba589aa210d2629c1df41

    SHA1

    bf8b4530d8d246dd74ac53a13471bba17941dff7

    SHA256

    4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

    SHA512

    7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

  • /storage/emulated/0/.DataStorage/ContextData.xml

    Filesize

    111B

    MD5

    ccd5841f995222216652c2bcbd141768

    SHA1

    6472972159df96361692b345e1f937bf54e09b01

    SHA256

    046d69de0b3dfbfa64ecd1e399d114242730a508556dbf8a5632a16c086fa343

    SHA512

    bdb2218423ecc03d94805c21a67d84f47ce627df7570f2b249dff8bbea9b35e6cd0cc0489e41ea61d39c6067d397630bc49ef59d276f81c3f2aa61a46d1e182c

  • /storage/emulated/0/.DataStorage/ContextData.xml

    Filesize

    213B

    MD5

    38555fb81a79047ac702f08e1335eddf

    SHA1

    f42528cb1ec8bb107fd97b6b72928a2e93a729e6

    SHA256

    2ca1e408fbb6a7650797b22d53cd24f6f963e997ff22127d0e7c6d743fc07c2a

    SHA512

    f562f7d034e9e07c4109b0324e053bbcccbf21a020425c2b4cbda2cc65639627af78fc07f6b85083a9bac029e73088b5054b94e1c1d2d6c31ad80387ea0b60f3

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    111B

    MD5

    3953e2f7e70e0ef32a25d1b48542a49c

    SHA1

    34deed0d1c34c8ff5f797ac67c5b2165e4dc0994

    SHA256

    2f4e150db744b228683b7fb422d8d17cd8ef728f6ddfd7609cde58b6cc8ce123

    SHA512

    26170c50e43bbf54c6cf947b4b4c56702fff4c3667bc77fc75a292bae70ddfbda520506691250c69018ef6a27dcb4b8bf87a2af366924c5cfbac9f46f53a5c73

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    167B

    MD5

    49cd5cc112f3c910171992af8f11f071

    SHA1

    385b2a196311c51918a279e6f0e2586ff1fb67a0

    SHA256

    712be38c8e6fda99819f14c357c7b3d2bfb43c110f0de22936bcb7356f971979

    SHA512

    a82bd7532ccf8d4b2b2e1000e99c8e2d0fa5958bc4fbecc78c69c9f5e8e1259687704afb9a4ebc08e794aa8d51062368e88b5bfca16fa6be0425c5e269d08412

  • /storage/emulated/0/360/.deviceId

    Filesize

    48B

    MD5

    4c4c5285293d5141f582aefa4e038669

    SHA1

    e01852a72e5a8e6f7d63a21426b515118196047b

    SHA256

    36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

    SHA512

    097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

  • /storage/emulated/0/360/.iddata

    Filesize

    32B

    MD5

    054cbe60376d764aec83174910e3a3c2

    SHA1

    369b973636ff43308af3ba8dddf4e14c61d97847

    SHA256

    e3927f8820097675c0101ed784610fd5e9ac78331615782fede288111f84dbd0

    SHA512

    c92ebb35c03261decf4bfc136cea36c8aabd318096cb931de152ce873854da7b86da461be16f7bb8840ab6bfefa21b772e95aeecb7ba7010cfe0b8e074260788