Analysis
-
max time kernel
54s -
max time network
186s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
30-05-2024 12:42
Static task
static1
Behavioral task
behavioral1
Sample
842f9651e8493660b2c437473711ee3d_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
General
-
Target
842f9651e8493660b2c437473711ee3d_JaffaCakes118.apk
-
Size
11.4MB
-
MD5
842f9651e8493660b2c437473711ee3d
-
SHA1
8378785f82055b254f34d357a19a2426cfeb90cf
-
SHA256
1a7456577b20a26c80c48b1d0bb77b6223a2dfb24422e80d16271e33b9072bdf
-
SHA512
fa722a534ece7ebe6355eed5d449abcff65a321f94111d7dc4c7f6aada65aca924b48415508ed279617e8584e90a9bcba487eea4026567b26ca5f77bcdebdfe3
-
SSDEEP
196608:wf25NWCcBjl+2Z+DdSKTmtl0ul+21r/uOdN9lGdBkpDsSjLpqni6K1wWWsz2cAo:K258510DdfT6yuY21r2YlGfeDsSfpMBo
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/cpuinfo cn.pipi.mobile.pipiplayer.hd -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses cn.pipi.mobile.pipiplayer.hd -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo cn.pipi.mobile.pipiplayer.hd -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver cn.pipi.mobile.pipiplayer.hd -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo cn.pipi.mobile.pipiplayer.hd -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 19 alog.umeng.com
Processes
-
cn.pipi.mobile.pipiplayer.hd1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4267
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
512B
MD5bf6c9c1e1855721c90ca17047430acf5
SHA149d72f69dbc14f802add53f955b57dd4a3d92d19
SHA256c1ed7d048d3310d03bfb5409a6193225a8d33f20b8c7621b382283a29d4de16e
SHA5122be9a395c491b568ce4085dfbfb5ace851db2ef5b149f74d6701ff618b069e6107b8a3848eb37c9fe721e25bb0860f6d2e0bc457075778b183cc16bf1090e5ed
-
Filesize
48KB
MD507a456dcec2ff8f5feed0a32861c1128
SHA16f595546c6df48733ae982a7028230747fe86d04
SHA25658385f2ef2bfbf6947cd32ec78b43025aac0e4ccd76d3dec904f63269a834423
SHA5127d4e1ec2cd9fd52178c49ef76ba0cbc820cde41704073d0df271d81621b0d249a21e8532436caf82fb6939055b269e08a5bd02e9efe929a79204f63b94da68a5
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5dd38d5517829f4e3d445fece91995e5e
SHA17b566d800a6c7dac32a56336c94611406af13c68
SHA256686b02a22df2be5533f28442d524936e7de27cb5e5ee3c13e1520902e0f042cc
SHA512b59d94954f2af71ab44df9a1c4abdc14134f3c3e77d745eac65f824dedc296205baec752ef13fedb3093316292871c01861bb40495f062161dae7c9e1e5ae4c5
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
64KB
MD510a1255949801a304aeab9fdcbf77014
SHA1985d68ace1c9f96c43e855364f1c6bf77154fd9b
SHA256f16932dc30a1534bfe8c118416fa02bb82569a8f8f4b9b958df4205ff8962f5b
SHA512f096c94eaa93686ddd51546f4c1687046297502dfb3543262d5278f95cf1f3b0c4591eccab38696bd300e2449123c4ef8f86e5edd73a6ceb5e1a54efe4bb5262
-
Filesize
846B
MD533727a00583d88ca4c6250d88ab6b0fd
SHA1a8e060e91cbd5a2fe6648f19042b3dd62880414e
SHA25606bb18ac906e75360401ce8041f9918f47dcf7ec9243ab3038ead911da626ed7
SHA512c1f1aae0b680733d565d466bdedf327596e14e14e94fc0b7c42fc71e433dc5c393409214e0bf29c5f117c44ff06c7a10a756f643cf1798180a816069cb1074fa
-
Filesize
108B
MD58ee08c6e03d0e820574c67cf120c6d37
SHA1137d8fe15ca69c7cf67b34fa4097da72c7c1172d
SHA2560e8d2ff1b605f56195cb12261c7b3c7b26eb4d897905f8c723e6f3669a1392f9
SHA5123f2cbc91c468405e279b407222d4c25f447b822475d5645ccb3ffc66b62618263b428ef37410f7a861828aee75ca64fced9d22ddc730b643f2afbfae290d1764
-
Filesize
211B
MD56c0ae8fb4c6c6aff41eb00da2e3aefaf
SHA125b79e2f11685edef3f97e038e4c0b4d1b011ee6
SHA2566e5fd094f0e1837b7548ac9a4129903edc2e9416162481ff405a19f503ddb7ee
SHA512d20c0213f8194d7509109214a36405301ac50b93259b4b417b6e0e093903023ce0c327af34ddc2a677fb5c980e55358814438c0a0071ed75bc44a331e9e08fa1
-
Filesize
2KB
MD58d6a4ff3a7da8cba13a8c268f58f2295
SHA13c8c6e488f8bdf66a6f26dc6b7fd4290d0b2878a
SHA2563c714047740343acd9011fc9d6a318e4f8413944660ad0b066727ac3b852de12
SHA51296af344c233ba8fbeb1efb74bc4687267a27cbf2f766a40d27ff8b0d89578f5648c364ab35ee57f6e9da08b96195c03b6c9f2b252c28f9170688e76c236e0b98
-
Filesize
512B
MD5ed08b2617d7d7ffb1d2568857efe5934
SHA1e2efcb3f2a4ccde1d154dcd7b2c3c0bef4ae68e4
SHA25699010c0c04c29ad02059db8f705533a44d25897d832e7dcdad6e053021265a45
SHA512930783a49f2c8f4c932aa78eb6f1b5416bbb631b2dbc3e7ecf8a6d080cd9c49516dbf40f0fce2c1637580cc02876f770fa4fabe895b3e8bc884a3d5026e7379d
-
Filesize
2KB
MD5adfd282f62a688755e98b7dd69e22b13
SHA13883496f6e680b741488525a553f166f5770366b
SHA256ae758e8836c496271f3531fd92496af950946fc0c225cd62b2c3632422a97578
SHA512fed698f81173a22a9d3343afa638474e60100f77390660808f80e31afa7d69ac8397242d2ffb7219b1d1f7a9b8e98a29fd209674a4f7794bf97ef472c1a7c76d
-
Filesize
512B
MD56021ae8237f687a1d62eecb3da5f3daf
SHA16ce240c93aebce684b23d450ef992f1ff0f8cd91
SHA25685935220aa0eca66d97a5a361d96c4729bc9a213d096ede8f027578d635702b7
SHA512b628af21eae159edcbe83fd85529718f37c560f9762a4403d5d09e8efe436cc69cf6e2dd0a8cbe4665368af350ead269c7b8d985f8ad97560371bf35bd59f7c0
-
Filesize
2KB
MD5dbccf5f5a66d47f685ed6f82a1d9c1eb
SHA1a688f3b052015cf842e8d7161f6f40e061a9914a
SHA2560dc2214d632c8296f7b3ddbf9c1bac094818acb3e28b73186b22769d40f9c79f
SHA5123a88fea451326aa0568a567ff4d00669a6e271e98637b75a8f82b43bea527593472f69024a0405532b69a53db5c0eccaaa5d9b9d55e3868b370b06d55e6e3406
-
Filesize
512B
MD56c60d34c429a63161c3a5c988d5a6d1f
SHA16eaf4637848b3ff92655cb4ec1c94b1647da38f5
SHA256db62adceebcdc92339ca881855f3da42e7e4b03a9c07c0085b6e1747148f1179
SHA512e277f59854980b1e7f1570e37872660d3e62e88bb66b8cb7f7a0d8eb49b99041453523cd35c339d0e4a1f0040e91da1efff82d3885e434305d1b3bc888d30b49
-
Filesize
32B
MD57da548f1bb83f41f506006ac24639eca
SHA1ab38471e28af317f82f6f319cd963e6a3c7f3e72
SHA256faa966ecf849a4c8aed7113e4a17e007174a33daa86560109040b084a72b0233
SHA5125d3f1e5191cf75cf6aedd6e9481828a4013e3b046d6bae920ae743c59961e5b2f59d2d8227b9c4b58e14df96c0a7dd2be9380782c7de2cffaab05561468d96ec