Analysis
-
max time kernel
140s -
max time network
188s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
31-05-2024 09:50
Static task
static1
Behavioral task
behavioral1
Sample
86953c525f2910450c514209a18b0dd8_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
86953c525f2910450c514209a18b0dd8_JaffaCakes118.apk
Resource
android-x64-20240514-en
General
-
Target
86953c525f2910450c514209a18b0dd8_JaffaCakes118.apk
-
Size
2.3MB
-
MD5
86953c525f2910450c514209a18b0dd8
-
SHA1
ea03f52119abe39869904c8a7883a97293712628
-
SHA256
2b0e82e549c6490ebd97c8ce0f3021ff2d10d8ce6be7c1f9d17be2a84bf373ea
-
SHA512
0be0ba27c16114fa3bd2d696fc9d338be2698953769717b0e7dbd9e7dd2a1b42351c62c631a40aabec1798e5e664bb39bfc6f054d2849e12a710c065e638b0de
-
SSDEEP
49152:HG2qQBk8lM+c2uPC+hbgt8V+A03Xd0rOciMKoYJsFuaTWHeyF4ThYsZvZYWQboG:HG2Bk8lM+c2uThbgt8M93dHoIsFuaTaf
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/cpuinfo com.douban.shuo -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.douban.shuo -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.douban.shuo -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 9 alog.umeng.com -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD546716a324138d3ee7b5f12f037bd024e
SHA185ffcdd55f1fa469a8a73191e72cb0537fea8e77
SHA256433248a7f7be00ac9139cd32603f436607ce4e7e27b65fd4be6c8561d238ca49
SHA512465ded08e803c9a7648edec13831d8a46b5d2c88ac2f2b0b8c75890ca772463f5d76bfb0607740c8d5366c81e663155c067a4e117a1e78a6d08c6e9f178b1d02
-
Filesize
512B
MD5485db0167088f4a4393836a526c3a649
SHA1a16496b5362c81a4b27fc50e236fd2d5fa305379
SHA25648227da98a0e2d8aad9f6a8ba0cc194884ecda2be2709b9945dce583d476f5ee
SHA512363a74d60c8fb6df7b4ba1f1c20d4062e2485375d75027012952b6efeb58b8c487ce466bfba6338555931cf4b202aba2313d7cd86117718b7c18fdd65b501834
-
Filesize
8KB
MD56cb9e1b513df0000c74a56d36ff4fef5
SHA179ef5369c9c9ecfc65e8e8fccb9c2dd2bb498e2d
SHA256ba7bc6f9afd65f6830e812da967eee9c40fa1d1e4da90aa15c7b694c3e6f46dd
SHA512952ba16e59b7edc7e900f467149b5cb6f18632ee5a8dc41433adb9b843ab290c3e4d14d1c93e9a94c7960720a88c3efce37f2a909fe44fe375ddc48de53e2d65
-
Filesize
8KB
MD5c042701e6de0754d4fd35b3c42dde598
SHA113acdf3a02a9e33c12c494b761972226bc7f4fd5
SHA256c324c4ee7f69d8615c31e4c20b4a05d275405b3d556db8dd8f567dde3cc3e9fb
SHA5121391b90a757a95f936fd17068fa2bd628b2388c04a19fb7620a7ba1d842b8569316ea3516d2270f57651ec15085074f20f5562c6ce875249721acfb143689853