Analysis
-
max time kernel
65s -
max time network
168s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
-
submitted
01/06/2024, 23:25
General
-
Target
8c266d73738422937acd3560ab6bda54_JaffaCakes118.apk
-
Size
6.7MB
-
MD5
8c266d73738422937acd3560ab6bda54
-
SHA1
64ba966ebcfe894cb5d6d646e9519650a64031dc
-
SHA256
790c95f49240d5cc59b379e98b88cef28cf4eaa4d91bbe2d8ab8e0b2ca362d6d
-
SHA512
50c091bfe44f94675a94bd9c57b2b2b16c18fca64ebaeaf3f6758e06b4cef3e42fbcafe231f739ce19a05c6ec7724288ac290e82f27793950a1c76564bd6d552
-
SSDEEP
98304:1Xom3v9AqKis8eSv2/xms4FAL/Sz7FDISvnF3CAOniIT1LEbVnyLkI7MwUI8hpu:1FAiExmsHLeBUSv5WBJLE5nyLZYzu
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.easemob.tianbaoiguoi1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
40B
MD5a689895f98eeba3ad54c857fb7d3d491
SHA17b4bbe717287a91a5a6ab19a0bfd0a314fcca556
SHA256898acf5a8ab518b0b83c6df22462def9085de719e0f25dbe6097acf4fd140206
SHA5126e3594e8dd35521f5b8aea180ec54b6a09365a5f418241a0eacbd131cb41883b3a60f23fe0cbaa216ade13b29e73a35283ded1c5c4330c07e85068af0e17b803
-
Filesize
32KB
MD54b4a78bd7781cf85feb9626cccfeee33
SHA11250d2e555b9c1bc95efb40020d2186d46c7543c
SHA2561949c51a6f4be2df469f6e01531e6fe5ea17be5f0a86d860f662dfda9a3a397e
SHA51204cded8008fd55d786af92186ce2128a323bd083774641a681cd616ab0a293b3d1b9d6873619c31e52901e9d54c3756bb9020edc8b209bf4fc79b11f3de563c3
-
Filesize
512B
MD56182aa717363fcc1faf37720b1cce8bd
SHA19a7f2755bfff6bf8b982a9ee6413d6711db68470
SHA256c8978a8c684d0c2d6823c72c5e749e872213a7db2bc0e0ba488c51e5a4d67e84
SHA5124dfeb6bca0ffac4cb42e9c637a5edad31327b471cf5239ef25f9470a757a9b118cf2a2f32630059db6823b99bfccb68252fe1616221679f2618824e2a9afc1c8
-
Filesize
8KB
MD5808805d5d7afe86d0983b86ca1c8d837
SHA1982e975347f90c35a6c95ddb4f04dbbb72c36fc9
SHA25644683003099fa32e8c119ca4e29fa110e5d52489be3eb1fafde2341db6c5e667
SHA51231d38b58f648857b96fd62384b765044c2bcb628e871ddd496bf420316436b57ea581e2416427757a6c8131732e6c1b96ec4774534d93dd994816d13711ab876
-
Filesize
8KB
MD5a48b5c3432dbb1f93f587eaf5d107cc5
SHA12d3694fd5fa7db34f5dbed59e45d531136e70a7d
SHA25677b5c4d9829cea678e2e3e32116c1c6e7f8122a7dc44e39b896134be426447f0
SHA51234dd76316e6a802e970b3180f4078d5f3676837cba9337c84d38d46a9ecfe2797ec8ec932dfb73d9e3534f12a043209cef872ecd18b2bc8681444b561101427a
-
Filesize
572B
MD514fac6554ec61854772ca0bb53c56fd6
SHA1e9653770953c49f389a2b1b6b21013f96be75705
SHA2560bad4dcf883e1b626514b501e5dbb7c045c59532e1c848df5b4529a25b80f1a0
SHA512834a4b165608b2558b11c042d3ad0b56a19fb5615e64ae4575d5b575b9e9c5079494859bb9620e2db24238239a01c14b393ce15823855d591142aa09409e096b
-
Filesize
231B
MD539d2169bb50e488428d7e5ba89e236a9
SHA1d3ec59efb0745a9f7882379928b25d475a695b30
SHA2565d445f0c437352ec19e0c37fad5bdbc2cb11aadf26b2d910faf377243a6321ba
SHA5122f8872d1cd1523406149f0e71842043675565fa4153f0f0442b6b6d64e2eda24304fd044b09d7ef072047928caacd92e03dba3de849ec8dfd817733545ae7667
-
Filesize
111B
MD555c34b737e796aa636be388681a99156
SHA14c2cb92bfc73f81ef6176c3a1e47326bea6fc458
SHA2569589230f83cfe067671715c1ffed1f6345526fa30d202b46dabc5905c4a0810b
SHA512223aa9d9a494bccc64f13b46c73db4bcb954ed6b36eae642ffa1180f8420c861eadf61828ae94eeac3f782a167fa6e5d50125ab7ae85682c46a216cc556889ef
-
Filesize
408B
MD518ce4204c19578cbc843b9522822a6d4
SHA1b7dc6db57e6600784f40ef8aa44b00c7684fe701
SHA25649f4d694930df3b23c0ba5b6cde93d159cd473abd97cd46ef75db4771b4fbc82
SHA51277ef84886cb2d6d435c3618d082f21b07bc9002b3231b15358e829c1b879dd782a71b15c260fe6ac88bdf1c6a0e5f816ed14bfc75ad3a07f9e63d0ea06e63490
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
111B
MD5b0b1d62e4d582ecf47ad1af1cb75e60c
SHA1b867f2f4d20b5b1fa77f161f84389318684b9444
SHA256d30afbf511017c7fedaa0a8d2c8ab20656305370e2e7b3be8dd3f0fdc45627d4
SHA51244faad3e19d21b94b00bcc6e3b215b632ea2a9e42205a2ae97a9ac55b86c2159579a5f401dd6a81b3a324f912e735d7151c9234e89f06610c86acc2b133e4624