e700389f5be580baf1366cb4ee4cbed4a90f8f60199df533c25d4b03d578e6ae

Analysis

max time kernel
123s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
01-06-2024 12:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8a80b4532b64781be5257060cca506f4_JaffaCakes118.apk
Size

3.2MB
MD5

8a80b4532b64781be5257060cca506f4
SHA1

bb84df912cd3d44c09344f8ce222577cc949d3a4
SHA256

e700389f5be580baf1366cb4ee4cbed4a90f8f60199df533c25d4b03d578e6ae
SHA512

aa9c5d9d580c33b27975f27e7c1cb5a8d9c1e8eea751749e5c31eeeee86da3218bb5f576d998d601bac87f33ea36b1d007f5f7ac4dc16502c11044763508002f
SSDEEP

98304:YvIAdBfwxLVWRZ+GrTdUz8G3qTj1I5Qu7cLxQh:nkA33qVI5QeaxQh

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	co.lvdou.livewallpaper.ld936586

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	co.lvdou.livewallpaper.ld936586

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	co.lvdou.livewallpaper.ld936586

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	co.lvdou.livewallpaper.ld936586

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
9	alog.umeng.com

co.lvdou.livewallpaper.ld936586
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4307

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/co.lvdou.livewallpaper.ld936586/databases/download

Filesize
20KB

MD5
a4a8d96dd67c31fd7d9c4bb37f98010d

SHA1
1766f3675e88e07a4c5033f3580f198f3ea0e152

SHA256
e685321a5600268632c01d25fb4ca2904f7f75e49d0b7cd6ce6b2eb3a6eff032

SHA512
8175993024e06082a99ec17844815b0dc1ba317008acf33583a3240207d7919ea3c3fd9449832dde0604792c6f98cafcebdb02f1a0cf858eab1f376f0ad6a473

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/databases/download-journal

Filesize
512B

MD5
5ef0029cc4e9885d641d26639111722a

SHA1
d26e5442ac593655fa8be7b5c7056e5bce0ef3d5

SHA256
937d92eca9a8c04370a54609ae91acc4be75c0bee216493d333d68960213789b

SHA512
1b370624c01066adc2efcaf39449fcf3acea9bc0104aa6186570d7e69b6824b900c53f56388e6f1e5360418a7e5be187198159c8f64b4a52c94fa2a6b938beea

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/databases/download-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/databases/download-wal

Filesize
32KB

MD5
6414d45c2b4772ebe627836892fa0a21

SHA1
2f82bd62b65b010ad25a6fea526bbfa3123871d6

SHA256
1a52d05e3b09f2b1929003b21cb452f3bf06d1cf535adaf4fd930a384d9cfb08

SHA512
fa609304d6f9eba0e2a94ddce88a15e190ef8bc5e4270f61efe22086f38e40f3920e1c079a3d4b323395b385f759b3f4f98aa6dec26cc77981bbc750c7dbecbc

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/files/ldengine/wallpaper/resource/diy/background/0/resource/background/default1414242845866.png

Filesize
284KB

MD5
99127f7aa0c02f9b00c3654d64e53913

SHA1
6d5e6e274e1f6a930a495d4e6c716c140368c119

SHA256
cf256816c19681b7ecc5d1f6eb4fa511c2ace7e2ef84f90a2aea271a8d6c402e

SHA512
cac96f749f07c051f04c7689ff0c71a724ee6406b9783d37365e81336ea2ef3fc202455fdedb2b82f96c18aa15a4c76b237140b28d3f2e36acb5a551384503cd

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/files/ldengine/wallpaper/resource/diy/background/0/resource/locker.xml

Filesize
223B

MD5
9acf4d0027dc5db575c50e7f50ddb388

SHA1
5b30f47ea050f37a7e1ca66d6020b2f5ea932515

SHA256
2674319d7b4588bc4d477e8a01b7d51c18efcdbf15affd435839b80f6daeb0f3

SHA512
3de5ca2769e92e97387b7df3b4c08624e1e2b817ac0d0eec66c5d43494b7492e8b3a6bb540b61ec52800de11ccd0a156dbf5ad8e953ebe6a594755d5d35c761b

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/files/ldengine/wallpaper/resource/diy/decoration/0/resource/locker.xml

Filesize
104B

MD5
bff263cb5b60943306b5058f98f5c9c2

SHA1
9134f62d5e274e92073a2e69f1917382a83432b4

SHA256
fa47dc65bf85882f401db62fb070328556c8264e617c41588cec4d29853bfaf5

SHA512
e3a660aab9779a5064f07e5f1242a43c0a400e68daf634b8a32b774b23922ac3eb00a7429f40278f28f64296758ebf9e11a01da61c8a5df8c72d7f169a558964

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/files/ldengine/wallpaper/resource/diy/templates/675/resource/effect/dian1.plist

Filesize
3KB

MD5
cb9b1e90efaec9b1e266ef82f4f35a3c

SHA1
bf57e3ee296f07cb4f5f8bbca0aa7075b600ba8f

SHA256
d08566b3c7698e2d868a582ff46590058809cf0e82ce7689e73c30c65711d490

SHA512
0452b10102eeaa11bf31ed8e26ff3eb999447a7bcc4fe3a0b2edf2bd58224dd94b7fa61f98a91ed8df86b2847eb10e2ee25c9667696d42a20ae2243c43a2059f

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/files/ldengine/wallpaper/resource/diy/templates/675/resource/effect/dian1.png

Filesize
1KB

MD5
5b959ebc6dd6b3530b61b616619a0afd

SHA1
b9b2f77fcc644a730182361a103c0c30adf9095f

SHA256
e71e2f0a995a640ab98023864bfaffb9dd6a1bd8097824ea917db2496633aeee

SHA512
4d146fd4d3c5c5ff6f8f99e635ba64f8eb382b6c59fd0abb1249ec1a3c0a2661ab4ead6c44f357515318cf04b976734f43591233320d453733ce51e5d932fc79

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/files/ldengine/wallpaper/resource/diy/templates/675/resource/locker.xml

Filesize
677B

MD5
ae90fabb8b18a301d3ca55ec462a2159

SHA1
e7d359bb19f2a24512cfb22834c3d41c078224d2

SHA256
9a828e95e90dd6538be73ee0cc011f633a26100d454ec520c697dae1f0d7e55e

SHA512
7238ee13dddd6c4fbefdac5f444b91e9c59b6ce882490232fc9374a437aed982922315afcb9786e93a2dd33288fd7250b33c79a4e5fba564e9a26f3f118ddaf8

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/files/mobclick_agent_sealed_co.lvdou.livewallpaper.ld936586

Filesize
578B

MD5
91203f239185745eb073745c58520345

SHA1
f3a59bff5f8285eafe56f3fa97c6dc129c9897b1

SHA256
ab2af3b8929970bd3e0edb769d2d58c363d1b855a9c5959348d67b411bbde03b

SHA512
a6c1da7d09aba25fb91ad2ea0aebb09771720a8053282086e2c8c4bb77800bff60cde8f2711801f44450819fb3fd9607486d2eef5b3b8df186fb233f7aabf72b

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/files/umeng_it.cache

Filesize
211B

MD5
269c3f52606f718ee2a580d595f00f42

SHA1
852794705e5a9a735bb1818317f894167997b865

SHA256
9c9ac2f82199a9b452936132dc184b992e2d94ce568110d88900bebe54d3ce43

SHA512
8c28db504817a8ec3798a2bb26b408f1145a9022071941d3bb608fbc49383a58a05fe800390ae585a7baae136e58b4c8648c82139c0b846c69ff8bd7f53f66e1

Download Submit
/data/data/co.lvdou.livewallpaper.ld936586/files/wallpaper.ld

Filesize
288KB

MD5
570cb6ee5890dcf0b32d0298b876d08d

SHA1
1dc5faf50173d419702fadb7c8d0e1eeb1461cca

SHA256
25afaa72ccf60d564bc709134dd3a701f7b6e4938c06580d49813f6a8617af1c

SHA512
f0635aa469e3fd0c13eefaccd11f5fd8b6f7f8f139d372ce9ec23fa6eeb27006a0b3fd397269c96245f0518504a095c8167cbae7696ceeab2eef2de07a965722

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads