902fe70b27e65d58ba99e6c31da725b2fa88dee9d556554be59e388223c92d9d

Analysis

max time kernel
175s
max time network
185s
platform
android_x86
resource
android-x86-arm-20240603-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
submitted
03/06/2024, 23:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

930186c4a76677076783954920e33d16_JaffaCakes118.apk
Size

16.8MB
MD5

930186c4a76677076783954920e33d16
SHA1

7c0fa4b550d098d73c9de7cf76cb29da5c2ba6b5
SHA256

902fe70b27e65d58ba99e6c31da725b2fa88dee9d556554be59e388223c92d9d
SHA512

b860ac2c0ef0a528dbed40c11f2c0f0b7cb21f6b95a64549d3a07c548d5c948798d3a33291baa5b68e5ad13c2669a2a17be3b444adfbc1b8cb58863faf7cd1f4
SSDEEP

393216:nrAk+nR0ZK1J7bLJl3mJVPx96FurpasOHu/kitFGXhDqiDjjGWoV/QsCl:+nREWhnJl3uj6ErpoNsskizUY

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	vStudio.Android.Camera360

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	vStudio.Android.Camera360
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.pinguo.camera360.pushservice

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.pinguo.camera360.pushservice

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.pinguo.camera360.pushservice

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	vStudio.Android.Camera360
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.pinguo.camera360.pushservice

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
4	alog.umeng.com

vStudio.Android.Camera360
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:4253

com.pinguo.camera360.pushservice
1⤵
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:4288

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/vStudio.Android.Camera360/databases/gxdbapp.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxdbapp.db-journal

Filesize
512B

MD5
8546ca2074ae11a309aa32b573ab59b1

SHA1
0ec116b14a24a2bff7e3a768282a5a8f0502be60

SHA256
768308723338b97825ab964d72ff431527f8db23dc4a79180352a16785247aa3

SHA512
c11f079822104a9eb9286b94d6fc1bb96ec9cc6e2762df784d8dab167068a20099f7113b56d9eb76c6833e34b84a4a62290c86c5e50bc63170e4ffa04c77a7bd

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxdbapp.db-wal

Filesize
76KB

MD5
7715527911d810dd6425dea10c028bcf

SHA1
24f218aacd49f60f85cec74527da15129c74d200

SHA256
a3efa6cbcde684bf7b8bca2cb9529021accd0502b9e58c2c0a40b8d54d54d894

SHA512
72e4e8ffc9ac11f6ff71c9d4f59517676cb42ff96d08c9ea8c672ba4451220ff34b79341217679739b88173f5504c2152bdf808b7e822d9ebf614839d7c74da8

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxsdkdb.db

Filesize
32KB

MD5
2b6ed71bbac8c1f7eb104d85bd7d05ce

SHA1
ba20ef849e8bfece06e8e51aecb8a49e2e767eeb

SHA256
c80532bbaf984fc3051c3c1c51131ea7bc40a2d471181cfcc7949ec03b1a9f1b

SHA512
1318755faf81c62bcfe3a42c0ca75f2281d770561c50e891b13af88e6466bbb3685a2b1c259c226cce826828bb5c49d2044c72f7226b8af326828f79ad974af0

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxsdkdb.db

Filesize
16KB

MD5
096790c6209f82a19fd8b0464c3e6636

SHA1
a1f80851c58ae69cf7f65220ea98de33fb5e84f7

SHA256
e329402dcc0360bd1270a53d50e5fa33900e89df0b0bb2d5f1820bff4b48890d

SHA512
e0669c03f30e7d8e8b0c4b13c6898b23b64544d14cb58266ef66162661f22776fda22861abd5c1783bf15ea88af42e668650d9beb9f3e2239b32d308e0bec3be

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxsdkdb.db

Filesize
32KB

MD5
5f4cd862fa43e47b554c473dff647124

SHA1
a994d21bb852c3c64e5f102f4ebb67b0df6e14df

SHA256
fee386cdc1d18e3240e031610a43da10a710252c49f9ee961aa892641df66a57

SHA512
aba50123c5a382dfc2876543e4a86abed3ca56adef8bbfcbce4da868b7c778f238628985364677b06c92b67ecc645d25940015f2b335fba38decacbe98b8c243

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxsdkdb.db-journal

Filesize
512B

MD5
78a75485bc100ad9dec948bac7504b37

SHA1
653fb45b58ff46a9b024294876af30a66d8d51bf

SHA256
f557155c01d8183d9d73109aea7ed59506314097b97ca451c173950863605764

SHA512
643e6c2d1dfb02a692e878363aaec0202a5b8aa467099aaba3c79c189c403a67bbc575510d13e486e413696b2dcd403f044acc632e1f4f99651e39c11ab7e19c

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxsdkdb.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxsdkdb.db-wal

Filesize
4KB

MD5
fccef86a2e8d61410afb3f760ceac259

SHA1
25c15827a1a7efff73d1c061857895cabb115ece

SHA256
a570ad114b4376ae0239e447a662b8666f51ec4c71f9b222c7d564c549ecd7c2

SHA512
9038ea49cf66c0645f086be9cffdb3c584c099cdd0792248a73cb403f34ec5665a77eb1fd651051ea7c1b9aa929502d66f01b1946a13a57477a4edaf7182cbd3

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxsdkdb.db-wal

Filesize
72KB

MD5
8e1daaf27d35bb3a6315e4dc26732d07

SHA1
779b1bdda0fcb2c2ec231d252e9d6286c9637952

SHA256
bbd06a508df061ad86ec5c1ee7b30b14acf6145ef68434397598cd609d9dbb26

SHA512
70e44c8ab98ae716139571fec6b32544d604485bdafe824d1be0b5d0fb093c32331c53f5310180916205583237135f83ad71a0074365e1da3c913970a4c278d3

Download Submit
/data/data/vStudio.Android.Camera360/databases/gxsdkdb.db-wal

Filesize
8KB

MD5
96713d7be2bbc5c4bd4a0d757d856838

SHA1
8cb04db956815c7fe5a4b2aa7bef8dbf2ec083ea

SHA256
e4e6c1647f30148d906111228db59a963e3d6b4376b6eca3b615c0d860b19525

SHA512
83e1ef2e3014d1ba375bedc29ee9b8f1a92e54c65afa7e595869d17f60ba3ebc78750d3653b9c469e2ee12bcacaaccef1590626a4d6e52a035af4214d60f0f22

Download Submit
/data/data/vStudio.Android.Camera360/files/feedback_common.log

Filesize
128B

MD5
ca1a3a8d93da621b2b03457b2b3b0159

SHA1
43a7545890b4184baa90816f1f516f03d978764b

SHA256
e65af952dd9739b13e0fbe011f9773afa4630e851ffb1209b0457cb8106a205b

SHA512
031a9963c0dbf8fd039f414c0c61460be3e1b77038b4f0a3a67999fc44fe12072fb19951411084eddf1b561bfb4334a3335ca253a75679d0ac11f9c44889cbea

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads