Analysis

  • max time kernel
    163s
  • max time network
    183s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    03-06-2024 03:54

General

  • Target

    9074748031e1707cd5ea2f2d5b1f9db0_JaffaCakes118.apk

  • Size

    18.9MB

  • MD5

    9074748031e1707cd5ea2f2d5b1f9db0

  • SHA1

    0d3a03002038b16c22df6014c55201897a3893dd

  • SHA256

    09dc3f524fd188735c473f88caa3e92e963ffb5b22670f784f7a07ac0bc56a63

  • SHA512

    f30c755a89a595fa14c26a72ce8a0f3dc74706502c61b8d38afd54f003fd7b9feadc74270c2decfff6e170033799d119f1fe867a863df199e6414c759027804d

  • SSDEEP

    393216:rjhz/isAlDy3pQoPva8shxBf5bn2uUduIkSV5lLTISW9P7mV5XqjcaMvm:Z4YQooDBftR8PfdgVPM+

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

  • Queries information about running processes on the device 1 TTPs 4 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 3 IoCs
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 4 IoCs

Processes

  • com.android.okehomepartner
    1⤵
    • Checks CPU information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Acquires the wake lock
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4320
  • com.android.okehomepartner:ipc
    1⤵
    • Queries information about running processes on the device
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4352
  • io.rong.push
    1⤵
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4378
  • com.android.okehomepartner:channel
    1⤵
    • Queries information about running processes on the device
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4601

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.android.okehomepartner/cache/image/journal.tmp

    Filesize

    36KB

    MD5

    486e2bac2b3e9e1cb411d2838a4854bd

    SHA1

    81dd0a7537f4af319b830ae834908986be85da8b

    SHA256

    5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57

    SHA512

    c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

  • /data/data/com.android.okehomepartner/databases/MessageStore.db

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.android.okehomepartner/databases/MessageStore.db-journal

    Filesize

    512B

    MD5

    2261ebf1bc6fe681d72003cbfd450139

    SHA1

    d4b1954f066d2b5e50227c897ee0b10198ba1267

    SHA256

    a69c26538f2c93957c0393b6c91ed1f9c6f05c6724c863579d7349e826f2ce90

    SHA512

    3f137e78605cc7ed4abfb99ed1ff72ea2e69e0670cb7d438de45acbce4bd5734ea73c73870c07afb3beded0153c21ca9b9b7d781e25b1dce73d0a4a0700d09c0

  • /data/data/com.android.okehomepartner/databases/MessageStore.db-shm

    Filesize

    80KB

    MD5

    afd741d8ec4662c1b1b2f23536cb21d5

    SHA1

    a4b7d144c0121b4f0786f309af78866aade6d9d1

    SHA256

    669e1d1fe2eed836844b6ca57f82a74b6ab6b272dae6ffd706e20e9f4c7ff501

    SHA512

    82348387a08e2a72ac28b263a49f9a2b1206935cc840a5deeeca0c4a0f16643ced385efd28c283dfb10c4d98bf487a8136ce614242ccaf6bdc7f2c42b08b8f13

  • /data/data/com.android.okehomepartner/databases/MessageStore.db-wal

    Filesize

    76KB

    MD5

    f58a503ac1fd0898b22067e875c4997a

    SHA1

    5e2f384daa80c1d90e75b6f4eab73ef2a3f1af5c

    SHA256

    4590db681073f4a5f388571e52de41406d347777dc9c11c5797101d76c6d29d1

    SHA512

    febb4bcad21db00aa16578ed54d79f0eeaa3a70c5420b0a501287f4063a5f4ce56116de97b79145e4c9b88e3a45f8caa5eeb58d0e50a391a250f0d383b4280e6

  • /data/data/com.android.okehomepartner/databases/MsgLogStore.db

    Filesize

    4KB

    MD5

    911ee82f0925bfe32a96a1dba29707af

    SHA1

    ef9f395418dee15472425274f6f5c4858e074421

    SHA256

    c6442081397400c71ea6568ee437f13f3458de118a7968c0b73aa1106f0ac5b5

    SHA512

    a90ba1bed18040855e965e1df9662d6e89c094e9330a9b013a51433e6231b6624ab7ac41a367c8dd18a5f3ec641e4dca419cfd72039099784d6a22c31ba81cb3

  • /data/data/com.android.okehomepartner/databases/MsgLogStore.db-journal

    Filesize

    512B

    MD5

    79f5caef83568e223245fc33a91c349e

    SHA1

    1c587dbbc2a5439c05d34db63c02e69efdb24cc3

    SHA256

    d0e18cbf06eb719cfa77099c8736d07336625eef9eb55ed1ee34cb1e5fe3b1b7

    SHA512

    cbd3493525a4438a86f6fef7bcd2ad3bae0c88fb6b6c276912177b946f35e6e85969c1154fd56ba511121e59b1bb35d35dc359623f7e55f0f021911dd63e319c

  • /data/data/com.android.okehomepartner/databases/MsgLogStore.db-shm

    Filesize

    32KB

    MD5

    e69e2181c99ce4dfb99176f6fcc0e8eb

    SHA1

    174383fd93bdd45c5a649abcf989db8a449d80fc

    SHA256

    90bec8f5cb2683a5f1ad73fba797a3085a5dc5cbff1b105a3b17ac7caab28364

    SHA512

    091668cd3566ee91f64e76a3782e62752f8760b5144513e45f0223e80c4cd7a12a404ad5351da5a63fed72ad4b2c6b759cf015831adf2c260ee196ea18deb677

  • /data/data/com.android.okehomepartner/databases/MsgLogStore.db-wal

    Filesize

    68KB

    MD5

    ddfc7ef45302ba7c1d300e900089f0d8

    SHA1

    f665bb59e2c8b4a4ac89fd126dceafb80da2395e

    SHA256

    6ace0b8ce2c00773d56e5841d9175f5bb2e9f68c2ace65d64cce60351de80ded

    SHA512

    f92755730d1adf3ce76692ae54c6d2c7ca3e87c787adb32933583710e66c04c7cb435b2ffd0b52a32e94c5a02769e6b7cb8e6e0d8473711a8543b4bf7349795f

  • /data/data/com.android.okehomepartner/databases/accs.db

    Filesize

    48KB

    MD5

    27354ed481321b6672a4e0dd527e6a55

    SHA1

    ccd0ac1df12f98e32818e545a15db79a07a97b24

    SHA256

    1b166361da5ba63006dd23971a0ae1b72f058f6826e65a166327490ec6392e27

    SHA512

    34da4fad4d8e53d0b2cf830078993ed31b50a2b5c0e647b9b6df2bc1625ce8a7185d8521de70a60798e538ef7273861bff31f8470661629360740cc88703f538

  • /data/data/com.android.okehomepartner/databases/accs.db-journal

    Filesize

    32KB

    MD5

    36c70bb3bcb65077414c7362a9223753

    SHA1

    81604bf0d377d7453e0cc67334670d58f5b2dc60

    SHA256

    7c07d89ccccb89eb0576f8cbac26f3ab20bb372c7cd58cc6ea13550f82f26ccb

    SHA512

    334563cd4d8aca90499a110a3a855b14bb701faea11b90406ad69274b7d42b2a83c9c25e6673f23567cc900622b8e74cf74699adf8f6cc3fdf81ea903db6e5a5

  • /data/data/com.android.okehomepartner/databases/accs.db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.android.okehomepartner/databases/accs.db-wal

    Filesize

    32KB

    MD5

    5f1ae1aea9b06bb052c676c85ded27c9

    SHA1

    7050b8fdc72496f5d35384ad608465c7d91e492a

    SHA256

    25e044735a8d976085e94c3a9b819c1d91d1682366421ad7c59d3310f6428e7d

    SHA512

    2bbad12458a8563aee6eeeddd0e66a622989cf36e301105b3a2d1d876f21f1f2c453cbba5f5fe1a481ffb8ffad5318223b560cb3bd6bd8856dd9c1c23cf73af1

  • /data/data/com.android.okehomepartner/databases/cc/cc.db

    Filesize

    36KB

    MD5

    5d7ea1a23af19b4340cc8d90f28297d5

    SHA1

    4cfe95b23a9e98378d69c4290af81b51fbe76aea

    SHA256

    474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

    SHA512

    33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

  • /data/data/com.android.okehomepartner/databases/cc/cc.db

    Filesize

    36KB

    MD5

    ce6135aa1b1fe4f2c2db2a546d2a5558

    SHA1

    79b59582154017aadab783dc266fcb158c252940

    SHA256

    7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

    SHA512

    2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

  • /data/data/com.android.okehomepartner/databases/cc/cc.db-journal

    Filesize

    512B

    MD5

    b49e3b93782692a13e6c300e9c219345

    SHA1

    eb885e0a7e12d614d6b840ed8477d855e10508ea

    SHA256

    2e895ff36ebbb77442a44035d865d6333943010d9d27bcd70bae29c553dbcd94

    SHA512

    d2b267ce0cf9bbce49a2b189e7e4dbc6bfb4ee09f029e5186e88c85592250f4079e279f9b3304fe703bdf9ca6c2623a1adecd580025fb28fcf8d85e0d8186d5a

  • /data/data/com.android.okehomepartner/databases/cc/cc.db-wal

    Filesize

    48KB

    MD5

    52c956dad0d19ee2e740327288a21403

    SHA1

    c996365c19b1ab1d785814cf30a5caa63dec0cb6

    SHA256

    7a37aac796e30c457b7927bcaa19c7931eb8e29f239f9eb0d8a1894ad851b384

    SHA512

    664114a28a1a780fda688c7c8fbde899b6bb31402a8300889e4a0c5e18f250f4e020042933b88403b04647512d338a25d2e694849ac568423f513eaa9c8031f0

  • /data/data/com.android.okehomepartner/databases/cc/cc.db-wal

    Filesize

    16KB

    MD5

    ffba48698d0d57efd2886d1361216ccc

    SHA1

    e05f21c706598bfb03090724bbffe31c67247e3a

    SHA256

    d439fb633ec99ec51cb4a9f136bf371fd20c3e7265541075af344ab7e470542b

    SHA512

    ef15617f5af2523085c106b72d5c630a1ef9b90e32a6f29da7c5d2ce13c0805dded60a674e58e36ed127d0a646bd01f5d88a35971558767ed212480985439829

  • /data/data/com.android.okehomepartner/databases/message_accs_db-journal

    Filesize

    512B

    MD5

    42303c7c5bfa85834632790334324917

    SHA1

    107e4e67afce1d2f1254f682e797cd6bdacf908a

    SHA256

    11d90b5125a5c29b759124cec1a1492640078f503afd1804567a7d44b51f98a3

    SHA512

    e6ada411d58ac6c7b6a4b7e05c3ec56ff348a0fe7118a2d7be0d36bebc6835dce452aa01a88aae765228684b6ea72e33b1a8e64aee03ac479651d65ec292cad6

  • /data/data/com.android.okehomepartner/files/.um/um_cache_1717386991689.env

    Filesize

    1KB

    MD5

    434b89bf2f56ac35b72a249284705467

    SHA1

    10f55bc044e93de4b7fda76b04fc6e088f0e2302

    SHA256

    977392027464affa86bd4f2db507d3062e21904796f19bc33fe8d2f6451d6f05

    SHA512

    b8616fc8c6a27b587213ea029e08d107e3faaa5bd19ac484288f8f8ffa58a80a176e666ea4f9ea4ce926f067679894c8005fc955771cd59c18b1c0f3d40c5810

  • /data/data/com.android.okehomepartner/files/.umeng/exchangeIdentity.json

    Filesize

    162B

    MD5

    de9e18a9153a3aeb2f6fad1fe5fcf017

    SHA1

    f5ad354f1d4e2939001b603cf7aa3a4e9e1aaad1

    SHA256

    0cbea1b4a6e8db50a75cfb66ff5ae71e2263ee3093f929b43179daefb936e33b

    SHA512

    9458c1b421edfc9f12fe762c68f55cfb7741bb78c1b2be16df00bd781e3f2537519d4e006fff2137788bb4bc35a7d44edc31a950dd772264f1327a67b0febe4a

  • /data/data/com.android.okehomepartner/files/exid.dat

    Filesize

    57B

    MD5

    2f78dd6d1127be0442566eb6fb61f67e

    SHA1

    4e3ec0804ecf1f214d4806b48600612a722d7685

    SHA256

    1585c4515a886c6840fb18c346177c53b9c07713f2dea97af73823cf5b5d14af

    SHA512

    89d51afab5e3978043a84ca7a266be246bb172b321c986acac0bebb611b806f6fb206221efbe49a545e0736710d08022308df786f924eb8ce0b37ffdcd7fa852

  • /data/data/com.android.okehomepartner/files/mobclick_agent_cached_com.android.okehomepartner29

    Filesize

    2KB

    MD5

    d2693345d4773d2e0486a346ac6a91f1

    SHA1

    1d8c18b2439fd5beebf47924e6781db9c441bebc

    SHA256

    5ceed7f1fbd16c32b3d7da3bfc8bad8de3a44f66b1704aec78c978bd9351e62b

    SHA512

    a28a28953769db82883e74fe2eba98e68eeb3521cac1c53316cc77c61424a19dbcf867f6fdb2d305512ab7b13baee91a7828cbfc6602cbea9d14261b256dd49c

  • /data/data/com.android.okehomepartner/files/umeng_it.cache

    Filesize

    498B

    MD5

    53da4bf8b791766eb457260896c5cf9d

    SHA1

    3ad697d7adabd105e9b73680a4d804ea1976e853

    SHA256

    5ee76f07bf853b4e92f1527fc8676835b0fea04271974f01601347cc1a25e115

    SHA512

    6c7fbe939ab0dad7f254c16ba03c55d139c148a0f22c8272a62c835bfedd2461dceef40b8da419c58baa7519f11e2ca653e48c6944b0130834ede3f4fd66b0db

  • /storage/emulated/0/.DataStorage/ContextData.xml

    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

  • /storage/emulated/0/.DataStorage/ContextData.xml

    Filesize

    111B

    MD5

    29e5397d2a197abef4897cc9f2fdd68c

    SHA1

    0b657e70a2b0068a10d77a07a6a995cb54264442

    SHA256

    b0cc9aea33f5442c9a84252c02f68b1e13d1ac2295762f5fa337d1212384308e

    SHA512

    b05018f71805a48fa753a6c3c0e7e3f837cee94967c6f1bf30e6f50061ff1e9c1833911d702c6c385090e29c7eb71570c5d4c5c651762ec5d58ec87d9e713b95

  • /storage/emulated/0/.DataStorage/ContextData.xml

    Filesize

    213B

    MD5

    c34df8847ca9078c39ebabfe47d3932b

    SHA1

    1434477710a9b79aa38c1f91720bae148e0f93a2

    SHA256

    c2839f842f1df9112f527910c607011fd6cac8b35e64dac3d495797dccf5eea3

    SHA512

    471bbb1a23ccf42bd6ecef3e7e2828210e847f8ae4ab4ce4d57376be85dbb323bbe1548ba53ace7ed91a86687b1516a5251eba4acbc051d52836fb4f91e493a1

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    780B

    MD5

    7e053b9ff60cae27ae8ad21d21632932

    SHA1

    674652aeea091ccc87e35cbe782b4c597c5e305f

    SHA256

    9573c317dab83c2c53eb65fe9b054b7888c116aa35f487ab26746e3ec383c9b3

    SHA512

    75dafacaf80780cb0140f5320234af957ed75a3af837069b52b1dbc44e67bb2e08f14dfafe1c3ca276e75b228c47b39f62a5d482fbdfb943d99f7e22ce5f4c8e

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    111B

    MD5

    74e2b00af8d47dce221c84d6e54de0be

    SHA1

    28e842b15c156b9800730a78756a9a444b9e2e5e

    SHA256

    0a2d326c1d4c1fa721231d04e6fe1f4c39040e65e77d9ed040153bf95a945ecc

    SHA512

    793f646d231ff75befea0dc204e5a90435a2da8007e4fd809c99c90624fa674e9fc6a0dbd7b35e0b19d7a706e397befd2bcd316173dcc02cf5855e83de6be04c

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

    Filesize

    167B

    MD5

    35a745ce4c2e03dfb7bd58a0298e7291

    SHA1

    ab58441d3506bcc1774c37c25c73b0baa48797e1

    SHA256

    b0c16674bb4bda54f50d341f69d1165905c84f0a329b9cb5dd6f306c9ff80759

    SHA512

    17efd72a932871dd2d69c00db0355822aca4ce75bca92209a6669e2bdc1ee488053e97a073c26ab8c186cf23c8c97b0194d342070423f072e4215dbbccf61871

  • /storage/emulated/0/Android/data/com.android.okehomepartner/cache/64d06a93394c40b291652e02502f4bf6

    Filesize

    5KB

    MD5

    a8457ad79453c49a046866d20758e044

    SHA1

    1383bebeab827406ba84a705988ebbf433d40925

    SHA256

    03151bdd2915f2f9a35c5619d3ca59d370bd51c1bec4f938f585bd6215216b05

    SHA512

    5dc51046893bced0ba123901976af4e248807ffaaf7b380132f7c594f8b979aed987066a8a2bace86ed5e3fdfc0ae416a00fb96a39a8b3fd8b6a1a74feee5194

  • /storage/emulated/0/Android/data/com.android.okehomepartner/cache/fcf99f3edd17434b986936ebfd937dc4

    Filesize

    1KB

    MD5

    4013f922d6e2b5127df7532c533abfa3

    SHA1

    d2c113e1b1527a8525d50ac571499d2cfb04eb1e

    SHA256

    8592bbbcb58d5d04cd7358acbda5fe0488fcb60a101ca6a36e9f7f0f2f0ec00e

    SHA512

    99103ad0ed45dceae56810e570ffc612d69a7713fbd85208301fdd0cca77dcb12e4d61699b9431836e6cc239375eb22d5499fcd16802e60d2ac0c49c168709d4

  • /storage/emulated/0/Android/data/com.android.okehomepartner/cache/uil-images/journal.tmp

    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

  • /storage/emulated/0/Android/data/com.android.okehomepartner/files/tnetlogs/inapp_20240603.log

    Filesize

    71KB

    MD5

    a473c5d2dd51009631adb3b29096cf73

    SHA1

    0f3bb2f0a872f5d81bbef7afb104012437e75501

    SHA256

    22080fab56ad62b55c6443aef9b6055ddf68dbde9affccca9799c3196b1524eb

    SHA512

    2fa461dc59da7bf0794c652c51db8fdd448f16667f3bd43769af6d0910f9589f32e45a9a8a4ac8721ef754eaac93b1f0c5715387d593e17bb9cf244a6d9cbfa6