Analysis
-
max time kernel
67s -
max time network
155s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
03-06-2024 08:10
Static task
static1
Behavioral task
behavioral1
Sample
9111a9f43cd8eec64f827f2445a39b3b_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
9111a9f43cd8eec64f827f2445a39b3b_JaffaCakes118.apk
Resource
android-x64-20240514-en
General
-
Target
9111a9f43cd8eec64f827f2445a39b3b_JaffaCakes118.apk
-
Size
11.9MB
-
MD5
9111a9f43cd8eec64f827f2445a39b3b
-
SHA1
b7132bbc28c45b8d5d8dd1d75269dfaf2ad926e6
-
SHA256
cbd688dbe049aa0cf1c70179bc44a5dba0b7fb86c4cbf1d8805c1e4bed67aad2
-
SHA512
ecf05d130e417e1d00cfa1b340d221d9364e66665e6a9733f2d8fd89105bfd20375d8507c839eebccae85801da04c2449dde34932ea5d4d186985e0b44ef76b9
-
SSDEEP
196608:zRfvY6U7ITDJO7U19gOJrScrfqf1voD2BkBKNVfRj:ztZcKJfgerSifM1o6aBKNbj
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.lx.launcherdescription ioc process File opened for read /proc/cpuinfo com.lx.launcher -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.lx.launcherdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.lx.launcher -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.lx.launcherdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.lx.launcher -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.lx.launcherdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.lx.launcher -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.lx.launcherdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.lx.launcher -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
Processes:
flow ioc 15 alog.umeng.com -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.lx.launcherdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.lx.launcher
Processes
-
com.lx.launcher1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4254 -
getprop ro.miui.ui.version.name2⤵PID:4319
-
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
512B
MD53f94e6f24f85bd68c819d25c8894b491
SHA17856b77bac0479e775fb3f4618416a48fdf75f25
SHA256e75e10b347fafa1cec7b722f0156fe073a09d277693586fa67ea1bca28f66348
SHA5123ee5abdcaeefedf8fabd0da0e34d89f39bb67c289bed3740cc43ce033059016a3bcd7b4c90fddc7ed14df992d19fcef75726c42e53f651345744386ac48fa89c
-
Filesize
40KB
MD5bad5278facc2912ae0b27a7ce8d0ca84
SHA13669a3187ef4cd346d0647e577a9611c7eeaf169
SHA2560e840e5e582f23541170c9c99eae6556fd4935209ac884f17beecb632f838a0f
SHA512c4c15e767b33fe94fb561836eeaf41b628cb7b4d5b6e9d9f6e23cdba7412923980aa57e752d0b7e123599e7125a06af6fa549542690b4dec77d97b13826aeafc
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD51ca6e0915e3d483d8593b79109673e8a
SHA1d2aef389eb2b862174e987c1c1f141003fba679c
SHA256c40a97511da67dc029ecafc1a54ef4436d8b516b4e034d70b309fa3a0f931af3
SHA5120ca408f28bc784290cdde6be1e1362ce65057d26973496e476e587e0ccde58d57ad7764133e5be567b7eeceb16fb1f7a72dd8350ccf8093571d07eaacb4199be
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
32KB
MD57a982d84a3b1c3126f72bc75f12dcb32
SHA15b062de1a1ccdd02fbfa543ade16d7be3f64f19f
SHA2564f4800388eb2aeaebd8d68650908e9bdc0dbb4a155dbf0bdd1d50da168f7346b
SHA5121c24f17cd29033d385a18fbab7c4ed35ad93a19db466d85ffd587f150919163b033060c674ca199e237632e95957edf25db0b25b234bae7f6b1eda03869c567f
-
Filesize
36KB
MD55d7ea1a23af19b4340cc8d90f28297d5
SHA14cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA51233071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b
-
Filesize
36KB
MD5ce6135aa1b1fe4f2c2db2a546d2a5558
SHA179b59582154017aadab783dc266fcb158c252940
SHA2567b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA5122839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4
-
Filesize
512B
MD5dab162612117b8cccec923a4e8914ed1
SHA101f1f4c4f6bde051e6b9f354443270981f1d303e
SHA256b8441316756469037fe6708fba56e936a23c2558b9fdb0f16305e6ce7cb56590
SHA5122d4798d82558ca5d1b61023d63f071ce0ae85e01ffca5752ff505cd71ebf091e9f7c535180e9ab731082653474eac104f74700afec567c6f49bb72204d5eb322
-
Filesize
48KB
MD5795055a84e2c2c264e6b4cd40681ee32
SHA1cbf906718a37302260a9c8987a08931b1025df11
SHA256c46a430e4e5d909bc1bf623df678a87f641f47e30bf374fcc9ead761de14c938
SHA512c8d4062c66d4e5ff4ca87881db66b80b4456241cfd47780e06df09062e99ee9846881ddc5d45a9a227ceacec89199896e5e0d119bc0adb0d135a8ad6e2b31b4b
-
Filesize
16KB
MD5e833cfdaca0d017b9709bdbd0ce8c4f0
SHA1e2d686831624879c493d396c236575da8e3b9a30
SHA256440378b145796f9527818b15613b56e2f5ac9a2e54241da491fdf1c267d8e1b1
SHA512ee16899a14554c2008cc53d10a813d910e32428b72a78fc15499b64f95b076c53c1188f1615f0556f287eec26f383057abc4f64eb72fa770da9797f7a0208cbc
-
Filesize
512B
MD5031a59e2c419507332d820c4ca5cc641
SHA13a3809f947d1d1d128bbec0f89b151fb4ea78af4
SHA2568b46625ed386a228a78e786ce16454bfd321b46d38d479eacc9fbe1dcf5453d8
SHA5122a41b648985f3df7cb879d3998d5aaa5e9f2015a2c2d12106b896186893dc8d6d3c6bf888a089adc27f398debe46dd25bc8281d79d28781441682109edb64047
-
Filesize
32KB
MD5261d01525bc27cdb05a3dc11ae1f0b1c
SHA17b200697d0def402b0ebc85de2afec3208e830da
SHA2569fe74eb416a7b5692de21ade26623d0e777247bc6a475866452d5fc33e93a4d4
SHA512b0af1ee287d06e76db01f217a051769488acc9a1526e6635453c3bda648802402f9816faa4e8e60d3f3f3824c1f03f9d76b4b4917aa285ce80f1b0e70b81509f
-
Filesize
512B
MD5e9c34ca7e1d5fe2ae4d1e922be6c253c
SHA16de502f499a64d8bf9576de285f27eb68fb8a440
SHA2566637a16a540f975f3a1c8cb0fff3bd708f84fe6b998c611f204cd54c6c084c77
SHA51236a567cdc4061cf19bf8583a604e4c471158023e0f56e8c8cb5515600e2e0e6ecbeff521981e6df7043e2c1dd701e5cdd675abc67713fea2bb25899cf3c6c5ad
-
Filesize
60KB
MD5ab993d5c95dbb75fbfbe98d67c5477a6
SHA1e2c2b5e912a9906e6cd613496a04b751f0ec09bd
SHA2569e133e6bbd97c14dd6980d906e0950959cc8adef1842f6b80193c8761e2c7c99
SHA51287bc3b38d23a0fb5b1053a746d3e3f8c155e6ffd917f209c29a240ab90108492535976bc981256a838ece650ff3b963f22591b56441719bb737d55f00f8be8fb
-
Filesize
1KB
MD560cf4d727e07ea549405d13c122f1963
SHA13bad05371e31c47918d365857baa9fda788cac5d
SHA2561c7985130e287033484405570097545e3cb9ec9742aeef5de090d609eff01fa7
SHA512887756f8ca88a44b2ae9aa95be14c6689747b11694e57584ad9bd199205e7953fea4157bad0c009a91b18a71320f87a8b0638ba2e952b70cdc204a30a43c59e0
-
Filesize
162B
MD50f76cc1f7616d6f39fd45a2e070ef194
SHA1715c5c3881b4c872c5286114a751d9099bee66dd
SHA256ed74c67df90aff7f4ef0b4f6c7b19f2f2ed9ac5210dd1b0632b8cc5eee7b6c20
SHA512c3a34ff32661e8cdfd5423f4ce7df00a3b09aefa27a0731ed139964c081ddc13facf044ad346413caebdc8a150b80816bcd44718ede5e599c16f7841c9787f3d
-
Filesize
36B
MD5aaee8bc1cd08c501c86f5c3b936a65b7
SHA188e99b1f04c749418867ddb5d0ab5f6f6a563923
SHA25699f16e0da8bb1aaa5fa55dffc41adc55341f5d95738ff7abf622fa64774516fb
SHA512c6608d0eda9d0a7f23d7471231fc506e8cb2417954fb69d6db945315fcbd544a1fc371247bdf1e194d65e7f096380c58e7c9a2b65c2cc8e037f0faa76e1d915b
-
Filesize
32B
MD50cef9b6a71689b689261f3ec988b04e3
SHA11cf53c2de227b532de01725766e33c0d1b1a7a2e
SHA25690eaceffa52914a3bd158ecc8e6f893da8527002bd6365fec113a44e9e34967d
SHA512d50d46ece58800fb8f9084f937e2b78e1bdeb23bbb368f8d927cd74aa29dc02529dd1d6122c42845ef95026408f62eda471623fb050d7e2ece85af770bfe4997
-
Filesize
498B
MD5601597c867e7f5216e45a7b5ddacf7ef
SHA122011d9c854d2d1e8280f4a729ea50d4ff83c33f
SHA256aedd962e65000574265007148d20b19329dfe805f68fc6812c4641c2e9062014
SHA5129c329657ea9b02ded3697c6bd18d8b9ea06c9c4f430dfbc0e356f97902eb15a69f374199fab789b4b0df695bf4f5059a6177f5ee757ebce744a7e7e0fb542864
-
Filesize
111B
MD5b86273c4a3c67ec1a6877bf3419eb02a
SHA1f7a1169c72e876d5825bbb09d4bdb7515e258e83
SHA2560f4fb2b7fdb89aceb661d3bfe60e07cf9cade2453961eb52f0233c825d1094c7
SHA51263de6b67843ff984d57c847d76dcb09fc31465ee68b7e5183a7a39e3fe2fc75a90d53c1be5a3aa81be880aff7300f847c136270628079b91ce5806c02977f927
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
111B
MD518545da5725bb504097f51b527d28fb8
SHA14ebaf9c2cb71301814594873bc519c334c17aa4f
SHA2565ae59883d5ef7a437cc7b3b382dafeca7cb238e79938b5c3c5822b3276e7cec6
SHA512d0d57f9e720fa55ccecbadc614f9c6ddc5f9a43c93c5fb80cae3a0c481fdf2246af37f3ec8167c0ae584bb1d1e2bfa471cc5cde81aee7b521b969864c4fd1518
-
Filesize
380B
MD5cae2ff31888d20bb1cb1156dbf93872b
SHA116b7200bb4e8386f012352a1995638cbe041aa90
SHA256e9c3d1432c1f52aee50911c830804d6e8fd42a2a43118609d79699e9fa57c9d5
SHA512e6468fb1544a4ea8da1bc671f78fabe9d391d01129d7d09b2251eaa6c70f42e64cb0e6e98a0742fc46b368bbc54cdece8c1806a245225029b5f858f162d9f54b