Analysis
-
max time kernel
128s -
max time network
148s -
platform
android_x64 -
resource
android-x64-20240603-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system -
submitted
05-06-2024 17:51
Static task
static1
Behavioral task
behavioral1
Sample
98d4edc8c4f13bc13689ba11c721c66d_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
98d4edc8c4f13bc13689ba11c721c66d_JaffaCakes118.apk
Resource
android-x64-20240603-en
General
-
Target
98d4edc8c4f13bc13689ba11c721c66d_JaffaCakes118.apk
-
Size
10.9MB
-
MD5
98d4edc8c4f13bc13689ba11c721c66d
-
SHA1
767e02818b31b5025972c3f49632c01a66f4ddca
-
SHA256
407c990ca67690cd5751c27687ff1d10a23e954e1b3ac9f82a07de61c303acad
-
SHA512
ba286e587df27d9b96ef4614f819fa27470411ade34284cf490fc767b6cac5cc510807b7c6bf305d677785b7031edfb7c37ea89aaecbadc0d2b0c2748f1c5d87
-
SSDEEP
196608:dds9O/xGXnb1C0ayoo5SFhZWlo0WuSYBMwoZV711kMe4lf0AT9CrTL1XZZLOt4f4:psfayoo5SFhSWeUZqFw0AT9CrTnHI9
Malware Config
Signatures
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 26 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.yxxinglin.xzid510028 -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
description ioc Process Framework API call android.hardware.SensorManager.registerListener com.yxxinglin.xzid510028 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.yxxinglin.xzid510028 -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.yxxinglin.xzid510028 -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.yxxinglin.xzid510028
Processes
-
com.yxxinglin.xzid5100281⤵
- Queries information about active data network
- Listens for changes in the sensor environment (might be used to detect emulation)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:5222
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD554f008d498ad6d5b380f1d40c5c1e264
SHA150d65b2057d0bc26243426f219876b19c688ea25
SHA25606246f3875b8aed8af0eaa4147bdab93afe3a31666c06e94000011ed5c47c97d
SHA5120f5e65fd15a00d7a544de27138359d6559780cdbf547f4f6cf85ad81be8e0c9d81b4c51449c77186113780adbfcbf44c0104189dcc11f8b92b317e81235c54b8
-
Filesize
512B
MD5569e80f4c620ed4ed19e9a9d67e48f37
SHA1c8ff682651378b7e2447bfb9eb467738f64a53e2
SHA256acb00871e334374f51ea4d901a5e765593f71ba6d8d598b8b69c9632ddc0668c
SHA512d4fbef4e0ca1f5441c9aeda1d452c002d92de58d3fc65badab20b121a0832ada904f30fe004a0005a6394b36c7d38e8848de7b0721de03cd8f67873e1518b281
-
Filesize
8KB
MD51e2d6f871916620301863dda7581204b
SHA1838d740496e1d87d7d033cac2d6888ab240784a4
SHA256ae20ef9eb92633ce3bf7db615f9ab4ea4e466a5708aaee4a6bd221723c9b45b7
SHA512531892e315af5345817751ecf2dd65fd83e46a7eace853122bfd83a61ac0d0ad7a5b0ef6870ff86a725d31db19b98778e6ba06a30353e54682ccc1853bcc6ed2
-
Filesize
8KB
MD5adfc75c7ce8e8962da626db1a0ed6dfc
SHA1591c9ef9226e02636f836cad31dc9b4165d785d6
SHA256f1c505ed7cfa22514508c7457fc48d5a9612db5ad330427b5588556a76de2e65
SHA51246fc32fdc44aef9c1f9b97a3b752ee0824152ee17867f8407bc542dbb41f8e9dc45fdf4b72967879515d686ddc608bc35f5f5b376a807c0a3ff37c4813491eef
-
Filesize
12KB
MD59382eb07261e82da9a38abb58c2faf03
SHA1e0bc8ec0b9fe2a24472f042543eaf9d696a3b6c7
SHA256950bbd5c0b9b7c18e8cb96a917f68ad9d2e95886b14c82e59944e4303e9c7055
SHA5129964f19666b16195cb503008f59e7d524ea245686d9ff77cb12bd85f50e57d023cf598da0686dd789bfe063632b7994a215b5a0dfa71a1b070d3d3da01ca1627
-
Filesize
12KB
MD51a7cd788c6a7f82e1ad629e4631f07fa
SHA177afcaf455fa17028669a9e6988555ce0717d210
SHA256e0b4c3df6fbb8c2c29a40f0ec4622b423d0d67acba5b24a19d0c4d05ca95e324
SHA512e4bb44e93b606ee33d6588ba9b27010a25666ea3cb790a56422e745566afafbb8f3f4ea1cd354d49c87e5079c4167912ac948a48766622de4126a9e2056553a1
-
Filesize
12KB
MD595c69c8503cc6e7b626f00bdeeca1cbc
SHA1f5eb23e3dd6af8c61cff394c69ae9d2b14e1738c
SHA256bd5385621f2dbbddfa640e2f91db761da532a5f81773a2b1b6138324add17a49
SHA5125c88a462588d5928d52a7cbff7456843f08d79fb4dd899050d2780ffb9dda8ea2f0a1ade50ae64e5a349c72c49b883444c85ddf90ee54947601e9ab5d7ba78c7
-
Filesize
36KB
MD50908e924aa236931dc7166fef6e00862
SHA17782648d6d8f6e835bd47058d4852932c096a467
SHA25638f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f
SHA5123c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee
-
Filesize
36KB
MD567c12933d1e0e63d9801a6aa43092ce7
SHA1b6936908554e4a1986b8eb08289e2d3545e8ff74
SHA256abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40
SHA512db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd
-
Filesize
512B
MD5cdb03e9cd664f5d26013e1ce05fc69e3
SHA1a6132eb67d45f7129509fdb04e089b8e3571a9a7
SHA256d35aa1600cd511b333e4bef1f656d52a391a51407d722ac514191182f30e35c7
SHA5127e013ce7af2aa4744f3adc3b432a72e51e163beb627e06a4e2a2bd1edda823263df511ae3c35a822424c22a979fe0def808b516a7e2f2f01e87df5a6aa3fe483
-
Filesize
8KB
MD5127193a89423ec70ea01a8d6e25caad7
SHA19fbc32f604e3e43ff6c611dbe80de30c83c87272
SHA2564ec6db20e3f879d38906f8d1384c63c77e1f8936b0eb61cff420cff89c065810
SHA512daeec771a1cb48fff7345cac77b1683f14a79e66c1aba3b993854c9eb4f16d0e8ad5bebf0dd09b70ac6d72fc917c182be824087b06438f10edd55c75f8cf82c1
-
Filesize
8KB
MD556db8861f60b32d1dfc97d8145b92e0f
SHA13b4f46edf749af188bf32a3606fdc7d571ae25d9
SHA256fe098a8dd89f4a39ca336f70cdac64a7ea38385aff215fb87365a6249e644814
SHA5125270390f0181d87b653fe151d8a058490ecf775639a20cb0f7745adb7b68876b2e1955163f8739ba726f5684611d6d350f8bc0ce611adc76e346696120371bd4
-
Filesize
8KB
MD553a0756e60d7f36191cc568237ae95c8
SHA1fb64245daa4d1b00924a20be39407afe535770b7
SHA256fc68b204e1d827e2443422b8706f68f5aae675c1fae434b43d66ea304096c471
SHA512bbcde7ab010aab82923a726cfbbcf0d3ea5b9b60b308d0f61bc2fcff292bcff42b55102efe75f4eb040c1a41c0007855f48535717bb0e3a1dbe83b6a9251f297
-
Filesize
8KB
MD544ec7bb98e940c4205dcb67929c3bc96
SHA114062c6acbe3ea5526c9e776768c45932ee40afa
SHA2568e83d18c8b3e3fed0455902816cc0ee80d453291ecb4434cb9ede666beb324a0
SHA5124914252adbe1198bc04ff312e852900311ec5f2ec04601aa83a7d63d50a3177bf769a0ea0b8b17e719e2ef5cec6f833a5e052c7386f178f0112c04c6dda22c4e
-
Filesize
12KB
MD53dc33684286789b7f80381240f3b9298
SHA126b7332e6d29e3ec7870e47d2ef9041539138e6f
SHA2565ad394ad4c4312e02af3cf83e5834bdba2b46c3de8e082cafb3fdfe28d99f4a4
SHA512d84817b6a3b0fe2cf6fcb61cc8ba49aa7e6c7aa33924d499153673c843193936269a841784cb608293160688b4a87d90d6281624366548c011c5d8e428e04280
-
Filesize
32KB
MD574f34674d7f020b020facdd61e2e247a
SHA1e77e9d48e3c7dde5570177a364e9460a837d5d8b
SHA2569715e09018130d6b97c002ef6fdbdac61f9e1ec6f7dd8733b601a0b6ec1409ba
SHA51204510d8e8c00695a270557fe46cae7941887c409ece436f12e9d8b5295a0c1f27c381ee912b958a883a5a1abfd51733e575d2e16537fcfec0cd8af73f655509f
-
Filesize
32KB
MD538564ad4c73e5619bc2264b0c44997a5
SHA1e55f6fe1b20347ad4cd58d77af0b0feb149f63d0
SHA2561820a909a310bf7bc4ddaab6c8be3954dedd53612749f7bd08fefbef31670ec8
SHA51230d84731a3d8380e63bb73227623e86bd779476474269f252abe546028531c77658573874444e66b862ea049724e93a9344b1d4fd9f26c0fe02a79a4079a9a7d
-
Filesize
512B
MD5e215ed8f0b6690bc7650512d369df435
SHA1f9e923561438ff974a1469fa0503e5f6d0948e8d
SHA2565130674639dd7412acffc0c0461d0069439c8cbf5e42bb9b6ee7269f859c4255
SHA512ff6b3cb1a946f14fcdbc34c9e1abae4c55198243f351f5b7d48f41d4a86d8583242444d02133b3a814b0e9e4e23cef71472cbb4b40132cfd8fe244b3bf32fbda
-
Filesize
8KB
MD52c513855b40bb7df12462eb53b5a72a3
SHA17ef9603c82153d7ab13ee6107a5eebc331c5f3ac
SHA256b46242d0f0c55036184207287e8fcaebaca6a6dd3103eda44fe9626a9f4fab11
SHA512dc8a70301d3900a3b220a4a55d568d8ce6ca279c8c4120ef406bdac845cc32bc88803f8c19a7e173ec315465c7c6d088b8c23f60c085510ca10f881478226b4b
-
Filesize
8KB
MD532594df1c3d978b527c8fc0b57125608
SHA1190cc0d47bc03b53730f4022547e95d30707cfb3
SHA25615b399e64ea956894edc6e43dee77867124521f90f1331f26c4fc3dc2322d232
SHA512a2fc831b779c9e6fd99d2b33cdcf5647a648780723ab4d5253d34fcb6183cf3b5ad1684833df1c4482c85c1b1e6c1946fba508856e345d350ace9dd963128612
-
Filesize
16KB
MD5030cbbccc40c008ab92021f6f08e29cd
SHA12c8b3d4704de45c05932c2cd0cdf2eac3cf73de1
SHA256a50db9b7bef67be8eb9f8a72536062a8349deb05bf0bb5358ac73cced30cfd73
SHA512b42558b81136c02a5ca827b0d80289c87f01f6d591ae15d721a1ed020486d00525502eeea1131c1b6cacacb93da24abe034ef1bb86c4d3c58c0b526d3fb3ee17
-
Filesize
12KB
MD590dac57a7d9a36f5eb7e6d7dcbe06ae1
SHA16ae90d0f3da0c10967874aefcc9b33a1c81d35b3
SHA25611b458b1e027b2b00fd67d8e8ad0d7f67d1ec0422863c898997a6c2acc13bdb0
SHA512a67135ac1a374f6fac9ec27e8f878a9435bc90eefef16191999d9d3f3bb40d4f10245ffa40dc94f2c29a02ac144fff828c0bdb6edd3b8726fd4f69ad572b760d
-
Filesize
1KB
MD5eb3dcbc1e36668645a506fde4bd5af33
SHA145284ca397ccded625a9adf6bdc45700473fa1a2
SHA25666a342c219a79e8afe51f168285cdf7c3351d2867b82e6b6e0b51815bc0aa453
SHA5128c53f27fe0566c5aefabb5a57eca6d9cf113d3838175a5be715acc5531af225c43e7c42c4a8a33eea5b43bf960394647d9d260d30922741c4f348505e85637b4
-
Filesize
162B
MD502bd016c9f24e6c96c606637cb6b29ff
SHA1911dd95869399b884a14ef02b8a4bcace21a5e54
SHA25656f51e960fe07fe932745f46fa5ecba0600f2566111a336c6c123b6e72b026a0
SHA5120e7bfce01fd24c60bf4706d5905f8e2b491b12772ec9813f45a3fe84f485b413cba6ccf6f028561b8a22114844f3617930a8ace818482898d7d6fd9166c32ec4
-
Filesize
54B
MD58eca6f1cafc0b3b293d3d25476339bf8
SHA1f0175a2a6c166ca6be7bfaf3a01e0073a28e765a
SHA256cf0563c7683abbf91edcb5b3f5ed516c6c544d2f4e05534757730a157e802095
SHA51276d0158b3d5861de62dd477f6421f0f60ae102752e43a45cbc26223d3d24a405db768562ed8c8c1fa661ef6634ab36763a961aec534c297dcfb8aa33f691c098
-
Filesize
433B
MD552555f0f0dae310082bd538c034d1183
SHA1556eb656dd543fd913371f19c1d763ffd0a036c3
SHA2561a7d772801fad8031677481efa3adcc7be36108fd3510d6669fd7dbca4ec1ade
SHA512228e692660a81e32fd0411b0483d4ca53ecfc4d850fd1f2303d69e0d53b65f18992106e39f97ef6d03accba417f3666ac293a402769b180683f50540176e3d0c
-
Filesize
156B
MD538891086d77c253b1361a5f999a1cb20
SHA19b38a7d5a47071e2678523b13a34ecc075477307
SHA2560c9c6e473b8aa6cfb8c222b8faac0c66372e260c5965ab8e241972f2dfd1de35
SHA512c3df408b31a807e82c77b50b3a06f2cd3ffa112d6b5438a69408741b856cf18014c81d8f613347f6c9e3f56cf814eca655b05aad7ab559b02f40135ab97989ab
-
Filesize
5B
MD5c06857e9ea338f3f3a24bb78f8fbdf6f
SHA1c5a0a2529d2deb60fec041b4fbd722a2ebe31702
SHA256957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027
SHA51229f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1
-
Filesize
1B
MD593b885adfe0da089cdf634904fd59f71
SHA15ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA2566e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
SHA512b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee
-
Filesize
1B
MD555a54008ad1ba589aa210d2629c1df41
SHA1bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA2564bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA5127b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339
-
Filesize
111B
MD56aa4dd1ae9db7fc44c2da364fff727a0
SHA13a0ee43d45a048ddefe8df2c5fc836b1ef9ed41f
SHA2565a20acb3f259860b0376650dd980932975003dca8f1c8e96ec94adf8a768fef4
SHA5124111a7bfeea0d5c4846bdf272cdeb3318d725bf53d5439d8e6372c70479b97b9998a4f42077e8c95c887045dfe8dae61aa9eebbffe7defad846383c4074d37c8
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
111B
MD563ba721e2b80d31c13e986159719eaf4
SHA1841975c9f65ccdf90711dba9e36932bbc2f4c37a
SHA25608fc881a8cd2ab1b8d47f0b70257903c061629bc7da2866d5b85c32c960a6f3e
SHA5127ae5c74419daad1166a546a9c012371f498ca4ab2ec1ea096ecf27f274889d17922077028ac1092b7f268278a312692779cfd7187560ca35cdfc39e3d88f4223
-
Filesize
407B
MD505cdc61446ccecd1d42ebea0f02e5383
SHA113d2138e441001c3fcbbc29a4cab6ca7d7e59ba0
SHA25602cabe9fa233b6e02ed7b69632c96c28d9758153a1ab88f98c0f7ed6b23a9611
SHA512ea392bfe23bb2bd91199fc89fd377078c9d866b06519204659ecd78e78d67c48ed07de47e25c1db40892a6377f3ba0c0518ca9d32be1ed5dff2e9a0543161b9a
-
Filesize
8B
MD54fa7e26102afc285def55883c283d885
SHA1ce1709a188ef1213291453f4751e3c5c5d048301
SHA256ec600619d127b4524746c2668a7e5bf700042643d25951f1e6feb99bac4a4423
SHA512c0191d0e19a0ececfb137fc102a7ce92b1f3b9d65c6e8e21f45cb9e9527b17b6a6e0bf68ef0216b69c3e0795556de29ffd7944d3dacf847b2b5f0e2813a5d3a2