Analysis Overview
SHA256
0bfeade22efd26fcb77d5c232598273d602406460297e084d254b23075b43786
Threat Level: Shows suspicious behavior
The file 9f529f7e621da450fba9cc2deb70e83a_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Queries information about active data network
Queries information about the current Wi-Fi connection
Declares services with permission to bind to the system
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-11 19:44
Signatures
Declares services with permission to bind to the system
| Description | Indicator | Process | Target |
| Required by wallpaper services to bind with the system. Allows apps to provide live wallpapers. | android.permission.BIND_WALLPAPER | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 19:44
Reported
2024-06-11 19:47
Platform
android-x86-arm-20240611.1-en
Max time kernel
123s
Max time network
136s
Command Line
Signatures
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | alog.umeng.com | N/A | N/A |
Queries information about active data network
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
co.lvdou.livewallpaper.ld948793
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| GB | 216.58.212.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.co | udp |
Files
/data/data/co.lvdou.livewallpaper.ld948793/databases/download-journal
| MD5 | c86ab70933e7bfb242bfa405a9cc0297 |
| SHA1 | 421b0e33f4fbd8c10173b224244c63e9dec27b54 |
| SHA256 | 84d958741bc8ba6a97c33592e85973d0dbb4845b4b499affb2629edc7510aed7 |
| SHA512 | 589094ec1497776a518d2ac02f379bd5928ae8d68276587c89d1d935cd88ca2ba42ec3e18f86d0cc90180fb3765dc4430a0252ac6a543a9a45b7a32f74ae3d7c |
/data/data/co.lvdou.livewallpaper.ld948793/databases/download
| MD5 | a4a8d96dd67c31fd7d9c4bb37f98010d |
| SHA1 | 1766f3675e88e07a4c5033f3580f198f3ea0e152 |
| SHA256 | e685321a5600268632c01d25fb4ca2904f7f75e49d0b7cd6ce6b2eb3a6eff032 |
| SHA512 | 8175993024e06082a99ec17844815b0dc1ba317008acf33583a3240207d7919ea3c3fd9449832dde0604792c6f98cafcebdb02f1a0cf858eab1f376f0ad6a473 |
/data/data/co.lvdou.livewallpaper.ld948793/databases/download-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/co.lvdou.livewallpaper.ld948793/databases/download-wal
| MD5 | 388e4cff3f09b04eb30bf1169fafc0fe |
| SHA1 | 6445c2d5cf68ddc3d7f4916952a3470450a9d204 |
| SHA256 | 9b7bca8e04d578d12368a22ab7672b43ec6569756e3acb0c439a78f315c676eb |
| SHA512 | d242b79aa2c6738070b17c659ac60e0e9f717b0a025d8d31b0566d6ac0813e938e90e2246b62a8005f6512d83ba4650ed9e93f6ca8ecfcec2f6a17ce555afe25 |
/data/data/co.lvdou.livewallpaper.ld948793/files/wallpaper.ld
| MD5 | 6522b4f00ed7171d98516b1eb4ef45ae |
| SHA1 | a73ab60960129415eecb839b2eaaa3c5c06eb5d4 |
| SHA256 | 2ebdc01a2dc621afa984d14f093b8294a91a9444784619ace71a690603841768 |
| SHA512 | 2c59b810a3d81b12ed599fa773c511297a900ab7e517c6f85e4ad775095784ddf7bae0c1878435bfb179821f7eee7f56b43d515e6e3a1e00db720087057eb660 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/decoration/0/resource/locker.xml
| MD5 | bff263cb5b60943306b5058f98f5c9c2 |
| SHA1 | 9134f62d5e274e92073a2e69f1917382a83432b4 |
| SHA256 | fa47dc65bf85882f401db62fb070328556c8264e617c41588cec4d29853bfaf5 |
| SHA512 | e3a660aab9779a5064f07e5f1242a43c0a400e68daf634b8a32b774b23922ac3eb00a7429f40278f28f64296758ebf9e11a01da61c8a5df8c72d7f169a558964 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/326/resource/effect/xing/Effect.xml
| MD5 | 0e85f48c551e84a539d10589dc29249d |
| SHA1 | 665368926acfd8c7ede217a4eaab5871b3c435ee |
| SHA256 | 1de4e7c6b0d638bc494a66d2e51478c32d42fe86a945cb300caffe7290dc6040 |
| SHA512 | 0798805bb3b0255b9536e94f9da223e6dfee335cca01b720ba7ba4473e2b9ff5b3b75db95a87e7b0e633b70f62490b17fe46d6fb4931591a74d37c0490a94ffc |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/326/resource/effect/xing/xing.png
| MD5 | 4e604b597501806f6ca7577c682a570b |
| SHA1 | 12124997116db6df68d32213b59a9db9ec4e6029 |
| SHA256 | 6707f0f7cbf64a1706956f67457e4cdf1caa4d6449e31183c9da47cba07575d5 |
| SHA512 | ad6dc8bed643707054c3ae5bbac44428209ca4be20055b953c512cf26f09dbe29030904e5c1aee3923b5ea2757c365b81053e96e238290b69cc1afe44e59742d |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/326/resource/locker.xml
| MD5 | 5248d0b9f2a5d6f3700cbc93794dd377 |
| SHA1 | 558ef28b2b00dab500bda71fca2103a0a0b5f75f |
| SHA256 | 43e2fc9bf52d27430403d4a11239a95928f95130010cb157445a2ccb9ce5c15f |
| SHA512 | 6dd53d8b6fdb56e023a25ee43d955678fdec10adcd741eada18612abd776a1e8b88873506a1c874de6627238feabc76bf1ac36faf6bd7065d4f47d9414117f29 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/495/resource/effect/yu1.png
| MD5 | 3f72ab2bf3bbac9a66e941b1469cfd49 |
| SHA1 | feac53b81b2b3bac83b2c4d650f80f8bb57576eb |
| SHA256 | 5c2402d85ebfc52d38787aca26ac76b09dc52f7a7b776718074a8fc2de369e3e |
| SHA512 | e86c8b38de63ae21e0d34d977473ad4c9084b2ab4e38631d1f1223204975c2c593d07d69cc191ad3c146197f9d3b28151b58e936fa94dad17b345b7b376884a1 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/495/resource/effect/yu.plist
| MD5 | 0af4253c421ec3684ab36f5e87c54f71 |
| SHA1 | f073064ed5460ea5d6b05420a968ec3fed5e71c0 |
| SHA256 | 9d855c6bee281c57ac1510190c5c23469c5e0154c4c6086e6355579c0e920ce9 |
| SHA512 | 095492270400f3962f1e5ec54623d73052107a88c3fd9f0b524e6e85300ba8d76e400b0c96a941cc1d000f470192baff0d726c59e02c6541b595683572cac1bc |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/495/resource/locker.xml
| MD5 | 83119f0278704e7ca72ceae2f9f9271a |
| SHA1 | b91a8d13b8564234a8e665f781ef08eb48d16647 |
| SHA256 | ba32ab642f0da25d791ccb8a7ed13b53e0b5bd0ee59523a564d818e79655d505 |
| SHA512 | 079373710823281fc53c526bb0d6894a6d5f21645fabda06e27a53770de0e7f7d6fca35605c9f5d3bda7636fcbe4c7864ffb72906c96a75f565674dc3954f5a6 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/496/resource/decoration/bird/move.xml
| MD5 | 96c3eb81b85521fe8a463c05d2c96cce |
| SHA1 | 23739f8c1005ea528843561eef316a7c336798b6 |
| SHA256 | 886bf1b69efee6d7062ddc2ddad37d2d69b3c724e16a8824d568e18fae9a25e1 |
| SHA512 | d5ff048ce26571cdb6331acd5089226489cde429b348009d6584e489f9f51cf8408de51aea489c4ddf3d50aa65e20667ad8c36f78ae6347946542747534be3a4 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/496/resource/decoration/bird/bird.png
| MD5 | 06ef4b7b9e3e2a7fa2ac93cd6617dade |
| SHA1 | 9ae9ad665f896544796f957b67248a7b6f7cf2e4 |
| SHA256 | b47f2b06ed9b8e71f1d768b09673278cf230af4503273274426a0ea2c6f8b0e2 |
| SHA512 | 8de2175b98b1b861dcdb6dccd2840bf5e8b44a88d6a527a36c98c5d5104243121d80a4e7440edc5fc16e8cdfddb4b4391d7b72f5388f114a3d0ffd176b78a9ed |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/496/resource/decoration/bird/Sprite.xml
| MD5 | ae83828805a19ba6940c928a79d551b9 |
| SHA1 | a85e78de3e52f993b33d212b67e9659621f7c33c |
| SHA256 | 756ec669852c2a5eed7d6953a81c5d600829fa811cd45cfa3b8f7862aca011a1 |
| SHA512 | 2876a4bdff44f8ccb7ab7d205a3502d60750310c797acef75cc41f41eb5d2e2ffeb09f04f2d616826f632794cc045ed39b171287fb9d39e201f08a1ae843f465 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/496/resource/decoration/cloud/cloud.png
| MD5 | ae04e58d37cd738d30fdda55fbd01d3a |
| SHA1 | d5a221ddc60edbb0c76772cd1fe9f6b82ad7346f |
| SHA256 | 774d6018eb980545a7107497d1a17f056147b18cc8cd73f16c0e0d1f8dca9c23 |
| SHA512 | 35396f1dadc8d435632799da45aa4544bac985cf6375b322283757264c0f03a80acff11beaaa03fe165b25af1beea0c97e97c2794199c5bf0472a92de4751385 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/496/resource/decoration/cloud/move.xml
| MD5 | de62d55de3dea36f8991744e30dc0cc8 |
| SHA1 | 208b6a4b81f0fb3867b62a8599394b2503fea134 |
| SHA256 | 184c9199434adc6d08bd6ff941f793f50ed245bb3bdec403643b6aef46958a81 |
| SHA512 | 344a15f5678de7c9c2753c13798e0ee12d89b40adbb0a2c2d911200925c79126b09eed5998981eeee319965cf09ff0da4b58359b7316cb7ae9bc091cb7c52382 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/496/resource/decoration/cloud/Sprite.xml
| MD5 | d2f15416d44f949eb28a7e203798ce31 |
| SHA1 | 7e10199957a97b9133b311a63ccf218f42924931 |
| SHA256 | efdbf1ac05c979291797376bc23f87dbce22c278fc2af2c224529d7a4ad4d5c6 |
| SHA512 | 2f589cf54322034bc7a2dd19da450686c4796758151273b89689d252b0c3065e2dd9c383b3d27d1f9bba8c70fc5fc9822d71af73fe6458590805c8a090fce6dd |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/templates/496/resource/locker.xml
| MD5 | 06158e3a24783f30e52f2d78361323ef |
| SHA1 | 7ae5725d041f1db32e51f58b542b401142732794 |
| SHA256 | 547f391c5cbc268341771515c5184f6501638611a5e88d27ad06ed0960a2ebac |
| SHA512 | bd14ab22cd3ad4288c0f45a87a153c41adf62b2c0663b053ac10c7848638eab04d54cc5e0d07fe1232bb2051340e8b32d4a375b943d80af64f0e33278d206446 |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/background/0/resource/locker.xml
| MD5 | 1c81e4ab2c16a1b766172392f72abfa5 |
| SHA1 | e9dd5bb5b1142199eea269dac89ef0bf1ac07117 |
| SHA256 | 4a1fa85d83bd3893c0281d3c7414dbac01952670cf92e7df6b3b743c761f742b |
| SHA512 | 7cfcefbbb951e98b6e65392c45cad99e252b8fce3147d40a56b037c9991bd8cb77731696d4a3d7e62a9a4b1fd5b8271814cfb2388981049445cb8bd1f4cc3c6d |
/data/data/co.lvdou.livewallpaper.ld948793/files/ldengine/wallpaper/resource/diy/background/0/resource/background/default1414768618652.png
| MD5 | 429d393be2a3971405256553f6536daa |
| SHA1 | 562e9099e182dff22af22e9bdbb5f148e229f4ae |
| SHA256 | 729828c6af48ed25ee2e1c65ee12f8e142e86aa40713ee4d126c8ac55d908cc8 |
| SHA512 | ade6fdf325cbd539f1caed553023722809a2b6ceb4bafce0cd795f0f4f0d8797363ff2c56dde97180d9ad8fd5f178f6dddb40578bde065e4264b4ee2baceb00d |
/data/data/co.lvdou.livewallpaper.ld948793/files/umeng_it.cache
| MD5 | 4d27862e65a7fd435aaf9a761faa0a2d |
| SHA1 | 2079cfa6ccd8d94472e19922372dd484c2ff01f0 |
| SHA256 | e2a72d862d5c539c6f2905e359d1c63d3436f64765e345f1d018692724fb64c6 |
| SHA512 | 6c1f7077548371f00d063d8e510e1c4dbda071a545ba7ebbb6f63a9d79cdaa96dc9e86c8710df95fe67cc6a4b6e457eb780d3a7f708093cf9d11de7c38d666a8 |
/data/data/co.lvdou.livewallpaper.ld948793/files/mobclick_agent_sealed_co.lvdou.livewallpaper.ld948793
| MD5 | b610871828aa84237fb716765e381946 |
| SHA1 | fdeb94555120901f193cd75c9bde9c17b7e87a47 |
| SHA256 | 814892fc300da086adb60509dc1b6858f1c61a2782e349961ca23c1d39042653 |
| SHA512 | 656aa96d74cfdada874f5980f8be487addeae0f1d6baf28b14336d3b030b17a0127ed014a9fa235f32ad51435381898cf8f0bf68a375e701124572c0d04bacbe |