f76c3d9c79ace3c5d0b7d96136f952d98bea3be1b58a5b532f2e1b854149f45a

Analysis

max time kernel
121s
max time network
159s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
13/06/2024, 11:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a54ea69c3b9a7f96b7f69339339d38ce_JaffaCakes118.apk
Size

18.5MB
MD5

a54ea69c3b9a7f96b7f69339339d38ce
SHA1

5029a39e1b7d4e1b26dd8ead003289695aabf5f2
SHA256

f76c3d9c79ace3c5d0b7d96136f952d98bea3be1b58a5b532f2e1b854149f45a
SHA512

27f8e783ebf99f9101fdecdc0b55709640de2a496f355828b692d72a31de7e1d05e581bc4dd39e46bd1e31b7a4221fc84435bb62f7f1c56e3b47e308a7fa94b4
SSDEEP

393216:RFN79wYqTfJQLRLfTAd+5X6ZUiKr+rWa6pN+PAspDmxSGoFPJtD2U+:Rf7gzJYydkCpKYWa6O4CmxSGotbZ+

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.olis.musicradio
/system/xbin/su	com.olis.musicradio

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
12	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.olis.musicradio

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.olis.musicradio

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.olis.musicradio

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.olis.musicradio

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.olis.musicradio

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.olis.musicradio

com.olis.musicradio
1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4286

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.olis.musicradio/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-journal

Filesize
512B

MD5
923a7890b5984b6de06964c4e82d8bd2

SHA1
4c7d0e6fb91008836166f896efbccb527a086e35

SHA256
047da1c3e2093f116cb1345288b9d8c0d761d3c3afb9ba9e2ca4cfdb4d9d33ec

SHA512
a523f729604e2b32932edaadca1b96d62e251514232434d4a6879844d83737562fd9bee0554b9c86b4620472a5bf7f1b252871f1d8df4af19b8691e37ee0076b

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-wal

Filesize
16KB

MD5
7c98efde818244381ad8039aa4fafb15

SHA1
7eb0ffad4bf7984fa5828f3781a28d2fc03ad5fe

SHA256
0fae078bdb53c749c06380520fd305e210c34205dfb935e9a6a30dc2c0656d47

SHA512
dfb79af64a0fcdb93140ba190e80be25ee5c756f276397ea51afac8d15fd2e0a85f859fcb4e4375c80dbdc7b2f49601db1bf295cb34573190511b94dd5d27514

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-wal

Filesize
48KB

MD5
bb8a03864d9e784330dc4d87eb875629

SHA1
17d53d382b7c02000e4b8f8c4f2c12e1a1d09547

SHA256
86becf85707033c79e31264044495fc991fa09977d67ac53b3314c2716609b59

SHA512
9b50ac2e1b992d0c9318a4eae3296dce694ccd7f5fb3d1d06ebbd19587c99f93f8464cce8b68fbef99384ff0279143d3b7201810730a26b0593de449271407de

Download Submit
/data/data/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666AD8C2028B-0001-10BE-7AFD9373E916BeginSession.cls_temp

Filesize
77B

MD5
153e67e289590e63f5379016a85dce29

SHA1
2ddd9837ee4d6aa10b608cc2a7dee0e110885814

SHA256
6dddd2bcadeb4c09e008621afdda45a25bc4c2ac1d78ac809fe60b42c559a5b6

SHA512
ec34cc91089fb2707db93a7bbedd7729529fd49d79a2376755f55c288d88f09bbb007c12319fa56e80728f4dcf527ecd8953a7300a098600a556cafed80727fc

Download Submit
/data/data/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666AD8C2028B-0001-10BE-7AFD9373E916SessionApp.cls_temp

Filesize
112B

MD5
687d93b22512e2cd5285e7095c47c1e6

SHA1
6a84a083a671472bb883ff0569590a654ede8ba2

SHA256
8e87d01c4b0e797a940b0bb694d6d288c8b26aec80ac0ef2ee66c996b090d945

SHA512
17d33c4feb6e6dda4200c6e9e86af54e9cb2ddbb1a017e70773580593df487b0de8af6d2038e0fba4c0f9ed98cb599aa7cb8f050d23d3e2354d7f25c7ba01b3f

Download Submit
/data/data/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666AD8C2028B-0001-10BE-7AFD9373E916SessionDevice.cls_temp

Filesize
131B

MD5
5a8294d486ed0633cdd6eb77b9a5a6f7

SHA1
46c31e9bbc1b3b29c2876fc4620fc36570d8c08c

SHA256
eec2edf74f44ee8d99cf0e6c82e56a8cb6094db949c5ca0072439737722cdfb4

SHA512
955fe80dc390b4155c65778440518c2ab5f8d9a28ae140aaa8c6aa83fa67e320c73cef81911bb49de824832e21867acec9cf5afa703b1054b1f713892cd994fc

Download Submit
/data/data/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666AD8C2028B-0001-10BE-7AFD9373E916SessionOS.cls_temp

Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
473B

MD5
e67ad30560acd4f513bcfa29ee32dc14

SHA1
d827b8f31ecf03794511e93bea6b549a713a9294

SHA256
0db6e098e0f7b9682fdbb5035ca22172cf17ba5a01432e10459678c32850099e

SHA512
6595158c12fba744d390c57784bc6ad1e207a605b73719470d14789fa4dd0a7074f6c32dbe51102b05e7ae09935839fc2d129792d9d4446dbc7d8d9c766a3f7e

Download Submit
/data/data/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
1KB

MD5
3f31949f16e001fceb3355d5188612ce

SHA1
d3fff2af2c23ce7d1a115d1bf681ac0be9ca768b

SHA256
d6a396041504f52760d645b44cc3377c765de7ab7819dd0124d8f7286d37c39f

SHA512
99617688d311302f5bee2ea9cb85214efede7cd42383ab633a2475fa567b0b455729970757657d58c5828d3470a7bddad29172c80ba12ba4f174c13c2a2a953c

Download Submit
/data/data/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_6e9d6f8b-4507-42cb-bbc9-2db7a2eb94ed_1718278340837.tap

Filesize
373B

MD5
8a447756dc00501da3f2e547cae0a6b1

SHA1
21e8afe9c0e3621231683fcd28bbd46b205b1c53

SHA256
8131861e3f37092abb8f3c7740b5c07dc6f1ef225cfe15fd4684b153e3c30790

SHA512
0d1362249645f45bee426aef67f9368e2c8c8cdd6017a3836b8236de08a2cb467f9353d6691d45649cbe5a9115147fa5e49fba6dd7f0cd1100aadccce69cdae1

Download Submit
/data/data/com.olis.musicradio/files/.imprint

Filesize
934B

MD5
7d5e94bbfba90131ec4d7f8e31c2c9f2

SHA1
0ac58a4253b23f3404f10e013e6c2423bd5b1bbc

SHA256
b15924a5f99c1bfa794a396611f2e9a8aff3ee54c6d9788c71e773eb41ca3767

SHA512
d32c701eb7a66d945960c478dbae688718f3f5b943434cdad3220911c3035663172be2423c6ec6e58e3b879845f4913a8f0527668768ea101de173154b47ba02

Download Submit
/data/data/com.olis.musicradio/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
b7f5479c19dac8c7b1657c48593eec3f

SHA1
03e2a3eb0450762bac801acd7722ebc522c9c355

SHA256
023527651d9005d75a9da3ca2083236faea35ce5dfb861c7dcfd741ee321ae64

SHA512
4508535c8131eb1ca2ebf083d537887954d1c316b27423573c0265963bbd6eb34e1a394e8c9b58e54a30314ad4ac163683be65888d2cf418591a0c3d0656042c

Download Submit
/data/data/com.olis.musicradio/files/exid.dat

Filesize
61B

MD5
e23a04033c5dc9b3e1b0056959763d0d

SHA1
1dc93c19a5aca0d19b18ad00a09f3d34a31257c2

SHA256
3880561428973dbd1fc0a5c7d28195514b6716455b9fd544e193c1cf3ad61d53

SHA512
6014296f1e323ae94151ebe06cfe4b4ab78583755d2c1259b74c49c752baf64c540556f51ed9703bc2b7d87eb11282e06008268b28e1ea418953e75b927210b5

Download Submit
/data/data/com.olis.musicradio/files/umeng_it.cache

Filesize
350B

MD5
73b70ad622ff65b00fba458220700c3d

SHA1
a1d8399e370b93b3a7343ba2d69fb78b57e3fc5d

SHA256
f4d74f6aab335a3957a78a5b5d24cc2512bfaf49464c485cd84653ea8ae5c4f0

SHA512
808bff91f2958f164453b303cfc29162661d0550ed5a32d497537819105cb89143df08702d9f03be37c7299444a2829a6655d0ab66bc2c67acc29bbce87e6f5d

Download Submit
/data/data/com.olis.musicradio/files/umeng_it.cache

Filesize
178B

MD5
f12ee456fa510e356aedb7a9415bce5d

SHA1
fa2d339ae2c31704fb78e7957a3f5a0bfdaa993b

SHA256
bbe0466fa09f148b725ebe529ffeede422b154cff42ebe7cd62a33317c2d2344

SHA512
93d460a5a33c845edafac74481bbe77b92316851b4b46cd4743fc0b05a3f28bd73bdf48263d322c528a49cf32c67d972bbd42f2473ce1be5f119b481372f2cdf

Download Submit
/data/data/com.olis.musicradio/files/weibo_sdk_aid1

Filesize
46B

MD5
4028c8b91f544d6bd51a266683ff791e

SHA1
d8bacd93b5724c8500f66cc46632704115635afd

SHA256
7cda4149bb95d3c082f01b19b365228fd339ce4fcfa02969294e13bdae41270b

SHA512
a8fdcbe785c7f9eabff76f227db4e8c1d099dc8adc81a41283f8fbf118fd0fbff93be1aaacd3c966888f30f247215125317efa56495f022486f5262cd2cc3831

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads