f76c3d9c79ace3c5d0b7d96136f952d98bea3be1b58a5b532f2e1b854149f45a

Analysis

max time kernel
163s
max time network
130s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
13/06/2024, 11:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a54ea69c3b9a7f96b7f69339339d38ce_JaffaCakes118.apk
Size

18.5MB
MD5

a54ea69c3b9a7f96b7f69339339d38ce
SHA1

5029a39e1b7d4e1b26dd8ead003289695aabf5f2
SHA256

f76c3d9c79ace3c5d0b7d96136f952d98bea3be1b58a5b532f2e1b854149f45a
SHA512

27f8e783ebf99f9101fdecdc0b55709640de2a496f355828b692d72a31de7e1d05e581bc4dd39e46bd1e31b7a4221fc84435bb62f7f1c56e3b47e308a7fa94b4
SSDEEP

393216:RFN79wYqTfJQLRLfTAd+5X6ZUiKr+rWa6pN+PAspDmxSGoFPJtD2U+:Rf7gzJYydkCpKYWa6O4CmxSGotbZ+

Score

8^/10

discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.olis.musicradio
/system/xbin/su	com.olis.musicradio

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
18	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.olis.musicradio

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.olis.musicradio

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.olis.musicradio

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.olis.musicradio

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.olis.musicradio

com.olis.musicradio
1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4643

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.olis.musicradio/databases/cc/cc.db

Filesize
36KB

MD5
86752a4be6564d8370f2f0e403995003

SHA1
29f7d50675f6e59f3b808eb6dcc8619384412115

SHA256
50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c

SHA512
79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db

Filesize
36KB

MD5
4cfe777c9f6e7859f5efe2197401d8e5

SHA1
bb3774e8879ad5f6db0c37f151c3d6bc7b4b207a

SHA256
c422190539b6414072fc3950da19a17985c0c4c2172740b2f74682b520af5231

SHA512
6be469864edaf8eaa110f618f8abd27962da92e20945dcd38073ade2b60b10f00552d54d5db9d9f75ca133213031030e71e2e30113ff033e5ef507a28fe0b1de

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-journal

Filesize
8KB

MD5
db759d8a10fdfb5e599fcef245941644

SHA1
d19e3bc5521337b074c0f1cc40a42c2ae92a0cec

SHA256
3957fd418694262faa2c87de91805152cae10a2591a0781fc8ebafbcbe1ae110

SHA512
5e02b51cf2192f98558044e93fbcc6623f89a8e3ed6f6770227b012db45659e72bbcd7bcab022e253a0cd40e46df395ae9ae5a5d0aea191cbf5812902358cb51

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-journal

Filesize
8KB

MD5
6b6c3b7a793931498387e78f2fcc9c6c

SHA1
1bab41aaaca867b8191c8748947b41335dde1bc6

SHA256
e646960e53a92c36be87db2d6704bf69266c1401fa925d19aa21b74471b8c7f3

SHA512
da22626daa38700c83f95eed55bd1cfc083a0bb7db50d5b4071da70f3d457660a6eab5ea24988df73ac0ebeb762407a1ed3667d997e9683dbcc30efea82868e5

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-journal

Filesize
12KB

MD5
4bee52ca3538bf35e9d123c2f3e0d6f2

SHA1
7ac1adb683e91c8c52ebc46135b4b922390bee5b

SHA256
2d434231f9ac5d356b85660bc5d71b2c171e4739cff46f991acf1cd5a07d0018

SHA512
083476fdb9d6697f5548e5185be80031a04eafce676548d8e6aa104b0ee7de185aed4de5f9ae3531af3919381e33c936245babc0c771b6213df31baff2d27d99

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-journal

Filesize
512B

MD5
26d4aee9c58b92e52dddc7db76d8e44c

SHA1
e4b7e497334100dd96c26e1425ad5eb74bf35c1a

SHA256
1155e54fbcdc8aeb005b30d59dc98505e0617f9e24af76a69de2bb18aef5b69d

SHA512
14270a566d3d78d22e284bf646c394055ca40d033a9b46bbac23716dc3ca3a26dfc74340fcf5df863409e96a97d6fd2afd86209de7045f0a1ec8e2c873f72398

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-journal

Filesize
8KB

MD5
3aeb6ab34140bc19b31caa91569e2330

SHA1
3546bdb488db120943a30c33f693634154e10451

SHA256
a90338ffabf8a055739980c0801ac9381ae2b20319e686e771066bb08ede38a8

SHA512
1238d55812f4f866902c3ec188d769aa0e2de04fac15f5109b713364557fb6a4f1bc2201959152e814aaea4da211d88524cd6366daf38b61d0bbc6da2ef83b31

Download Submit
/data/data/com.olis.musicradio/databases/cc/cc.db-journal

Filesize
8KB

MD5
960b83ee295fc0a23a36e58b5b518c83

SHA1
9eeb3f1ce629f2ede1b4141dc134b90acf538e33

SHA256
14a65f044623d34876356c94cfd4d9de09b205a960539f2885839d2b4a1738aa

SHA512
04dcaa2132bb4f9cd79f92b5c584b80521a5b8807850d9ae387abee8f7bcd2c98c8bcfc912e16e527ad82d057f1e5ce430d91bc85c2888e65e4d1f24baed18cf

Download Submit
/data/user/0/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666AD8C700B4-0001-1223-DF917F3265CFBeginSession.cls_temp

Filesize
77B

MD5
499eb51c9ce74f3bd7f7d16b0d829414

SHA1
d32c41d138b009bdabc414f91df919794afc103c

SHA256
554e1c0a8fd0699702682051cf0b6958f8cfd0bc492196317e3431feff361222

SHA512
0e3cc22281dcf8d33d62f37c0dcf9ff42d2e5b1f8e535344a85a9cadc15f0eda2b689c72e690e9d24762c6904462bd784dcc53d0f102c20eb740e3f3d6e3f309

Download Submit
/data/user/0/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666AD8C700B4-0001-1223-DF917F3265CFSessionApp.cls_temp

Filesize
112B

MD5
732ceef7a032cb441a23a2c37b0f123d

SHA1
7695d55c0fdb85e3b5aac8f2fd87f2412d5c91e7

SHA256
e3941dda752f2335887b7bdac445fcbd364bc84399b7ea6f6cf596e8684fb1b9

SHA512
3dde0f204e19c1accbffb39a34420477798fe3f44c96ff859746593810d0a6d03786730cbe89fae8a79b0484c8f1e6e55083bd140ded11e9d165871b8987fc34

Download Submit
/data/user/0/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666AD8C700B4-0001-1223-DF917F3265CFSessionDevice.cls_temp

Filesize
131B

MD5
196d20c193d741e7e7153abc28229e43

SHA1
e13a3dab314ddebd693a51bc2640121570979538

SHA256
fb1cfffc9043f447d43fc69f7393bc70f157091b1da555cf52591c2893f05c44

SHA512
37d6241d972c6895c8f05799f689e922b88f038074937276043dcfd17860cf5e373209e524c9ed2f7976bc3fce6ca12da8f14fd5845c98dac51c31886a73bc49

Download Submit
/data/user/0/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/666AD8C700B4-0001-1223-DF917F3265CFSessionOS.cls_temp

Filesize
15B

MD5
b3d9541cc92a9153d14e5160f8d8c008

SHA1
2e1ac80eb381dd82a03795b682f92020348c0113

SHA256
1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

SHA512
78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

Download Submit
/data/user/0/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
474B

MD5
36b45bd20e77cd53e9c48bd413a51e22

SHA1
7f04394f4a5306b241ec4532c15ececb5f899028

SHA256
6a25d519a530e64f7cdeefb02089d37d8659d65a57df5f252d85c7e986d30954

SHA512
43e3a2401d1ba4054e59d28288747d395be4996f9ba73e3f4fb7b258e69e93289d1be7f4e2e1285f71303a45a01e64ced8408578eeef788cd25416f34dd02a22

Download Submit
/data/user/0/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
1KB

MD5
4a34ece61ceff3a39f4829f860dc88ad

SHA1
a68bcf33e560d8c783dd5b2336ab1c333ceb069d

SHA256
f0cd0eab6f1a92868ec8e3004455556356e37a66d0f31f973795c2de412ad0ae

SHA512
8eda8e91eebf3a9f7ebab77f2975de54a50c0edac8724f86e2fb6a23eb40fda1d2ce9828303248a9206ae0f8c6f440daab9cdeccf3f9ae0e23b66ddb02647b6c

Download Submit
/data/user/0/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.olis.musicradio/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_e89f237f-03cf-4c4d-bce0-ba9d7d77bfb0_1718278345176.tap

Filesize
373B

MD5
0325cade6059e5861ef553b4d91985f3

SHA1
c2648ad3f90551ce8274910e295c1e69b4a21cd1

SHA256
2c5790a6f3288a0194704b227259d0505f8a958d8115073301d464cfc48a30e3

SHA512
3ea5cb2fa27450d9acb99c289c6a1d41e03ef43f859c8acc6ac4496b75f3ee5d828789fd27d326f6e333fca82018c94776363351894f9235456a53c9cb96831c

Download Submit
/data/user/0/com.olis.musicradio/files/.imprint

Filesize
934B

MD5
98a676ca0078946798690ee1eec3b03c

SHA1
7f76b0530d8f76de11e0d02df37c81ba58b7d3af

SHA256
0abaa946eae0cf8160e4da84a66c4b996088b256ce476ab41c08e1cf6d610b4f

SHA512
d7008dbc74396f80b988244f6980f10c2e386b60f1a60f21ba12ea2da33a806c8e26acdb6a8eaa1c4cf63df3c8ae887e720da7ea6bd804cd0f57bee00af4d7bb

Download Submit
/data/user/0/com.olis.musicradio/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
e3ed1048c0e18a43b445f54e832a6a71

SHA1
97977a1638c68d96d790ed2d7d9f11351565b529

SHA256
61079bafb89bc81b34025c35a4f38a4675ffea99deea770cfddd8998d0e81396

SHA512
03b667eeb9c1ec000bbbe040f4e2cf8b5a7b9b88b8bdada3bebca2b870d37f537011164a2ab1ddcd365139260358a4abf3207437b63280ac9c7ccbfb6834ac63

Download Submit
/data/user/0/com.olis.musicradio/files/exid.dat

Filesize
61B

MD5
e23a04033c5dc9b3e1b0056959763d0d

SHA1
1dc93c19a5aca0d19b18ad00a09f3d34a31257c2

SHA256
3880561428973dbd1fc0a5c7d28195514b6716455b9fd544e193c1cf3ad61d53

SHA512
6014296f1e323ae94151ebe06cfe4b4ab78583755d2c1259b74c49c752baf64c540556f51ed9703bc2b7d87eb11282e06008268b28e1ea418953e75b927210b5

Download Submit
/data/user/0/com.olis.musicradio/files/umeng_it.cache

Filesize
350B

MD5
487eb010bee8e94114dd2d1499c75c80

SHA1
9af9842b639596b74f3234d2c8ecce8d9416773c

SHA256
03f6534e3ec3d46c5e3c84902fead0e230deeea38bc68f7828063e0f2662342f

SHA512
814f125a0ae65bad27d5d1af280dba88f65abc2766ee8990547de7b0f2cf5ad5037e648549b32d31fa02acf390b0713cb319ddc0d6d72438b365fbd83d21f63f

Download Submit
/data/user/0/com.olis.musicradio/files/umeng_it.cache

Filesize
178B

MD5
cc82eb15411ad561550ece2591e32ff5

SHA1
8ac488258c3df8c911f705ae61e0063ab3d9754a

SHA256
a7c5ac22ba8923a0c6f4544de2dd3446f33df195952836a6b8dba3d9ef1b25d6

SHA512
1e2119113e932f9c9f9aaadcf7aa8c06bfeb5858ff9e9cfbd6c763af09d5e18ecf81aec6442b2fda633b536b9e131501468e99825b5ca73ce113178a9c03748a

Download Submit
/data/user/0/com.olis.musicradio/files/weibo_sdk_aid1

Filesize
46B

MD5
4028c8b91f544d6bd51a266683ff791e

SHA1
d8bacd93b5724c8500f66cc46632704115635afd

SHA256
7cda4149bb95d3c082f01b19b365228fd339ce4fcfa02969294e13bdae41270b

SHA512
a8fdcbe785c7f9eabff76f227db4e8c1d099dc8adc81a41283f8fbf118fd0fbff93be1aaacd3c966888f30f247215125317efa56495f022486f5262cd2cc3831

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads