1d2c5d118b89ce90a0f25a0780a319b99eb48b7705f50f08284f355933aaf085

Analysis

max time kernel
64s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
13-06-2024 13:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a5e11b572f220b2d51cb2cee0bf062d2_JaffaCakes118.apk
Size

794KB
MD5

a5e11b572f220b2d51cb2cee0bf062d2
SHA1

c5630e8956200d96b9d1007bb053a8c5b095f532
SHA256

1d2c5d118b89ce90a0f25a0780a319b99eb48b7705f50f08284f355933aaf085
SHA512

7fb856b5556f3b6fb07cf4bf24836cc061dd2e9755d680401b81704a3147cbda29f3b27147ba22ed216b5bec5c3b1cc4f817be4d099fc7e5f0ec8935e4532211
SSDEEP

24576:9sfFCbjeVgRRzjz1eeBjFqSVC6EDMdJma0eM9lQ0kVMWYsydukl2mq4krs2WAUO4:rY1Mmq4oxWAUO81/N

Score

6^/10

discovery

Malware Config

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

Processes:

flow ioc

7 alog.umeng.com
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.dm.mmilive

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.dm.mmilive
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.dm.mmilive

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.dm.mmilive
Reads information about phone network operator. 1 TTPs
discovery

T1422
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.dm.mmilive

description ioc process

File opened for read /proc/cpuinfo com.dm.mmilive

flow	ioc
7	alog.umeng.com

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.dm.mmilive

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.dm.mmilive

description	ioc	process
File opened for read	/proc/cpuinfo	com.dm.mmilive

com.dm.mmilive
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
PID:4269

getprop apps.customerservice.device
2⤵
PID:4297

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.dm.mmilive/databases/cc/cc.db
Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.dm.mmilive/databases/cc/cc.db
Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.dm.mmilive/databases/cc/cc.db-journal
Filesize
512B

MD5
9b3e2b43c68e4a2d325885585180f191

SHA1
50ca33d51f5cc41cc48a5dbd8d30a96db630f7d0

SHA256
e67c0697cc1d930012b135dbda5f7a659cded8931320024f47a34459a1f7a770

SHA512
ee1dacd13f270123fa3c5aae7750b2824f45eeeee8dd777aa36a4cef869ec69090888d949bcfd6078ee0c04b49b04e07e320ba597330e02959d9f22e33705138

Download Submit
/data/data/com.dm.mmilive/databases/cc/cc.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.dm.mmilive/databases/cc/cc.db-wal
Filesize
48KB

MD5
66340190d04fff1b3d6bda4a923bb013

SHA1
8e61474dc39481df23e4c60b1f6ec8147f30f3de

SHA256
03af5e85f319bbb612aad5352280748b8a5f4244ac2a66327e107670a808deb8

SHA512
7d406151a7b8ad613b8775886741f296ffd9eedccb22ce3c74df8bf3baa00fc11b31ea362031fd0b0bfe84f9be99db9ae1618c3fb6d2e977bfd6b79b592aa50e

Download Submit
/data/data/com.dm.mmilive/databases/cc/cc.db-wal
Filesize
16KB

MD5
8d2dd66696f772f2099b61a250fcc640

SHA1
237be192f5b5ebecb3ed89ddc2c114adbcd846fb

SHA256
f85b5b68050203ecea0dd24f24cf0a809c78a8659c8fd14386486682a7d81e08

SHA512
cfbd90e5457aaf1fd6824f5d581be23b680d8e7dd5de470313278f00fbd274c77639093c0d7cb40c134c2495b5abef477a8c677fa3d9117994c6b6682403f471

Download Submit
/data/data/com.dm.mmilive/files/.um/um_cache_1718286783956.env
Filesize
1KB

MD5
ed6ed968aaa59efa60ab73bea686ea17

SHA1
a73804389e54b5e85a235e6cb51feaae71de9507

SHA256
0629c619accce7c332a5dfd38f336f9fa366940f1e44ae1689a873d140917809

SHA512
3c8eea9009cf70923d1deb788d6f2975af9490b0791791a0e44d85acef3527f869797c055c35532d833e10361878d3b944d69de0bcd3862e58e5f5b5f7c54b7a

Download Submit
/data/data/com.dm.mmilive/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
1ee9b752c402d65dd0434b3486c66096

SHA1
bcdb7e68896ba9508457972a9f982387650536fd

SHA256
246ab960a4bbc9823dab438bfd0b16f2f337ea07b879276f809d9cd86bec4582

SHA512
f190cb8e0e93121b5f77ff985316bd1281c1f0f14f1afa68775e11fee65461428884ef3ca542886f17c34412536c4791aeca094f0fac5f8f33064b4915812b4a

Download Submit
/data/data/com.dm.mmilive/files/umeng_it.cache
Filesize
415B

MD5
9899cc59cbf1d2e377d25d65949a6be2

SHA1
d6254cbf9961f048cbd4dac997a638a1918c6736

SHA256
fd4e5a883d17e5b767eb792a1ba6b943e4c8c21cbb4325b82059e429f88ba6cd

SHA512
08c4a1caa8bc1e867a83f9dc421ac207f2a254a3bfe5f2687c3360a6b21b33e7025e65d246ac068283f2183cb492202af1317bfdb05370e32627a8a88f41dfb1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads