504e7d85f6128d40beabc873eedb957eac9ed2ad0d5c67780125e97e4c959af4

Analysis

max time kernel
63s
max time network
143s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
13-06-2024 13:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a5e00b16d26012ab1221d4a63cbaa287_JaffaCakes118.apk
Size

1.6MB
MD5

a5e00b16d26012ab1221d4a63cbaa287
SHA1

ef9dc4965e4bc129addd9399ad20c34249accdfe
SHA256

504e7d85f6128d40beabc873eedb957eac9ed2ad0d5c67780125e97e4c959af4
SHA512

b6c29a441e347795760d677b23d2bcd94280a1e0be7bcb103dbaba1590fda1511ddd6a5a3c3316b702b0d912f6ba05db2cef8b9757036c7bf2582887e2ec6f53
SSDEEP

49152:WHefROtgUnT2b+C6JlUshuA4DyyAG5gNYR3cMrI06j:WHef+2bZ6JlUKuxDRRKmdcMrI0A

Score

6^/10

discovery

Malware Config

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

Processes:

flow ioc

11 alog.umeng.com
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

me.drakeet.inmessage

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo me.drakeet.inmessage
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

me.drakeet.inmessage

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo me.drakeet.inmessage
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

me.drakeet.inmessage

description ioc process

File opened for read /proc/cpuinfo me.drakeet.inmessage

flow	ioc
11	alog.umeng.com

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	me.drakeet.inmessage

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	me.drakeet.inmessage

description	ioc	process
File opened for read	/proc/cpuinfo	me.drakeet.inmessage

me.drakeet.inmessage
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
PID:4219

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/me.drakeet.inmessage/databases/messageDatabase.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/me.drakeet.inmessage/databases/messageDatabase.db-journal
Filesize
512B

MD5
6c02259458b8e5f91df6a00440f2045e

SHA1
a80318e2d0f3f8360db8981645e563321c4767d4

SHA256
4497561728ba9c1d3c5eee9ebe440337a5e42a8908d01f8cc68b49dd2ff83ab4

SHA512
f36b7feda01997fb671cdb7721e498201e8dd490f79dc635bcad8fe900c7083e4b4e8a7bfc4c9b277632e387f191859d988542d29a1e9a3e398e9aee7d6e7a08

Download Submit
/data/data/me.drakeet.inmessage/databases/messageDatabase.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/me.drakeet.inmessage/databases/messageDatabase.db-wal
Filesize
36KB

MD5
419144a9f332f2e7787eff98b5b6d490

SHA1
2493e74db53fe8280576a98248bb51c4ee245f8a

SHA256
7bcdec101f659e5060485f25dc76ee76fb47a8a00d9877a68593668238d485e7

SHA512
c5fe5ae4a5219c396b6d0362d9e9a8ca4720bad25b49666c0f32b648a5938329351f07c953bfa16803827100f1e0cb4308b94249ec23863285917c0ce6ee0cd4

Download Submit
/data/data/me.drakeet.inmessage/files/.um/um_cache_1718286726472.env
Filesize
577B

MD5
ca8bae4513d5ed61cd751d054bff8510

SHA1
ff4ea3ff6c90decf32130db6272ca8b3020bcef2

SHA256
53c89fcbbaa0ee5fe7dcf4ac76094b311f3d6864d1423a9ec96c7983e8e64dc5

SHA512
7e951f7c6f63b586f28939d86511f4082e3521b8edbf6347b8319346d3c2aaeae5144b2f12e3a1431e9d712fbe2c1c1632ee90fb19254162cc843ef5516f99be

Download Submit
/data/data/me.drakeet.inmessage/files/umeng_it.cache
Filesize
310B

MD5
158cffad13afd0432eaed70815641c52

SHA1
7a6fc2072b793e2a6cee8e6353f847336946adcc

SHA256
16b3b9de4894e4f3a16b7f451ced30e9b8ea60ce097d5276f48e7440601895de

SHA512
5e64d83ad2909edb74b9fdd4644ced874f9c6e25df56fdc9170ee136da00fd70ee2dbad5670dde9f2335710175880a19d2457ff41d3d762f30e6b214ad3ecd01

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads