504e7d85f6128d40beabc873eedb957eac9ed2ad0d5c67780125e97e4c959af4

Analysis

max time kernel
63s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
13-06-2024 13:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a5e00b16d26012ab1221d4a63cbaa287_JaffaCakes118.apk
Size

1.6MB
MD5

a5e00b16d26012ab1221d4a63cbaa287
SHA1

ef9dc4965e4bc129addd9399ad20c34249accdfe
SHA256

504e7d85f6128d40beabc873eedb957eac9ed2ad0d5c67780125e97e4c959af4
SHA512

b6c29a441e347795760d677b23d2bcd94280a1e0be7bcb103dbaba1590fda1511ddd6a5a3c3316b702b0d912f6ba05db2cef8b9757036c7bf2582887e2ec6f53
SSDEEP

49152:WHefROtgUnT2b+C6JlUshuA4DyyAG5gNYR3cMrI06j:WHef+2bZ6JlUKuxDRRKmdcMrI0A

Score

6^/10

discovery

Malware Config

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

Processes:

flow ioc

16 alog.umeng.com
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

me.drakeet.inmessage

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo me.drakeet.inmessage
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

me.drakeet.inmessage

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo me.drakeet.inmessage
Reads information about phone network operator. 1 TTPs
discovery

T1422
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

me.drakeet.inmessage

description ioc process

File opened for read /proc/cpuinfo me.drakeet.inmessage

flow	ioc
16	alog.umeng.com

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	me.drakeet.inmessage

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	me.drakeet.inmessage

description	ioc	process
File opened for read	/proc/cpuinfo	me.drakeet.inmessage

me.drakeet.inmessage
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
PID:4443

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/me.drakeet.inmessage/databases/messageDatabase.db
Filesize
24KB

MD5
ad8ba28db36fce0a7da66dad483d9848

SHA1
9a781a271421dc885968bd9e141373925d69b4fa

SHA256
f83c440936fa917cdcb08c52b1f5fe0e74b90884e31362ed7e7ac13cd4e99558

SHA512
5b9ae0c71bc35b49ce88eb4397f838db5011fa567e75e5986024a67cb2aec0cea9f7fc52b6e8af918cc3cbb46287e4353f5b8f5d26ce12b4b1bf2addaa63da8f

Download Submit
/data/user/0/me.drakeet.inmessage/databases/messageDatabase.db-journal
Filesize
512B

MD5
5bea4b31ec37c984893792942e9c4896

SHA1
1a6f945368dcbb9c51029b85fd05501d3893782b

SHA256
a56e3601965a9276a0f57fe4900772df04b0ff14577ec3599f9237dffe0b55cf

SHA512
48f11e77d99f012d5803732330416f1ac9383e2aba1a6c742da8eda08f2b057bdafaf07bd53b0cd522ce4015beec95bbe8ad3b0b9dcd617acd2bd3722b2fe937

Download Submit
/data/user/0/me.drakeet.inmessage/databases/messageDatabase.db-journal
Filesize
8KB

MD5
2611c5915558dee7abe9e26eb6605995

SHA1
29db3ab4e59bb1a3fd3b75c4fcdac5bb6091e558

SHA256
cb3118406dca4784201c0bc77e4d0c7723ad1b061bf51d652452e51a5e34fa86

SHA512
1663881dc94284d875755651aaae3d4e7cae2624e87a799a1bdbae975634fde26cffa661acb506dccdf1a46992b73cf3df455dfc826ce5de83e7a333b1dc0444

Download Submit
/data/user/0/me.drakeet.inmessage/databases/messageDatabase.db-journal
Filesize
8KB

MD5
4ad9b9fd70570e1d0dad2f1d5e6976f3

SHA1
4d73475c8a040eb5e071fcb0e515b4bd7dbddb26

SHA256
aa7de1c551d94edfc91c4efa77c69566edc12c5f9b9c13803bc3814fd1454f48

SHA512
25b63b47fe72f2528c939b1937b9743bb2bac38f9111421cff998bca0598bd1950c01f3dfd362908127e0cfb8ce6426a8c39a5ea23be32c3b927dead237dc74f

Download Submit
/data/user/0/me.drakeet.inmessage/files/.um/um_cache_1718286726483.env
Filesize
551B

MD5
a0fe1d54d90755d9bf894edff6f80376

SHA1
cac85d236022ffd74de50795444a4d65953755d3

SHA256
2a419e125a8868116314ab46e5c3591df02a10d22ef33f69745af01dbd101ce4

SHA512
6a7eb3fca7f3c055126cdf5b12e31544b026e605f7cca3b23b9aceef27a3a6e882ea42182ed29abee868fee5503f2fcab93b30d248e75c80af6f6009767bddef

Download Submit
/data/user/0/me.drakeet.inmessage/files/umeng_it.cache
Filesize
245B

MD5
e92382faef212c83aa7d55e790465e05

SHA1
34c6cf5c034758a2aacfdfdd926846076aacbe86

SHA256
43154fc6a3a5d3dfd3e121070da0339968e40f3498a8306db0457e4bad36eaf9

SHA512
d4ae473c885a33a2535c7c577fd324b3c0fd3db25568e0bce823da686a9b3030d9bee4d6be0c9532e7f4ae0924bc2ce4ac2a1054307d268fbff1de65ff62ee32

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads