Overview

overview

7

Static

static

7

a635ed8f04...18.apk

android-9-x86

7

Analysis

  • max time kernel
    24s
  • max time network
    182s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    13-06-2024 15:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a635ed8f04dcb0126529c18e93f5fd70_JaffaCakes118.apk

  • Size

    12.2MB

  • MD5

    a635ed8f04dcb0126529c18e93f5fd70

  • SHA1

    d277be63f328a83665ba00afc86752784f01f99a

  • SHA256

    ca7b38057b19c48dc104a9a5f99680a2ee46612d5671647bf36c40973a9baf14

  • SHA512

    949a97b072fe9259375cde1f439c7fceb3da0ccd41a5e97aea9d5914e0c02c83699c79db0bf6f161ce3bcbac3f7139bd6dab73385823bdd87ecf11457a0782e3

  • SSDEEP

    393216:oUx+gupRGKlNHC6OWMkD/Ezc0x6iklr5y28:oUx+gc9LizZHkd5y28

Score
7/10
discoverypersistence

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 6 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.ophone.reader.ui
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4257
  • com.ophone.reader.ui:AgentService
    1⤵
    • Queries information about running processes on the device
    PID:4318
  • com.ophone.reader.ui:pushservice
    1⤵
    • Queries information about running processes on the device
    PID:4374
  • com.ophone.reader.ui:MiguSsoService
    1⤵
    • Queries information about running processes on the device
    PID:4394
  • com.ophone.reader.ui:AgentService
    1⤵
    • Queries information about running processes on the device
    PID:4557
  • com.ophone.reader.ui:monitorService
    1⤵
    • Queries information about running processes on the device
    PID:4599

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/-336080995/uuid
    Filesize

    36B

    MD5

    de8599137d7574185209cdf6418c4570

    SHA1

    9f16b34bc5d63c057672c9d2cec62c18cfd39ae2

    SHA256

    c4b12e7a6593e9fec7c954789ab95aa6f3050b3945cdb0cc8141f32628a29acb

    SHA512

    585ec030d192cfcc8dfa2dc4c3472f67c254090e45e903e863de3fa56cb6c0826946b208bbf1bc5e998b1e317b7b4b7fe4d02c65a0f3e7ec392a28ef98fb670e

    Download Submit