0b4f89f4017a78db79765c003cc4c541869f29895adc9d7a7d2dd1bf2dbbcb84

Analysis

max time kernel
87s
max time network
139s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
14-06-2024 00:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a763ee98cd9e97830dc69e2e8b390de2_JaffaCakes118.apk
Size

11.6MB
MD5

a763ee98cd9e97830dc69e2e8b390de2
SHA1

290967b702b298e83bd232d605f13b3f0c701880
SHA256

0b4f89f4017a78db79765c003cc4c541869f29895adc9d7a7d2dd1bf2dbbcb84
SHA512

13fa93dd0c0dab6ddb2feb69c673881c5f9090ad2dad2c23dda4de4264e46c012a07adf5d52710a4b8f0ab09119dadc72b06283918b2f4c6c8f6125b6eba457b
SSDEEP

196608:N0F9IcQgYcVJsfduZBt86+9RYqflduSYBMwo7LM71600e4lf0sBRu10bCmzXuZL2:uQtffuBtr4RYOTeU7LGtw0sBRamO/INv

Score

6^/10

discovery evasion impact persistence

Malware Config

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

Processes:

flow ioc

11 alog.umeng.com
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.yiwyxb.dk135283

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.yiwyxb.dk135283
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
evasion

T1628.002

Processes:

com.yiwyxb.dk135283

description ioc process

Framework API call android.hardware.SensorManager.registerListener com.yiwyxb.dk135283
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.yiwyxb.dk135283

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.yiwyxb.dk135283
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.yiwyxb.dk135283

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.yiwyxb.dk135283
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.yiwyxb.dk135283

description ioc process

File opened for read /proc/cpuinfo com.yiwyxb.dk135283

flow	ioc
11	alog.umeng.com

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yiwyxb.dk135283

description	ioc	process
Framework API call	android.hardware.SensorManager.registerListener	com.yiwyxb.dk135283

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.yiwyxb.dk135283

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yiwyxb.dk135283

description	ioc	process
File opened for read	/proc/cpuinfo	com.yiwyxb.dk135283

com.yiwyxb.dk135283
1⤵
- Queries information about active data network
- Listens for changes in the sensor environment (might be used to detect emulation)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4191

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yiwyxb.dk135283/databases/RKStorage
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.yiwyxb.dk135283/databases/RKStorage-journal
Filesize
512B

MD5
9d30652aef349b70e512fca8b735ce21

SHA1
e246feea3e805d9d46835104d2529fd270374b02

SHA256
631eeb93714ff0b2e6d03475937202e7c68ea7238ca704699caa4434967cef8a

SHA512
317fd40ade4f66db0851981a5e1a91f917e494162d14a04760004476d37e0f66f40a8dcd4b6d0d139a845a13e258bee2423dafc88a000be8e76696de855ae538

Download Submit
/data/data/com.yiwyxb.dk135283/databases/RKStorage-wal
Filesize
72KB

MD5
cfce21bb83541ed25b1444c98300d091

SHA1
4619737a89ac723fb9c2a377476110a2c5bc7731

SHA256
28045e7904570128bb54169f4751375d0b10319b3dc2f99eed059ef6a5509f86

SHA512
8338d8c1600f37d2369c481fd50aa6ed91cff731813e8229438b00d9879065f1a3908744563c599a3f3a8825f96f5d5c64f3539314d0d973ebaa44089a126984

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db
Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db
Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-journal
Filesize
512B

MD5
9a3142db042d7febcf6ad82a3ff779f6

SHA1
6dbe63bacba0a6645193687269d90687a8160443

SHA256
0a06577ef03f3502d4ec4fd7ff98bca22cd946054b6ec892f144182a9634715b

SHA512
802dbb439df96f806d406297b8b172f2108db0c16f39414fdc6019a8714c94d2d66c487a62066dcd8fc69982aa4fa97908827df47e275a173e6c9a9d75ecfc71

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-wal
Filesize
48KB

MD5
291fe8643233f09a605b279a97c4c3e8

SHA1
fc4cd84387169bfcb4ef851bb8484d7ee75a361f

SHA256
d63b76ee00fb3238d6a07ec24d50be81c770e0eae69aaa993ce8a522323dbb32

SHA512
81d3959d83ab75e90fd9361d41b29ee90d5244b0d98f69dc5b14f4d9167b69c1e5773e18926376adf3caa54e692bf4e88260ea3c930b155ebbabd19ee5926e03

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-wal
Filesize
16KB

MD5
9bd14f744c416c2693cfc8ed09b25470

SHA1
7cd1bf43ec982705eff6c0d3653a4fa10a44f0c0

SHA256
afa8cef8bf2ca9ff6d1dda32fcc832effa8065597ea4fdbbb58e88d08d6d2eb2

SHA512
5d166514e36e7dc2c6e48399c8fe784ee14a68236d5357d0d60313a946504bc2f9477fd1c76ae6048271ef0685ec5705b011b5b3b28d7f14916cd61862940f53

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db
Filesize
32KB

MD5
53173bd2329923d8b9518de0ad48487d

SHA1
82373e7e244ba02026f09b5bb93cc58d022f54e7

SHA256
fa874bc9692fa21123a66e62374f20e6c9d6fc03b2bed996db3bbf7104e27aac

SHA512
7ad04a35663cbccddf3069b2165f2b33aa204c8f1a4bee84f6265681ae3324c9c392486a3caae1ba16f112622f5c2f632bf931f734d95a3d00bc67df3b125e6f

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db
Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db-journal
Filesize
512B

MD5
e60c4a3274f37cc781717906611731c8

SHA1
ba84b8fd32484838bea1218f447e2b2e5627d687

SHA256
97160c75dad3dbf125b7741554c386c9fc71006dc2199515e11dd67c1c99126b

SHA512
123270e602c9db104cb1eaaa3dac0d521cd46d00192d1f0309d57609cd0d51634a1b0bf13c32609f6e0624184f58b90d247f321663e8831a5607a8624c7619d1

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db-wal
Filesize
56KB

MD5
40b318328d6956dc55719a0a1bc33c4a

SHA1
6a489dd39ca32bf31a8ec7aff751691ece956d7b

SHA256
30d4721900aed09cb6a6c6a02692795d9c6872eb259208c91d814c1e4b8c7c57

SHA512
0a44e02b4eb8bb6c513763660ee11e0abb9773b25e09190f2366fd7f7548177c41f26589d889a23ddc8a90371f3ace87e36f74e6f4d904c44db00e077c3f41dc

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db-wal
Filesize
8KB

MD5
8d7751745965ca9b942c34f9ab19c118

SHA1
b78c92f6c39394fe9f59c66b787ac60c4e3461a6

SHA256
99750f87f4bf9528d3fee648a297d46e3eba84895e8d66ace5b8ee7f92acaa21

SHA512
08b10e2a5a354d70ff3466bcda56276fe89af35436e581f33fa5139d8d187ef595c4c51de0e6574404241c88af7b5ccccd0fc875193f807b753d32d3578aa145

Download Submit
/data/data/com.yiwyxb.dk135283/files/.imprint
Filesize
994B

MD5
29ee3723335e4e0eeabe4e3d81dfad6e

SHA1
5234ecf9c8e237899d8f9602bf8581f912a11b77

SHA256
398a6a1395222876da3b0636e6819b1ef242ad02017b93e3f20faa924bf123fa

SHA512
9618966d1d7bc0c2a2b517e62595aa563135c5ce47ed49c660730e8833b617b385ee3a39438a5eb23322fb06f6a404924faa32324c4c786d202234ffb2bddc53

Download Submit
/data/data/com.yiwyxb.dk135283/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
697fb0324d1ca0e0530797b4d810eb93

SHA1
c70b0ecde3ad85a1b9dd8ac363a6cd7c657c874f

SHA256
b8b301081ba21b9f3eb051045c79157b6a8d4f0494757aa1b0fb2887a671ea4c

SHA512
bd1c803f64a54df9f719d48e16dbfd37be8637835b508a1690bb1775eded404a93f2ddb3e7b11672640c149c7f4d589fe22193ae02a192eed80bb44c0c1a2dc8

Download Submit
/data/data/com.yiwyxb.dk135283/files/exid.dat
Filesize
50B

MD5
9e21b2ebde4914b294235bea4a3120fa

SHA1
9df9d97acbe7ab02a50ed1cf45299f550988dcc5

SHA256
9f11c0288b8ffd1ef42e1b0b74a6a7176a772049dd68fcda59fee189bc7fae1d

SHA512
fe91c0db62471a5b4827848a5ca27d75d74b0b1c825ed938efa752a4ce2aba30d68c8bcb03c59a12bea1b240a35708eb9f2f393823ae148c42b63b8591d89d5f

Download Submit
/data/data/com.yiwyxb.dk135283/files/umeng_it.cache
Filesize
415B

MD5
7568bc322ec731a0696935cc66f2c12c

SHA1
d3eab253e40eef6764f7a70e7ca08b2108e76e18

SHA256
fa461d6eb5417dc3989d743637d4801a16620f887017d5f2063625fbc66add3a

SHA512
5a8e18edb068f9a3596166db4dd48b405b1bd398e7de2de4a2bc325a07987e13be27eea9baaad5c27bfd7ec2a5ff537c1332302f741e80ad96966d8d18f2772b

Download Submit
/data/data/com.yiwyxb.dk135283/files/umeng_it.cache
Filesize
211B

MD5
f430047a1199f2b86a98dd74ce1e1b9a

SHA1
c1ad482a9e2fb695fc283aacb5a9d5a16705048b

SHA256
97214b6758b0757678bc6b12ea5d6b9f13c3e9729c1697a26e134f231f64eaaa

SHA512
6f6d45460062d66b9c4ce93ee1a76edfec0bb1db6b616aaf61ebf163d34d41e3527ba346dd9e5ff79f97f68992d30501f4a85c2850c42104eae815f1f722398b

Download Submit
/data/data/com.yiwyxb.dk135283/lib-main/dso_deps
Filesize
144B

MD5
591bfd54cd8936dc77011474a058cf35

SHA1
e631f4b09ba2c6883debcaeb81cf04c04dfbe249

SHA256
51ca520a02c77fcab37189cf16e78a37ad211eaaa0f9a7f9c076f4e8665ea998

SHA512
b424917fdd12c71a98a46813fdaa3153a693abb0aa3346744863e4428bbebdb8b6d3d1c91b1ea6c53856977385d10c5c14b12e7da8d8e8be86a2d20252b91cfe

Download Submit
/data/data/com.yiwyxb.dk135283/lib-main/dso_manifest
Filesize
93B

MD5
f049019de27a3a937680ead2d2ab0491

SHA1
da7e30a8e411aebc0174a4029287a911bd8ab260

SHA256
055b4a2335955bb0b7fbf290cf19489b457757b0f5ff4684dce994a88aa9df03

SHA512
04089120a08f9e18fc528d84f727349c5197e6a6dd494921d7e293e6dd5824d56a10eb832b5d058d6fb8dd555c2e645c00f338ca9ca7734a6b9f70ced405e2cc

Download Submit
/data/data/com.yiwyxb.dk135283/lib-main/dso_state
Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/data/com.yiwyxb.dk135283/lib-main/dso_state
Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.yiwyxb.dk135283/lib-main/libjcore110.so
Filesize
77KB

MD5
304c4775c940633d9bcd763ef3c59ff6

SHA1
88cec29d0123a91bd5fc01adf460d75137592998

SHA256
718cdf15c87ac89607e548ac80b4e22499afbbdf5f5df77aa8fb3e2776e719ad

SHA512
8265e7dfc99e7ab6195d879a6fe3ad0cd5e33919d75c6ecf33d38d301b754a2c576bcaa73e56c8b305838f726577fc042ee7e8ddd88cea05e25eab4fec82cc43

Download Submit
/storage/emulated/0/JXCP/aff/com.yiwyxb.dk135283
Filesize
6B

MD5
6097116514f54a21468a368fd91a7a08

SHA1
54d5a86a6e97b4bec43acfe74e98a40214154ba3

SHA256
6f2cc30f27eac33dd8d6644ce1605e46ff5d5b2097016a4db6f9a903ad4cc975

SHA512
dfac9aaadb293206479091d7cebe62b6511feea8bf4d764abbb485b5573f59e45e6eaa39ba2471ecd851f86d964d09f710ff5f5047f42057c743a3a4a84ec706

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads