0b4f89f4017a78db79765c003cc4c541869f29895adc9d7a7d2dd1bf2dbbcb84

Analysis

max time kernel
86s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
14-06-2024 00:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a763ee98cd9e97830dc69e2e8b390de2_JaffaCakes118.apk
Size

11.6MB
MD5

a763ee98cd9e97830dc69e2e8b390de2
SHA1

290967b702b298e83bd232d605f13b3f0c701880
SHA256

0b4f89f4017a78db79765c003cc4c541869f29895adc9d7a7d2dd1bf2dbbcb84
SHA512

13fa93dd0c0dab6ddb2feb69c673881c5f9090ad2dad2c23dda4de4264e46c012a07adf5d52710a4b8f0ab09119dadc72b06283918b2f4c6c8f6125b6eba457b
SSDEEP

196608:N0F9IcQgYcVJsfduZBt86+9RYqflduSYBMwo7LM71600e4lf0sBRu10bCmzXuZL2:uQtffuBtr4RYOTeU7LGtw0sBRamO/INv

Score

6^/10

discovery evasion impact

Malware Config

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

Processes:

flow ioc

24 alog.umeng.com
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.yiwyxb.dk135283

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.yiwyxb.dk135283
Reads information about phone network operator. 1 TTPs
discovery

T1422
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
evasion

T1628.002

Processes:

com.yiwyxb.dk135283

description ioc process

Framework API call android.hardware.SensorManager.registerListener com.yiwyxb.dk135283
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.yiwyxb.dk135283

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.yiwyxb.dk135283
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.yiwyxb.dk135283

description ioc process

File opened for read /proc/cpuinfo com.yiwyxb.dk135283
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.yiwyxb.dk135283

description ioc process

File opened for read /proc/meminfo com.yiwyxb.dk135283

flow	ioc
24	alog.umeng.com

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yiwyxb.dk135283

description	ioc	process
Framework API call	android.hardware.SensorManager.registerListener	com.yiwyxb.dk135283

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yiwyxb.dk135283

description	ioc	process
File opened for read	/proc/cpuinfo	com.yiwyxb.dk135283

description	ioc	process
File opened for read	/proc/meminfo	com.yiwyxb.dk135283

com.yiwyxb.dk135283
1⤵
- Queries information about active data network
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4485

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yiwyxb.dk135283/databases/cc/cc.db
Filesize
36KB

MD5
4cfe777c9f6e7859f5efe2197401d8e5

SHA1
bb3774e8879ad5f6db0c37f151c3d6bc7b4b207a

SHA256
c422190539b6414072fc3950da19a17985c0c4c2172740b2f74682b520af5231

SHA512
6be469864edaf8eaa110f618f8abd27962da92e20945dcd38073ade2b60b10f00552d54d5db9d9f75ca133213031030e71e2e30113ff033e5ef507a28fe0b1de

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db
Filesize
36KB

MD5
86752a4be6564d8370f2f0e403995003

SHA1
29f7d50675f6e59f3b808eb6dcc8619384412115

SHA256
50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c

SHA512
79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-journal
Filesize
512B

MD5
6c5ae70691fd2831113d13fe0d375205

SHA1
c1d7d6a579bf3a2bf7805f6fc0bd11b7e588d0f9

SHA256
3f0b807d5cc9a92de1c0f036cfc220167203c9220f879e024edcdc464633026e

SHA512
bb7ed1a4ce23b4bfc92ddcecfcd8fc67ec5878c547d7a504161825a4e4119e00f1ff29fef2e61bded7c4619035bdcc01eeb4f91d2873469ab2b6609cd99dc7fe

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-journal
Filesize
8KB

MD5
3e0c0be4d37127d3c1b11d001e6c8d28

SHA1
f725837c5eb2296504cd85b5601bf2581b9b82ac

SHA256
1c213e780c3f0c263ce0fdefb1d90d09b5095f5ddad9cb47507477ed8051fe9b

SHA512
959273f715abaf6faea1a48a355b1f66e69062a2eb03469bf32b7fa6b00a9abf03fa4a2988b1227297216761af2963b7078104f39db9c4b472919304392d117c

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-journal
Filesize
8KB

MD5
5cf2c6274b350285d79ed778dd26b214

SHA1
c34b2ccc08f71ecc55b1a21dceaa520762686da4

SHA256
817a9e4d35ee769da21ce4ad351b85b843517a02ece092bd91746ec4ea07c4cf

SHA512
df7950869d5c37a211708b5bbac463d0bce0ad6648dd6322c4d0a48a5544967960eacd4eff126906c2f041d879b9b105979ac603a3957dfa14b95aef27b85ac5

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-journal
Filesize
8KB

MD5
9da0ba73bebda7aebf17a1bdc195ee2b

SHA1
540afccfc56d81606a3482e493ee17a568420031

SHA256
3b6b5d61012f065adb1e36f6156e4620a07fbdbd8e33759308a608c9c825db14

SHA512
b0d9242431bd3ab9694eaf48c2c4a844a3e4bcd8f120124f95bac7058cbe1c88c3a172fbd3d5a5994e52e3689d15ae8bf6d485f8df100a722360a4f7fd1c6d36

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-journal
Filesize
8KB

MD5
ae4d24fb9c6a9ee542ace726bedd3b49

SHA1
7a2bc44c71c1e8259ca26734402b90a9c69c32ce

SHA256
9fd8032425cc6b6c4359a3ee7b486500362b03a5131407a2e7229a387eed1f23

SHA512
4ab7d5bd34c8b4fa29a0c76cd6ee85305f000083fac1210ce0745a476d7f05c5d7e0d9eebaea43462a4863ed5ac213a86dd2aff4c78fd59dea5eb1b1b9cad293

Download Submit
/data/data/com.yiwyxb.dk135283/databases/cc/cc.db-journal
Filesize
12KB

MD5
b05a077c850e5ea039a4ed1e75100a0e

SHA1
3e0fd19d9b156c5fd72180c20d4da39bf004e0d0

SHA256
4f3b06e359263a11db3b7545f8ab9058ce711842c17901485e6b573d5db61249

SHA512
21e4072d7b20702367ca91bf1a23478cc9c85fcba703e7483d8c1bcc7022ff5b7f39d89835f98d7c9c9c2dee9761dea17c12b0ab4514a8bb2c529cebda28699f

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db
Filesize
32KB

MD5
c96e722b4d57f9311d419c2936bcfbb4

SHA1
80d5edd31900f57c3a4e58ab2a188729ad5c0a65

SHA256
6407ac6152946cbd20d45d6940e929aacd4c98d0f1ef96feb2dc8fee748d0550

SHA512
fbf5f413d120aed4451a05faa53e008828b3e149dab768364858cceae8387bef264b43825961b457b2b11ed3d934fcb6d496c988eda09ed36af9b817ec1f371f

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db
Filesize
32KB

MD5
4cac7d31fb94d5c9581893537f64c5ed

SHA1
96bef3288546196ac3058b5eeddbe9da1d999fe5

SHA256
d1b111041f8aab3269f3da846b2ea199498d99f6905174a9d641f0faedca41c5

SHA512
0ab95e51a640148ac007d47afd5b9fd03ae5a3b9053e5e19a4f0b8089e17e41e311790ee9fe486b6752926799577bee041ed67b64d8772794e9d2329a96ce747

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db-journal
Filesize
512B

MD5
d02b18d188d643738f0b87876859585f

SHA1
d8b68c970ebdd544d75356c38ab1df7a184f6f68

SHA256
3d398548b9cd2d011783d9b3890d5efba88fe15be5d409a60a29d969f52470eb

SHA512
1f62b8d58fc392655f2bb0dfd8a0d27dce1e763b31e8d1e2ea00936fbe3bd45f149dc1b12a74e64412cdb9a73e1b8fd8c4f3028be6e5067d01f0d05b80b04f6a

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db-journal
Filesize
8KB

MD5
752be66fecd26ebeb9d135dfee26fba5

SHA1
5af10258a8d2e577b0addebfe5d548dfc8cb8e7a

SHA256
64e95633c0cf0c3d199783660ce97027041dd4cc7839a1f0c231956e2db5a735

SHA512
24cb29b356cfba76274b6da7e754ee33e80370e1f51e8c685a72de69478ee0bdebc7cc44d19b66680553999a276ab0da4e7c08e93780bdb28c457b706d8c7d68

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db-journal
Filesize
8KB

MD5
d7be53159393b2cd92c987f2a3ea59ff

SHA1
cba16f0534d340683646b454d6dc00f3e3eec037

SHA256
02eab50f5b1c3b21e2ee63922604a4d0a790d9ccab8a732ba5b39e0f44b2b20d

SHA512
4b35cf5e378ea940d89d29b54f13748168432d295cf84067eabd7a02b9170986666ce9c65d98247d37d6e8ddee7909dcde20970aeb2795ccd99d6fabaeba0544

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db-journal
Filesize
16KB

MD5
fd8a8d0a11028ed8a7887a47f6c4ba27

SHA1
f9e53099e0da00efb2ae96aaeb5a9d618ce0b9c5

SHA256
3aa7e00e458c2d6072c8b3b8cb01c1ee7766e0885a43d4aebfe60b18cd182f12

SHA512
e0ab53944974722487042c144e71bb4726e2539349337d0444701e39b45abe5e2c8907a4515f8c47edd9fa9b0f47f3201f293fd136541127a244e4166d6db39b

Download Submit
/data/data/com.yiwyxb.dk135283/databases/ua.db-journal
Filesize
12KB

MD5
239bf6dd756f449768f1b0a3939ff84d

SHA1
93dacb7b6d5f9c74d06606929a2ac4dc85012a60

SHA256
6afef3c79defdd9f24747671b1a88dcf66506ec53e7cc3012b9bbadd01f4b137

SHA512
3be6ed5d7b790c6848563ad2446e7a90a7771703c08b4452bef2357ba47b9bb7660a3d8579779f60e66fc2302da569236a2249de310e61d3a08426d62eedce20

Download Submit
/data/user/0/com.yiwyxb.dk135283/databases/RKStorage
Filesize
20KB

MD5
a8dd844c47107fdd6ea3f456ec54bb01

SHA1
1f3621fb596bc60390c70630f5ea67b0978d0e99

SHA256
169313326a38c579cc6e21cbd1e3fe2b055690d804aff46203ade7c0219cfca7

SHA512
4047b64f410a1494531a22038688b7872908daad27395661a0d953d4d2826fcdecda7c6967209d64dd1d60abbdaa7c86d7631b21cdc27577094eab0b42d33b8e

Download Submit
/data/user/0/com.yiwyxb.dk135283/databases/RKStorage-journal
Filesize
512B

MD5
aa82135def21d9fb84e8a9e6dadd9b22

SHA1
8c3cb8001c37302a15aeb41247570b3766e5394e

SHA256
e1442a7ad8ef730571580f0732f2364166133d9a29e27b724409c77fc2fe99e3

SHA512
80ab820c76b7b6f932c83e6c8a5b58ebbb398f0dd148098c4f4181e7a6f3f9b571fbda451d8df20d3b845d73109a6fa4903ad3b54e0032efc7cf0ce52d0b2469

Download Submit
/data/user/0/com.yiwyxb.dk135283/databases/RKStorage-journal
Filesize
8KB

MD5
e14d1fc00fe8ce46ec9a3eafa74ff9a0

SHA1
67ed63fa7996891762510d6be3e81249e533f761

SHA256
c1745c24dd3e6b91038b6000503e5edc65b786acc6110064be5ba6f4c627b3a7

SHA512
12e5a45a5b78a0ce0d181833c6b4a75268bfd0895f24139ddbf5ddf4ba8598060cd9ca8b4a54d813484f58f387981846ecd65220c97554d1991d14486fa5b54c

Download Submit
/data/user/0/com.yiwyxb.dk135283/databases/RKStorage-journal
Filesize
8KB

MD5
4483cde32d74e24aab069159beb2edd3

SHA1
432a793124ed68a612589ec1a07040a3c86fa933

SHA256
ec7dbf530e0117f3ad6ffc73e43592470cf78727bb51fa5c1e477092632ff31b

SHA512
0194efbac72c458a1edc6478cb563e71678c8665a58b48169d0bbc6875011b4c2d00f05b41163d430ed29c0146cc1c2d2db6b5c6f74cb6500d1f3eb9b235e966

Download Submit
/data/user/0/com.yiwyxb.dk135283/databases/RKStorage-journal
Filesize
12KB

MD5
a30590a5250bd9ab502037e88205e4a2

SHA1
25a87d7093c24cd9d3743a49673a52887a778a94

SHA256
358c74ee21e455bd818be4ab275bd1e988972b49651661763558f511bef515b9

SHA512
6a9762f1b88fec93a35fbcb821108e7923af709ac9f289b8ad072c85810411e22d1d447722e3f7ebde310a606d29d422d680bbdc32955a7bd7aab4649ed6562a

Download Submit
/data/user/0/com.yiwyxb.dk135283/databases/RKStorage-journal
Filesize
12KB

MD5
040c18a5107238ff9bf23a2c573b6827

SHA1
515e2fbccd2a9c3d9174300f0dd8626a2f7ce4da

SHA256
fafb25641ed3d257b83e80d7eb683458f1839d8cc07eb39c84a584ff47a5ef8a

SHA512
2bd0a13f97c9bca1bd8f6551ca596a491ea1f467e95842456becb0bb214642604ab2ede70c7fa4b3ed368d7eb9d9a3ef4e374a5f58de2a1c94b4fdf5da8f9a7b

Download Submit
/data/user/0/com.yiwyxb.dk135283/databases/RKStorage-journal
Filesize
12KB

MD5
7ddcff50af9dbcb0838ba33b577d2333

SHA1
aace09d28ff972f2321fcab39ec5b108b92a3e89

SHA256
7f8ead58057692aedcc8f719885ec4c22ba5888f5c25754461b324a65ad1ada6

SHA512
d294f946df7ccd3af76bca5bbdedf2d2696eaac475a449902662c1d979dbf022f39f701a7b9e07ddbe1aded984590bf207c192005efc5743faf7e041a34341be

Download Submit
/data/user/0/com.yiwyxb.dk135283/files/.imprint
Filesize
926B

MD5
ac8a635f479df4ce5ecbac7764ab73f3

SHA1
c0b8c4ab4af7f2451a51c832235af122404882b4

SHA256
c5075cb09d940aae171cbf06caca5bc6ca1f3a0e23438e33b30cdc56ea3fc199

SHA512
acdf62cc3b32a46167c83c70444ef5c1547f0b9cc46853cacadfd8e84561b88120fafd4d7f9f1d5c999eaf7ee1756ec3d1cf02dc6664f405f0c9fbf3045ce299

Download Submit
/data/user/0/com.yiwyxb.dk135283/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
62a9551697d6d32f62ac913eedd135c6

SHA1
9d212a8886675e024e3016aa74e2e443b1468868

SHA256
971eb35aec12e255b3fc704fa06b344f14e6c93c7f9fd452dd29f0e9387be131

SHA512
dcc02a4309e3b9b33f7e55e4cf149f5be5d155768ce864d5e3ef0d77766cd9206bb0054c6900ce0f3c90ec5d353c0283bd131ee295852cafe872b4327f3cc7a8

Download Submit
/data/user/0/com.yiwyxb.dk135283/files/exid.dat
Filesize
50B

MD5
9e21b2ebde4914b294235bea4a3120fa

SHA1
9df9d97acbe7ab02a50ed1cf45299f550988dcc5

SHA256
9f11c0288b8ffd1ef42e1b0b74a6a7176a772049dd68fcda59fee189bc7fae1d

SHA512
fe91c0db62471a5b4827848a5ca27d75d74b0b1c825ed938efa752a4ce2aba30d68c8bcb03c59a12bea1b240a35708eb9f2f393823ae148c42b63b8591d89d5f

Download Submit
/data/user/0/com.yiwyxb.dk135283/files/umeng_it.cache
Filesize
350B

MD5
180b76d28a92641d61dc3a6cac0ab1ed

SHA1
3ddac51ef47cf7eefc81be2741a875bc29f72d36

SHA256
9742df1ce1e530aa9e42193bd6dc317199efa123907f8f5e1b598d7219b19eb6

SHA512
d98f936790ab397c0a7762cc5252eb55385516f9e7f030f63db7a46b039cd0c1e164f0d44229e2f5f9e8aab76b4e169d1afb469b29321c8c34be422bbada3bff

Download Submit
/data/user/0/com.yiwyxb.dk135283/files/umeng_it.cache
Filesize
178B

MD5
c923878e7e4542f04267e7889a40879b

SHA1
0c26dc98c0a98f59f2386ff43fe3e8d808b2634c

SHA256
5097496fe089d75ff0b8b51c1a4231825a0cc2564c6d2613fd3ff1b9f0eb84c8

SHA512
f80947faeead6fc9d67206674133aa5aa172915bd56705a9cb94039679a244b3eadacc8949a6bed4f056234a89ae1fe5a6f4ae3206ed2db50f7fcebb223d7443

Download Submit
/data/user/0/com.yiwyxb.dk135283/lib-main/dso_deps
Filesize
200B

MD5
cefa37976e13f1a95c490cb315ef905e

SHA1
d184bb5c46a90a782b8b0b1bb8006f4d6d999cab

SHA256
43051257def192d274fb3ef2fc68e2dc87f64dd65c7f47bf7e99032d696fc216

SHA512
d03ec779022ac7dc2b5ecd4648b6b2ef8f92609e85c963406f0b52d683e6bcf3a1dfcb876f299b63aed3e287c9a664009e9e40e6056910c133409c9d21419bda

Download Submit
/data/user/0/com.yiwyxb.dk135283/lib-main/dso_manifest
Filesize
93B

MD5
f049019de27a3a937680ead2d2ab0491

SHA1
da7e30a8e411aebc0174a4029287a911bd8ab260

SHA256
055b4a2335955bb0b7fbf290cf19489b457757b0f5ff4684dce994a88aa9df03

SHA512
04089120a08f9e18fc528d84f727349c5197e6a6dd494921d7e293e6dd5824d56a10eb832b5d058d6fb8dd555c2e645c00f338ca9ca7734a6b9f70ced405e2cc

Download Submit
/data/user/0/com.yiwyxb.dk135283/lib-main/dso_state
Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/user/0/com.yiwyxb.dk135283/lib-main/dso_state
Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/user/0/com.yiwyxb.dk135283/lib-main/libjcore110.so
Filesize
77KB

MD5
304c4775c940633d9bcd763ef3c59ff6

SHA1
88cec29d0123a91bd5fc01adf460d75137592998

SHA256
718cdf15c87ac89607e548ac80b4e22499afbbdf5f5df77aa8fb3e2776e719ad

SHA512
8265e7dfc99e7ab6195d879a6fe3ad0cd5e33919d75c6ecf33d38d301b754a2c576bcaa73e56c8b305838f726577fc042ee7e8ddd88cea05e25eab4fec82cc43

Download Submit
/storage/emulated/0/JXCP/aff/com.yiwyxb.dk135283
Filesize
6B

MD5
6097116514f54a21468a368fd91a7a08

SHA1
54d5a86a6e97b4bec43acfe74e98a40214154ba3

SHA256
6f2cc30f27eac33dd8d6644ce1605e46ff5d5b2097016a4db6f9a903ad4cc975

SHA512
dfac9aaadb293206479091d7cebe62b6511feea8bf4d764abbb485b5573f59e45e6eaa39ba2471ecd851f86d964d09f710ff5f5047f42057c743a3a4a84ec706

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads