Analysis

  • max time kernel
    11s
  • max time network
    186s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    14-06-2024 07:20

General

  • Target

    a87ec6a33d2d0bd534eb7c4c66d1c4e8_JaffaCakes118.apk

  • Size

    2.8MB

  • MD5

    a87ec6a33d2d0bd534eb7c4c66d1c4e8

  • SHA1

    582b456c2a43a6c1ca8b0bfbf79dae581ead277a

  • SHA256

    7f09cf0c2937db58fcf91d1d7bcae7d18aa8807a43f5e9bd721f45435a560e6a

  • SHA512

    b09bc2618cf178ffe01484093b4c432305ebd0d990d45f30d96601274162b478c2350b6d0d0448d10881baef68db614f48f7bcef9956a4f694f8a1ec94788a63

  • SSDEEP

    49152:hIiE7wWpZc08dwbVMjAKG+6V2F71C5bCZaqOEMYLmeM4CDKhPuykxyJWiNuCk61:67we/RVEXG+6k1C54aRVYLBjCWhPuzy1

Score
6/10

Malware Config

Signatures

  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs

Processes

  • com.east2d.everyimage
    1⤵
    • Queries information about active data network
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    PID:4272

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.east2d.everyimage/files/__local_except_cache.json
    Filesize

    408B

    MD5

    e6e2d9b98201e2251c5b1d9dc939582f

    SHA1

    79ffc88641e732dfa07464da1e3b8dbbef8d70b1

    SHA256

    e5921c6227a5a645e6d26e6e56ec39ec7e999bf834cf10805cc913c3686ef542

    SHA512

    fdb37323b6167c2d29027a7306d9e4068c03279141beff862179811e3810a4050563db2c841eac145683a082374b4f1e810ec03f27d97a522a656c1f3314cbf0

  • /data/data/com.east2d.everyimage/files/__local_last_session.json
    Filesize

    107B

    MD5

    c4b8fd04e3151973f6931b7d0d13cc5c

    SHA1

    0ca136895f745baa2149713d7ec06966ec18dcf4

    SHA256

    981eee717917c658b30d23cda4dacdad869053c2e99858038ef29a9c7e75558b

    SHA512

    89ea851ca50cdad226acb8b5524c07b5e01e047883d6e8d3e80f9056e935b3d6dd99fdf0e6320db741d4f310afa2e6967f64b9f7a85645c0ab614dd4a5c002cc

  • /data/data/com.east2d.everyimage/files/__local_last_session.json
    Filesize

    155B

    MD5

    d4a2339d819972a5061830b667781e53

    SHA1

    7cfb26c3d51197d1964809aa10720370b32f040f

    SHA256

    262ad5d1e6cb5c644a928b7def936aa119b62aeb7455cebed50cfeb721ad3fe1

    SHA512

    bf52536138fbe5dbd361c4b94899ef6d30777edbf79e2d8e771d56072866b011a636e381c0843774e843032816e4ed0b481b0a998a403fc98d37d6970fec1761

  • /data/data/com.east2d.everyimage/files/__local_stat_cache.json
    Filesize

    25B

    MD5

    2d805b13f2f28dc3ca9bbcc000f49bb5

    SHA1

    9eac165b4d81258fd3967cde5cc53b53b1dabcb1

    SHA256

    c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

    SHA512

    5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

  • /data/data/com.east2d.everyimage/files/umeng_it.cache
    Filesize

    146B

    MD5

    8551ac082d64f90a098ac09d6c5ad3d1

    SHA1

    a3864f61cafb15271a8fc532321fe72747c75980

    SHA256

    3ec777b5495b24e3cdbf61ade1a300f048dae66bf59c3cd8b0f42d6567cf074e

    SHA512

    2e79fd9c49e9ec79500364caca9404c16168d4f485189517c058477315000a91f1defc59ff33529df9482c20f3a75d064a34e3a3ce668fa739cdb9cf69e163a2

  • /storage/emulated/0/backups/.SystemConfig/.cuid
    Filesize

    89B

    MD5

    b7f9f4bf6f0b93cc7cdf5e46418b6e62

    SHA1

    e0f928fd033cdaca799ddd1fa0e68d7f2ab4e2cd

    SHA256

    b010ab2b6953e8bf32a4a761add06c596f72bb5dafb3aa8a9f2b108d08f296d4

    SHA512

    9a3958219329c7060d0862a70efa0041cdcdae1dfeffc5e491b1f6d6f8aa5286ca31cfc726538f9311a3d28fdbe86f80ae436c0aa13e02eb29fe47259df8efcb

  • /storage/emulated/0/crash/crash-2024-06-14-07-20-34-1718349634560.log
    Filesize

    1KB

    MD5

    78800c75a3899a9a89d8a02aab0405bb

    SHA1

    2816ed0ef4eea55559e4fa8c21cdeda18a4b819a

    SHA256

    e55b4892b404ed4372caceba83667c040f9e05d8a53d92118fac8c8175f5379c

    SHA512

    3455d198bbf033ffe100406c03381d482e1016e238fbd38b71f4a73e80545316f1029e72988d847973b461edfcad321cf0bb7fd8ca047a00e01d8090c0388ecd