Analysis
-
max time kernel
7s -
max time network
189s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
14-06-2024 07:20
Static task
static1
Behavioral task
behavioral1
Sample
a87ec6a33d2d0bd534eb7c4c66d1c4e8_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a87ec6a33d2d0bd534eb7c4c66d1c4e8_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
General
-
Target
a87ec6a33d2d0bd534eb7c4c66d1c4e8_JaffaCakes118.apk
-
Size
2.8MB
-
MD5
a87ec6a33d2d0bd534eb7c4c66d1c4e8
-
SHA1
582b456c2a43a6c1ca8b0bfbf79dae581ead277a
-
SHA256
7f09cf0c2937db58fcf91d1d7bcae7d18aa8807a43f5e9bd721f45435a560e6a
-
SHA512
b09bc2618cf178ffe01484093b4c432305ebd0d990d45f30d96601274162b478c2350b6d0d0448d10881baef68db614f48f7bcef9956a4f694f8a1ec94788a63
-
SSDEEP
49152:hIiE7wWpZc08dwbVMjAKG+6V2F71C5bCZaqOEMYLmeM4CDKhPuykxyJWiNuCk61:67we/RVEXG+6k1C54aRVYLBjCWhPuzy1
Malware Config
Signatures
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
Processes:
flow ioc 8 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.east2d.everyimagedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.east2d.everyimage -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.east2d.everyimagedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.east2d.everyimage -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.east2d.everyimagedescription ioc process Framework API call javax.crypto.Cipher.doFinal com.east2d.everyimage -
Checks CPU information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.east2d.everyimage/files/.imprintFilesize
701B
MD5277eb637875c4e482764238da38799db
SHA12815667c08d6488b10ff59e2037c4e58615b1b64
SHA256354d7675658f5e05041e528e17742efd0debfca644bfb705796b15a622f5158d
SHA5127c334739f58368cd8f7dc9b097de3a2b140066922995e68d0c19a14a7a8971caf593915eba5f970198982cf85574bc8e636bcc707b15bd9c886b9a1776999b81
-
/data/data/com.east2d.everyimage/files/__local_except_cache.jsonFilesize
408B
MD52a882ca6b6b509e985ca32e5fbb2a71c
SHA11b181750662f500bb6af6af2f79d0722412b3c99
SHA256b0d226f7f356f42a03ae9601c684265ebd5a5a332d5be7739d0f9d26ae0c873f
SHA5121f5ad565454eddf09857d67d0f712e34150d78e380576c9c35e8fe786965fb81053e73ba9851e5fc7ff5b361fd3ab6242845fbb7fbd059e338218dfba507572b
-
/data/data/com.east2d.everyimage/files/__local_last_session.jsonFilesize
108B
MD5ebda53cf8dea498c5906263ab414e710
SHA111b19a76f4a8ed9f5e14886dbc482c7d62fae118
SHA256303d8eac02dd7f9de41716f4d4deb2849fb941f68557cba81151d072b6222c04
SHA512226f4cadcdd37cc665344b4f8e532b7e46a25b603cbd94b43abe3a9370a0fb27cbaeb589003f6abce734c93f90e14d782b5f534d446658649a28dd72ea5d336a
-
/data/data/com.east2d.everyimage/files/__local_stat_cache.jsonFilesize
25B
MD52d805b13f2f28dc3ca9bbcc000f49bb5
SHA19eac165b4d81258fd3967cde5cc53b53b1dabcb1
SHA256c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19
SHA5125db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0
-
/data/data/com.east2d.everyimage/files/mobclick_agent_cached_com.east2d.everyimage22Filesize
1KB
MD5a000e66bd332a82066cdad4bdb27d758
SHA1e4f00fdd0444b4d58f833ba7df8f7fd3e22d9751
SHA2564be8b865d06984ea47829b586256efd0a24492951330b0f97052ff281fa0ed4f
SHA5122c17088217e389b394fade7feb3fa3e44f4084d6172f6ae1e3d449037350e2b53db74f9d8465167480bdabca866c201d4b31aa6e13a2c925bb25cac218a4db0e
-
/data/data/com.east2d.everyimage/files/umeng_it.cacheFilesize
83B
MD548d5cb00571a201ac68fe792ec82728f
SHA1bbac128a96c48012820747de9da629f03d0fc5fa
SHA256ab7a1e322519c2d211d2eaa44d7e29e32bcdc5d67d5ec6e98ae3f4547715a9b3
SHA512630f9fa11847bf01c48f10f9891c7166e55ab1a2ede0de634e438323cdeac40049e9be2960a99d14910ca5066f854549542c403bbce0c4b762709953a2345007
-
/data/data/com.east2d.everyimage/files/umeng_it.cacheFilesize
43B
MD5f1d9eba5bcce55dc6ffc4c1e53d1cb99
SHA1729598fb101fd8d379612ac80ac95ebc4a899389
SHA2568e05d0863e877d7ae3178e902384f817225923d976db07e4e4f8aef2f7779759
SHA51232501b21bea7f68f31ca6afedaf72c3aeea7ef4badc70466494255fe27a5a7a38c7b33ec56f92a864a4d24ca2037f8393f9373b3b698571cc59dd3dfc6a99f12
-
/storage/emulated/0/crash/crash-2024-06-14-07-20-31-1718349631005.logFilesize
1KB
MD51e5a2d6c402c21a04a166be2cf29020a
SHA1de2965c4714cb90d2b395884cc0d3520d10d262a
SHA256261298fd2eae66f236170a419c3ff6380463bfe3b19e671d4fed837d2ab9117b
SHA5124ceab6577390672deb2db6d47a8e24dd5b2e96e15386657f42cdf2e9a667dc4e97e334670bd4263af11f6437bbf0e5490b427e11c3e9ff2991ed1c7436da2c0f