Analysis
-
max time kernel
179s -
max time network
187s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
14-06-2024 10:20
Static task
static1
Behavioral task
behavioral1
Sample
a92b8e5990d7e16b5f9d857f5bdd790e_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
General
-
Target
a92b8e5990d7e16b5f9d857f5bdd790e_JaffaCakes118.apk
-
Size
5.0MB
-
MD5
a92b8e5990d7e16b5f9d857f5bdd790e
-
SHA1
66f74b9d48ddd127c631bf0cd6510d68690f27fa
-
SHA256
f051921f2a4ca76b694edeaec2a9962fbe0c2ea33a54c855499091580a3e3307
-
SHA512
8f11ab610665146e4400f8c78fd2366a85fb5ced2071e747d0f64338d2dc42602cbace92b19b194d85fef7459a5c92269030d49e290c68dd40d57e591dd34a8a
-
SSDEEP
98304:9M5Kk+e6muLsbjOdgcaNNur+ux9HIJ+ryall6WOxwycRsG+mdE/nMUr:G5KZUuofOhPr+unHc+ryaeWOqhdE/nMa
Malware Config
Signatures
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.shengda.daijiadescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.shengda.daijia -
Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
Processes:
com.shengda.daijiacom.shengda.daijia:remotedescription ioc process Framework service call android.net.wifi.IWifiManager.getScanResults com.shengda.daijia Framework service call android.net.wifi.IWifiManager.getScanResults com.shengda.daijia:remote -
Requests cell location 2 TTPs 2 IoCs
Uses Android APIs to to get current cell location.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
Processes:
flow ioc 10 alog.umeng.com -
Queries information about active data network 1 TTPs 2 IoCs
Processes:
com.shengda.daijiacom.shengda.daijia:remotedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.shengda.daijia Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.shengda.daijia:remote -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.shengda.daijiacom.shengda.daijia:remotedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.shengda.daijia Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.shengda.daijia:remote -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
Processes:
com.shengda.daijiacom.shengda.daijia:remotedescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.shengda.daijia Framework service call android.app.IActivityManager.registerReceiver com.shengda.daijia:remote -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.shengda.daijiadescription ioc process Framework API call javax.crypto.Cipher.doFinal com.shengda.daijia -
Checks CPU information 2 TTPs 1 IoCs
Processes
-
com.shengda.daijia1⤵
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
-
com.shengda.daijia:remote1⤵
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.shengda.daijia/files/.imprintFilesize
28KB
MD50d3e99204c6401ea499fe9e6d9855497
SHA109829f00ca458eab7374d5079393a2cd69a2348a
SHA25663ad014cb50908591939d6a1536f85eece807425af4f4e8a1f9b9eeab13cc5ca
SHA5128d9a50aa9abd17e508ed3ac35a3033e8f9e550d1088baa951f53e6c4697c5ac026d22b90e36e27341d64baa3f0202bd89ca97583e99feb25f8c26b5776c59c68
-
/data/data/com.shengda.daijia/files/.umeng/exchangeIdentity.jsonFilesize
512B
MD534748032a428c52e04bd2ed7706b9d4c
SHA16c8abaf777ec8f3054e9780b3024edfd7652a980
SHA2567c8aa2ed50fc0ad137d801981a5c53a8137e8c4a08c699e3c4bfbcafe8be0659
SHA512dcaf1f885a57ae40e0d258b5ed519d2289bd69f54712c60604579cd10c1d63799c81c13fc5db26dd6743d719af377d8d81ccbb7cbb3d6d98030d19069f25717d
-
/data/data/com.shengda.daijia/files/cfg/a/ResPack.rsFilesize
493KB
MD5b910dd3542d71f57b5dca67af18cfa7f
SHA1edafd8bb96b1eac5f3db87216842c7c232c77d62
SHA256815a18dac2b9b8bc62c0b424e1abb530a14f35f3b69b1ef432a98d0f69d93a6d
SHA512d7ca17b63002ae87dbcdfee033ce735e9cb6966de65ac9e1201d0d2a2c029f024f76f5c785724433473579d9779503133fe1a4c661163af27bd47cac27d04fd5
-
/data/data/com.shengda.daijia/files/cfg/a/mapstyle.styFilesize
386KB
MD5fcc53e066e7595fa11e83564b37f08d0
SHA12843fd5b7c30fbc46997bb0dd1e400aedbe476ef
SHA256bc8eb3d73bd9f983450188a685701ab92a50a7c4c9b676227023a823be760431
SHA5121c1cb536eee19c4e0912635df45e6f2708c24997d033fa3eca1e96cbb8444b9e41dcae8a3fc211f802f29ea65c057546fa54980dcf0e5e5a7905a21d4fee2d2b
-
/data/data/com.shengda.daijia/files/cfg/a/satellitestyle.styFilesize
285KB
MD5bba21dd97b026eae5e4861afa5fdf348
SHA1fbd27efb712ab1a21a8dd72e1382f973ba0b097a
SHA256ea6380d20028444deef9e46e8ca0029b46baa46b2bd03cf011ed717fc331917f
SHA5120ebec5171ff5d76da8a46bf0df924aa43372eadbac3b0b6b37f4e58c1931efcf4acf9c49dc612a671259cd22779ee7ee1a689268ab9258e2078a9647f7d79e29
-
/data/data/com.shengda.daijia/files/cfg/a/trafficstyle.styFilesize
7KB
MD50d84dbc7e7f008e90d6e0f0482dd3dcf
SHA1560e84f67301c102d489db6c17819f77c090ee6d
SHA256f12e378f4c1dbf71cfea3ead3697bf196e2691701f8c07c074bae6057a89a705
SHA5128b3e8638b27d545b155ff2a60812c901d0d6690e2570c1923aa91729755efb6e354a907c121a38b00901af94aad73383a13561b010a818426dcd6efada1d1589
-
/data/data/com.shengda.daijia/files/cfg/h/DVDirectory.cfgFilesize
68KB
MD58c46176bbac1c8202915d18e93fce7da
SHA14da21b7bccd29f70519cf08b6a089be95f04d490
SHA2567b2cccc88775aa08232202d0084b4dc493d58aab80e51008b1ea35153ce062b4
SHA5125448b1a693a171497c0b179bc0a6d37ff1de942b8b9d77b62a2602d774e2743efe111211ca351be1ce24ace0651a83df35aac8469775db9c366acceaaa3c6d19
-
/data/data/com.shengda.daijia/files/cfg/h/DVHotMap.cfgFilesize
32KB
MD5f50032390be3fa9097cb122e999a5fef
SHA1946c69bcad787c1c3faefd0646c07f6edce7eb1c
SHA2564f122c0080c74e1d8fed52eeaf5d3946a05c0fee7f89cf8cc9a605c28e7fe60b
SHA5128f50c5d5ea3750f502e9598a202caf0e1c84d049f2154b6eb2c79e43fa40b9126a25b568906454568bc3255370948e16eac4a690a711901092a583a20358e4ca
-
/data/data/com.shengda.daijia/files/cfg/h/DVHotcity.cfgFilesize
1KB
MD5883c30365d5d377966125dd0c079debd
SHA1d296ec1e3f4badb6e3e6166c1473fb55d4265761
SHA25650112e7ed210b33224fbe1cce568c8e95a14fb47f7d39ec905369e2feb9668aa
SHA51200b1604e206a5d929071aa1cac99d83320eacdbb064d517973a5a36757a8a9eb8a103452c98f24e7c8d29adb4b2843e804bfdcb32902da7e364a0c30f8609b7f
-
/data/data/com.shengda.daijia/files/cfg/h/DVVersion.cfgFilesize
339B
MD58261cdade070643bf5338cb86f8a8e12
SHA1a2efa735a1850ffce170c9afdd5766d00150d3c6
SHA256419c6d6ec62882a558975b35ce565eea2921203b869a7c84e94542c30d067b4a
SHA5129329f5803cd58d8117e9c76f14234d58461c5958ff27b613db3fb37acad9fbdd32319ed0f23105ae1371203406ba075ee05dfb51d2c8c36147911236e9144387
-
/data/data/com.shengda.daijia/files/cfg/l/DVDirectory.cfgFilesize
68KB
MD59b4be1eba81c78c290dca5cc4f215efe
SHA15f4232f73f82a1f9523f87dce954668d88b0a0f6
SHA25600e9d5f7e574d610ee6630bcc3ebcf5cb5da97859cee0657dd4d5736eaffc60c
SHA512c8a70df6af352c6b533d482485cf7d69051da76c9cfedff9fa0cda7a5c26d8a48c6f9e0120e76b72ac0898625eed2c01b9e3ed41df9dbb508c762574339fed3c
-
/data/data/com.shengda.daijia/files/cfg/l/DVHotMap.cfgFilesize
10KB
MD57574d43d9c732d736c892f4b4cc52018
SHA19e31d173e8036ef3247f4d2c67b2a7469d40a899
SHA25642a7b2b0c24553df0af78f0d0da28b74d8e9de45d372bfb9151df1c536c41945
SHA51274f7797cdf1b3b3164ae128caac722059bd474c37608c0dd60bb43de913e0dd245f2022b3efba622a66c6a0b88a31662834df6b04724dd70621e4b3c7ffc4ef0
-
/data/data/com.shengda.daijia/files/cfg/l/DVHotcity.cfgFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.shengda.daijia/files/cfg/l/DVVersion.cfgFilesize
127B
MD5d54b7b380a5ff46c78283013a07d8e0f
SHA1f697c5f7028ba2679a96d6bc5291c38ff96d7982
SHA256c7ad837b097687d92e0d944815fc70adcb0e1cdc82db28f728d13e8a48d7532c
SHA512ade792589c33179c51305f201bfb6db28c05b2ea098d12bfefc1a5cf9bd3014d53830ce2e71f027719ee1b83b2394c7654b5ddf4fdc7f678840869d2a2787ef4
-
/data/data/com.shengda.daijia/files/ofld/ofl.configFilesize
235B
MD5127703d48a7fe86dda132cfb4c03deb4
SHA17ee40f2b32a7b10208a5abc202f709209c6842db
SHA256ce36e2feb9bde61afb9d2fb10b448ecbe1f914a7b552ba5c99aac9c96d97bdf9
SHA512e4992059ff7a9ce187955d86411416f48fd1e56b88f8cb0fed1573ae9d66f8dacace705ac27370c7e70e29085dbb2000f221f2edaa60fc5008c8d3bc5f0ecaf9
-
/data/data/com.shengda.daijia/files/ofld/ofl_location.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.shengda.daijia/files/ofld/ofl_statistics.db-journalFilesize
512B
MD5ee1a955176dc1cee8b2f4a33ed9db3df
SHA1f05b539ddb3054c4fb2822517f208f3c4a3760d5
SHA25638f9de35edfede5e41337799164e9cbdccf5668b3fc6864aa875276d62464d4a
SHA512b77987b16ea0d89e53819273012b2f3a5fcc3798240318eed117039752ebb6044433e4bad2231b75b2c416897fd9c9bf341a91e8708183568d07126701228e36
-
/data/data/com.shengda.daijia/files/ofld/ofl_statistics.db-walFilesize
156KB
MD5c0f9a2eeadaff5fc8a1c2d5d562f79fd
SHA1d4f8f0db7e9096daa5f109bdb502154402123350
SHA256c3254bd321cd1ba64423ac7efd312f3716390163c37457bfe657de41ad9eff7f
SHA51249a432133008a7395e8328e1125f53c3563fc0a27c3af4edb2d979c37f99ac9b181e1ce7d1629f61dadf96244106df13d6fd7a2de892074a0999567cc40026bc
-
/data/data/com.shengda.daijia/files/umeng_it.cacheFilesize
415B
MD5945ab01fd530b2c30259e16ec72a67e0
SHA12abfe139ae6ca32e0f889cbd7bca935ab8778101
SHA25673506c83077191602e1dbb76385664a195a7d1d2d9097c730e34bbd211d2cf04
SHA512aa285b8a17ad0c5997ddd5f4faeb13c9a76410f2e0088c28390b3692f06657924467b6814340a5e668da0f06c41ccc6b8eb12863663b7627ba15f93b332a8d3f
-
/data/data/com.shengda.daijia/files/umeng_it.cacheFilesize
52KB
MD5590786245aec9e9152f60f850ce5d268
SHA1bffc9ef5ba31947b36397f43ba2000b0d035fce1
SHA256318bee4e7f04d66d3665d3b1fab01c8d66f72ba26052671ffb76073915f5c752
SHA512a655b476a17a253c8aa83e42e63226282b23b7ab581a6fd38b49cd550fdb02f1e19f7956c4418da1bd211374341c434312f389d2542158db629881b509582683
-
/data/data/com.shengda.daijia/files/ver.datFilesize
512B
MD52e4c154568a172ffd7d09a9ff8a5fe6d
SHA1467b3906466072f09cb2641d08875af6a71bd076
SHA256c2484fcf50256fed00779686d20d431703548b9796ea2cc1351ef497916aa3b5
SHA51201d7bcaa509ec4848b6aaf2ffe4ab08288791a2d8e7047d5abd7075898321e88422b868f19adc43ae53181f34fc988e3f59cd94dbbfb76caf49c54e083d107b3
-
/storage/emulated/0/Android/data/com.shengda.daijia/files/BaiduMapSDKNew/cache/tmp/DTTempdat.datFilesize
2KB
MD568d982cb380611131f8bea485bf90c8c
SHA1038e6871880298af0789416dde8e6aa0c93bef51
SHA2563cf008dbc7e1c4826802b54d19d671b517166dca67821430eab0905b0beb751c
SHA512b996fa8ad81d11c31c44b2bcc315c7078032973bf40747b6dc4b3cd31cff2e61b73073f76089950a65c74b7b338384f73edd701e4747b8a784d2c8516ed0cfbd
-
/storage/emulated/0/Android/data/com.shengda.daijia/files/BaiduMapSDKNew/cache/tmp/DTTempdat.idxFilesize
164KB
MD59821fa9bf06a0d5162dcaa8b76421dcc
SHA1921532f0899bceb3d4573c6c1af5c5781f182db4
SHA256d6441b5f22170d11a2cb15c2b58ab912734740ff3c083e6ebfd83914ea2ca6a7
SHA51254f2fd30be645b1ab1b4ef3a4cf052642ccfb6f7ca461f8f97ad7a6d674f609e2fe3e815b00e2cbf421fd2123eda59faad451767d8e8479fa54d7f8d59ca9664
-
/storage/emulated/0/Android/data/com.shengda.daijia/files/BaiduMapSDKNew/cache/tmp/DTTempdat.idxFilesize
8B
MD57dea362b3fac8e00956a4952a3d4f474
SHA105fe405753166f125559e7c9ac558654f107c7e9
SHA256af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA5121b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b
-
/storage/emulated/0/Android/data/com.shengda.daijia/files/BaiduMapSDKNew/cache/tmp/HMTempdat.datFilesize
2KB
MD5bcb392d6a35c91da82ee860a8468f97b
SHA1637e6d1e41da7c8c6a8b5c357c11d9e1cdb3fd37
SHA25636a447dc548d281ebff749e1dc1d93e2581fcb2ea846efa22cbecc97e6932f19
SHA5121caf99121faa89d32177ab46dae05f542f1a69ad07a843dc1b64d52b39aae120aaeefbf44c390b5340306f3cc34ef360aef30186d348af87a8221beef529e5d6
-
/storage/emulated/0/Android/data/com.shengda.daijia/files/BaiduMapSDKNew/cache/tmp/ITTempdat.datFilesize
2KB
MD5926afcdd3de648ac4d9e7b222c1485ea
SHA196fc9c942c6bd8806821b1532e25f21d2b8b2a47
SHA256f2411c822a5ebefc972c4bf2030e6ef869e8930b5af81c5c08e79d46f67705cb
SHA51207d326bfdacd97b9510a73e04ff195a6832922f74c593bb64f661f2297ed236643daa9b6c8063f599e9a2300932653708d0b38ccbbfb88746c8f2af1bec9865a
-
/storage/emulated/0/Android/data/com.shengda.daijia/files/baidu/tempdata/conlts.datFilesize
12B
MD58d80bc8ea90e9cac010d3ddf97bda5f5
SHA1f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07
SHA256f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93
SHA5129ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7
-
/storage/emulated/0/Android/data/com.shengda.daijia/files/baidu/tempdata/llg.datFilesize
442B
MD5fea51b0943e0077277646b84635b7695
SHA113691697991454352bc069f67a6879fe4fbb164f
SHA256b61f0f6e583ed68d58fbbb68b45266b9fe2a4e13baefdb035c41c142c1eb5cb6
SHA512a9508ca959a8a3984f63f213b84f646c1cd4263dc275de4014f61c1997a31f2cbe11d005bd14e550526af4417a14e9a16e609852272e0575efc5b0fdf244b47f
-
/storage/emulated/0/Android/data/com.shengda.daijia/files/baidu/tempdata/llg.datFilesize
1KB
MD54863a1b1726bb936d0fe51b621c1befa
SHA1f6372ab138a8e236773a555182f18bc213b65681
SHA256e485d82ba3dd563327462c980de64a674571528698e3e3504a86741849ab0e78
SHA512caca61b58d1eaed5b6e91c48f8402d342111a93e02922c36d2fcd87e712ab3c826f01053ac4372567ddcfaf83da25227ea266f36c9d1c20e6e48c63d295d8112
-
/storage/emulated/0/Android/data/com.shengda.daijia/files/baidu/tempdata/llg.datFilesize
14KB
MD5713191281daaa7e71105b4115d4fe5a3
SHA1db013a630b6bda70eb33e090ace1a0e0fc484621
SHA2563dc570238b5c0c2b348d51d0d83f357fa1ee9a223c7265e9848daab1fcebed52
SHA512fec1759858286897720c5f4ab0cf02ee8d7833513f287f038c48e4768a97e5efa926d6c27728c565be144ffe46a66d12a35f0e5982e4a159c01eb0d006eb9953
-
/storage/emulated/0/baidu/.cuidFilesize
32KB
MD5c748771cb27e1014e446753c79839ba0
SHA100e53f861e2c7776768b0a4ea39187515469b029
SHA256fda02d02b54905681dff3e56910c641a772a6bd34241be64ff9d134695c13000
SHA5120d3b83dd6d2d341225fa489d5d378a2aaa35298072fad382bb435b4911f21c3a3122cff99b6ef7c801a538d88a54ee315d4b9f520c74f74cd51f940137bd0cb2
-
/storage/emulated/0/baidu/tempdata/lcvif.datFilesize
96B
MD5d6674ddf090176a01db65395f0c46398
SHA10a26bb2a52046ffceda98f3f7e19a061477d4dd4
SHA2567de6771284e0a54f0229b50c45d576a5fe5f0ca54f1711cf3d9c391502b58b57
SHA512a642b9217291bee364b47fdd87e4afb6de7811a6586c7d2d74d900c11cef8a6f510d12ff9b99bf27dbb01687699cba682db6619e7daea72646a7e7141ed2fa0d