Analysis
-
max time kernel
178s -
max time network
187s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
15-06-2024 05:46
Static task
static1
Behavioral task
behavioral1
Sample
ad0c55cb117c947d6f07fa4c0e20e187_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
ad0c55cb117c947d6f07fa4c0e20e187_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral3
Sample
plugin-deploy.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral4
Sample
plugin-deploy.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral5
Sample
plugin-deploy.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
ad0c55cb117c947d6f07fa4c0e20e187_JaffaCakes118.apk
-
Size
20.1MB
-
MD5
ad0c55cb117c947d6f07fa4c0e20e187
-
SHA1
e2d467a97d11e55d0893e835333d36f9772a08dd
-
SHA256
caff1ef7db1aace2c053e041b94ffe1cf9d2c8635442eade4c6fd8e40ffc3fa6
-
SHA512
3e93fcb710c93573327e2e3419d3d36a040a349858a540025f5d5211277e2f4c4b1760a2958bafb883195bac953ca5e448219748edb9aee1ade30bc297738af8
-
SSDEEP
393216:SOwJtVd3Fuw94Ifqsz8MJduBjtriNF4cnAPoTCyH:SpTVdVAkjmjiNF4cnDTCyH
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 31 IoCs
Runs executable file dropped to the device during analysis.
Processes:
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/utan.android.utanBaby/app_push_lib_v3_120/oat/x86/plugin-deploy.odex --compiler-filter=quicken --class-loader-context=&utan.android.utanBabyutan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1ioc pid process /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4289 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/utan.android.utanBaby/app_push_lib_v3_120/oat/x86/plugin-deploy.odex --compiler-filter=quicken --class-loader-context=& /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4262 utan.android.utanBaby /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4328 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4459 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4505 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4611 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4648 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4700 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4738 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4777 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4825 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4885 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 4924 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5013 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5056 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5094 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5133 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5170 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5218 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5281 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5320 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5360 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5398 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5436 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5471 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5522 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5559 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5647 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5684 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5719 utan.android.utanBaby:bdservice_v1 /data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar 5760 utan.android.utanBaby:bdservice_v1 -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
Processes:
flow ioc 14 alog.umeng.com -
Queries information about active data network 1 TTPs 30 IoCs
Processes:
utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBabyutan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 Framework service call android.net.IConnectivityManager.getActiveNetworkInfo utan.android.utanBaby:bdservice_v1 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
utan.android.utanBabydescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo utan.android.utanBaby -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
utan.android.utanBabydescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone utan.android.utanBaby -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 30 IoCs
Processes:
utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBabyutan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1description ioc process Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 Framework service call android.app.IActivityManager.registerReceiver utan.android.utanBaby:bdservice_v1 -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 30 IoCs
Processes:
utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBabyutan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1utan.android.utanBaby:bdservice_v1description ioc process Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 Framework API call javax.crypto.Cipher.doFinal utan.android.utanBaby:bdservice_v1 -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
utan.android.utanBaby1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jar --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/utan.android.utanBaby/app_push_lib_v3_120/oat/x86/plugin-deploy.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
utan.android.utanBaby:bdservice_v11⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/utan.android.utanBaby/app_push_lib_v3_120/oat/plugin-deploy.jar.cur.profFilesize
235B
MD51d094b14a61f9c23cf45024a0eb00f3c
SHA1ae00d9a3dcd580bc90ad79ad5556fa291d050c31
SHA256c3c1bf683af998bd6599eb5d8d7e02b766c309b039e8019f34d3ada17cc83ff8
SHA512d8c3bd74fe23a1f656f11041bdcb8dfbf8c61e9beb3285586d429846d12375ed5038ca8af5c817aeec44394f76d0af9c2c896c41eead448ce026a265b4f7b406
-
/data/data/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jarFilesize
203KB
MD5928a6a05b730bcd02cc351d14659c20a
SHA10b6d81fcfb914408a1ccd450d121d7d644173467
SHA25693a7c0114615c82d1c24e8067bd89a4d46c00693256a507137597eb34fe7be26
SHA512ac5fb7f12c49db179e3ff3777bce3bdc209d94aac39486a2ea1d0b0b930ef388024ff0cbb708b87f4c2eb50a135d83260be03273423aa55d7d5c1ce5f0e625e5
-
/data/data/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.keyFilesize
48KB
MD597f0f4b0f838653fb4f92152a62ef045
SHA1402f1248656264a9f3578c8c529a2cae5f22f63b
SHA256386d2ad18320f24b9b647a20bee68fc833867bd292656f2e79a93f0915590504
SHA512d4d32a359dafd5e9fe26a250306322d71c43de74708159713b3f7cfb04304662b0555e48d7dee6882cd4a7d329508ba83756ba7d23c22134feeac8f51412104b
-
/data/data/utan.android.utanBaby/databases/account_dbFilesize
40KB
MD543e3362f3a6587f4adeb1fb366e368b6
SHA1ea0b876af2d867f8c39414ec01049ba1d354b4bc
SHA2561daf6e16ad9cd75605dc9e9ffbecaadc2b0673e601856ffafae3aeb835c27525
SHA51238f70077b24843cf04412f97c9c1297fa98ffb9aea1e11088c0ede88af66f3e02ebe8d7578f06597956230de7d0f41d5ec273326be0458b99cc7c5d79add6594
-
/data/data/utan.android.utanBaby/databases/account_db-journalFilesize
512B
MD54f6dd94c62afcec724a7392872ec7a08
SHA1c8f637f2ea9bb6462f15e3e3f1ccd8ecfa1942fe
SHA256181acf41c4f7bf508a770ddcf693e8b2456eea11f5f435ecdee297f4b1d3d3e9
SHA5124ccb11632951498225b35cbe332e669b2435f1b383584010159182706635814beeaa556330e1ce07cec139ebf0588d712fc86164047b62c9e3f9024c3acf7ba4
-
/data/data/utan.android.utanBaby/databases/account_db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/utan.android.utanBaby/databases/account_db-walFilesize
52KB
MD5c32f7637617be27939c8c29b05ce88cf
SHA12afdfffa2c358032a7174b6e57475e07b983424b
SHA25637d3a7dff7f0d5cd8e10f8a25ad67e6c662eb20a65db8d7e242b5e9af16d6ca7
SHA512a305ad39117c189b3068e479f1b691eaf9d320cce17da8c117fd51332acacd2b29fd4ee554f6503be2e31c4b3c0a478b84b887fe559d21352158c207d4767030
-
/data/data/utan.android.utanBaby/files/mobclick_agent_sealed_utan.android.utanBabyFilesize
550B
MD5654a32c297dd1dfca55690aa354f5ec0
SHA1bc1152686230f4b718360bd86a15075ccc10a855
SHA256f1b639af854e932126598bb72e4690e6c93dbf9f7dc36775c2506168f9a24aeb
SHA5128af2703794b6071be71638f79a5c299f8d1c04b2667dd5d3e76423cf92bba341150fef0f290ccdb724ca4d05d40c9d411e3d59d98279aff72a10154b647a928f
-
/data/data/utan.android.utanBaby/files/umeng_it.cacheFilesize
211B
MD5acff539d98640084e31b808283a90c60
SHA15c30efb0fe9af6612ce008465c0c158002bdd55d
SHA2566710328708a55d7b718badc7ebe2899b97817420aac16b9f0775078acfe91ddd
SHA5122ada230d85fa8019715655b31961e38c28fc5283792ce0872b0af47392b24be26ee061a207386dfca333cae926257cd55300f8f081a44c04da6be57434d4d98e
-
/data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jarFilesize
509KB
MD5c2a3947c92153fbe9fc4583f6685b8d7
SHA17a25e331acb63fd836d7c057ab790193fa27ca53
SHA2563e2b54189f95559a122946f7dc9156fd04c2a277868909e05e7a5cde83b0559d
SHA51254af12f3b448cea6a1a9e4e780133bc1ecfb1ff91eb77fe0b784e26539ae7c085c80ec5a3b34bb6a7945719ef541f4f6444b6dd10018dd56671936a323f6b3f6
-
/data/user/0/utan.android.utanBaby/app_push_lib_v3_120/plugin-deploy.jarFilesize
509KB
MD506668bb6db75530052316ff93d8ed7c6
SHA155fa23910b5959262d954a081ef8b751573ed96c
SHA25636fa8a0ba5d6f1a52ec833c524ea719e2cfb8260663819492c22e781b24b3b8f
SHA5120604ceace7dc62f86bcae9d1dd9976d8c60b7c17411dd602c388f3848dafb4b7574a54088fb28c4d1d3a257b782f945b0acc626d26218dd02d32ef83cf1d8945
-
/storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat_4.1.1.107.db-journalFilesize
512B
MD576fc02986af710fbf3e728d5a3f4b4db
SHA1becf8c7e2c5171b7c9b514676e13b17c24bc3a8d
SHA256237f9afcef1b896ea0e4054728d0d7002807902a5fc88adfe7bfbf22881e47af
SHA512959768c768582c9e8f9eacace3e560249155f811c94ff4d6a7f27f6292bf4b2134648a00c2d8817b9449940edc27613c7e6e3fd277d402d85d77e50a2e7593ac
-
/storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat_4.1.1.107.db-walFilesize
68KB
MD55151338c2bcd35083ad917f28f37deba
SHA1a528409fb06860fbf1719f0cfe879a86265ba6e0
SHA256b22b35ed5e1bbe3257b6f478c958f1570e2cbef88df0207665c7e494521ae5dd
SHA512f07cbcaba83fba8e65c4d67e55a40ecf1ee5dcc633de47c1f9fc33809958b29f6d840ab585be368f443cedab46d969b27947bffe59b47e7e8e3a4c44b8d83081