Analysis
-
max time kernel
18s -
max time network
157s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
15-06-2024 07:14
Static task
static1
Behavioral task
behavioral1
Sample
ad48cc4795c3af1c7e4de278c7b484d0_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
ad48cc4795c3af1c7e4de278c7b484d0_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
ad48cc4795c3af1c7e4de278c7b484d0_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
ad48cc4795c3af1c7e4de278c7b484d0_JaffaCakes118.apk
-
Size
1.9MB
-
MD5
ad48cc4795c3af1c7e4de278c7b484d0
-
SHA1
4d775301f50448326192fe100fe22c5690624a57
-
SHA256
95478cb2abec5dfab5d71994d2ca7cc89141128f63f5c1fd7c88706f7f5829f5
-
SHA512
a3517c29812f37af6ffcc5d50f0d6620b48c277324ad0c073d4be5e686f796946a69b0fa5f710252f7acfe57351e20d8d3adf03543d882b1b9ec2e95578376ba
-
SSDEEP
49152:gv8NYtSk6odCfsUFKv1Hm4DX6rvwuGxKPHl:Y8NYJRnU2Uwqr4va
Malware Config
Signatures
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
Processes:
flow ioc 4 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915adescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915a -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915adescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915a -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915adescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915a -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915adescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915a -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915a1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915a/files/.imprintFilesize
841B
MD5f824242f5ff2869b6541fbf2febeea75
SHA161a81cc1ae1e79f491629f3499f33f0b25e0ecc1
SHA25600bb5470bed19a187479f7f1acda1d3c325f0ec652d167e609042c127ab03620
SHA512ee964f5eb05764fda3734c1c8b37b5ec074cfd4a7cafb36ba65344d9c44e997165241221a11fde7c055184041cdc297ad8e65b10ba723c97c107982965313f9e
-
/data/data/com.cyou.cma.clauncher.theme.v547ca025e373c10b4aa5915a/files/uuid.mdFilesize
32B
MD55d3f058ad2357a1eb0aff83197be2d5c
SHA1e7f1262ad454357f13afdb344768c9fe1060f791
SHA2563136c417424734fd690f3536171628726536c20702ba27e590284f6b8d5db5a3
SHA512217abbe7afcda9327a7b8cb3edfba6617d81fb02e9ee5698b6fe04993f7938bc49e8232cd2b8728d56dfd6818020c749549482828dc9b5b375460dd21f149a2b