Analysis
-
max time kernel
161s -
max time network
178s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
18-06-2024 08:09
Static task
static1
Behavioral task
behavioral1
Sample
baa841800fa26c4af7e096caca24cfc1_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
General
-
Target
baa841800fa26c4af7e096caca24cfc1_JaffaCakes118.apk
-
Size
15.2MB
-
MD5
baa841800fa26c4af7e096caca24cfc1
-
SHA1
990e6cfa7e85c445391a87e64a726fe9c21c7671
-
SHA256
30a422ab8bcc35c95151e392e758055ae5fe2ea69135e9d2e68df801111e6521
-
SHA512
af9d57dd29ae7207917fd70a8b43a26cecfac5b1c23ef3994d9f343552f14a0ddd9496b2ce3a3a173bd36d56e0661c5fdf69a9457c2b5b6b411b7b1057baeb76
-
SSDEEP
393216:gIxsjL2XnoojhE05ObCTNmpXTZSP4i2Jw1F7pz+yROmKmxBDUxGs:gIxG2Yojae5TNmpXS4bwFNOoBDUxr
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.sogou.translatordescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.sogou.translator -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.sogou.translatorcom.sogou.translator:channeldescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.sogou.translator Framework service call android.app.IActivityManager.getRunningAppProcesses com.sogou.translator:channel -
Reads the content of photos stored on the user's device. 1 TTPs 1 IoCs
Processes:
com.sogou.translatordescription ioc process URI accessed for read content://media/external/images/media com.sogou.translator -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 2 IoCs
Processes:
flow ioc 23 alog.umeng.com 78 alog.umeng.com -
Queries information about active data network 1 TTPs 2 IoCs
Processes:
com.sogou.translatorcom.sogou.translator:channeldescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.sogou.translator Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.sogou.translator:channel -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.sogou.translatordescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.sogou.translator -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
Processes:
com.sogou.translatorcom.sogou.translator:channeldescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.sogou.translator Framework service call android.app.IActivityManager.registerReceiver com.sogou.translator:channel -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes:
com.sogou.translatorcom.sogou.translator:channeldescription ioc process Framework API call javax.crypto.Cipher.doFinal com.sogou.translator Framework API call javax.crypto.Cipher.doFinal com.sogou.translator:channel -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.sogou.translatordescription ioc process File opened for read /proc/cpuinfo com.sogou.translator -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.sogou.translatordescription ioc process File opened for read /proc/meminfo com.sogou.translator
Processes
-
com.sogou.translator1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Reads the content of photos stored on the user's device.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4256
-
com.sogou.translator:channel1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4452
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32KB
MD5308c52571f8ccec5f4a166c99060a9d8
SHA1e77ee4bc958085bdb5f86e9f3b5ffaf8c97702b3
SHA256e6d4ded18bed81210bd905030eb3d88494282b1b2b605d6e791cd62b9d91a2ab
SHA5121bad329ad532c97be1d34c079b62e8a3a03f8aa3dec623cf7958e2dd40a81f14759dc3950198dd82735a9b073639886170896e6158be2609c954d55d590fa4fb
-
Filesize
32KB
MD5d604a3bf1f8d992cc320ea5b1f7609bd
SHA1247f88df0b55c7d523ea5398637711a0e4a483a4
SHA256329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17
SHA51267e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab
-
Filesize
512B
MD5a2386109babc6f3673f7f28e6a32b948
SHA1f4446eeb6639f4e5a77344a54c7a65b71d6959f5
SHA256716804007c80722a6ff1f1e05d02326bd3e0c8494a430c9563888366c97fb90e
SHA512d30ef3e3e93114b9363a6b4deeef8e0d7fc1a62b1a3c371b107c8700ced8a8e9793fccc6f70631fe01c876a17b2fc24771cc38e7c7fbd5e65348f33f1c3c5db1
-
Filesize
64KB
MD57b33af7a607117f3dc0f7c75dbe323b7
SHA173eef7657df1895ac6e886bcaba1b4c8c27d0655
SHA25695289b36b87d953dfe7e0f9ec2d9d29c86b6e7ef13f47973a67b13ceda930917
SHA512983b96b316a4d060ffe5b92718eeb94ff5357534c74dfddaf53500c4268969d7990697177219dbe5f94eb13e174a3bd6d89607517994a524b316e6080e2cc2de
-
Filesize
8KB
MD51e14cc7882ec68d5513c67ffb35da49a
SHA17fbf5374196d83880ed122ae661f846276a26737
SHA25697cb796fa0531a5e318fc9596097244fd017e48eaae4cd17196b2f175aec71b0
SHA51296b68cdf6f83f4a99ed7c189addccf8b54650400f43b7947dc3438caac34f976f40c52922f49aaeb0ea75a26ead862208f68ed3b5475304368b2a6f13ca54047
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD55f94d999014227b24df5b47f1f8fdb0a
SHA115a167e172b0e283f27eda9378422e5811a4684e
SHA2567e9efc08c8ed9e78125bb1c40845a1e3c9f0c086804b621060f73971647afc29
SHA512957b5d17fde4cf0700cb2e309f8cb617fe5c55190bfcbb817a4e715d0fe1da20c9f335f66b3a75087463f1737f286c748caf0fedf1ff07de9ef87f55df2a0cf7
-
Filesize
32KB
MD5cc9c4d7a5761986e207855c24009e5c2
SHA1829cf57881eaa00821add7a06e912ffbfd28a22f
SHA25694892388917f03f735776504dc2ee5d7dc14b0fac0353b14aa4cab7d5f1b6899
SHA51262c9d2acd5e127f4715a425d49028ced00f0ac05123b87c498f26da71f976cfcbbb18e9e5c49366c59cc6b1f062c04964519eff0ed48d1d28cd730108a78b3bb
-
Filesize
88KB
MD58edb2ece2ad898af903f6c6bcaae8eeb
SHA1a5ffe957801d50168558a7c99a2359251ff3f26d
SHA25636921a6b08f2180a1f627cd7a05c1c8fc5a0af8b13ca4163ead37dcabaadae41
SHA512e449204e453b442ae10f4bbe2759142c2ae1c50aedebe0e5f42ded96b1c2e781d9df45b45b3654f5b419e5aca1a28ac40cb64527945d3e1cffecaa91c8e02bbe
-
Filesize
4KB
MD546dfe51667c6eaf51a22acb50a9b2d02
SHA1262461d6cf52d70e27b5ce7c32d95ef59e3c67e8
SHA256eb23b3cdf7c2e60de99cdaef098a95fc6f7abec3e6cd78f555baf7c7bcf5be61
SHA512d9eb4e6bd0340d70110f493b2c047c3557524f1a53dcaeccf3f133cbdb624ed2e7f2ed0f8407bb4b0aa627ce2075d20f02cc88c0158acba0d93a64a369ea9cb3
-
Filesize
512B
MD59130e1a49ef25c7378f537e63d2292bd
SHA176c6f2be9ada2459fa06e86427dbab475dd8bd71
SHA256e877db5e802cc53a5347cc4b5d5fe58c4a8f5e992e5c47ad015ea7510577844b
SHA512df7db605170232919fd94c509350fb1017b75f35db5688948e7a5affbd39480a9f289c614a774d4768e2dd407a399e54790a57f41fc605f2427f46090c6de45e
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
68KB
MD54254981fc4eb3552b8a1c53a6daeaa12
SHA11a6fd2c4c237594fc84da36b1f65bfc14e14e7bc
SHA256822c621cc2514de03f0bbe65cf9a583a4069bb1c7b8a187bef5a1eb7a59d824f
SHA5124a9851e9a4577cc964fa8c5ebb77711f2b5b04858ff1397d0f765e165965500a66313ddb12e943164c654e8f6160efae6d5a60b193b10472c9df40d5be76ae24
-
Filesize
36KB
MD5486e2bac2b3e9e1cb411d2838a4854bd
SHA181dd0a7537f4af319b830ae834908986be85da8b
SHA2565644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57
SHA512c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681
-
Filesize
512B
MD58af7ed5a9273f274ce31026c200bf872
SHA17c582cea8d84cad58500b43c36b06a0cf20942ea
SHA2567f932d3eb3f0186f90500e4832dd833be437400cf9e2c5bb06329c538c0de50c
SHA5123803ef198a3288a5c482a8d574969280bde32c601e2858a860057204d36dfa1750e4bd1f151b518430440aae6066739b6cd1495b3a6dbb343c000c6f8726ca8d
-
Filesize
48KB
MD54c7a366f6003883c4b78999888c8c02c
SHA1f647808db8593f6dc5df29cfdf99edbf1d5261c9
SHA256a2d47bfca84befee3f15deeb2542c6a819bd0eed9655ce14e59c77af81b70119
SHA5123694c416a1e61ba69e6664cf860a768e60052fd2172a4fa018c88492e987b09960bf7c84e7711f48921b3ebcc211db9018eee30e5c3ff18bf9f75d9e1e6f6fd1
-
Filesize
36KB
MD55d7ea1a23af19b4340cc8d90f28297d5
SHA14cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA51233071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b
-
Filesize
36KB
MD5ce6135aa1b1fe4f2c2db2a546d2a5558
SHA179b59582154017aadab783dc266fcb158c252940
SHA2567b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA5122839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4
-
Filesize
512B
MD5801d886cb7a60b75c70c1d68b9e33f19
SHA1144937a8646e5f25259c638e5be14b78ceaba718
SHA256c3ef84c0e4a50e090ba5c841320fba36261e790cc63e6de4ee4a862d902e8517
SHA512cf39a36fe4e936ce9ed62f6c9d7ea28479432733f727319fb4c1e471992168e091427239867eaa23bd93d2b2804a3f842f6d510124db28b0f537f85ad5e65d2f
-
Filesize
48KB
MD5de2243ba4eb3882c18a65f5f4ac45433
SHA19970760994d6300c0ac51fd92198aba6777724a4
SHA25670b481c72c053f7d4e1362fbfd6dff6dd6797df382f5e20b49d8bda39e788307
SHA5127f58ecbfbd7d24fde6e06640e64b705fb9eb1885f658dfbd87fda6ada56ba3d4e15496840bd5104adf3da70ebfbc5d40e45b28f6aa697b572179ff2227cf8ae9
-
Filesize
16KB
MD511219756b6327698cb3a023e20a2f96f
SHA1da959bff353e158c00b798a654b94edf8c5b44e1
SHA256b84286b4507611c0760f4142fe3c5cee367af4cceaed5f745d46abe57b333587
SHA51265b6d75400d150b7eba1b1f4feac4add853e1330690e6a92776bc32982809fdc80f774e4513aa45dd80633c9a0d3ef6ffeba68bbd11925632578aee88e23e8ff
-
Filesize
1KB
MD593f5fbe7bde8616724707cd22cae6cc3
SHA1407c4fda78d3191d14b5aa2fd01b589d6d959f87
SHA25658ef2cf6e8a4ace1e5cfed081ac9d18e6202dde5c84153322e191e7b35425368
SHA5121dfd19ab7820acaa2dca411f1b30eb2ee94bc6832e44583f7ac625f53dcb2775bda2add6897fc1f74d9e10e44db98faedecfd3f269e938463a1325f0330789ea
-
Filesize
1KB
MD5debb39244fced7c1ce9f6fb844dd7500
SHA1370a1bfe0a285045fa06812022f7388663ee7e2f
SHA256dd285a5a12e02e0e7cd24b0f676b1de335a706b41f05c784a92e958cb624197c
SHA512a40be06690938f39786973e18f38c23604347c6126a6d78a9cf2f923136f48fd0897a1d8e0705e97d8496e7b923398b7d42ae9cadd5a8502fa000cb85b51dd66
-
Filesize
162B
MD53632666cd1e370d7024be924ac8044a4
SHA19db71e2a24024181e185a66dfd366d6db1ccd545
SHA256bf99d3a1851ba6c39efef90b6182bd7385a504efa527c8f34f85e51cbad5664f
SHA51201f5509363259a9d7af07972a73dcada49f009bbf8ed26b3b63990066739ef2f37f168cf2f7bd45087db88a98db7053c79c761002ef7d96b4570021694e41c9a
-
Filesize
92B
MD52672c8a1b1ece8c17d46df677aee7aa9
SHA1a17d4d4f8011e0e21e714a55c7e2ccf0bb770ea9
SHA256bbee9accfbe467d15287f809a081056a4906aa7a63ee7a4302d917e995ea47c5
SHA51202f28d77a40b3e7826a0eb6734677e7662d474e00e9ce599641f22082090759b788ff23b9d2249d1966894f48bf72c8d111bb4af7784a2abc0e6489c3a6c4795
-
Filesize
52B
MD5778ee2a5601663bc54e0fff4b35d8477
SHA1ab85b08528ad2c21f8a106dfdff973b0f5df42cc
SHA256dfb4d37cfc522d9fccf0da42c839cee948e35be78cfbad142164d63a08cc815a
SHA5123201f834647a4cf4a795569444aed14e19ccca0607db74f9bba09286e4e37628e9be721cf1ab91c669679c21f9f55b1f6c92e85311a7d49f711771d5223a8220
-
Filesize
218B
MD5ce5832c905cfb3946f1d1b61463c7adb
SHA17165fb643eb54f5ba3a49a2b0a4f98ab63039099
SHA2561e0423e8afc33b08199369997c3083e1dddb443c3a10f3b77b2b8215e8672371
SHA51250bf63756f5b92c619e5eff7435bdc93aee1d0cc63de29df8fd44ce91a35a6a0a75589d9865b965e14d655fcb35a0f6781addbfb119d6ccf88e99baf3cac4266
-
Filesize
140B
MD5c5c7d1b255eae813d899fac2204c5e9d
SHA1ea26e55106605e9801a32565ed922f0827afd4ef
SHA256c8fb83858d38a1cfb5c3b2c18e95bba019bfb0cfcbda1e18c884ab15c8c3a8f9
SHA512574a81ac3d45464a15e497ae517f59b11f63c3df8484722918fa73ade324455048c4f5ff57569accfe3676fb9157cdf6115ec67fdd4d0897d6038f643fe375a5
-
Filesize
144B
MD514ac9ac1d65edd0d1a8918eef9a9a999
SHA17e99ed4dc4d3160f41697ef0f1bf2956bffe40d9
SHA2568eb9361d7d4f0aec2d041cc2e71806a91f2c17438f99de5720c36468f330b159
SHA5124f80929f3a6284a8c3e4b04c4e5f8a409dd28d64d7974d6dc97d6fc088ab5f915a9625a979c16e740c1eef63e14ef62a91b6507120a37daa5687169291ec983c
-
Filesize
498B
MD52b4de5f64422cde77c7a39f15163b9e4
SHA1f41b409ff7a9f2b75b66a1471aee909f87e97089
SHA2569b3f1bebe3db052199e76b4c9ad23fe2877c7eb56ef1eff6fdb83fa6f35e0a31
SHA5120c25945fe6a7b0bfd1aea55399495db707c0aaf9f0781d6421cfb94b42aa8a5cd7a353bfd254af93b0b2f935d8769a753bfc12099682151d01a70e6fcb6c34b6
-
Filesize
111B
MD542bd0953a45402ed57b34df8d0006ba5
SHA18c14c1df3af6ef94cbd7d4b60f8968a52c44297f
SHA256c227a2a8dc30f0fe82aa6dee8a57b362664c3f589fa648975e4940de6c3c0332
SHA512b35c79c4b94b3812be5da64c9165dd2ea107c883dfb049c5ad995f66b91ec508f7d063222a4b691ce12f4950b9d902792bbcb259dba8d21667c6bdc8537d0c6f
-
Filesize
213B
MD52ba72298a8633eb45b8cfc5d06f2fe6b
SHA15bacf13d9dd6377c389dfbf585f59c983f7cf995
SHA256a2d5c2d92f79013dbf1c0be089fdf41879b78cb20cf304c85da5b591cbad4248
SHA5120c0bc3dceaaf23ad5024a02246844d01dc6f92fb242c4f7b60efc678864e36d264feacd9ce8b300b5d3c15eb8353c0983bacc981a17ad7951266632218bbfcea
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
780B
MD57e053b9ff60cae27ae8ad21d21632932
SHA1674652aeea091ccc87e35cbe782b4c597c5e305f
SHA2569573c317dab83c2c53eb65fe9b054b7888c116aa35f487ab26746e3ec383c9b3
SHA51275dafacaf80780cb0140f5320234af957ed75a3af837069b52b1dbc44e67bb2e08f14dfafe1c3ca276e75b228c47b39f62a5d482fbdfb943d99f7e22ce5f4c8e
-
Filesize
167B
MD5ef6ae5056679e2405b2bd75bc5e80023
SHA146d2519edb79df6833a31e28c0d58efb9bb14cee
SHA256f8c8b0cb222f42b05ab193417c9f835a928f843a2bfa5285cbd0391842a611c5
SHA5127c3d4d562b5715c2f1e2dd309fb3b27c16512affb5493db12e6d1b04e4c11f576deaf60868a56875e9449f86a7b03eded1cd83555035ee6a1c3afd8a4723dc38
-
Filesize
1KB
MD54013f922d6e2b5127df7532c533abfa3
SHA1d2c113e1b1527a8525d50ac571499d2cfb04eb1e
SHA2568592bbbcb58d5d04cd7358acbda5fe0488fcb60a101ca6a36e9f7f0f2f0ec00e
SHA51299103ad0ed45dceae56810e570ffc612d69a7713fbd85208301fdd0cca77dcb12e4d61699b9431836e6cc239375eb22d5499fcd16802e60d2ac0c49c168709d4
-
Filesize
5KB
MD5e0f1e43d1de725657d7d0d543f1b00f8
SHA1bb31880c2641622d1054c10610d917f5cc0a626a
SHA256d21e18ca4076db61ba972eaa7516523804ff2fd8bb8fe65fc0456183cc2a1d7d
SHA51232fe9b4240e6f686fc40c83d47778ddf2f59a5ff748f2c02572671fdab1ee9c9832712bae9dbb2649775b5f2bfe4ece0a9144d0ddc6c4320bc8710cceeac2f3b
-
Filesize
128B
MD5a05676a5178f86b3a4378a696655b1a4
SHA18dd4306bebdf92f6af6e05051dbaebf5e11bbc62
SHA256efa634efdde21ba7a147139acb765ea5f280fa3a09f89e51bb7187de4994d08a
SHA512bb1c01b1e05d8c388f08d7a053c339b3c95a85950a511a9c1a2db6f8c1e3b49f9af54b7daafea695edd67f707d7a1982deb68973a2e1c2aacf3d83038dc26e20
-
Filesize
71KB
MD551c85d6ec6c057cfb684ebd588325595
SHA1e69b45f7b5bcc5548210e123bb28ef75f6fa008f
SHA2561da4bc8125b07a08850b78bb51866d24eee42069558d20bc7c591f6fa8c3a7d3
SHA51243777263b7c6a6de25fac846be17a79cb1765f107c47f471abf8c56bbf10198d996bc33b30008c831536de566790ae807685efbd419878c75b030a93ed8ddabf
-
Filesize
31B
MD58c92de9ce46d41a22f3b20f77404cc1d
SHA18671a6dca00edb72be47363a7071be65cf270373
SHA25668bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA51230f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56