df964cd48cbc81021d46a94a1f47038f74d4e2e1f32823fcd8b0d07d96097ba0

Analysis

max time kernel
133s
max time network
170s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
13/07/2024, 19:56

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4320078513b773aca9d3b9c83a5ef274_JaffaCakes118.apk
Size

9.2MB
MD5

4320078513b773aca9d3b9c83a5ef274
SHA1

e336082809d0fe0a3f126c5f6a167881d3c9a7ab
SHA256

df964cd48cbc81021d46a94a1f47038f74d4e2e1f32823fcd8b0d07d96097ba0
SHA512

2a24792965ff7060ac60cce047c46cb036ea45e20039c639261a33da8e6d273372e8999771e56aa915ceb686e9c4f44802fa498a98971826a56692bc738d9fb9
SSDEEP

196608:st8MoK7YIIeXZVhWquzYJKxVqe9VVIWW63YhavVU/oMvk4of6k/Vgpcjp9s5:GU3I9ZpuzYKie9Vm63Ma6/BY6k/Vg

Score

6^/10

discovery persistence

Malware Config

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
10	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.letv.smartControl

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.letv.smartControl

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.letv.smartControl

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.letv.smartControl

com.letv.smartControl
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
PID:4251

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.letv.smartControl/databases/record.db

Filesize
68KB

MD5
bfd195a172000bf80a01b81191e31801

SHA1
7162df6862728a3c092771239c2decefbd135f46

SHA256
8a0f5f716d0d8f6ffed50e4fa5dee3fd6166afa2c175495bca8850a1e71e3a54

SHA512
e6d7aba0fb13fc6121bf8e66053da29513f27a583d3e7ea6808b45307bae75466b9e1538959517c1d2b6bd82e1d9ae09deaef6eb404628becaff965fe051cc9b

Download Submit
/data/data/com.letv.smartControl/databases/record.db

Filesize
36KB

MD5
0c56ffb732fbabf7e4e6fee93d2235f5

SHA1
5bcb826fdc82979ff61750b78ac504c4656f1be2

SHA256
078abdcad908c7c5a083b3cabfe71a9c0ed02fcfbee3539e8f7d8bffd5168f69

SHA512
8627c00dc19cde10be1354f1eb14130698dfeb8db1384e1a4c14232abbc76b89be4467a2ddacbfe3cd69000992d74bd61bedd9df03c0730304951c91cc7e3963

Download Submit
/data/data/com.letv.smartControl/databases/record.db-journal

Filesize
512B

MD5
9e308b93aac50bd470922d3c734809d8

SHA1
d205e1808c6e804bea05ac0de02c8707cebbaccf

SHA256
0df38f3cf89325b74a8e6e99f6aef5496d9de082a3bf1f2e1eb5a09030e27a91

SHA512
bd5303b30d099c7e979971c07483700cbc2e31998c12656b86eed6670a8b43505235346ee1237c90a870ca971ae8cffd84a586e16a38fd4318620dd8f68cc7dc

Download Submit
/data/data/com.letv.smartControl/databases/record.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.letv.smartControl/databases/record.db-wal

Filesize
88KB

MD5
bd4195b0acae3c068cc75befbce8b79e

SHA1
c0099b019c37b4205c7520cea73138931867faf1

SHA256
c0e27666865516562672e60241bc9eb8acf8ebda51d54adf7ab7ec791a078629

SHA512
4fdadf31e24b17a17e624e94c3acce0cb725c87f911f6ebb9b1168d8e528cdf1456b7345aca28e11c75a3d49497e4fd9e2186d14caffa398e6aabcb833fbc494

Download Submit
/data/data/com.letv.smartControl/databases/record.db-wal

Filesize
8KB

MD5
36204aed3653fa97117a77a74f9f9b68

SHA1
37a3f879811b2b0b9176a381cbbb8d138e9c765e

SHA256
936ad27ab8d4af49551d55070f36b617738ef21f3002b447aa6dcf299f4321a6

SHA512
fb6cf3657b08bb4350bc48525d7edd4c6c9b4a14c7e1415b359b391e1df5c021fc6408ea4c27fb51b19baa34d48ae237bc790cfe9bfb98c5dc3f7df2452807e2

Download Submit
/data/data/com.letv.smartControl/files/mobclick_agent_cached_com.letv.smartControl

Filesize
121B

MD5
3833fbca8416b6898acf1c43184fa306

SHA1
faabf8acd2ef575f3db53e352f4bc85407cde5f0

SHA256
8ee1890f5040ac3277baca51e8e7acb18f3d575a068069147c31bf170e200e0b

SHA512
76c22deefd0cfe4fa37d26e5002db558c93f7c0b6da7621add7cb02df255ab092cec663ff18ee671a6dfe5cd90c5650ca5c0fff26d879f63f04dfd1ec3fd6a5d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads