Analysis
-
max time kernel
178s -
max time network
151s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
25/08/2024, 14:09
General
-
Target
c0e8863ba90e1f086ee28e43a69c19a0_JaffaCakes118.apk
-
Size
1.3MB
-
MD5
c0e8863ba90e1f086ee28e43a69c19a0
-
SHA1
7757da1fcdf19bef7e50b0851665bcd61704b6a4
-
SHA256
210750dabe8e34822418d90e7e15fda6508342a9e88617297839b6137a074612
-
SHA512
e03e0ba88271a4190aac36d5fd789e53e9f4809b553b4d95c21cdff2324e2d49cc7ea1d57ec27543277087cc1eadfc8fdb3650593720e8b7385ef697070c42f3
-
SSDEEP
24576:g2ZqVoL0otaYtXMieqHJCddRtLKaAENssa3o+4IjwDMq/13tdHbZKm51Ob83l:tfQ7Yt9eqpCddRNKaVNsbLdjwDMq/1XB
Malware Config
Signatures
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator. 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Processes
-
com.cgne.vwyq.akeo1⤵
- Removes its main activity from the application launcher
- Loads dropped Dex/Jar
- Queries account information for other applications stored on the device
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
-
com.cgne.vwyq.akeo:daemon1⤵
- Loads dropped Dex/Jar
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
105KB
MD523ba0b249042b7ba33e92c0199b0ea4a
SHA199b13ee9f7307316c2337953fceed87e9942b794
SHA2561ed0751a141b17c80a921f5e8ba90c66a56b8e73156f5cbe133b57d550ca4ef2
SHA5120cc88e2b7c2ffa4db274d690e3bf12098ec804b9fcd9e92b57d2fa0c4161031d2e84c91d86ba8e2b6e8b4837852defa099333f76bcd454c67b31632d0cdd4861
-
Filesize
248KB
MD5a54a18b58c6720991c021f433dfb2a46
SHA1d2ffa07919f92b6e04914e39843f08fdb2a75b68
SHA2563dd88e4418bd4271af728fc6436c873a55e6b6f5c8ed241ee2cb0ee24fe3f7f3
SHA512e4a51b2462b247b1e5fbd947d06a2eba334f18398daadacbabcb4185f4255f05c22d656a8837a6088ffbdcaedfbdfbd8281c5dad4880c4e5021571e3fefc88cc
-
Filesize
105KB
MD5293ea5f01e27975bed5179ba79d80eac
SHA1c5b0806a537fd1cb753e11f1a9684933317716b8
SHA2568d86de68978e859c8262c0d0e932d3a1d57457b57ce88940620befab1bcead5b
SHA512c7cd2881367fdf95ec4151449b359decdae1adf136388edbaaa9880c7ebd14fb3579e7a15600a856988c55d207f7ba1fd7d938f4d9168aba8a7ff1c3029d6b53
-
Filesize
28KB
MD5fdb8a92e5060ce104e8f0faca55a47ce
SHA1270d7ca30673e18cec1d2b9add71cba96dc426fe
SHA256194b40a3911f23ea75c8f4543a13c1236ae15b02c0228a080615a1012f60e05a
SHA512ad962634ddd027403b5677a9ca979763071ef4a9b6f0127b0c1fd4b3a8bc51f5c4fa71245c301d0dbbf60e18953a94621715ce3ca4addef82b18030e3d718122
-
Filesize
8KB
MD527b3ffa6ea39f74cf69e539f245422c9
SHA1fd583210ec0cd571a496e3048ddc91b39f896a52
SHA256bc498e0c0fd4f547faf60f2704d92f8371ac36e40433a661bae84e26d517f21d
SHA51247984c69586342c87c549333b50e55fc4e4b5c9407741a15bcf5dc1ba9a005f8bf7857f5dd4b98e60df6afae9073d306b56947b1b8f5d35fc9b7623da2148af9
-
Filesize
512B
MD57b4d98088253943b8d08c5a1a5db7389
SHA19138bdfbcb1bf7394c73c84962bb265448d8e774
SHA2560a29e8172f9e11d76954b8959aa223de83c83cf9cb26cb323baaac8cc8f34b9c
SHA5121ebec79dec53a7f228d73e3a2873a496f7c9ec44e9146395c5900f817161a64dfa2ff61660056ce0833f26b83e8f00ad1a3cb6908d31016527a87f500010d71e
-
Filesize
8KB
MD5ef9fac93ede58068471ff78f60de1308
SHA1246936c974db6b035fab2f6b4495b83f457da73c
SHA256bedc800b63e5b8facdb3400440940561fb3cd092e7b6b6e8d8bd96d862486048
SHA512f813c18a257bbfeb139d7766dc47c238ddf54b31535d35fd699cb00919d78069723049d8b7581c3c2b1eb0eda0df75163cd6b82f659914b270f5bb3c67a98abb
-
Filesize
4KB
MD5ef3ec51178f8879ab8e4470f650fa474
SHA1e214dad8ade6889eb473daebf6bd5c557a8214ba
SHA2565fc77e295b4dd8fde93ef96dccdc843c3885a528937e416669011c68beaba091
SHA512c2fe84d0ef75e19a2f46e08e252b4ab99e370141ed7dcbc746e665e22d29f756cfd03546b2c8d892c9247f4fd91e2fea04cf2971befb8fcfc808003a5504d9b3
-
Filesize
8KB
MD5aded77d2451ec3f260162d6827609e66
SHA13e0a94247cd481222ac84d8d65954e9c01400a2e
SHA256a3d08b82f1a1ac1462f58a02cb1828d93233b2c1d1e6247dd6217a119959da35
SHA512e978abb9982940503e63868cfcbaf9f1c4e0c2763ef2c300c62fa977dfd4c20adbf80994ec557d22e2810d64353261cb61289d24789bb6163e9660bb48d4b106
-
Filesize
8KB
MD5736a84bae31d6c95e544153e573931dd
SHA13e157d41cacae5de1c15f84b9ed00c0a62cc3c49
SHA256b77191476fcd35369296aacb281e2bff42c0ffb10dac60fb3215984d734f09e0
SHA512c4bb539ae4777dd19e97f66dde440f678601b3b5742c88d765490a9d0d2e78e29fb802c5a1aaafca0623913b80a7bd1cda3a7ed79b4593da1c170f9c2dbf2018
-
Filesize
943B
MD5f0b813f9613d75eeaa69d35a46f3a007
SHA1cad5ff3d069dbf9c0cd3a259cb1e310df5ae81e2
SHA256b412f6d76692d2c9a35d70aeefddf2ba7bcc685fe045115be9ca7f52ffbcfc77
SHA512e7c34f31a58de4cf03a1e1ce6b29011da27887488e5090f5b83d09715aafdff82b8509b970a75e35eab339bdc6ae2f401f46b062156645099ad1818024826ebe
-
Filesize
943B
MD556954cf9044848ec99902f07c31e19ec
SHA10fcef9c5d8e7256414c5399244436f1e3dced7db
SHA256939f08bd024fecb7915f4f6cfd7183c0e0ae8d91f39b41290b389fde890bd9f8
SHA512febeb29b07fb58a4a3ea606a2d82c8549296a549313dd24886c52476725d58b1f1a7d751e8fe3c6daa9f98ccb7f187e1548098eeaf544b5202c24aa9d49eba57
-
Filesize
162B
MD562719361ddded5840cb9346efa04071c
SHA1af809b1482862d35f488d4f4865e0df89319a281
SHA2560e5bd1280967f598a769f05b9514dcdeaf3cd6e810205e0af3fa635f36d0021a
SHA51243917e29a5ccdc5308f0a6924af429b14d20a9bcf19d8c5b70e26de2f3392aa74fc475cf8ebe8bd6ae0936983387971e42450b89c80bc5ad1c210bdabe14d58d
-
Filesize
203B
MD5f86330e2eecfbb07c3be507e94e2d6c5
SHA14807f9757e8b819c5f693aa481ef6edbfee4bcc5
SHA25644694576978ae32f7df854d77d885478665734a1a2a0d2401bd2769b4860c261
SHA512b1db9dd4f8411b4f591185da31a0baf8d9dd1a92b736c5c500d80cdfa08d4542d97920dcaa5a14ddf469b116325ebef765aea515b67891a1acc82c4db02b6a05
-
Filesize
350B
MD5579bad030da59eb78a72d0f8a4c1a4a2
SHA170bba5e08526ad49c7229bcb8ae3bbdcd6796eae
SHA256444416158db0526a61c37b685bcff1a6fca1f75bdbfa61bc41abd3c0d70d9b45
SHA5129319617821104868cc9580a02705183adedabc644246ec7a0aa44ceb8b7f65bf96d9c46a50727bdbebc6bfa39a4936e903e750b5c8e407927615fc47f31919fe
-
Filesize
178B
MD57eacbfdec9fc8a995017a28ebd701213
SHA1d581fb1b944cfe3e486030fcc139725cb04a9be6
SHA256fe2d833123f3727cc30c269f6c2da31136edfd0c9e89dda7de3cd668444ef8c7
SHA512f3abdee009efa7d1b2956112624d551e7211ef60e36d7b2a3f56373f3f57ea3b403e759155017bfb88617f5f889c6a5dafa326cf75112a6a3ed3577eb1ad80b4