3da7f0b52c02fe069bed1a6b307bfbd2b4cc3cac320e5c0295dc194d6a789681

Analysis

max time kernel
136s
max time network
156s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
11-09-2024 12:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

da5d0f934eaabaf05f3d15ba652a9b15_JaffaCakes118.apk
Size

9.1MB
MD5

da5d0f934eaabaf05f3d15ba652a9b15
SHA1

f4da43991e5dcb89d0e44c09316ef96d34f33eb4
SHA256

3da7f0b52c02fe069bed1a6b307bfbd2b4cc3cac320e5c0295dc194d6a789681
SHA512

70858f34f715e2842ad57ebc0b5668dc341514cc730edffdc50f60f20a7b0bc297976e4fa3beb7638d0f1a426b15358012380014fff4e9ad7ee9c239a263084b
SSDEEP

196608:GFQO6mHqoOOIMUoS6O1POhH7j7MQUjTK7exClwL884rv:Gr6ATOOIMD+2937MVQwLW

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.cutt.zhiyue.android.app630655:push

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
20	alog.umeng.com

Queries information about active data network 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cutt.zhiyue.android.app630655
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.cutt.zhiyue.android.app630655:push

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.cutt.zhiyue.android.app630655
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.cutt.zhiyue.android.app630655:push

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.cutt.zhiyue.android.app630655

com.cutt.zhiyue.android.app630655
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
PID:4459

com.cutt.zhiyue.android.app630655:push
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
PID:4510

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxdbapp.db

Filesize
32KB

MD5
3bc0b0ce3b5018b15bb91ccf36bfc87d

SHA1
3b49335047deed633a6e6305e408bdf9f2ec95f1

SHA256
443c8083d76e9bbb925faab9de9855aebd0c24f70207ea8226b1c10925d5737e

SHA512
3b20b0375c7745c35d9fe1922e515085cc66e7a334be4f826b5859c9880a136c45483e58b37fd95c44b149093c70f1de594f9695f39e3e9dbea4a99475078815

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxdbapp.db-journal

Filesize
512B

MD5
85ece6af442b7213606a126639eab554

SHA1
3685a2a39f0046ab402310ebb2077ab0e7ec70e9

SHA256
727547cf1755145c837e1cecf5c89c3b6dddf6911f2717e02dfb2b568f2efaff

SHA512
8663d8a3e89280c145695b494ab56c664010471c5baaf21dcb0006a73b3c1c280ca678cabb8e492501ec7808ad640164be401a2f15803840eb4cadf98836fb33

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxdbapp.db-journal

Filesize
8KB

MD5
ce675b17ca668779645391be25920931

SHA1
8a6223fc0745f762cf26fbd4e4cba63f4b8fe338

SHA256
e0ccb95b16bf458d8d84ae3b6207b64bb2294b3ff975258e1bd58adbf0fb8f6b

SHA512
8ca2515e7db726d63ec14890f38f479029bcbfe5010f17a1a340538534964431f59b111346a80de913c7f4bcf5f9541b22323ba11a67528869f219b0217be741

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxdbapp.db-journal

Filesize
8KB

MD5
4963ba530f572d5ae717a8b0735d022b

SHA1
3f09728e0cf7b96ba4b6562053e5e62faa0616d6

SHA256
48bd80c1516cf2f4e0a9abc27de00e405558c2fe3a075c049b096d1f355039e9

SHA512
8c2ad35c2ff06e89d8983bcd358c5412e79c81fdbd535acf9292e015efae33cba0d5844865c9e628bbe0a48793ab5d5c4d51bd8b35a4e23a93f9c9951c48bbf6

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxdbapp.db-journal

Filesize
12KB

MD5
4254d2c9dd310ac933f71052c1d88ca6

SHA1
67d580a5c4f4b803ac13d3059aad24d374f99092

SHA256
faf5b0de7f8e2e9f63b1bec4e1fc788d5d37a29d3172638e155567858eb73abd

SHA512
151c5f2f78716266f2c0b581a9c5eddeb1759ced128bb2b6e5e2126d774de089fccb8573a1ff8867bcec857bdb0b428968f54d8054154108f80383c0b8ee7880

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxdbapp.db-journal

Filesize
12KB

MD5
e22a09086711a68c8a22807b6a22fdc1

SHA1
e4f7cf07522c4bc0e11a9272657c281abfbdd8c9

SHA256
f784ac9050c1a72489c7dd84382977f92e896c847e37c7cc59f8ff273dd49ba0

SHA512
65619844f0a1b6f01b272babf02140696e956acf45667bcfb83d433b16e9f7a8c2d9aeb1e39a512d4eedb0f6b16de09a578d635689457a652b01ff8cd7d924e4

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxdbapp.db-journal

Filesize
8KB

MD5
0b5d7a16c27b5281f2ed983e2f58d787

SHA1
883bea6f4be30f7c7a20479a835214703342326a

SHA256
269c688ba9d9b0143c378d5ef9e3ff9e045490be697ec180814534ab00f93220

SHA512
36fbc49af6e1c1ab655ab97e434b1ccd2a581503f371cf0d600692f8fc80e15f60cf61a33bba59fb09473e2768fb47a3a9405c05b1b6c5a4361ab63ec713cbf0

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxsdkdb.db

Filesize
32KB

MD5
9b26298ddf424fb6bfabb4287b82833b

SHA1
4b66dec720be9f1bb1fcc65bb0c9f05d93b354e7

SHA256
ad8eed72fb61e5546f844ab170e14349af32c57b4198ac899b39f46aa34051c8

SHA512
2807007f174d1f9f72eb32ab099f0f8ef0027b1b17f9bd364b4fc14bc60f3324f40825b225e1be227b03914dd31402dd9ae05a74df60054c1bec5abb7801e195

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxsdkdb.db-journal

Filesize
512B

MD5
2c829ea75ebc04aa0fd7296c900d4b96

SHA1
c0045231b005f1292ea1acbe651298cd16900fc0

SHA256
49d24be3ade6920636925940ac53a4c877dc96609a046e3a8b6124df2ca91eb1

SHA512
4e5281173b82964c13e66c779748cb1705643157d432588b9d8ddf9dabf8b0f78bac88c1f5e18db3b6dbead43041a241486b2936e32a69ac87e155c5eeac3bb0

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxsdkdb.db-journal

Filesize
8KB

MD5
a299004c2d324bc27799893ae46f158c

SHA1
040559b96d7ac286e9f04ef89ac62eb8f82813a5

SHA256
9ccd1f30d486cdbda86fedcadd99d8d1fc0e75a7c5caccb884584dccaa5cf0c4

SHA512
90ac546700fdc9e852371b34c032e6ff4179890402747ae08f07e05ea50aeaede6a30fca71881051ae780aa1902530633275af4882314270ba7d6b14a5c247c1

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxsdkdb.db-journal

Filesize
8KB

MD5
979898f689b0acea35b03fde24b1cd8d

SHA1
0a973e450683fd71f57a345d1f180272a2530f22

SHA256
4cadb2bb271b85187eb15f65f5edb982db13eef3ae289a51cad042a9603a0622

SHA512
aa9b273786c67a354fb3547dc38c3dca725e5275d1cea4e6825ca517310be25139538fff140b954c92e614a4ce13dd570d9d19bb2f4deb0ab75efaec179fae7c

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxsdkdb.db-journal

Filesize
8KB

MD5
d43db61aa4f67d5a2c00d4372d87f42f

SHA1
682ad4add02d0b261e12201b9a4e55f9c8e1d0da

SHA256
bcc662ae8296cf7dc446b2525189e48e9263d407daa61a5537453115e5fcf5e1

SHA512
6571f36cca56314bf3e651347c739ea3b9ee49215770cc227e942c92913d80c8bee4c4747f155eda63d19eef169cb952bd08015d5052d2e194df1db043984236

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxsdkdb.db-journal

Filesize
8KB

MD5
a6f3028af6be59341f359fc47541f137

SHA1
e171cef53e487737f99b07621e2a42939fb53239

SHA256
bcb196f3c39b23cd318e4f3f0433b14254f5eaea3fc568f44525915a16611c10

SHA512
f3413d81d0830e3ec9445c733a0d46c5a3df8fee0ff073dc6264052e3d1cc31563462e83b8e02ce854503942e63e14b987ccc32c68db0c5b651fbb696991e33d

Download Submit
/data/user/0/com.cutt.zhiyue.android.app630655/databases/gxsdkdb.db-journal

Filesize
12KB

MD5
f9fdd50f817223c6e5277494efcee119

SHA1
2edbfeb284cdb6d38d23db1b4353511e0e68fc4b

SHA256
353a6b6bcad257ebdc39f9427a40eae305f1ab86d0aa37d5dc8441271a3f034c

SHA512
37a8d98a98f4f2bb0023e7d9da684867777e28699ab3c6a0b1175406c6db5087e3c802689d8fd3842b3784bbe9444e2182978f496bdf61f663324ca7c2045577

Download Submit
/storage/emulated/0/cutt/com.cutt.zhiyue.android.app630655/log/1726058227015

Filesize
7B

MD5
38ca9bbebb79ef4ca025383a45544597

SHA1
628758529ce7e126a52036b359253ab7fbf6acf4

SHA256
6539a6ab7b5c52809bc720ac1c5a21c349e28a230d33c339232a2cacf053a271

SHA512
e68fc40b80453096d53cda7888d866a1438f34796be5ca6b0f08c7ad4aa2974ab8b40be821473916d41ca07ad3c67877725b3c392e04181506a90f4e085adf65

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads