7ae8663467ba8b5de90b849291b9a857f780b1421e22cb852fe5721c765f6728

Analysis

max time kernel
63s
max time network
146s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
25-09-2024 14:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f63f8d6c7e2a1f70c2d06df5b8b4ae06_JaffaCakes118.apk
Size

1.3MB
MD5

f63f8d6c7e2a1f70c2d06df5b8b4ae06
SHA1

a376d6f8eba490fab6f6e8add98f69abb6679bdd
SHA256

7ae8663467ba8b5de90b849291b9a857f780b1421e22cb852fe5721c765f6728
SHA512

bddee1a1238435c3ee88461b629ec03f329ed0d189b664a72a2ee35e5527a29d52398ccb3131b8e4b98266276c998fd9d29b1c0465387cddff339fd0cb9c6ec8
SSDEEP

24576:epVCvqtnCy/dSWVlqbyEZITAa5LjjUcIiBTKn3RWv0BZqu6Gdzzo:epftChW6bLI0aZjjUyT+qu6Gtzo

Score

6^/10

discovery

Malware Config

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
7	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mybook66

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.mybook66

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mybook66

com.mybook66
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
PID:4310

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mybook66/databases/data.db

Filesize
32KB

MD5
5be60836d15d19934089f838a5e4fe4e

SHA1
3eb5d6c083900bc86726e56307c0aaf1ca4b93da

SHA256
78778d51d51d17a1a6d00d915bef093c7591fd8292d63b323f00f840d42207dd

SHA512
7268e582f82be92bb476a58660cade5e3359e8f528e380343b9774450ba5ea64f435a4a805c31eb635c34b9b9c3826b33bfacf19de4c5385f5ca6728fab0e3bb

Download Submit
/data/data/com.mybook66/databases/data.db-journal

Filesize
512B

MD5
a99c59af6fcafc2687c3ee4dd4ca4c63

SHA1
e4bfc2c639446e373a29425a6b372f31fc9207c5

SHA256
c2e6d944f2ea71082fbbb6a9751bc5315f55e90ac7cb1f05d1170b95bd9bcbc2

SHA512
612638d830a1cf2e86d3d3694a8478affa492b78809dec028f759a8e743f0deaea4c96e0e325d2fa348f6ee99ee9135018334c6a030eae393aedff21ef0ce311

Download Submit
/data/data/com.mybook66/databases/data.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.mybook66/databases/data.db-wal

Filesize
44KB

MD5
cd3797e443342f50f5e14b17fdeaeff0

SHA1
fb1f2b384efb5cdd7ad4696f25428585499379bb

SHA256
2858879b889f2edebd1294799fca6431c340b072934877127df6a99c213f4916

SHA512
7bef058dfeb751e80d8fb46addc151db81c9ebb1ebf3f470524f9fbf8afeece0952dea9d5b169b2df328de0a79623361d36b1de13e885e4993bc22cea33dd9cb

Download Submit
/data/data/com.mybook66/files/mobclick_agent_cached_com.mybook66

Filesize
121B

MD5
df2410b189464eb31eaf6d629a7ff712

SHA1
053d8d5e89112cfd9cc8b60750e40945152a0743

SHA256
e9804e2e4da803eecd279372079e5004c2832f14cb8cb87124dcc3c23929053c

SHA512
78f919df25b1c3c635279223c962222f487e938fa58c32da415023dd5098625124d582b31916d3c98075f79088a4655a8a789a9ff13b0064a368d38ec40c76e9

Download Submit
/data/data/com.mybook66/files/parsers/CommonParser_1-38b53bc9.9.33.jar

Filesize
16KB

MD5
82c7d549f7ab8308a788278bc5750f49

SHA1
81fd80f2cf186158fdb4bb16ff70f92e6b4f85b1

SHA256
900d3641b1a8a889cae075b9a7be34c8db4cf17ebeb42a893603beef36955bd6

SHA512
7d876c15a72c3580400e9df97f2c0f388bcd5539554a30a0ec57854dd09d32653a3e69c9789efc060a9f3f42fc8ae616a1188376fe94437e0c44ef404d7d5a2a

Download Submit
/data/data/com.mybook66/files/parsers/parserListNew.p

Filesize
1KB

MD5
296733e7b407528d20d1c351712e996f

SHA1
484bab51e8032dadac8d32e24e51768c4a1a4b63

SHA256
d50962bbf0027803cf06deb4155cacd7fb0e120ccd88516fd1cca5315534705d

SHA512
6957ba518c7045c66b1d4dd4b6a581ca3aed389f40a19f5e20a0d3642b707018e1d1cdd29eb9c556ee82e4bc94b3e1eabe88ea7911f30c9eea5def47aa3c92dc

Download Submit
/storage/emulated/0/Android/data/com.mybook66/cache/mybook66/cache/image/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/mybook66/cache/http/43d0dec0296b415214b965179ea0dc07.0.tmp

Filesize
342B

MD5
fee69cab517aa4682d6968a4375abf76

SHA1
92c1a1ebec7c50ac225c33126484938a7a45f51f

SHA256
e931f966968c8bb5307df0e2ba9283544b3402b8fc32c76d1cafbaf58085794d

SHA512
2396adab670e3ca9093985354bec53da355752601f7f7181e769afe795eb2ae7dcff5fbbce7d9eeae456f63be06e9b7f45b825ea12279a35e8c6ff40ddf2a348

Download Submit
/storage/emulated/0/mybook66/cache/http/43d0dec0296b415214b965179ea0dc07.1.tmp

Filesize
4KB

MD5
906d930f6bf252bf5017ba1a93d48134

SHA1
c53e960fcfb92aab6b9ea70958e03081bb132525

SHA256
1ef5851bdc39a8a6f938f8532d30d8c947a08e32d673fc8101f96442eedc1f96

SHA512
3cdfa5b68893b16be6ec1e7b336c9f6fbab5a238940c67570c6efa425b3b0d9a84d35afdfef12381c116e64a811ea11daf4d4d4b2274547a758509d12cc4a22f

Download Submit
/storage/emulated/0/mybook66/cache/http/7c003c2fbe1077c2ed866d9a699c9806.0.tmp

Filesize
354B

MD5
a3a288ec69a9a1a5f202900bc45c4eef

SHA1
6efbd5e358eceef82a16442e168acbb21732ea2d

SHA256
b7556423a86c4a50177610df0ccdd8c91dbd63b753104b2ec024645cf10d4828

SHA512
eec8013f86e01ad4d34606c94d8eeb15c073fa197040c9ae42ca7d6a3514f04a50af2f52bf5c8067645760bd884ec93865ec2a7f1a93c9b4947a2e1917b8ba8a

Download Submit
/storage/emulated/0/mybook66/cache/http/journal

Filesize
210B

MD5
fd86b535590f3154934c3819642f2cf0

SHA1
92effac4a944c527ba818d11345db028cf0d857b

SHA256
fced777df4a7412624795dc8a50ff1fba4d7cbe9d4b8b3a0394d34d9478c9f5d

SHA512
6ea768b0b2478856eb841cfd58264a88b066b8a7ceb56ef8d9128dac0b69b3a51ec201f34661cc27471f9bed2e54cf4fb976c6ce127e1a1f35af49a90fbb27c2

Download Submit
/storage/emulated/0/mybook66/cache/http/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads