f88c5b042800387a576bf4e409cdd3a1c2856f95653f6a527fdc4b64d9562154

Analysis

max time kernel
4s
max time network
120s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
28/09/2024, 21:59

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fd3967e48875232f15a7ee1fcb00bb3c_JaffaCakes118.apk
Size

30.7MB
MD5

fd3967e48875232f15a7ee1fcb00bb3c
SHA1

2e174830aa4a1422e127d32bc7acdb33ec13ca80
SHA256

f88c5b042800387a576bf4e409cdd3a1c2856f95653f6a527fdc4b64d9562154
SHA512

451d6b0ad7c02578560cddf460e520770e285f8d80be6beef905508cbfe609401853bbba28fabd9a7853cbb7bae4c2103c84a1d43cd7739224d64d7d6aa6370e
SSDEEP

786432:YGNz2EU7wze+w3M6KpkqtfyRCMpEBaXhEu2bjaczoRx9vkmS3pU:YSdvsKpkqdyRtpEEhEfje9vkZpU

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.youmeng.aotechaorenycg.egame/files/1727560778911.jar	4242	com.youmeng.aotechaorenycg.egame

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
6	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.youmeng.aotechaorenycg.egame

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.youmeng.aotechaorenycg.egame

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.youmeng.aotechaorenycg.egame

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.youmeng.aotechaorenycg.egame

com.youmeng.aotechaorenycg.egame
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4242

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.youmeng.aotechaorenycg.egame/databases/2446939e8fb5c97a3b39f286817fba1f

Filesize
24KB

MD5
6c217ed0bac8d2f91b30b79d439f229a

SHA1
9ba63c2aff1bb2c70250a9dec1f4893d2ecf827d

SHA256
344d6a8d8632f380bc914af9dc9f0296429a0e9fc273e68e57870032bded5720

SHA512
fa9386f1a267171f8c80095633baa7aaad145986608f9bdf15c6708b2b50ed19359f98f9b9ff395ad26e361a85cc9e26495b23ccbc1befcdb03aacaf167d58f6

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/2446939e8fb5c97a3b39f286817fba1f-journal

Filesize
512B

MD5
97f5716ca00c27b415c65c8c7687f158

SHA1
97f87d7314a3428b4ae3c93b827d3ddc40d74d86

SHA256
607a3f7780abde832abb98407b4705fa3babe4d93a56b743df05deac15276885

SHA512
6048620ff7ba49ac77a57a8c40c431c4f8d49df048d61ef08bbe3d242412c628762a216c704b23d16f66bef4294f758f92822a69802fc52aeab6697ef0f7e7a4

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/2446939e8fb5c97a3b39f286817fba1f-wal

Filesize
36KB

MD5
b7172e68c47774e6e40d1d9d667e0a28

SHA1
15e488e574481ed9f4926867f867f6a920558e1f

SHA256
2a36aa6e6babe18f681dd6099d696433b3cd96da82a5f7e1fb2c30aea168ca01

SHA512
30a43472f40b38dd05fe71257efc74fe1929691510d069407bc021a13172601f3585fd4b497069d0f7cab554503fe3a27db637e6abe2d697620987cb20096b96

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/P15pKIjsm64m-journal

Filesize
512B

MD5
e6ed3552e95cd52b7f02073d73b67707

SHA1
51932c7125b1df574cdab28a484fb57f8204f06b

SHA256
3ab4d9ad382267df1562c51d9580434b6e57551e3500d377d345ea47c12336ed

SHA512
dad62dbee6b23cb9c534986013ea55c90b518f418659693c757353221ebf374961aac2e0f41c9ad4044c0fb68565deb3c8e744a36aa6c0b7848b4d8ae1eb777a

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/T1oX0rhhuXWt-journal

Filesize
512B

MD5
fae42c85a6e6509a57f68c81accbea2c

SHA1
84e93b70afb8c1eb7f3213f743c797e98735271d

SHA256
4e3654b27438dd62810d8bd8f6a6db655a1d4704760fe78fe525bca8e726521d

SHA512
4ecbacd79d9b45fcea8daf63472306bb671a580d9285c460e48884b019ac6d8c502054ec45f3f48be3116d72218069d0927b5a9aae43960b15bcf14dcff350ae

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/T1oX0rhhuXWt-wal

Filesize
36KB

MD5
414802c1af168f3bad9395b7af4c4d4a

SHA1
f4b08d232dbf9c6d4f8ff91685af71f3103e1060

SHA256
9ea35a1b312a5283c1a0d15c6ef7a0735831593e66e997633e52611c1ea2d104

SHA512
5c3ac30721f497156155c0ceadf76cbe231c581bb61dea65113f616e8b6c1a35c530c98829f3d30ed9c25eb475e336fa91eae8d755612816a4e274b41de5799d

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/dataeye_database.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/dataeye_database.db-journal

Filesize
512B

MD5
74115e30bce611226a26815b136167e0

SHA1
c908e7df28cb05b5d4c7c52f7454653b5016d97e

SHA256
babb043386c84d9ef2eb1c7de1e8e8039a49c9b215c2cc5f07ff027d2265616b

SHA512
90600ca9b2290a4ee57aa4529eaf6cad70c801deb2356c5fa2f8c4d52e2ccdc6d059505a7d5eb83f085c24f81b89f49c02b5f62801c9bc6808ea68b6bd209b2c

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/dataeye_database.db-wal

Filesize
16KB

MD5
6cf121685aa40218052b8b23be47402f

SHA1
bed5aa9e98f3e1166226e13d0d54a72ff47ed490

SHA256
3892156d46b5a6d96573fb29c79b27cad07252763c8f1e4ae07cb1efebae542d

SHA512
d6460acb8219a4e0f1a34b02f691149dfb54c69e58770fc6e2fe866a97d63ba99e024e1b547515a25b4b70a3f770e36968d244bde7e7099c69df2ef7c9715916

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/jqIqJYOT3JpT

Filesize
24KB

MD5
9c37108c041a67252d4fb5059436eb9f

SHA1
f65bdd652f9b2a098993d2aca0be2578e8eed20a

SHA256
f4a3fc85419d0e98a0312af88fdeadf75bd9969460820043559d6ee45e7ace55

SHA512
d7b92b0b4900439a28552339cf7e80e2937887c7de796e10df0bec393d136bdcdeae47991133a5c144547ac2ffe484b9c99e60280246858f6ae9b8529c5d8548

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/jqIqJYOT3JpT-journal

Filesize
512B

MD5
33962ea4ea734475d9e7fe8e14cb2ced

SHA1
005ea9451b0760ba02b25e7d5ee6e2845933cb4d

SHA256
e9fdc7f56b200c199eb41c8bf2cc3b92a702507fbd42a6fd995f9d2c6fb2885e

SHA512
79353fcfac747cf790fd6ba051b812938f1be8f27754dc802aca483b5922cf5030087f7a52009e72d5446c522e634deebb79f2e9f82fa5781976b78d4bfd7ddd

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/jqIqJYOT3JpT-wal

Filesize
36KB

MD5
0bffde3e26cffe51a46370282678b8e3

SHA1
f9f1fe631717141f32b64d36c3d12a24e29f60c7

SHA256
f40336ce1d35c2497db2ec385d835c8acb9c29c58581b585474f75adb2c973ab

SHA512
2c2e2524b4ae18870d62b7be4a01b50e8a00cf1e77e8bb961d4879433fabeeb86eb4421ae2c4c5d34be6e7a59cbfc72b80c468b524dc4efc605a541daba926a5

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/wsUL1uCdKvjD

Filesize
24KB

MD5
59413190ea19211285b5c0fed44c19c8

SHA1
ee67b7590047c3c17309f6e6eed48556aabe4c92

SHA256
3511c95f09883c65de19c3be645faa921aa3baa92d21b5c284133da349158e2d

SHA512
6a65fc51ea3e163ed1da558c2f4e911857ab4d3b15bc27135a4639e8fed9022fd6d89b4dd39a39b3bcc69060d7565f68ef23bcde4e622a2dd823e9fd217d314e

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/wsUL1uCdKvjD-journal

Filesize
512B

MD5
f5a8104bdb16b58bc047448f7940cd10

SHA1
1ad50a7ebd5e25bd6e6985102c667131da94796f

SHA256
aa54352e5e052266deab8c3d813cc831866ebb3b71abbcaef7416a8aaab9ef34

SHA512
b17190ac1394c86e4ea7fbedec67394abce3651d6066984e37ec1a50851b3d507d956f5fba9afa2bcacdc457c3e64058fd888ef547e70584b2224e81b74ce15e

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/databases/wsUL1uCdKvjD-wal

Filesize
36KB

MD5
74c4e9dd5c06ab40c9f24350001c496e

SHA1
061889c179993db9715c903998defe7c945d9b37

SHA256
08fe2d06f52d5b2686d462264cd4b32cd8c61b7e82d684b5aed6606ac8ae67e6

SHA512
8c5d91242f3b5f80df54eb2e70fffb390e3c26056084eb33981b7460330187e51b6de6348469bfd6f976a61e1711593440076551fe922e5a3e93097908780d9c

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/files/.dataeye/uid

Filesize
34B

MD5
b164ecb1a8706f10fbed928446b55a75

SHA1
018393cab3d7c11136ef51f8af1cb233a8e708b8

SHA256
abda46aa0bf0ab52fc7cb554638a6f7772fc11cf4facf003e545f883f2c14f2b

SHA512
4b1a11699c0429604c990a8731734622f12c72a49593628f05ff76e56774e0e002eba06fae6a423caf74f1064de6f48ccc6a510ce8572d3744b4c35025ec8dad

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/files/1727560778911.jar

Filesize
28KB

MD5
c1e2e186e40a73caa40788a0945085db

SHA1
7d0fe08462fb922b36b11ca505271fb2e767b545

SHA256
3bbb76457816f7325c6df7fe173a863d44c282666fc08b61f1e5cf27be7a30c3

SHA512
ff08e73117c0d37aeb4236fedbb8745a839934a4769ddf491b8319ea8a647e674e94d3c495d86a62682cd757be7577cdcbdeb0f78b5497306dd340bbce54a21b

Download Submit
/data/data/com.youmeng.aotechaorenycg.egame/files/TDtcagent.db-journal

Filesize
512B

MD5
a161772aa08e31060cfbea6c6788a672

SHA1
f341ff42e3d03d8d3aecfc3b5c4e4a4091f4e3db

SHA256
6e8465b6b9bc8e80f3d4dd5e8309c726d57fb4f783d115d26a3d1977faa4ba81

SHA512
e59a8a272d5b84fab11832cfbcf4d7e7a4810749bf20ede97a6c46add06d686d81225a51ff0e9a3c4110c78888f5babce75c9ff031639484a74b489a3cac40ae

Download Submit
/data/user/0/com.youmeng.aotechaorenycg.egame/files/1727560778911.jar

Filesize
62KB

MD5
770c58b3dee2afb1cab12e296e9262d8

SHA1
f83dc1b8edf1025d65ef6f1e8d04f329c865ef1f

SHA256
ca6e460cfc6ccfdc8876fb60dc6a198c6e92bc5a9c0e8081d68c613d53ab0ae4

SHA512
8e7fe75125ebf5cf49897d193368efb4275994bbbbd11450ca226d21dca809b5dae36025d9d3ae104616bae9fa33cd511fc861dd21f57c738037b37ce86e132b

Download Submit
/storage/emulated/0/Android/data/.dataycache/i42d45df023jnkdd93la483f9xGFKXI

Filesize
26B

MD5
3c33e392d0bcb15294b1ad95f8c63ebb

SHA1
c421f448ddb928f9dc78f160cfb642b12cca03dd

SHA256
ec795dcf5ce8a6cbccc2078f0a90725cc74b4aaabca0a9535e99d752235d0e81

SHA512
1790a4d4303d805dfa8a6a3a5eaace03abe0cee255fc62b603c283901e46fedb36bc3fe466fb34f0cb181d4221043133a061e498b8c433513f315791e51d121e

Download Submit
/storage/emulated/0/Android/data/.dataycache/s92TjjdfoP2n3o9dfji2l9s1olkjf0p

Filesize
26B

MD5
95058d3fa3076e4fdbc058e18d566e0d

SHA1
f6082f93a9c0ce4565c1228e61099d1b3b4f1c6b

SHA256
a079ab1b81730bd46de6049424ff404e37db84d47c48c5dae619911c9647f299

SHA512
2bee197091f0e83989094b48f1fbcda3d9af8f9f5bdeb2716f3d659f99e97167e3863d1cd2e4b5e1537b866860ba016f4d7f9005e03e3f2d0c1dc3b2a0b264bf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads