eba0edd79d7f110218089cbcf90bbf0888f3de53410f68b7ce8d2754de6c4f39

Analysis

max time kernel
63s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
30-09-2024 18:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

02a44ca13095ef5cabe95a680e84f9e0_JaffaCakes118.apk
Size

21.4MB
MD5

02a44ca13095ef5cabe95a680e84f9e0
SHA1

d67e61b09115b7c8a7e2eff31afc0e62effa6927
SHA256

eba0edd79d7f110218089cbcf90bbf0888f3de53410f68b7ce8d2754de6c4f39
SHA512

5c6e5b065756747fa1b1a53dbab098f658170f58f4642344ad3797b255ab3f3730bc3ab55fac01e7e51796f628a4af181da6fdfc73e98c6ac7514ef3f9647097
SSDEEP

393216:jIfcHNDULcfVZbracHudSZWJP/ejhU478W7YfmktfzZhX7fqPn6ANBWnqDM:kf61xfbrHZZyXe9T78lfxhLfqPTBE

Score

6^/10

discovery persistence

Malware Config

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
8	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.meitu.meiyancamera

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.meitu.meiyancamera

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.meitu.meiyancamera

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.meitu.meiyancamera

com.meitu.meiyancamera
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
PID:4240

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.meitu.meiyancamera/files/.FlurrySenderIndex.info.AnalyticsData_BH4DPS8ZQTXJYNRV4XJ6_170

Filesize
42B

MD5
694c711b3c2970b5874425f79bfe42a5

SHA1
3bd48cc4e92ec726a335c39d3d564d4941bc7796

SHA256
9683a38b199d3d78b375de2c705ce958e0894836639a91bab63adb0ffa6631e2

SHA512
c270754c163ac688f4eddeacef7d6c0a2f112efc303ff71750e6e49fd5d7759371071330ab01c40b0797f861f2b7c5aadda9cf39b15bbe6d17c4a20e12c848ba

Download Submit
/data/data/com.meitu.meiyancamera/files/.FlurrySenderIndex.info.AnalyticsMain

Filesize
44B

MD5
0135a6f652240bc53da4a7b18bf95a98

SHA1
add314a0a6aefe58c8e1d68705a961c34f51208c

SHA256
eda6309c607617665f3e035a40dc7c5dab467eaf3eb2d422db6cacbd04727078

SHA512
f208a13be4f4ba4360eab8a5e4df74badb1e0a17c8fc0f4f18119e44b1746de0524c484d1ad1320429ae87761ddaf4d63521b8c6a86487d8e847968c6eab3ec2

Download Submit
/data/data/com.meitu.meiyancamera/files/.flurryagent.-47d55007

Filesize
58B

MD5
69e2becb3ea1db469c389b5aa1fcd20b

SHA1
213e3f34089be6b1052a960964362352bbf0152e

SHA256
d96423125b9dcd8c416f9296e6dbc29ad77bed1787ae54b679a75bfb96ccc8b9

SHA512
490c1a3c4de00a2102f7edc601ded0ec4468d0e51d3de3cae16bda4d0660be5d7f5b56456c45a750785f73e182ecb6b1b48ee51134af5286c7921446c412a334

Download Submit
/data/data/com.meitu.meiyancamera/files/.flurrydatasenderblock.d3976e7a-00b0-47b0-97ae-a31fb8f64895

Filesize
288B

MD5
a3233888bb8d639d2df6026449533121

SHA1
4b2933d2e69de7c1ba542f70fec0b93b547d555b

SHA256
2dffa1d9ccd41ae7372a92eea68e58bf12d2b3d81fc5fc9f3bceb20d387a72f7

SHA512
abae295d076dde52b4e9df07c6d0fa68efcf58767a430dc6f414c1cde21876c51c4b411b6eb799a51215b09741a821a8b04c5744eb407db3b3e08d3a299adb1f

Download Submit
/data/data/com.meitu.meiyancamera/files/mobclick_agent_sealed_com.meitu.meiyancamera

Filesize
569B

MD5
464fab399bc44c5acabe59768f27f7fe

SHA1
837c313a57a2d02da57cb3b7f35afde40f4950f7

SHA256
dfb5fcd37d860028e4a64724aa8b72c3cadb3f4d55b0b5eb1c6bcc51d7bf2e0f

SHA512
18c7654247d979cf93c31189bc01f6d414df2b662ff6f8bb888145255b23d72d2bf776a894c41aefc974f80d220b085669ab9a52721065b235c74796ddfaaa06

Download Submit
/data/data/com.meitu.meiyancamera/files/umeng_it.cache

Filesize
211B

MD5
7caae51f59e2b2a93711d6db4a2d5226

SHA1
ada82e576ffaeb3d19b570a3fafdbfb4e318215f

SHA256
1a4f463e70d215f6e2e89ec85b618e11030519f3c98a48f4911ea056aed6553f

SHA512
5fd7ad84142e8fb4e3d1b4030a485aeca8bddc72acd9164e3b51702c12350d064b76fcdacf71ac7b176bb9863056c6b67483b18e0c3ae8af4ff238b788b545df

Download Submit
/storage/emulated/0/Android/data/com.meitu.meiyancamera/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads