cc2da8612ec67cf94a1be44728240964dc3af5a95a7b21d17cecbb22172fbae0

Analysis

max time kernel
147s
max time network
153s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
12/10/2024, 13:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3a3fdde311455408b0a0adc593659a14_JaffaCakes118.apk
Size

1.4MB
MD5

3a3fdde311455408b0a0adc593659a14
SHA1

6d4f8bd05784e899172438b99165a8143be1fb46
SHA256

cc2da8612ec67cf94a1be44728240964dc3af5a95a7b21d17cecbb22172fbae0
SHA512

ecd85dda588f56bb57a85732a46c1e11b74b4cd3769d45081adc7c86696a54994d885d611808955f3b58e9c62551c0b7742e585132acdf709cfba34efbb8c973
SSDEEP

24576:yXiBwJzA8hP2wAEGBCrV3Nl+/ThCHw8a5uJl5pE3OuE8:ZwJBPfCwTlYhCHzaEl5GxE8

Score

7^/10

discovery

Malware Config

Signatures

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
5	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.storm.smarte

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.storm.smarte

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.storm.smarte

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.storm.smarte

com.storm.smarte
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Checks CPU information
- Checks memory information
PID:4212

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.storm.smarte/files/.um/um_cache_1728739575213.env

Filesize
596B

MD5
9a181027fd8b85304dae6980291dd77a

SHA1
aac3cfa028c8af423537bab7c6baae8f855c4bba

SHA256
4626b16544065d04fac9c17e0fc181dad21f8540fc9d7f3bb74c14f8404c5b0f

SHA512
b5d5b10892fbb25633a25f39ecb791d8c638a68d3a1ba45a6f5afcc5f8e51bbfa66f1059125f2857974d873f85f1d5b01284a72819b2410b384d4ff6ae5c8488

Download Submit
/data/data/com.storm.smarte/files/umeng_it.cache

Filesize
310B

MD5
ad458b4269d9f40d219bf37a7cb3be35

SHA1
f1c5f8f1ef9807d4591eefcaed3b05ec90ba8fab

SHA256
8ec260562bc91fd26411ddee875f5546ce9935db0807f96e6964ef9ae5900759

SHA512
0b067b5bfde9396e67eaa668730b80a8919ef6763bf4aadfaa54008f2b3748bc0b03ed40919e7f17173279f85388d23058161453161db078af73cba2d823885c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads