Analysis
-
max time kernel
143s -
max time network
151s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
15/10/2024, 19:29
Static task
static1
Behavioral task
behavioral1
Sample
499d227e53e2e0df1dc808d2529507ac_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
499d227e53e2e0df1dc808d2529507ac_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
499d227e53e2e0df1dc808d2529507ac_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
499d227e53e2e0df1dc808d2529507ac_JaffaCakes118.apk
-
Size
342KB
-
MD5
499d227e53e2e0df1dc808d2529507ac
-
SHA1
eeedbf4c50f68467e6ffd701a425b9ec8fd53a0e
-
SHA256
0b08c1a914dd791f3e6ef369c1103b3b8e6c310d17f36a667189811d8a14f11d
-
SHA512
864a01a2c164e33e97cfb36fd551a1dca274286ecf3242a2fc844b8ab2ce9f0cafb52f6e32a3193294c10d2be66d596032d6fecad307755a4123c4e8ee403693
-
SSDEEP
6144:2Tplw2P+sb/S8sN/Jlf+xHssYRXBlvNqUH/wD34KSvo3oEkZvBdkqj5:2te38Elf4HARX8UOIFvHLkQ
Malware Config
Signatures
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 8 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo g.xqbooster -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone g.xqbooster -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver g.xqbooster -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal g.xqbooster -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo g.xqbooster -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo g.xqbooster
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32KB
MD5d604a3bf1f8d992cc320ea5b1f7609bd
SHA1247f88df0b55c7d523ea5398637711a0e4a483a4
SHA256329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17
SHA51267e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab
-
Filesize
32KB
MD591aa51cec48d96b164f7ae5aab395f60
SHA1195df06d36ee6cb07f665f8112eda2eff93a17b6
SHA2560309ba6c36667bc32abb21badf05286f25a13d14cb9f6f25c57cf44ab3554bf9
SHA5126aa7e3ff27a7e690e0d12450bb47f07f7815d9086719d2f9938d9dc27df3eab43b6fdc22741ace6479e0e0dbb6907ecd9c1f28acc4f8b14b8c58e318081f70ea
-
Filesize
512B
MD536597136b3fcb09955f0671d86260a7c
SHA1bf68cb717ebdb9438e1d43d9f7e3e090955e364c
SHA256b2cf811dfcd852290d1b2fe7197d1a46a871e4cd7677822b0ce8b77c67e03dd3
SHA5122fa62ab617dae5cd6ce47b755f3acf8710485f215e8a3984d4b5523e54dbf2d1254b972faa87bdf60a78512b57a14ddb34eda428e08309c0a4379c434ad84ec8
-
Filesize
8KB
MD5c41463e0ed8e7ad9e57cf58ebfafd2e8
SHA11dc3fb3a0957a845c389f6c01d71b08360767da1
SHA256c0d8948733e21e7ebff80e7a164085a6a74d0a94357f62b45492de72b3ffcbda
SHA5120850dc9c18cde5878fa397069fcfa23c122e1c23f0115fd295e4863496843b371c27441bcddef230892f87cf8810796e2e08cc19da3f0e1b6490d75c628c40a0
-
Filesize
56KB
MD56882b9969aea12306fe51fa650d8e1d0
SHA1a658e4e4c85e58b5d350de691311656dc2f96ada
SHA25657502742dcf85bdbfd2dca9dfe2b6b259cc736a3a62e5c45664ae09e453826e0
SHA5128c5d12add5e62636889c74bd10f79ab808fb2843afd3c006532f68a07d77732a7b280e8a7dbc3bc53a0ca097b895c64754449622751e995b3a33c7388626b03b
-
Filesize
36KB
MD55d7ea1a23af19b4340cc8d90f28297d5
SHA14cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA51233071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b
-
Filesize
36KB
MD5ce6135aa1b1fe4f2c2db2a546d2a5558
SHA179b59582154017aadab783dc266fcb158c252940
SHA2567b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA5122839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4
-
Filesize
512B
MD511a59f6816e0b30f8e045bc61cf81126
SHA1051a2a7456059d16e1e2423dfeb8e0bab3938a75
SHA256e64c65c9b0fde2df7d480a8f48976c3f49f7749499b124cc5631faa0f1e19011
SHA512ba6760cb045f2e4ed7492778565ccb6b8f8ca1efd89a9dc61d0fc52d5caa0f830bb92a6ce9c2b4385bd2b886ca120f16e7e4836ace5a489cf1164a1199821f4b
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD56ea13c1fda12fb41f808f150023216c2
SHA1460329026028bcca9abc7d92df862f3b2a56ed87
SHA256656e5f1d6f77d5306c6a622330819fb5551ce5ef941e16d536ed41c4e5876a65
SHA512b4acf98d6d07e0e2b78134634e73c3dd688bc459d54bd7f64ca1bb700dee788c0eda6e8d7f46545bc85f91d67764d064a83954168991224ee59324015233e11b
-
Filesize
48KB
MD5f1b632c16686736bd407c47c734da2c5
SHA1b3d75815cc390ed52f05fb2524f225cf2ab2d23b
SHA2568a6d8fc98200fa512dbe1d9d56e43f8fd99744b46447040e54e189a863ad4a6c
SHA512b9343b34cb6a2120708adf49406ad6c02c43304b4d40f6360c7e821f5e4d3e87bd931a163039dbfb7017dfff2f82601564ff424d78b9d4d0a4dbe94484fbd1cb
-
Filesize
1KB
MD5b9e340d5161882a4db6e067533d8a047
SHA1a8f9f884dce7ccb1581e52ab6d9361561043d67e
SHA2564502a7ccb9994704e730bff6a56f4f74429cd2f8caf3eed9e92f65c23327658a
SHA512eb047052a2e04f4597ba6fda0485bc9ca105933750077a04edf963e280d520c6aabbfc4d36f2e3f63b6b613a1a1046e51efa40fd79203da2388ab284ef4b5937
-
Filesize
162B
MD5f462cd6e8f4009c3e5ee9b008f9594aa
SHA107bb7c8b147c08027ce7d4ef05b1e0d11ca941a1
SHA256bf0852f9d7790831d3c444c5f32435d542b0eda0da3116b9463709ce258b1006
SHA5129f93644a83110f8b1c2f7d00e7dcf83cb7e898ee10e3f7c4df64f76f61ff89e16b45a9a4e1b0eee497a6c7273a87888f35e4b4cff14ab8decb40014b9735b005
-
Filesize
53B
MD5e817597aa9e9c29b4af7f6bead1308c7
SHA11b5747d90b99072c080add45965d67e6085d4f71
SHA25637818b7e717e6ee471f514a976c5686c2acb6e473c4edd2a3b9880498f9c2822
SHA51208555fd8982b3e8bddddca22717ec10481ea566524b035dff00cba1d52a089699bf383217fc5406f24b9775433becb7fbe27008e748e862201f970829d11e6f5
-
Filesize
498B
MD5ea2c8dd4e06b1adae41fae49aea41e95
SHA1c8018bc6d88e184aa0bb89605f72d8e4548878a7
SHA25630ef5f8e633d6a7c339dc6630c7b0698f3004177fffe29235dc9642af344a7d5
SHA51278ff030368b67961e292b97fb533dac71396114a2bdf021043228388464d8dac0aa3387230551aa47960e26d4fad913d20c9631e90ac706f872d48eb087f8cf7
-
Filesize
111B
MD5096f95c383a4608c642f8534af25b1a6
SHA1d4b2b9bfd4988780acfb0b96bd5ab911702328ab
SHA256b01dcc38d8483fe3d9ab301e9789f73a3f8b7cb36a6d09f657a095e912eb938e
SHA5120bfe8b0910ff9bc72c9cb4de4aedfd768b60e904c03619b25a9ded071a068560d368ba94c86678ebaa91218d7410e59d6ce67237b6647e3ea9ffbc88b1855ce5
-
Filesize
213B
MD5f512e3353368f3b71f1883f027672597
SHA1333788def0c002bfbcefe42cae9a94662dc908e2
SHA256d5b064810150bd25f3a0721b8ade1372e28ca2f2b75fb8223f477f614d78c608
SHA512e15c648a431c48992cd91763ba2eacd1b0ea500b1546ba0dc2caa40820940d1b53648b97409058f4a02e7c7a16be24bc21861c38fc73d1ee5337851bf2fd5191
-
Filesize
111B
MD5a3e811a6886ba374c8383b9ea98d8170
SHA184956a177d4f79d396384f9cf347d2803f5d2e42
SHA2561c2d1e618219a9c3be3874208681da072c81f51b9a67370a889311f212de6855
SHA5129dfec61e024c41b423bc91ee02e5b013951ec3b89f52490d6f64b697bd66035936f546cf631d095a121a7b582ff0c88e9a9baab131f73b83e59bb02e8a23d1fc
-
Filesize
167B
MD5477cd664f372597ac3952a22c761801e
SHA1cee6a6b37f3809a2193a49a23941efa0e926ef30
SHA25633505835016136bd374cfcd8d238ab3c5b3ce1070088b9d8be7e299c2e41076b
SHA512152acd60f13be5e050707868e1c34beef6c871093df86ecf79b3a6bd6bacce7aaaa5e22fd28fccc6c319828d48dabd8afbee26c99e76bbb1c890a68b97757a84
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03