Analysis
-
max time kernel
125s -
max time network
150s -
platform
android_x64 -
resource
android-33-x64-arm64-20240624-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system -
submitted
03/11/2024, 02:20
Static task
static1
Behavioral task
behavioral1
Sample
892896e8c9e68db8535e0a16b97341c1_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
General
-
Target
892896e8c9e68db8535e0a16b97341c1_JaffaCakes118.apk
-
Size
4.8MB
-
MD5
892896e8c9e68db8535e0a16b97341c1
-
SHA1
53c770fa64b4f2c6f0924f9b763bddc3dd9893cb
-
SHA256
dafd260c362bc72f1aaaa4abb627cabe86a0f0729fb5a23da3edc484539c88ab
-
SHA512
9f7aeddc6cc875068cbb5e97cb1b9f972c35a6f05ebde40edccc76c704941d3c8c7c4c0a557a04f846b8cf6758c9369b0c400a3ad306cd6525dc18b71e063b06
-
SSDEEP
98304:b/PK7QVubkpHx/40M0w/zNJ80bBC5wEzR5mcAjFjrT+zRh93sPEfa8D4JF9otY4s:rjobQ58npJ8ysWcAxAeXo+4DwmZWO19M
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
ioc Process /system/bin/su com.yingyonghui.market -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.yingyonghui.market -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 12 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.yingyonghui.market -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.yingyonghui.market
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD519837725f05e4429986a5d62dcecee2f
SHA1ea0dd831583d82a31dc028820af4a832085a5845
SHA2566cefec19b6a5a80affea645bbc2c12ff2ef81f56970e1461ab0ae7f8835a4f08
SHA512b0c41c24f653fd4a3977976af02be0d9f52d94cfc3cc404ae0fc78b85a7bb499bb7f591e4c3251f1c700683e1776421e9b0a3e8063a7a83b57a97e906bbc63d9
-
Filesize
512B
MD586e5562325b3b59c17dd1f4d01ace506
SHA19731d74696d4af5b8e0536f2d7071119036cb827
SHA25681ccc09c71447f1ad0c7830029764ce7e3b5ac9b841ee90d42ccdd4873259ffc
SHA5125fe1067398410549a5741dff936829287ede0c111421859f6f023addefff26b1e68d57ab5bd8296a8d90580a157f4ce0121b94805fa70b1a48fe67a5dbd68b9a
-
Filesize
8KB
MD54fe358fab5c59f6231088d00ecc9c67f
SHA1a05f133451852ff387f7b18ed1430eaf3f827365
SHA256807516b250a734484efdd949b173ef45f50b4800fa11c7b60f64d2f3bd30287f
SHA5122371c6a9cfa3b26824a1fee6998a1a9528b4bdef6d1b9e3b9c6ab63d47b1cdcb6a5597c3ce5ce39c3d7c2723f6d1b2931056797fd8b9cbefdf52c6121eaaada1
-
Filesize
8KB
MD555cdeed805061b325196987c49eed858
SHA163acb3e5c989aba8bd3de39ed8b5205417512255
SHA25637e93bd6deb352b08646f9e49c1ed9c5fb799cdc714cb06490bc295c038974ef
SHA5123a9c2f29532521217ed9df5f4d25fa3bbe6520c3dfe00d511eb815f8003ccaf26c1f785b6671e801fad8d7ae382f022e4d7dcbb87a8749d68d201a3612d04ae5
-
Filesize
16KB
MD53ba306764897dfe63fd8ee55b1e36d06
SHA1510011662e86ec56ef80f59d5c8ad86bab59e92c
SHA256ade79d1c074451e68a1be3bde79a5233c9c2531ceabc69ea4f04416160f4bdca
SHA5122af06583fd80d0302859ab80c092d45b49e1cb79305d527f94b670499ccd007e31510569084876e50f6b2f1e25c61ed2725eb13988a5155fd6aa53650ae4b05b
-
Filesize
8KB
MD52206b51d609cda8595f7479186c90094
SHA18e0c93925df2dfeab4d21146b0fd482cf7b9de21
SHA256dc4c9298ad32c52d03c9dc47cba6ab9fcc129783fe688fcc4e3798f2c18a63e7
SHA512b32b97072ff72d5b8bf4293648fb25e6a4ed0bb2281aab911c425f24bd5dc6320274dfd5d100ddd08d50ad816fd24e9f549c8fc6bfd9e354962283b44e123f7f
-
Filesize
512B
MD50b48804b016a9fcfb5d991cf18a594e1
SHA1ee7b7372a78fd6f0c35872a3dda39e5d50f3e0f3
SHA256c40a634313bebaeb151030db9257ffc8ea8a3b4a6256788126884af5065e90bb
SHA512370ce5d3a256350e285eebdc51c1164f0a42e0a9fe0e5df6b32c90b1858a5362089732e3a5527eae55603b92c2d4bb0db4e8f3237bff41c9c6d6a17a62b64b5d
-
Filesize
8KB
MD5b45a04336c972aefe0b8def462f5384a
SHA127d3bdb6e255d3e2923c27ebc58bed748b78fb3c
SHA2568ae620d81353657b68c2f63da901b77436f460a6e10c960d2b1161fcf1213fc4
SHA512765ea39e3adfb5d50c50397f129e164938080de4082190b24c63c93fae5765157e9e94c19696af4b2e9d2c392e4e3c40d627b3adc8accdad1ceedaddfc102068
-
Filesize
72KB
MD5d738ce507d5f37c4a474a3f6e5132050
SHA1460896768d5cd3af86d386580d9495440cc2d0fe
SHA256d953c59418d9607e05b7932a210e0e2069e670c42106bee6f014e59fd014ed7d
SHA51241ea33f5348ccb6a561138fc4cc970275e12e39122572e3aa92717f12e7a9e660bdf6c251b60015f8421078fe45a958c23aa9ab87fe08e5478651d2a52721f67
-
Filesize
512B
MD510a59675e71965478f316b2fc5e0ac7d
SHA1d4c6915ce267f5712b05ab5bb7e96763cb33e8bd
SHA2560df613e06902505b107cf48abd501c6edfa18322198f5441449e2ec807c03c59
SHA512d2c79e1ce186a7203f54a59226c4769e2342a70836c1fcf88b77947352a7d356f3fff74a6306d575dcb3e418ffcec58d4ac98a5558451be991d7c1dc2b944f24
-
Filesize
8KB
MD5e37c9179c63215749fa8174b854472ec
SHA17d20a144e616c61e090f5d162f1435d38e2e8511
SHA256660a3280c4f32c56c94cce4daf06c6dcc3c9e6f8953dc1f27b677d9e4622dc73
SHA51293fb320905c064f1d2faf291cc454b3e1d36f7434525eebb892c9cd17dd98a08d8f2ec7e29e8b80f56ada231970af13dba640ba740fd12e3ee9d0bba5c048cb1
-
Filesize
8KB
MD554444cd363415bcc498b1c4b786ccc25
SHA106430d6ab1a3ba96acde72f49e4104e7e9ac68a5
SHA256b55e3fa2fd8602f890dc292e9fa8c13a40dbb74325e32d269bbbbce1e9d29c82
SHA512ad57067e3cfc0becf3881b442a8ab6ee131057f9d8c6bfb75d847bbebcd9ccbd130507e167d55af6ddceeb3292488c4f14e1c90b71d71239d805af20a1f753f5
-
Filesize
8KB
MD52bf763033dfb37ac17eb875a2ac12dc3
SHA107a1e1acbb4a42ec3f3a81056d0832d4055402ee
SHA2566de2ca2faaab8464e2fa020af4177da828da23b571068b9024f8e3c465b2a154
SHA51276e67095584fbe751d6796924d14878bc8f639922facbd8e74c63e99f184aca09abae1285dff7818d7888dfea53ee977bc427f17e62687ce9edd3599cd502441
-
Filesize
8KB
MD50c91b23f9ac572b51e24ddb340a9fa23
SHA1f2d6d6256130a6dc1454b82f5009c8e9bcc13d94
SHA256e06a52f42c8bb57153e9accca1169233fe1aa435da8ff880cf71b7ece35b25ac
SHA512969cf6483eeb22e7b2c015c8f843f7a988cbb250bd699dfef42d7c4a46ed531e0708a7e6baee4e2d197c59a28070cef54877a24bb87f8e975e6cf5f594f4d8c9
-
Filesize
24KB
MD5d612d9db8b15fdf2fa4298498fd8374e
SHA1ce1a25b14ea49b8be9519ebd21fa7c6d0164cee7
SHA2563cf9e6f9b9739d1283ab5098f1345c0ef1a84485337f0e11826f1f95f405c80e
SHA512dc8fc7d29b8a73ded95a8dfa584085ef9b703d7ffb32e75ec0b92e88a9135ed0c13a7b9f8e3ff659619a8aff4ddf578917d4f953e35644f22f3af6a606750c37
-
Filesize
110B
MD5642ee583a82504e63164b4874d6fe53c
SHA11c562ae8ce538973b65388f2394098b6ef6b8d0c
SHA256dd9e70defd62edb10a9d6d484baeae77674380af622da873e6b78f71625e95db
SHA5127dc1a39fc48adec2f3cfcbb53b66d5fca9339ebfcabafe835b0854c84c3cb1bfe66c6c471042ff2f92e428370f4c950e8cd369cbea890773c42364ae1a98e4c3
-
Filesize
431B
MD5107eeccbd30cd03e98d33d8725499052
SHA1d64edaba5b4d94719ff090cd3395bbc348f50b20
SHA256f97a8da229224ccd8b9a6ac25e66bbea5a580c4841dde30b06d4d6a2415de44e
SHA512db9de5c11106e6427ff277f8b1deba4ec5c49b25cdf65a518d8a7c81d203347aa3cfa74d5d8103ad538e8589975cc9774786a0d3f2ced05f6e9de644b4b55705
-
Filesize
129B
MD5946d2bd4ca5443cfe3997cf489eb7be1
SHA12af5b9e7a3d05f53297b521040a77e2b31467e3f
SHA256f5d938d1066a6f993cee3a3159a283fd8a231a24f3eb79a4dddce17f6215615c
SHA512a901f8cf92a6d8f89880add3b39213b43774f503602a37ee94708f5e025bdcde1e170a11452b8c7b4b669feef8cd73007fc74b2aeaec4c50549196181f65b2b4
-
Filesize
148B
MD58cfc83acbe21a4b98b2d79deee15e306
SHA109f2c8101ac98340a0b65bfac9df83d892f925b6
SHA256ec349cb8839f20169d3a0c54070e7dfc0f9d89d99b9019e8c8a44d97cdadc8e6
SHA5122627456a064584bb2c46e0a83562b089c7b902fcf3cbd176504fee12ee7cf9480f11ec440c2e85e4d37d44a96846c0691d9db3017612e87580e2dd3e8b8561ef
-
Filesize
160B
MD5ea5e4a8cfe2e9fa7d4e430b6a75c01ca
SHA17035f4919910e39d61c64265178712e0ed1611da
SHA256b73fe8d14833cbcf753389fbe6276ec6181d207990a31273941ddeae66fc73ae
SHA512a55162a4e3a4e172ab0e7c47253aab4079b07dc68850f5477e4384df55f23c7fff42936200ba489d45a5fd2f10d72ecf039ae0a129f62b7ecbbedf574f8b6291
-
Filesize
608B
MD5fd5adb927ad492b844b4af7baec2209b
SHA1e0b5f57d0b86605505941c7ac36cba7b482b8af8
SHA25696a7b5cb35bc8c3dab20e35f621a6937134cd41328af67f32f740b8893c80357
SHA512f21d965479c7af920afd9b35f91477eb709bb42c516e5ac9232521c1cdfdfaba1ee3c66d5dc32ebef9e15d47951f154802ea2ee2ef0192ef8a90ca9216d8ae0b
-
Filesize
148B
MD5da7e93b2175bd25488ab7ff0bd1f0c6a
SHA1bac7d01bd3928b2730f319fd230944193b5fa554
SHA256e15c30739f1183a546269a7b6964bc74cc083fe68d2b3b65e5d3b9e8e6761ece
SHA512f4be3c44574ca13d597a017873572185adef854c325b7d3dddc88431478f5312556c3f7c756a9b4f6c5686443d640333912b423f47d53ca32c12eb438977a707