dcbb63002f5b6b4339ce494d3718e6517de650aeb4d3d72a601055f434f84949

Analysis

max time kernel
968303s
max time network
174s
platform
android_x86
resource
android-x86-arm-20230831-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20230831-enlocale:en-usos:android-9-x86system
submitted
16-10-2023 18:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft(1.18.2.03) V6 [Skyrrel].apk
Size

132.0MB
MD5

624789c3bbdf189ddaecb4cfc06de273
SHA1

317b3c45812051450bda052e0e1d49362a353aed
SHA256

dcbb63002f5b6b4339ce494d3718e6517de650aeb4d3d72a601055f434f84949
SHA512

63b00f6024797d14221394966eeefb925f886450274f3c8a14969335cd3a36b8857e71e2bbcfe786150dc905ffcbfbf72155e1f4b087fb170faab77fd5e69959
SSDEEP

3145728:tbeLOaFY8QZ4jvgzF6F6A60GsuuChgkxhbNRY6A9YN7dDNF:t6e8vgzF60A63iChgkDbNA9qDNF

Score

8^/10

banker evasion

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.mojang.minecraftpe

Acquires the wake lock. 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mojang.minecraftpe

Checks Android system properties for emulator presence. 1 IoCs

description	ioc	Process
Accessed system property	key: ro.hardware	com.mojang.minecraftpe

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
Anonymous-DexFile@0xd9907000-0xd9909bb0	4187	com.mojang.minecraftpe
Anonymous-DexFile@0xd3e84000-0xd3e89058	4187	com.mojang.minecraftpe

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.mojang.minecraftpe

com.mojang.minecraftpe
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Acquires the wake lock.
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Listens for changes in the sensor environment (might be used to detect emulation).
PID:4187

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mojang.minecraftpe/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6b63b92f6d4ec960961ab1deba76d015

SHA1
bf6ffccf76f70b897c1a6cb46d129418190f509d

SHA256
a16377ad9b4b59218937f24a93699b9a7cc2409814ad71504ffb45c59fc699c9

SHA512
43e6e2290c76065c77021b625e5f31d41df9f98b2efec0db7e363c7b34bbbeccff92699465c899a34400ddd1195d67f580e4f0eb92479defdaebe4ea24fd9e21

Download Submit
/data/data/com.mojang.minecraftpe/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4c8070ef6ff9458ef0b819fbc3309d14

SHA1
6dc128bd754d47fd9a44232f3664d20404503f4d

SHA256
e51232821a017069660e6b11963bf5fecbd47141aa0c6bac7c07da35101faac1

SHA512
593d8399fbe5016cbed71e38adb9d09503539625c5db3d300201c0589c4ba1aed8582f8d784bd6fe71b89aa03140100a7bd2faf8dfedeeb60decafe7660b0892

Download Submit
/data/data/com.mojang.minecraftpe/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
95f49777373c65f5d82eec5451ca3d7f

SHA1
3bca695d27019b2dde9dde284ba78376cf2fde4f

SHA256
76ad5cb814d0b2a877f3276df57ad51b5b105e3771c37edab84641b6d5329a4d

SHA512
074a685912ce673e78e6b71116cfc3caca72dbf28eee8c19f0636380c86052848230b56b4614f1e498eee519e7b80c2c5f0f40737195b52589efde8ef8140528

Download Submit
/data/data/com.mojang.minecraftpe/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.mojang.minecraftpe/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
6097b30c2c19328d7af92a6ea820f004

SHA1
b733e5cd5c55e46bdc9f6f2e31adfc2c0951db00

SHA256
2bca38be8f716200c89ab4a2b343a1d9b627bd24193666bbee2a722b329e7a05

SHA512
ff58d87b1cd77dd91f0b625deabc8d7cde9d3b3c47231a384399732cba156c72db694255a2a19f9543bc8ce5a3a11ea5219631a2dca0a3892ecc0a609cd2984a

Download Submit
/data/data/com.mojang.minecraftpe/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0ede8a9beb863d79ef20c568e7c5fdad

SHA1
1de6b76f55a0ba9b057167e34876c9e947fb3784

SHA256
5fe727aeaea71de474eb311053e5c079630e68134d1901b8698a34e54356d8d3

SHA512
60d19b2edbbc9d273841897d9a5c470d578b732d76f18b0345ffcbdf9939a9ecc9b20b7112bb1d66f59a9d2d671d19c472a4b023454f9012e921c410bb38d12a

Download Submit
/data/data/com.mojang.minecraftpe/games/com.mojang/minecraftpe/external_servers.txt

Filesize
39B

MD5
dc3c97f4b2d647e649ba4c70d35ab22e

SHA1
42f4c2db57d144eda1942c7a096a847f4e2cabe8

SHA256
3f4fca53aaeb8f29b572cdf4aef8891dbb954ddc8519cb7fedefeb86c34d6dbf

SHA512
c6558dcd9b7b907c70fe15d76cb20e25f8c3f5a6464f06ef6c33825758587354e8b78f6c703eef17833631e7ed7ab91b4b0ce6350666f9f10df77c07c63be46b

Download Submit
/data/data/com.mojang.minecraftpe/games/com.mojang/minecraftpe/hs.hex

Filesize
69B

MD5
fb04dfa34c4dcada1ac27f30fdf4e718

SHA1
0f4e8b24672b5ef4237b636f782fdfc44ad92cf4

SHA256
a56cf270b379c8400331ccc9632c8293c836eea592c98b29c30b51d16e71ffcd

SHA512
c96772e5822e3c6581bd4f779c194b0e501d5ce881a76231118de00d83e3c77eac541697b32e2a4901966587d40edbb18d7c8d7141b8470c08ba31f3d4172281

Download Submit
/data/data/com.mojang.minecraftpe/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
a44dbe45b44b5818d397bec961172d68

SHA1
a8f418d9206d93e067d1bac744c52583dcd27aad

SHA256
a701d3f8ee126615b076d84e7c7e67c7be49cd9b8d1502dca7c5b9d2b0ca73c5

SHA512
2fc940e84a9e9b67fa39cd44a26b140ea87e48275c9cb5a5a688b8c270afed84c6038027145562ee641fbbdd8c7ac61238ca5e5e70ac66b98e6b651ce24616dd

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/minecraftpe/clientId.txt

Filesize
20B

MD5
bce497492e5f4c5ced0d7961acfd45d5

SHA1
8296b3b4c0bcf0a589cad01804609d96b3146105

SHA256
3873d70b3d892a0285f18d8155560f8f7fffd5b6abb211070d1f53b10617d456

SHA512
5535f109053f70560d3f515bed06fd0fdc711866b043db8ff57467c96fe8e58d2f7e2434bf2ab5b8140db365ca1436c7cdb701e44facab64a552ea11784c5115

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/minecraftpe/valid_known_packs.json

Filesize
5KB

MD5
2bbd2fdd03ec9695646a1642f9f8b747

SHA1
b26d18c2ae28943a70498051aa5020ded1c36c14

SHA256
a2b2cf347bd4a46d666ee4b53fbf4412b46c2c063b9f6fbd00bcc868b1671a25

SHA512
432e1e0bcbd64d3a16e83654fd24d457d61786cc5cfe7d95f2f9a0023af40298726cd082ed7325c47bdbc43f0af7cfa21b39577236e16c862cf4f6490fc1ae64

Download Submit
Anonymous-DexFile@0xd3e84000-0xd3e89058

Filesize
20KB

MD5
2175c40f83a4cd2d27c40f1bfd2f7367

SHA1
52bb1c790df0e107404df470f8ef58a619fade19

SHA256
bb42e96b3c9486127ed96ab751cab68daa41903c359fe6b7404458cac14b6ede

SHA512
40ca6a0b5da4d361ab1d5a252155ba3ab884ac6252c94c1713eb0663db51ed36b9833c11d4748fb637f45cd7e2f5b48821725007bd5f3260fd90c4abdb408dfb

Download Submit
Anonymous-DexFile@0xd9907000-0xd9909bb0

Filesize
10KB

MD5
1771e0fe2fb13c8732eebaf59fa8a09e

SHA1
8dbbfa21ed6b4ec50597b5e9c2b37b7e5e907ebc

SHA256
60894302b8c073f3c813e7d50ba32a67fddd02c1e857692cec5ef83df7a118a0

SHA512
9bd4907fb083aea5a3abe44892b6e0c7912dae4469cb224c153a08641ada37ba73cae31cae261940cf3d6e8c1772ca9fe39257a5f3b67e3297873dbbad9a7176

Download Submit