996d00183c68a2eaf0e9b23cf3f15133b44ed3ecce91de9394511296b1aea779

Analysis

max time kernel
2206051s
max time network
1821s
platform
android_x64
resource
android-x64-arm64-20231023-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231023-enlocale:en-usos:android-11-x64system
submitted
31-10-2023 01:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft-PEv1.20.50.22 Beta-comprimido-tecnoandroid.net.apk
Size

643.3MB
MD5

c6bf4a693a2d064dedd39a9e360d51d0
SHA1

81bc7fceb9bc073fd688ae5a773c2cefe068da35
SHA256

996d00183c68a2eaf0e9b23cf3f15133b44ed3ecce91de9394511296b1aea779
SHA512

db62edb1385452cacafb3e6a45f4dc3f8e8885dc3c8d18d32b76912d35d5564fa5f356d5b0153ba347df54abfba9a6c96a783a04f95bb0eec713da03fb184060
SSDEEP

12582912:n3SWWzVBdYs72yY3xLYS3sdMZd8rsQ/SLK75JNyKOCiHjDyLCrxo7d+C8L1:nidVB2yC3GMP4D/Su75JNchDD+CrS7d4

Score

7^/10

evasion ransomware

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

description	ioc	Process
Accessed system property	key: ro.hardware	com.mojang.minecraftpe

Loads dropped Dex/Jar 6 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.mojang.minecraftpe/app_dex/D3KLjGypTL8NtNc	4670	com.mojang.minecraftpe
/data/user/0/com.mojang.minecraftpe/app_dex/D3KLjGypTL8NtNc	4670	com.mojang.minecraftpe
/data/user/0/com.mojang.minecraftpe/app_dex/Rk17xFk4LoP1pXG	4670	com.mojang.minecraftpe
/data/user/0/com.mojang.minecraftpe/app_dex/Rk17xFk4LoP1pXG	4670	com.mojang.minecraftpe
/data/user/0/com.mojang.minecraftpe/[email protected]	4670	com.mojang.minecraftpe
/data/user/0/com.mojang.minecraftpe/[email protected]	4670	com.mojang.minecraftpe

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mojang.minecraftpe

Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.mojang.minecraftpe

com.mojang.minecraftpe
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
- Listens for changes in the sensor environment (might be used to detect emulation).
PID:4670

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mojang.minecraftpe/app_dex/D3KLjGypTL8NtNc

Filesize
8.2MB

MD5
525207d523b7d70d6e9fb216950eef2a

SHA1
4d92f65e1c5dc12914ffc9f701bb0236ec948201

SHA256
f3adc4d5136f0e0e84d4931455cd6423e466992141cccc985c053673a4d107be

SHA512
97087172933fbe42cef44e5b11a0e3df2f4566eac6b30f4ec608812ebe04cb5b878ffe1f5f439a7fb7a2226b301ce09076aff2d2c6b5125584c85a4f75bab9e1

Download Submit
/data/data/com.mojang.minecraftpe/app_dex/Rk17xFk4LoP1pXG

Filesize
8.0MB

MD5
edb9789f5b47a8d4693c886c213fd45b

SHA1
e98d323c5248778ecaf53e33818b7c178b9de66c

SHA256
987902f531d832fd04d565d540a32d984b412cf2bdc1a26a80d3bbd2b8ecfb40

SHA512
f85dc90e49c366d9e2a7e17ff5e9354aa88b32a5156ee635615a3010039c38e9e184df838ff6a8b420fbda3e2e21b5c9a60e3fc7edcf08218133ae4dd406f0ca

Download Submit
/data/data/com.mojang.minecraftpe/cache/appboy.imageloader.lru.cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
c8283186c041650d2ed3b595e1b23276

SHA1
f8f4e3a88744c2e786b62e39e2a59bd2e76bbd9b

SHA256
c13a28c96c289d797de92fbc0ed6675c106f217665fe146cfc30f2c4eaee9b0f

SHA512
2ce538264546794890c9855b2822693aef87b0aae438d23ce302fc8e32f65b8f8205eacedd82d1fd343f7c9f7ddfa2753ee3841b93a0ea158ff088cf94ae38b9

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
c0f0b1dd43cb3eea5e3b2e97a56f092d

SHA1
0a260946c05b47002d42c279cb3515d7e1b11024

SHA256
2c06c60630d6394329e2bb470fc6ce2bcdfbe25e81eb416a8d0c253547f39550

SHA512
2fcdcb163b8aed2dd799da142e189a969684eb670a1decdccf7190ba44b9e70d9b2c4332b7b4688100c63fad1b07ab70c0246fab6f888f96ae9b31a888df8bc4

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
24KB

MD5
bd2b2c239be72a9286c6fe0232588311

SHA1
9f6dd8cab2eef9c04a1e869ad7c05eb599b2907e

SHA256
9bbb0a049f7e8aa26be4957012946afa6e38a5e491fc33bbf06d9053f18037c2

SHA512
5d9ec47906d129e8531027fa8dfe1fcda2d25a8ac8284a076c7e3a6449997342f11b8a6698ec95dd3b35b00698b91caa405c9cbee0b0d1780d69e155a282deec

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
16KB

MD5
8dc9cb04562afbca89ebc4788ada4922

SHA1
0c0640312f68476cb3bdc2a12a50981517597a63

SHA256
44428198d0be04d66f46f56e215d75e90c8fe8cda66b1960221499599a1ec054

SHA512
8aa00ea450dc9b01b13fd8c42581434ad6aa09a30d966eb3c99d819c1b0577971ff8344cc9c8f2996dfc6627b40d65da1e35a068cfefae6ce5c8dfcd68afabf3

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
20KB

MD5
931d599fa084ec44c406d4d9d273a3d0

SHA1
1aef016ab15e9c692030c0ec4ad85d2f5b1de754

SHA256
8245a098a0a56e96096f115dddfaa0ea19e3e1d5d25b511d2b0626c26ccc6fee

SHA512
d25a13e1b6136c32152f9fc4c43e9a89decf6bb384e96300c5cbe129af6a292b7e66a3a07dcd2c9effd11c801b22d256daa534fb71d465e519dafc05a05581c3

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
d819df194d2b4097fe25e3e8b17d4619

SHA1
e387f75f6a20eed0b33c77aaf9405b774f1d8e0b

SHA256
1b39918c780e5e64d6f1cfdd5963e065416d234505a06ef5daf63583c6447b0e

SHA512
719087d7c96ec72e0dbacdf03f68257f7cdddcca609fedbccb1d0d5f5a8eefcb6b89fd5e81e87b46d68fbeab3510d24f7d6da878fcb49c6b03f86aada397ba97

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
d9ed55f62edd21bb1575f7230306947b

SHA1
054f61bf197831ef0ef87aaa84106ac57ea099d6

SHA256
c336ab3e7fb870c8dae02f453eea874720739f2c97ba197cbcaa3fc8ea487d61

SHA512
c326d68ac6f56f2f7e1865932da70721508daca57a24945fc5dee286ec30d3088f7a7772d3ca8833e6a09a8af61b4f1580812e23e837e6ca27f09945f4928d03

Download Submit
/data/data/com.mojang.minecraftpe/files/AFRequestCache/1698716548118

Filesize
3KB

MD5
ab612f1eda6eb4f7110b78ea816902a6

SHA1
7cb84634e784910ad47d4be8f498a32e4ed2e38c

SHA256
ebbc42be9fbf4b96a7e7e98a28ec720d947b409c6626d33e9ed927f7853504fb

SHA512
cc015cf1707d2ca7c4afe477cb80df8a5c1f42c9bd3982efcdc68041019adf5fe700d49dcbb1657c5dab6ca1e170e272f4947b90ed5b6ecc82ff5bd7970a90b6

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation2020598109165981026tmp

Filesize
90B

MD5
fe57eba7be6febcc1bdcf8c4609cf780

SHA1
b648f7f27bb6c16c7f0d1119ad2819003b60f371

SHA256
4ef907514b7efe07fbc7c7fbc884831c908ce678f6d1d596af60b116d47bdbb9

SHA512
2a51eb860efd9db85e4634a80c7be3d46c331a26386cb844817d8d3c6d10d25a7b39fed3dacb001529ac601f121ea9a6c88715c56f4710085a62852440b9f44c

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation8053925373054544337tmp

Filesize
567B

MD5
20b218788a9b0de4c0d1cefaf832e22c

SHA1
eafa0b58ad3c7583ce8dc0ca83c1f563ba850d92

SHA256
b7c8bcb2fd093104630d58db2ef6facb44c9c90de08d1943313f4606182e4175

SHA512
9c66ffc615ad62a19e57f88c280e42ab9f9c9086c5159f24eb99087df161b73bcdf1a0fb13e33b0a7f8f18fa760e7946e767089dbab7bc6d822956e09b8d1b91

Download Submit
/data/data/com.mojang.minecraftpe/games/com.mojang/minecraftpe/external_servers.txt

Filesize
183B

MD5
50ac3a344bad213d91c53e8a08c32a03

SHA1
f6d473b472c70cc6e228e1ae785e76e3def7142a

SHA256
fc71c300630bf27ef77f0225b54a3248f44f37cbc6bf0cedc9f734c64c7c6b3e

SHA512
2e54d89825277f45c9ef1c88e9663bbaa0590cc3f86887b46d68c8f6fc21c9d248f1cd9b5440a168c1ebf06718f47dac9f5a773ff751e19381390782be534069

Download Submit
/data/data/com.mojang.minecraftpe/oat/x86/[email protected]

Filesize
551B

MD5
6c4dea7560804cb06adb1031c2541c2a

SHA1
e694a78ab600fd78bb979b01a04b43ff3abfd9aa

SHA256
9568c24704391ff0fa5759dbcb14a1be1cd8762dcbff646ba01d50371d6d05c9

SHA512
28e12d8ee59e55bdb9f90e8c745737856006f98800cec214174ef4c4b3f485992b3bc66e8b6e772589c83cd7e04c544be1a252f9eee01ad7d0a7134c95b8c68e

Download Submit
/data/data/com.mojang.minecraftpe/oat/x86/[email protected]

Filesize
551B

MD5
c95719077d980e7cb33296be892ef734

SHA1
bbd3d9418e487afb5a7c615d27a321dd7d2ddf46

SHA256
556ab80bf8b363827324399e12a4130aca610625888318719e694c7510e77876

SHA512
3b32d538de5738bc2bf466448c46d222de839d7921aec27a48573ae3d2404620d06ec6efcf3d5f01d55c061e699cad40c00ec306f5258331e0818432c5083ea0

Download Submit
/data/data/com.mojang.minecraftpe/shared_prefs/com.google.android.gms.appid.xml

Filesize
393B

MD5
3a6b2cb8b2385cea80efade4263aa972

SHA1
5bfa7ab75280897050321a06925c0fc266c49f17

SHA256
402b522cd2eaa39b56bf0a33b2e7cccb2645345d2b6f24f97a4735ada0105e9e

SHA512
8270ed482253685d652be67b7421a5aa4df54863a2236b672fc3222264031e9dcebcc39de466f6f5721a504eea0aee6f9d1ffd690c545af83db219c6c7f759e8

Download Submit
/data/data/com.mojang.minecraftpe/shared_prefs/com.mojang.minecraftpe_preferences.xml

Filesize
140B

MD5
49fce42c69287267efbbc82dc0e44f39

SHA1
8a1dd68891df276d6e0fc7f960061b2e76e958ff

SHA256
5d93b513dfe34b20e431b99086e7eed1f15f9ab88560ff5f2232b30d92a6d80e

SHA512
4fde164bd8055046d9784afde124fc8d24684e799a81363175a5a7936d1ca3221a41b68782fd3e248fe73b91bd9b22a1e49e162cab3f193167b94e99be010b11

Download Submit
/data/user/0/com.mojang.minecraftpe/[email protected]

Filesize
19KB

MD5
f06ec8e4653f6bd849de632f27df03f3

SHA1
b570a30f97d2447791a682e0ee97a12f3b9cdfd6

SHA256
ae48a4cb9d6c1a8c61dff0dadf5422908c9bac126e3b34e07463523517d88aa2

SHA512
ecb52a71cc3dd368a13bb89d3d167104795690effaaff40468e00489e54ebc324dc35997f800b919707499ae061cae0d683e3ac0887517e8de25343bba03c37f

Download Submit
/data/user/0/com.mojang.minecraftpe/[email protected]

Filesize
11KB

MD5
0f49e7875a9a11ee62fbe45a1baee270

SHA1
b2f0311ac162e1d19b6d753ee389ca67f17d60f9

SHA256
afd3d2a69492d71fbb5717b93d30d4f91df1a161eab0a736a0c97f32899a1960

SHA512
05de376ee467e7ba41732befbc4f3efb2691d509e4a54b7ede0df83a12e89d4ff2829358f44def3c89d703ce5807e171181035c45cbdd5095ee35b5135e1b4fb

Download Submit
/data/user/0/com.mojang.minecraftpe/app_dex/D3KLjGypTL8NtNc

Filesize
8.2MB

MD5
525207d523b7d70d6e9fb216950eef2a

SHA1
4d92f65e1c5dc12914ffc9f701bb0236ec948201

SHA256
f3adc4d5136f0e0e84d4931455cd6423e466992141cccc985c053673a4d107be

SHA512
97087172933fbe42cef44e5b11a0e3df2f4566eac6b30f4ec608812ebe04cb5b878ffe1f5f439a7fb7a2226b301ce09076aff2d2c6b5125584c85a4f75bab9e1

Download Submit
/data/user/0/com.mojang.minecraftpe/app_dex/D3KLjGypTL8NtNc

Filesize
8.2MB

MD5
525207d523b7d70d6e9fb216950eef2a

SHA1
4d92f65e1c5dc12914ffc9f701bb0236ec948201

SHA256
f3adc4d5136f0e0e84d4931455cd6423e466992141cccc985c053673a4d107be

SHA512
97087172933fbe42cef44e5b11a0e3df2f4566eac6b30f4ec608812ebe04cb5b878ffe1f5f439a7fb7a2226b301ce09076aff2d2c6b5125584c85a4f75bab9e1

Download Submit
/data/user/0/com.mojang.minecraftpe/app_dex/Rk17xFk4LoP1pXG

Filesize
8.0MB

MD5
edb9789f5b47a8d4693c886c213fd45b

SHA1
e98d323c5248778ecaf53e33818b7c178b9de66c

SHA256
987902f531d832fd04d565d540a32d984b412cf2bdc1a26a80d3bbd2b8ecfb40

SHA512
f85dc90e49c366d9e2a7e17ff5e9354aa88b32a5156ee635615a3010039c38e9e184df838ff6a8b420fbda3e2e21b5c9a60e3fc7edcf08218133ae4dd406f0ca

Download Submit
/data/user/0/com.mojang.minecraftpe/app_dex/Rk17xFk4LoP1pXG

Filesize
8.0MB

MD5
edb9789f5b47a8d4693c886c213fd45b

SHA1
e98d323c5248778ecaf53e33818b7c178b9de66c

SHA256
987902f531d832fd04d565d540a32d984b412cf2bdc1a26a80d3bbd2b8ecfb40

SHA512
f85dc90e49c366d9e2a7e17ff5e9354aa88b32a5156ee635615a3010039c38e9e184df838ff6a8b420fbda3e2e21b5c9a60e3fc7edcf08218133ae4dd406f0ca

Download Submit
socket:[74306]

Filesize
74B

MD5
cd3205b5fc1a06e1fed5bb0e7fb876cf

SHA1
a4244d4f7073962620c63403962d4f2f5197a5b2

SHA256
e0d2e3ac3b571a92007fb9884dbf437a6f9949014436784b2a0e06cf77f4d129

SHA512
0e7b716256cf105aa387c8b6e5e968395071c4e105eeb5f901e09f58c4b39f74198c87943ce54fb11bdfe085c4ac03a5d3ff0d0e683fca567509d33dc261dfac

Download Submit
socket:[74330]

Filesize
53B

MD5
f64bf159220cca9d1d02fd2884b16e47

SHA1
75ee8a3902bddc0112c12a22059555a284f46430

SHA256
a20240e7df146e7e17cf913446a3be3257b963282df75421d5cfaed64031e368

SHA512
18c54ee35072c196e61140e21dcce4fb773c4e3b5cc47d9771dc78131e21e423c28162919f532c2d5e98ca205d771686199c4db9e82980437f7c90b1f6a1a8e6

Download Submit
socket:[74456]

Filesize
58B

MD5
3f28808b17cc41f00d71e856db879dfb

SHA1
6face5204e6cb91763853915698f4fb6d76ac535

SHA256
f0ed5a4c71aa13f0c2c5e19721719c93155c84eed4f5583d978b3a5ce94e647f

SHA512
d9d7a48d34c016e980987eb9375d3229b7eae8662a29d642996f24d9a171c4c4932f028ecb745211cd811cddfca5eb90ad3b2dea35f3d95bc4c5e6811577d756

Download Submit
socket:[74480]

Filesize
56B

MD5
5e929c36cf1f7be5774a6c63e341c0aa

SHA1
d8a43e2164d68d02548f5d438c2e2ec57abf78a4

SHA256
f6cb9d0704a7b99dddcb01be13573257ad06195cb8a64153668f7b5eca6ea499

SHA512
9f0c3c88406de2121a61f6c16bc71827e24cadf260cd22765cc008edb1d56b2fc8cd08e7da0b6f346af379c1e641daf446ad62448efd22ea2e95a821b04446ce

Download Submit
socket:[74612]

Filesize
48B

MD5
2b5c438bf1b672ca09960d5a082f1711

SHA1
e9ec5db181d3330db4d48a27090ad0a1acad01fe

SHA256
4023e17fdcec5658306e289bd07988de7dfb0b94c0d9dcce98ea1280706d1671

SHA512
9779fca5094483fab29a8263da7826d532ccf3e735fa24f94b87543cd098881153967662ae6b8a915401e9eec4c597f1d4db8bf438d8b9eae25e268e1e105ba6

Download Submit
socket:[79532]

Filesize
43B

MD5
7aedc64c6295abe08fc44114d09949cc

SHA1
dc8d6663756d0d5706629459a79fa2ee05821ee7

SHA256
66fb8b4d0f035bddab3eb52c9e65bbe29435bc1eef114855b29601cf4dd570bb

SHA512
e087293c2115f9cc54c4ea7916a1057633ec1ce23c62a96686c6c7f35e8087c0e21e9a332ef5dcb98898a5a507b0b1d60e6a1da58094486246f02a4531bd90f5

Download Submit
socket:[79547]

Filesize
58B

MD5
3f28808b17cc41f00d71e856db879dfb

SHA1
6face5204e6cb91763853915698f4fb6d76ac535

SHA256
f0ed5a4c71aa13f0c2c5e19721719c93155c84eed4f5583d978b3a5ce94e647f

SHA512
d9d7a48d34c016e980987eb9375d3229b7eae8662a29d642996f24d9a171c4c4932f028ecb745211cd811cddfca5eb90ad3b2dea35f3d95bc4c5e6811577d756

Download Submit
socket:[82368]

Filesize
41B

MD5
afcfe34e42d4df40be1ecdbbb0ab5f54

SHA1
1831dff02eea88067a4f89218023d1c861dbc988

SHA256
063c0e5408042ecbb414bbc8eae2b01437e07efde0fa97aa080e9b012e7177fd

SHA512
5a1a843f74105f6fb936afdcd1c0271d9f0061d8f6b46f8cbecc84aa18fbacb15a831a7d66d14aa2d1e0684cff1a73bfa1c0d3d2b912800aae6d40b8178cf382

Download Submit