de032609bda6ab2da5ccf34923eccf0024f2342795a220f5e7ce8c14ebc87e34

Analysis

max time kernel
138s
max time network
141s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
01/04/2024, 12:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7185ff85ec43f1a42fe89725720975fb_JaffaCakes118.apk
Size

5.0MB
MD5

7185ff85ec43f1a42fe89725720975fb
SHA1

3f916ea5c07abb2308bb4e2f5391ac979998b4be
SHA256

de032609bda6ab2da5ccf34923eccf0024f2342795a220f5e7ce8c14ebc87e34
SHA512

fd184eedb6778943924b09f1f3e44fe8fd04ec15d9170144a0ae58066afbc8a075f0ff91c13e1bed1eb31aea407b20afa27cc1e543c0301b520f0cec88db34d1
SSDEEP

98304:9cOAB+dOZB9G1MDBBmWqMQhNgWavgu33hiUlnpxF1BonsAOAZBoeSNUSqf8SbZfz:ypB+dOZB9BDBBmWXcQ933hiq3TonsAO0

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.halfbrick.fruitninjafree.hack
Framework service call	android.os.IPowerManager.acquireWakeLock	com.halfbrick.fruitninjafree.hack:Metrica

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.halfbrick.fruitninjafree.hack:Metrica

com.halfbrick.fruitninjafree.hack
1⤵
- Acquires the wake lock
PID:4175

com.halfbrick.fruitninjafree.hack:Metrica
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4215

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.halfbrick.fruitninjafree.hack/databases/OneSignal.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/databases/OneSignal.db-journal

Filesize
512B

MD5
3163ffb29570f33702990f2a0125e151

SHA1
59241604635b9867b6a4279bd22c7254e5ad3c41

SHA256
c6b6b703fd0538baa6615177ac9a81c567ff14d0b57f3b0e1872e73f34bd3fb8

SHA512
c93ff009af974a0706b8fa146bb2e175c41a2c3cd8ced2fb2540f4687bac6d1122461ea1f778941a3e0e447a4edda4024871e7ce7f26dc91ff0f57eed6ec642a

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/databases/OneSignal.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/databases/OneSignal.db-wal

Filesize
64KB

MD5
806e3e84462398b122acda4a75bc2092

SHA1
b7643b81e8caba9d591b25bdb0b315ba6213bba1

SHA256
16b3d926a86c1ffbd76b00ca25db3827dcd342de9ca58f59828e7d4e80baa3c0

SHA512
5739778610e3395e0cfcc69166aa12f0d9630202911a5019dfafd0f81c11d0ca91fa1c8eec73eb274bed1d689a88e36194847c5e07cf40e5c76ecad08e0899fa

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/files/Mint-lastsavedfile

Filesize
213KB

MD5
91b0b453ca314e46fa735753e5e7d845

SHA1
50ae23ed3b3d893142f3d34310e7f30cbd581aff

SHA256
86928035f18fd4a2d5a6ecc08055d04ad20c7cc65c50c1eac640eec7cc74996f

SHA512
2038e1da734261ae34b28295c80b48dd212cc46a35d3375860e36a0dc124228aab582f665e9df6116e14133ba51a967398f293103306173d17d808302e1dcbd0

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/files/Mint-lastsavedfile

Filesize
34B

MD5
ef4485c6a660966bd1d3afe45d663442

SHA1
d36f2e936dc477f3216e0353df8a968ff561d628

SHA256
448c7973227d35df8ec69c34c4f3ecccf5d60c9543f1097d2c88a97294f57f82

SHA512
fa51c6d67593d37b2d4e8463741677f9a2c7ba45478edbdf869f6f160cf7c1d00215990253356e5e0290600e1190b2fec0ed30033f72956571c085f546667f37

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/files/MintSavedData-1-1711973142963.json

Filesize
3KB

MD5
75e143c83c184f6626854bf6397c0b8c

SHA1
b666f8d3b9e8cca3898042bdf46e41659b43527b

SHA256
13e37ce61b5036401cba83018cc4efb662822dd0672503fda3683111454e26d5

SHA512
fcbe57bb395947e74d6b82fd30763c007074474f97921ba7f398ff7f46dd4a3eedd36716cc99e71e7bf7852f0c7fef630a4b249db1491618b2e5d02f023291b8

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/files/crashCounter

Filesize
2B

MD5
b026324c6904b2a9cb4b88d6d61c81d1

SHA1
e5fa44f2b31c1fb553b6021e7360d07d5d91ff5e

SHA256
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

SHA512
3abb6677af34ac57c0ca5828fd94f9d886c26ce59a8ce60ecf6778079423dccff1d6f19cb655805d56098e6d38a1a710dee59523eed7511e5a9e4b8ccb3a4686

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/files/lastCrashID

Filesize
33B

MD5
743168f4b98e9836a85299bd3a394293

SHA1
edc36b306a8ac731454bb901a601327ac1ff1d67

SHA256
95285d7c90069c19a86882857774f7d3e9082ccdac7dc4ed9225d5496a459d73

SHA512
8e5b0116753b86eca6bb651f5074a1e2e3a385fd6c536c1f737d4cc70b3715a43eff828e6da105130fed49903476e0ee4abe75388a6b88e7ad917d8e483e015f

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb

Filesize
4KB

MD5
171a0b3c2f9c78e52a035c36d7b872fb

SHA1
120563584981eea4f5e4f52c44d7437419fca7c4

SHA256
9e09f0b31faad76fe3908a95eb99a940f382bceb2d93c619b1282406aa16a844

SHA512
925c0fa24bac44b3dd6d68696bf13747147bdc8c9d967543bda90c5eb420c803a8e37d7c177d62b03448601c53d02890183f0af317eb793c605eba4ae1b6695e

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-journal

Filesize
406KB

MD5
75c291dd210c38a078b3831b4939d139

SHA1
76a95c642264f7db72676e5b8010d50b0ec0d160

SHA256
63bf3eaa755cdc8cadfd0ec98c27c69ca5f50a19388951896d898f118787cb2c

SHA512
14f7b421376d1bfaf434b2a08280647929fa303b8f943b412eeebf6f263626c76509e0b902e754a9340eaedafb9a07c3aafdde1d10081c1f68989935f92fdedb

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-shm

Filesize
116KB

MD5
7957b6bd68206eebf7e9e6031441e5ad

SHA1
60ca82677f849a02b4ec02f7c363e9934625b20b

SHA256
5a973ae291d726c6625a47070b5e63c1fdd22a1d1a289a342223e2d5f2c37fe8

SHA512
acd536f6c75956fc8240c5edc5cd009aba53f722a314007864c817928306c84298b8942db3da0a24e2b33a2a85ad7b5e6721d193df485c04147181c86e61ef3b

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-wal

Filesize
32KB

MD5
5146198e1540dc2f6436da765d6a8243

SHA1
936d31f4674ad9d5b7a508e0f36c47f4febec9be

SHA256
0d54e593de1fcf02ea28ec1410703c1036c8623eb3d099ca362a3fbb2f873b7b

SHA512
a1e8868992a8cf3124038f01973dc833b7356632d44b13ac2064f85e814e9aaf121a57fbffb65454560be70da055af439dd57eaef7bb2cb4677ff9bca8d89003

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
beccd4df6690ff4f64f4958d12795ffd

SHA1
12921edc51bc978982bf43654aef8ccfa672dfe8

SHA256
344b81951f7985a892890515f7d5b00ee479d84436beeacef0fd858f345761e7

SHA512
d4e843c1bcf40e6da923a9671c7d95c8633d98448ae0e7ba6bf917be789c5633c4a649c734f52d0e26736e6019fcb4528951fc9e1ef527045aa7c6bdcbb21159

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-wal

Filesize
269KB

MD5
5c466cdd61af9f3ae7c527e78f76528a

SHA1
4f832eadf2e97119750fd2e8694c490f5c72aeff

SHA256
28041fab1fbda178cff5de77479e1e6e45ec7ebf81eb8f361da0c860fe369e31

SHA512
10c60db73b26f56b934c05e35ca77b8af58032935c78b2df26af40e98422c9efdf43a34734d1e689b8c57681f23848d8b769d06a4f242f47cfb6a99f5f49f332

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-wal

Filesize
181KB

MD5
1e376fd4a1a95322e8eca8c3d157de78

SHA1
bd9e02e1e7356cff17de51c52e072d227ac7975b

SHA256
1a3f8a503eb0dcdd0a3d6b9426f5c768a1a297138216eb6c5eb98ded822d973b

SHA512
c9675381eba1b1bb1986dc082f7ef1d4f7e73b44c0761f46e6747e7a29102baca4f53883bde59ef924796224a759076c6ad7bebd85cbec7c2812c9d24b03f6b6

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/com.google.InstanceId.properties

Filesize
32KB

MD5
ced5de220eb21ae222c1cf70dcf8df9f

SHA1
eaceb77f7e120581f0bf466e4faefc8fab2bada3

SHA256
7ad7c8bd42eae76fbbc67515774df9e950859bbe02c865331abef241bedca806

SHA512
5afb3569ca53197500cbb0729e2969a946f81eda6cdee8b3ac7f1dbb264b6c2d1bf933def4b0ffc59225d5533e05146634cde87420e0f5772105de694bbd956f

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/credentials.dat

Filesize
227B

MD5
67881de008aa9d69eaa2aef3f78cf3f9

SHA1
dfdc993247ccd388bf04269c3ab9daad30cff873

SHA256
b05fef203bd7422a7bca5cbe6f8feb5742b811837acdd4c7438dda9efeee5226

SHA512
232a729db8a01e95dabe169a66f1b392cd2d1d4e2a03ad9f29f3b130aab2212e90c74727bf1c3f95638c681315e4123babff939ab6d443a8d2eadccab0596ce3

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack

Filesize
36KB

MD5
ab3bd8143ca37bf357c707f94e9e1671

SHA1
a36c3881b98c472d335e70de5356759c0a52a0ae

SHA256
3bacc16098022d90b7b90c5bdfea5fd6c8ecfc64259e4cebbdec6a3a7906c96d

SHA512
a914788ca8a5627d9343126a19b8fbd32b65038b4a9306399105b67150c168810075f0ebff60a23e5b9488c446a9dbc6f61e492747a131205e5dd9305d0a245e

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack-wal

Filesize
402KB

MD5
81bc66eb8e89d00745a755f920f59003

SHA1
fc73b366eb057b46f3802054f27fe9d6472ae28e

SHA256
59e5b9e3f374d6be5ff4e6d8530c3cc5246a78db20573771fa1318eaf98baa8e

SHA512
f955083d14846700aad695ba3b11c4127808bd16653f68bc86704ff9d545ebbd65e809f564bb9f0f1727a6f94aa48c0328b2f191bb6f89dc081dce8c10c97897

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
d102427d458795736d12a9d3ba8435d9

SHA1
2b1139fcc6526bae906fb6f8a8c8fd95d023db51

SHA256
d3f1671b983ccf0d3414a6daf7591bab4cf4ba07885a94c516701a54b1723b04

SHA512
d97c1a5e5384df2c628e4257adb895d8745e421c4f9f67c0afb7486590eb9b0d07ddb6bf304ebd52ae22bc1510a40dffee56be0be6b4c1aa4004127e38f0b430

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
5ae1dae9eb36649faeb07a94ca96e7f8

SHA1
9056cb35b999726d6576ef6ced55ca9228cb97c3

SHA256
62eafa0fe191047857cbfdbd6909930487f2216d260b4be27fd52e3cff6086d3

SHA512
e33d2cec8122673da3c8ffc788bf2984eac878f7dada265485d960a886ebfb00e17b12a30b546c959bc04c62a31d5646fda748df693e0bdafbb974abbbe77c1a

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db

Filesize
44KB

MD5
28d2e0621265bc73bb49ab46f9442e1c

SHA1
58a996701454c69759b0023c7b1928a4d49b46e3

SHA256
d3a9179df31c925dd84a2eec0620aab78bb8a498a50a0ed241c7fe4eececbce1

SHA512
8192cc74f7cafa74e31586344ba74f1c5b96e1495b3a430a352a201230db632883d7500d48fb1c8e9d992d3bf254725dc793d273fd8b5889159b0172ca3fe0b5

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
ac26a375d5d673c2a7b39bbe42efacaa

SHA1
a7384db83f153cce2cdd67a97a20df068f6ecd67

SHA256
001ea8b38280af72e70a8168524cfb2b07a711040948397d36fcace03b593716

SHA512
45e1842b55ebab067e53fb3c6ab880c0a652a951f26c1cae5363f429207db5f1aa56c821e89973612b73f9c0d186561221b6129db22e447ccd421b40342dd6bf

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-journal

Filesize
512B

MD5
9e85989a0bacabb044eebe0a2e35e5f2

SHA1
7f94feda2d7a46a526724127c5318e07caa97a9a

SHA256
c4a310b765974119fc63f741ad290b5f9ccf2012838219be881e86758d12a9ef

SHA512
f674dda951a1fa241540621680b9a3d60a2681b7a7116c8e9c81f620b0af922324e2ca5a7cc48a51fb284aa691d3aad78dab19228696be68a462c2835dc945ae

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-shm

Filesize
32KB

MD5
b39f45836b44671636160a08a2153049

SHA1
2b58e039db70a6a6b54f09a9f3d5557825251ee7

SHA256
8d14bc9d0120fabc188d1a888fe4416006435d13ae2b52de65ea3992b2aa0398

SHA512
993789e98cda131012e6657b3a4531fe5b60d4a484a85b5a44d1e7d24180f11e2881fb8e2c6777832aa83e07f558d3e2e570f6c0620fef462e0ae7e3926a68a1

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
1ab4df4234836fd33d557252f927ad61

SHA1
9cd46a042b229cee82a82d5e661c666a26236738

SHA256
8debea6bb7d6c5cf34546490d8f47bddf516b733ea21d9159848dd9ec04a2191

SHA512
cdaa557d37c807ecd722d381cef01ee1529f35524230868ffa2add37af865fb83850fb4516647498e9d1e580176c3d3e993846a105a326a77e39f422d1347ffd

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-wal

Filesize
32KB

MD5
26374015b7cfd8f69c03fcf6c2b19030

SHA1
14006beba66586b1624ddb69f9f955fa34f59567

SHA256
345be79d07b2ff9d0bc4abcc2524eb610b4087160770884cb05cd48fa091cc10

SHA512
68c1ee42d63570dccb238cbe4d72eb8bb1c8b22494925e4c673b8152d3759eacf74c3ba51f593cae135284705754d0df8a7064b3a36b8b5a185a68aa1fdadd07

Download Submit
/data/data/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
d71f2a33a09fcca74dd975e85161beba

SHA1
9f22d7a8a41f696ecbdc64aa03453eead2523ebc

SHA256
1fcf01c6ae1ee849b0693285b9bb75e4ab8c5aed326242b592bcc86d986bde6b

SHA512
bfe7cbc1e25cd312486f92dace77d879132059ccf1e394becc3b33d02923e171835f9201f01e837f25969080c28d638392e60b49b9062b3832ae8f843448a201

Download Submit