e58e7ca0e44543537847c44877a16298946ea1e0d3f0f48f413ff0ed376b0d44

Analysis

max time kernel
5s
max time network
155s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
05-04-2024 00:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c57c5e4245ae6c8a66945750f0d253f8_JaffaCakes118.apk
Size

23.8MB
MD5

c57c5e4245ae6c8a66945750f0d253f8
SHA1

dcfdcdee36389c5c66627e79b547dbd48c911521
SHA256

e58e7ca0e44543537847c44877a16298946ea1e0d3f0f48f413ff0ed376b0d44
SHA512

ea5cf158754d962bf759f8e7c53ffe2e0f46e6768762f4a791fbbb63007ee6cbec0a8e969a070abc0d43356b42314897ef8856389c929ec51b54e37ce66263c8
SSDEEP

393216:7vb8ghsscV3wMzCvUQCykTCGXMMxHw3ZzS/Dm0RsuGKp7+Bqe2TELd:zb87pjQCJTCGlxHwJES1uGKYB4T0d

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 5 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.wingame.mslug2/files/XN102en.zip	4182	com.wingame.mslug2
/data/user/0/com.wingame.mslug2/files/728705DA78BB18AD.zip	4182	com.wingame.mslug2
/data/user/0/com.wingame.mslug2/files/XN102zi.zip	4182	com.wingame.mslug2
/data/user/0/com.wingame.mslug2/files/DA26DC4F5E58D700.zip	4182	com.wingame.mslug2
/data/user/0/com.wingame.mslug2/files/X307zctest.zip	4182	com.wingame.mslug2

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.wingame.mslug2

com.wingame.mslug2
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4182

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.wingame.mslug2/databases/lock.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.wingame.mslug2/databases/lock.db-journal

Filesize
512B

MD5
c77c7bc57f60101b6bf2e1bc070527dc

SHA1
79e6d98b8738a65fb304768a3b3d1dc9f210283e

SHA256
680e0ebd1adc081c7918fc18e94ddcfa022e162856e1ceb712e9b3b27d5b42f9

SHA512
eb19919f22e3f132807506d9f4213bed8eafa62fb77bb05753b87b987ebc6a4cb9a41056d9e325eff83e500e2cb35882c4c686acfb6de5c548c265b20a441b39

Download Submit
/data/data/com.wingame.mslug2/files/728705DA78BB18AD.zip

Filesize
164KB

MD5
0c267eeb99cc8693bb657b89f0691b2b

SHA1
668c402fdfda222f4bf419a96d39b72367acaa29

SHA256
701cc2ca6e9f502e66f05d943f58464b65efba184c3a5f109374e559d8a48ccb

SHA512
6e97218de863c4969e15b9f126b17d39c9d8646c30efb10f02b72b9d9582538b358ef58d673d2003c0b93755a0ca3e806cf9f3c4da076dda770e1de0526d1240

Download Submit
/data/data/com.wingame.mslug2/files/DA26DC4F5E58D700.zip

Filesize
118KB

MD5
27e84fa7e974056c13c2ba643c52e5a6

SHA1
939d70f2b9bc5f66503f6cfc504804064665f0d8

SHA256
c87259128be764cf92b823923292386520a9041302f2d5ad83e03c34b449fe87

SHA512
cc2b954e9266b6283e123f8a837ec2886f10897fd66fffdd021c0311ad974c9e324b0cfda7940c1d708d1543e8295b4c35475fa5232b291914080d2ecb4a2e4c

Download Submit
/data/data/com.wingame.mslug2/files/X307da

Filesize
17KB

MD5
d23243ec2b1f17e8696dc90b0fafcc8f

SHA1
ce66661a55dfa48544c62c897c443a978be7f4fc

SHA256
377f90692af7e30a388633b2a717f7b5bf6c9ef1421215854de802c88a8e5fdf

SHA512
6ed63699bc4d93408f7198cfd91d72f573f8e892a494e12d54acb38cc3401155e4c16b97007699e1bb097d53fd4940e32b7275f8f4d5c8f3bdf27a4f29ceb429

Download Submit
/data/data/com.wingame.mslug2/files/X307zc

Filesize
85KB

MD5
3713e72fb33dab622780fa6ff3ecca86

SHA1
dd567c46c3d55ee3b2439c48b4464613877b6fc1

SHA256
9f4b520ada1368c9da049243004052f8d9a6cff6fe3fcb8f1a0ac6c5436ccee1

SHA512
4f57d81cb30e05d607fa95d90d4550ba89fdab232aaad8ee1a6591ed2db98cb222d98cb6c235c94eb27e9e8a486b442b02c6997e3b7c5a4e24e6c6954dd23913

Download Submit
/data/data/com.wingame.mslug2/files/X307zctest.zip

Filesize
85KB

MD5
753c25157c3998f5c73b2bcdb947fcf5

SHA1
341ddc59d682057e24196e458f8ae3d27c5a4c7f

SHA256
7db248e9d8aa569dd39df053679911771331bfb7e14a8089ec9941569d8a556f

SHA512
d16dc32751e3fda6a9378d289581b07b57aecf028ec15883804a418f84b1731294e5f7bc3265cb6c47ae35af8bfe7772d053d900f46dc6e0fe38b58dd89e6fc2

Download Submit
/data/data/com.wingame.mslug2/files/XN102en

Filesize
162KB

MD5
6d88b2c718a9e89d38fc6bec155e7770

SHA1
4e16a26f7ba97d5c96ba45ce47675fc17b47e2a7

SHA256
2419fbdafd59d7fa3982376f4f989dd18316f826c1cbd6461e732eed4df4affd

SHA512
61183f30c7a4e5d2a6bc25fa40e2b28a485185f94844bf20a306d94ea13648f3ef9c69143b93a647eb497cda5b0e1984fa5364292d1037b528f1afa2c6a70662

Download Submit
/data/data/com.wingame.mslug2/files/XN102en.zip

Filesize
162KB

MD5
fe24dd6cf6afff62472814395a25f213

SHA1
42a3b3e13b498128954d97fbf837d7ecf9c781c2

SHA256
54aea4a2aa5580131758f89d014baddede9de211ffd547408ff848484b7187fc

SHA512
c871d98b749cb17e0082de9ffdb6ad9088303fc93d23fd4029f3b4c3615055114b16e9d1499828f386ddff1b04ef046cf1cde5418ca758c804275f584fc43caa

Download Submit
/data/data/com.wingame.mslug2/files/XN102zi

Filesize
127KB

MD5
38416a1b58c98b3394a56675830c6427

SHA1
516dc3d22f984c1c1657e59caeb595973ad95595

SHA256
70e85068abdc20afbeff7a7b4c0858c7073ce19ae5cb0a554202a51cecd232ae

SHA512
0116e817e4713f781716b04ef420b1d7d7f4947c25b7ba9bf28e3b9f2d0d3cd3f0f3f48bc7d65a8e7cdd067f85a69a702842b4242794b2aea6388b8d315f2bbc

Download Submit
/data/data/com.wingame.mslug2/files/XN102zi.zip

Filesize
127KB

MD5
2988a2fdd765a79f339b0f6cbd67f859

SHA1
06b7f379e1c47b79559303f92a3972f1ed0acd2b

SHA256
9153da9074aedc4a2a3f5c574c2ef6269349f38e8ce20d803db15d62ecfa7ad0

SHA512
531226f9d0f6b8b669b47e35c82539c07bc1e320e63330be34003a6da77211742c34ed04fd6fc3edb5a6346f1caecfad2c27a12d44724b52d502082115fae7c7

Download Submit
/data/data/com.wingame.mslug2/files/assets/728705DA78BB18AD

Filesize
164KB

MD5
340a393a0b1fc52ab28138ecc3284167

SHA1
c705b8edf84caa2753c34302681f32fe3376e43b

SHA256
7cb356cb5085b0863c1506bec92ab623daa719e327efced8502a382be3708324

SHA512
b77690cb8eb70df2c107c9787b39a3c4278fda691550a4809a1f272448deb79d9742b72091e03ee53badcbb3e991d8c9a8c5b79c67ee41891c3327af33b8d751

Download Submit
/data/data/com.wingame.mslug2/files/assets/DA26DC4F5E58D700

Filesize
118KB

MD5
16bf6efe99fe6505246d1e9d26d6910b

SHA1
37f7e115e3913b3674d5359df34c22e14c3e5f4d

SHA256
b4ad08bb515b08922abeaea25041d4098de3749cb16d182536a9a7f0f8450271

SHA512
878306e5127ff56bfa65ac20b391fb4491cbbbeb0296b83216a27a999c7b277d7d9a0b031f3a20f78dfedc2a9e5033b565ceb4b99895c57b4bcb61101272f8e8

Download Submit
/data/data/com.wingame.mslug2/files/t728705DA78BB18AD.zip

Filesize
96KB

MD5
6ff5fce3034738a620498c5ee4ed4cf2

SHA1
9f0b05cff74d2d478917563a65c7d151200da118

SHA256
c883bb0ba6960b0389c24a3d8e28ebb65ffab69447dc01b90bc4b8b96dfb2770

SHA512
39775164466ad808e836cea3f6e4f11dded2dc5b9e6005b521a3e4af2c3b1f03202a5e6eff215100ffb95578ff866043129563b3cdcc9f789ba1d792377f26aa

Download Submit
/data/data/com.wingame.mslug2/files/tDA26DC4F5E58D700.zip

Filesize
43KB

MD5
8ce761097789cdd3dfcbfd903fa4d2de

SHA1
08dbc5daaad8ef344bd34b374b53b62069738b66

SHA256
12a80c3ab8ac4e02a914c1d3a1fdd9bdcf0ec32f269e2c5435b8465b92d4e005

SHA512
8466be38fb000af9070cee20e5f54cecd3a835d46241694d8ba5a03bf809a54250d0095890b48be07a4fcde72e562de29805d829a97bb681ea1600dd2ef7c28a

Download Submit
/data/data/com.wingame.mslug2/files/tX307zctest.zip

Filesize
48KB

MD5
fe333737bff020b60216af2baacec72b

SHA1
b382db2c4f6ac0c137e2fc93b2124cc3462e3fa4

SHA256
d8427758805ca5c5780c39389be59475f84599b4b18d98f9f7cf706257f3a384

SHA512
b59ee34077ea04b67c592e8b568e03904f5f1e7bd9925de407f2d5bbf37d7e307fe77a4e585370c87407a9036082e6e722ee6eb39d6d4fa59407d7c4cafe612f

Download Submit
/data/data/com.wingame.mslug2/files/tXN102en.zip

Filesize
152KB

MD5
5fcb6d61b25844d7b723572f5a6b5652

SHA1
f98be328779aea9b4d82b0c3368cfcebbc7fcaff

SHA256
5ab6cd7320698c253302a61b4139a78ac0bbc33600b61a888e10b690eb79c56a

SHA512
878192a44d180b48352ab47f980f0716d98f0ce95d4bb1c50784b501e1e1b5a895d30fd56e10e46a11686268d0ef82a50a696e5ca81be98ea56260ee6a8b3211

Download Submit
/data/data/com.wingame.mslug2/files/tXN102zi.zip

Filesize
117KB

MD5
26e08f67ad0b3c00551e75ee8b31dc63

SHA1
7083b2df912e38947016dda1315b4899e204de0f

SHA256
6c0717edccd50f5a5d4fd3ed4caef460c3a07c0dd48d7f58227a00693b7deee5

SHA512
210cfd74fc02d37edce6b2b39b1b7faf4e2046772dac68492f20000cc408f377dcf1db1c9c0bdf82dc127641a91d3ea3d7ded4e47e24a027b8ae5e2df0a23650

Download Submit
/data/user/0/com.wingame.mslug2/files/728705DA78BB18AD.zip

Filesize
122KB

MD5
d51457a2bfd36d1bdd2c692ab86b496f

SHA1
d1621d396861a6683ad7c3c119e25f44da9f09b2

SHA256
2fe59e3090fe5f24a4e9e61d8af361d851029c0109d58558bd93b7817717df78

SHA512
3b2876333e72428f8bb71f041ed1139ee2ff14aab148d9564cd92408787cead86a7b9af64d4c64fbedb475cf90ed24f19681d4f91341148de46429c255b312d3

Download Submit
/data/user/0/com.wingame.mslug2/files/DA26DC4F5E58D700.zip

Filesize
178KB

MD5
e6dc35dfe7e2d6e2cbe9eef971b52126

SHA1
6392ae898815d7a66583a3edeed0e1d0b4272bc1

SHA256
cd582cfbbde0e7b91be8d5f238f906323dd777a29894256d9f9b3ceffceeaa2f

SHA512
f2bb74599d571b68537a4a4dbe4c5f397eec84a4a4bcee549497295cb1cfc4123af137c0d0def48d79c72ae9067c9fb41f01338fab4dfab95e0ffc93ee8673b2

Download Submit
/data/user/0/com.wingame.mslug2/files/X307zctest.zip

Filesize
79KB

MD5
823c262f5b0b8ed30c0c3a787bbfe06f

SHA1
0974fb229d999c8c1ae91e72161a863d2a07b7b8

SHA256
edd6fd6275f1adca926c472e2ed67fc8279939843377e0d0fa42e712610c23e1

SHA512
c904adb5837d5e78b2abace8464afe9908f629b8cdd0fa5248cf6f0c29e3d81ea4edfc6a2446291cb984f50d2a471c2dcb9e041cd908513ebbcfae94e356573f

Download Submit
/data/user/0/com.wingame.mslug2/files/XN102en.zip

Filesize
24KB

MD5
7ee4d9c7cbf088187c5190f8ef650365

SHA1
3823f53260efb2c158e2dcb9f5cb5f40e06686c5

SHA256
b7844e20bf8321717d5024109ff01c8ae25ef2137bf74240f04eafe3001b1221

SHA512
29d1d39c1db12f2b121bc3802ff32480aca7569d1f621901cbf2cc9a511c052bd2c4c8737c8837f6458151e5c35d2d51c4f6fab795d4b3e210587627d6dcc42d

Download Submit
/data/user/0/com.wingame.mslug2/files/XN102zi.zip

Filesize
24KB

MD5
c2db7966de0d6cda5ec481564204840f

SHA1
44445458c57aba2ebdb7bf75246d341033f41939

SHA256
4060a33f2b40a00025e0ca2161f29af7d5a307ff796621716afa51e9628ad2c4

SHA512
ad0732efe5889b6861236be72363563c1cd33f73d187761899611ec635df55540ece0286da53cd5cc4a37c650d778097105bf65c1c39bf6aec0cffbc39f6386c

Download Submit