81d22a908f7989dbafa747a6cc3ce42a1068d5bed9f34cc69fa86672b4d57e19

Analysis

max time kernel
133s
max time network
153s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
20/04/2024, 05:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fc0f20db5f8098e42d845492fcf3fca4_JaffaCakes118.apk
Size

4.9MB
MD5

fc0f20db5f8098e42d845492fcf3fca4
SHA1

380e9f9d17c1f13e66d367f4f8726200e2dee07c
SHA256

81d22a908f7989dbafa747a6cc3ce42a1068d5bed9f34cc69fa86672b4d57e19
SHA512

d4fee4bd9bdaa012b57346c407a5e46eeb8908727686bd7022faf704a3baba81b6b6380b260e2f672fd8967b39a4d6f2008b6bf5e629efd163f01a30663d14a1
SSDEEP

98304:UxQ993O4ZwUzMnKTI5qkVe6/7Tr/njx/3lIM1bfzyck/IISqf+HW6sR:KQ993zwU6+I5DE07TrPV/3lImKj7g26y

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.kongregate.mobile.bitheroes.google.hack

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.kongregate.mobile.bitheroes.google.hack:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.kongregate.mobile.bitheroes.google.hack:Metrica
Framework service call	android.app.IActivityManager.registerReceiver	com.kongregate.mobile.bitheroes.google.hack

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.kongregate.mobile.bitheroes.google.hack:Metrica

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.kongregate.mobile.bitheroes.google.hack
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.kongregate.mobile.bitheroes.google.hack:Metrica

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.kongregate.mobile.bitheroes.google.hack:Metrica

com.kongregate.mobile.bitheroes.google.hack
1⤵
- Checks memory information
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4457

com.kongregate.mobile.bitheroes.google.hack:Metrica
1⤵
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4495

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db-journal

Filesize
512B

MD5
1acc43821e6a5e3ddb1317e5cc434e41

SHA1
7df3bd1cb6ac2b5b28a49841bf8020b424c4175b

SHA256
93a1548fc8f8f7593fc07d83122fc99929a6be29d1f0dbc15902afa7b985a6ca

SHA512
a4c803b309a62f4a2cfe916cd8f5e9cb80e03691b74be0d3c455c5fa8f2e48c88dd41a57b157edaf11c4dea724b3960d3251cb1be8c15b567a0b1d20a987006e

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db-shm

Filesize
44KB

MD5
515111ec18e9ea6ddf7671e3e3dc29fc

SHA1
d52e907856b5db9243043bb4c39ea6fd353f9749

SHA256
43877d0af4d209b4327d468e4f0c4ed200c4094630f53cc2a2b30ffb48d8ae6a

SHA512
4b3d0c7766b091d950d3aed6c31f9fefaf93f61e6e9e649ec042e01437d99638b04c52bcef7e290a077b823e06d1ecb691eb9cf6d1f5e6abfdf729b70d16f019

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db-wal

Filesize
64KB

MD5
f39b7c1a6270a4ba8efcd6c8de9f79a4

SHA1
871b97b9ce1da768d7713d33ae09ebce552bf1dd

SHA256
92e67e9bc8a909704c014ca6731b6d2e5a99a0f6d068b598730302d477d97758

SHA512
97d7f29790b3f3b6a225141271a2f2ea9471f73c17f8cd349b9f3a90172a9a7fb21e16c0388767778287d1c6ac6f87cdc39a9fe5b668eac576d9ea6db18ac9b0

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/files/crashCounter

Filesize
32KB

MD5
68a5a07d6185309361493bbe963f22b2

SHA1
774850e08177ede2a46df52bf55c346832a78919

SHA256
2f7154db250a2a7edc318018cac06eebd45bbd91bba23ac075e7a0787dc89748

SHA512
03394d3fc7223fb9cd05c1c0aceccc80d06525348fecfafca93791ac81ad7394710b02d9d742f5a56c07c6b86eda5418d51d11f01305fc72a766a470bff72290

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/files/credentials.dat

Filesize
227B

MD5
72260460d61c91f9420974f84999ef9c

SHA1
c5ae4cb4adbfdcfd47e1621da571823d4b4fa992

SHA256
8efa9f0436eb69c1df61b39339670b3271d87ce77acb7089e074bc12d2795104

SHA512
5aff3f154af064976811a57b4b75c9ae8e4c0c322ee8664c1d976faa527ceae045854d5cb08368e02cc5b2cefa57a50c90a981ea72c79b0160e3ef7645cb6379

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/files/lastCrashID

Filesize
512B

MD5
0b3032c2e762d8560c45d044c7c95fa4

SHA1
5462adee155b30f2c5ce455da4242ad20567e329

SHA256
64fb8df3f0756542c82c13bb848afafbe93cc99ef95d2db146886ace597aedc9

SHA512
eea0e4599f6ef6ee85ff5ae7bbc58532e5af0d0c7ce9b2de2c66d48edda7c54ca914a39c87644bdf9e8d213d6aa4073c495bdd7161ba2538ab81442e895e74fb

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb

Filesize
32KB

MD5
1c4274aa7a9a5cac8c6d1df71e4588c6

SHA1
abaecd685e01cc68801292e3dc7085654a22feba

SHA256
3f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be

SHA512
1adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-journal

Filesize
8KB

MD5
7abce44b4b68349043e0b3bca372a042

SHA1
404957336b95f45db03cc102983aa753facc8956

SHA256
358297de9f9b7995e46b9bcf7082fb2d439a541eceb396fdcb385e33dbfa7c35

SHA512
c1a9380fa86552eea5b7b1860971a8b13146407c1ad20b9f4e2a1dbfff90ce060ecc104f6dbd5d477ca64134b5c2f6823a441479bb6e2be989c7f3ec12365298

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-shm

Filesize
92KB

MD5
904b35f7715dd18d5886e14b41755e1f

SHA1
e00e61cadc5adadf79eefab7ab98c37fb05d7c0e

SHA256
6052705e4a743a2c03a863b41b6c49bb9bc43d521e019f33f6fa349039ca1cff

SHA512
a9f6eb3c10cdcc946a05a38c2aef7a7a4f362afdf869889e5dea09f1061b4d902f3ba1f016a613f1c0dd55ceed6728cb361a1138bbbdfe50442ca731d0bcf90a

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal

Filesize
20KB

MD5
989bebfb4d345867bd95a1d1e5248bc5

SHA1
4e7bf8d9a07f75db5ddce22755c10ec4f5c88a17

SHA256
8b5785ac3899db57e74b501718d9b97f335c15a59917e7e97fdcac328dc28ad4

SHA512
24466a6f94bc5726b7132d67a2001af6aec2b6496e5a10d27e8fa38cda9171a060a030a1f71a96a69965826778b8a95e8499ae3316745b8dee858d7df89ce415

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
73d64925dd7b1c138831fdee0700492e

SHA1
d1b56c75b8021fce4d42065558e8d1d5a781231f

SHA256
0cf946f196912ddae7bf13330b93c0d96d655021fc99d1879005a0a4dbcace1a

SHA512
cefa5e356f0bebe2e3971ec69b133f53679596427173c2587d3b5a2025927f063d18085d804560879b6fc27245c3e05db8429c3de39852df0a62852e37925bb8

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
c9e0a03c4a943f8cf83191dbc746dae9

SHA1
b6c4385a75624dd3431b131029eddf1173f8fdf2

SHA256
4ee88262ea16426b63cbeb6484cbea12adcb4d7cf31fc53b598bb787768c194c

SHA512
1c14d6d57b6f34819b56c141f300b7d433fb174eac18f440857488a8aa3d811924ef2828bd8c1084e6e720a940437e109e272bea4753a78fc598b704f73bf119

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal

Filesize
193KB

MD5
1a73ab66cbdb928d3636646a1dd8d5d3

SHA1
fb331bcc9053f4283a08286d4200ef2c999c5e11

SHA256
8a5581c70d305db5f20db07b0cf5dbd223f903841d7328c948624d1161b9430e

SHA512
485b9493f1c98fe11c11b4aff578d9a805936d904d75baaf526eda43c6d590ec047f7508246ca1c1e0d277d076ed52a8dd468e4ed7ff33342dad28804fba977b

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal

Filesize
281KB

MD5
5c4aefc0d75890cf31632b40b00ebb78

SHA1
c4dfe1e61b39f972fdcb6961db93530c05ccae38

SHA256
486de8d5f58d607f4d99c6050bda5b8ce9a241b44393858c32f191a7b550f6b0

SHA512
e3a061099f69eb9d496fec1ada3f792c3ed2225a92c2f1c14752a52e1de6dfbca04858a3f80a2bae8d03964b4955efda5a91daab4134cfe3800e4db91503b0ee

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/db_metrica_com.kongregate.mobile.bitheroes.google.hack_20799a27-fa80-4b36-b2db-0f8141f24180-wal

Filesize
241KB

MD5
c0ba4686e63af3d814be06ef66c4d87c

SHA1
64ab9da8524674c3d8ac5dedc91664ddbeb3ddb3

SHA256
fdc0506f1aef4fa041b8a1eb86af494ef99965a68258687079aaba6bb21069d9

SHA512
71b892af65d4e7e3b35ce60fad63ab135173eba106a715e0fa5c830c3ed4b466ff494359726948bc51bec26a746f25e60459703c44493c430089968853fb4fe7

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db

Filesize
406KB

MD5
c91cf3460eca79e294574e035185e5ee

SHA1
5328ce4d89fdef27b07cbb9b223d14075f20ae5f

SHA256
41ffe80c60dd939522707814118481486267a41c2ad1686e6ac21d7b787b28e8

SHA512
1b128c48ac87e8ab9dd89caa3579087ffa485c4e052071d7c97f09e0495871e8cfd75dcb08be1e54872a16b20bfa0f752ed4bf50cb717740f8582c2d3a236caf

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db

Filesize
406KB

MD5
7d0cd6757676841027a147103f9b7c5c

SHA1
a0bb3e2a3900de6630035b06ccd0bcfee533770e

SHA256
60a619cb5f533953e8b240d1ab8596fd28ed6553d749154be8501b546ec84082

SHA512
b8062fa8da348382e88c8ef05d08a107cd0fc4e9d0f8db68fe4b4ce6dd6d278b67b37c11e271e54666225b1909a1259bbfad835e6e77112a9f4239e65166f1dc

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
ac26a375d5d673c2a7b39bbe42efacaa

SHA1
a7384db83f153cce2cdd67a97a20df068f6ecd67

SHA256
001ea8b38280af72e70a8168524cfb2b07a711040948397d36fcace03b593716

SHA512
45e1842b55ebab067e53fb3c6ab880c0a652a951f26c1cae5363f429207db5f1aa56c821e89973612b73f9c0d186561221b6129db22e447ccd421b40342dd6bf

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
7ed6f4f0882344a0dc788c98465c0ee4

SHA1
92e197a53841fbdc5c52131990007197750cd4a4

SHA256
33ad4c59d7a1b35352915658f46955335a05d599797f1494a4402441bdbe88dd

SHA512
408975c2662f1463291cf2066adddb20baaaef2be7e42d24acfd9a6f81339e6d5162ee07c371d72afa87cc88c846f22dad613e3c744c91bbba2d3e8e5cad02d0

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
5ae1dae9eb36649faeb07a94ca96e7f8

SHA1
9056cb35b999726d6576ef6ced55ca9228cb97c3

SHA256
62eafa0fe191047857cbfdbd6909930487f2216d260b4be27fd52e3cff6086d3

SHA512
e33d2cec8122673da3c8ffc788bf2984eac878f7dada265485d960a886ebfb00e17b12a30b546c959bc04c62a31d5646fda748df693e0bdafbb974abbbe77c1a

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-journal

Filesize
512B

MD5
75da427442ec7332e1c2db5efcc38241

SHA1
e6515bee380b4f4be3ec77da358e6847cddec39f

SHA256
ec66058189eebcb81d0f01db1d8048f993a31b9300e4ac23c1594bf4f8c3e570

SHA512
d3ae98bd3de4ea6bdae30f828a4cc897cd9d37523f9db84736beba8b67b95736147acaea7de75fdf8c3b4fee9cefac709440b5386bbefa1991102e5de8ad0908

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
64fd3fff02da6ba7b171e24682b00d43

SHA1
056bd992468c99d028596cfd24a4ac0dfa04750e

SHA256
eb57126e59e3461198ce5a33c436f95daec1a7987e233cbf5926569cad7356ec

SHA512
061546bc65a9dffcfd91628e79a4a4e6ef9bc1da3925a97a9d6609dd852baeb4a6e091c73982e6f944068f971100b06e2dddf22f7160282552a1a04ebbabd296

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
f4eef38d1f48a2780bed466722b223d5

SHA1
db6c123ae791590bb6cfcf58d6a9441671d2ad26

SHA256
20830ae9e739bb353d0f4bd645c5869444e5a486148fd3360758665eddc78424

SHA512
dd0d4803a9617d16ba68479ceaa279a5a10385e78e026ea19d49d62b825af202ba8bfc753d719802aff4097a8e87270ed7234f4335024969645afab83026e93e

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
55681cb8da7d97d12ea30dd4037f23ba

SHA1
3d6b36a908f5d2f301d433e61a6768b390da580a

SHA256
2a88808c655d50c358756f4ad1846df12210e33acf55f48d45e57f815d313360

SHA512
1756598429c69f62183274ffeaab2fd51eb1f9c48a5461e7b6a5234acb85992a7037aa4454d7edd4e95d02409d6a835b82498934ddf28909c0e687556f6c0061

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal

Filesize
32KB

MD5
99cc8f0fb1f29b7e18b9f2472a0cce5b

SHA1
ebec52682329ea3c3d7d599c3ba857f7b3d88fe4

SHA256
f3a6e0f155a889774b5904b77e8522ea2d921779a2745959ddb222cf11127193

SHA512
a05d5473fd51d960e99b2a02bde37fcc0dc207f3b97c1d9413d50fdd41c825b2f3e75d6088df04a26b0444a82c6faf3833fb2c3b8b47afc45455b5cdd4e8d2f3

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
bbb654982112361d8d6ebb7a84349ca8

SHA1
6fb097a9ac4a122ac829f98a7051b3a4b3882806

SHA256
ef4284e4cf61b6e084259fd20ce556c18918e7b97d184244f80eb7c27757dadd

SHA512
7756942b3b0d62bb1fa688f9bcea2dc39d61904d370033f170a2ef10e1e297c52b912516cb1855e202cac786125e792c814b506d67683b42cb47815c7f32f2e2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads