157534d824d25c89f5016f56ab7156d7c94d9cadb0bc05f9df232a4af332350d

Analysis

max time kernel
65s
max time network
136s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
30/04/2024, 21:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0a7aa7910ed65cc617f91adc5dc00a81_JaffaCakes118.apk
Size

5.9MB
MD5

0a7aa7910ed65cc617f91adc5dc00a81
SHA1

9ab6e381813bea14685f21cec15a7dcbdf9fc2ce
SHA256

157534d824d25c89f5016f56ab7156d7c94d9cadb0bc05f9df232a4af332350d
SHA512

0bccd7b4c7bea0c7741b518c54aefb874b46ae742e571e4d5897c89cea93a541718613e067809e519afa1096af77135e52f930346b369fe921ad33c2645443fb
SSDEEP

98304:I05QpmD41IQRk16EqgCab/UKEHlXwD0lZWbJoYgkDmjjb3uzyr1TjLPGm7vJa:b5hIIQOMEqMOHNRjWbJo3sEayr1HRla

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.gamebox_idtkown

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.gamebox_idtkown

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.gamebox_idtkown

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.gamebox_idtkown

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gamebox_idtkown

com.gamebox_idtkown
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4232

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gamebox_idtkown/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
512B

MD5
703e2db56e36d317d63d6f2ed4ea81ae

SHA1
7c30709d1ceb9750169dd2943f263db561a48e52

SHA256
ed7af0e2d841e47fcde07b6076d6b0ab8c581d6dd4306a7e5cc11555e4fd8a8d

SHA512
2d1e688434678829a584ad319d79a8234e9d4836b6f0e331667f5b6cedc701c4efc1fc30a3e4bc7f94643c27d513a1ffd7fe75c814acbfd24cc91cffb457871b

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-wal

Filesize
16KB

MD5
9cf210994da1ce8f7a104e0ce0b67da0

SHA1
385f2ca32cdbe547099ba5c5e4b072ea3bbec227

SHA256
952d24eebfadb3a3703a8617fd3b405c3d55f1a33fcd91dbf333aee7d1c572e2

SHA512
75c1666c7c0ae8c8ae9fa9eaeda7dd850afd39f4ce5032e0e281ea477af91b3fa24f35101885720e3768435f81e22d3b8f163ce38f2248f2641f482e3d888aef

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-wal

Filesize
48KB

MD5
c868843bb406e22d4fce8076fcf1b1bc

SHA1
173e77b0c736eb462d8a6eeacd319785fe5f3eec

SHA256
355bcd86d37a4fcf740e87b785eced7aae45346d4ae04ba672d39eee3692d54a

SHA512
c53c95bb188ea625aad89a14dc5ad918352ecec4305712f089bc6d67bdeed659f0b45493db931160b5bdb6452dfd6ffd1b2764b4e4f6d5efb4cf21c606c26160

Download Submit
/data/data/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db-journal

Filesize
512B

MD5
07d9574a2ed43107d973a261a5e98408

SHA1
5c5c92fc622ad4de8160729c0d2ff655d2df6a1f

SHA256
55c3545254e4e78ed5e4152ff9d2489cdad68ff714483c5d5d7545ce5bb0680d

SHA512
9f3a380293a4ed1549c5374dc03dc132bec0dfca874e67e8bc3ef12044a207d2cd79f666c4fdcc6f97c3ad274046f9860fffd0d9bc9972289edce18ed03d41b3

Download Submit
/data/data/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db-wal

Filesize
84KB

MD5
b546fd4fb90cd15c0f65be7c59b158ab

SHA1
f2a4aba1a81244ad867674a3a5c6adb6484223c9

SHA256
fad54e12bf65293e080bbb770434598a8e123d2037d4fc0f29493a89f68d65e4

SHA512
d7cecf2cb98140ffbabfbd78c9f2eceae304548124e7565b6cf5c33bf3015064fba9151d34614bf5376ac7daa6cfa0cbef6b8c337eddb0034649f10cd1cb6f52

Download Submit
/data/data/com.gamebox_idtkown/files/.um/um_cache_1714513429224.env

Filesize
1KB

MD5
c1a7bd1e62d3bba121a66185f63612df

SHA1
0399a8393c7721a69f389e2d1dd746c8c4cdbe41

SHA256
477880b054ddbe981462ea264209d02a6ae3cb239bd73fdb27cf78e7ecbdcf42

SHA512
ad6065bf09992cd07a5e71551297ec266b57e32daa3377ea82019ab7cf3c397ca3280b483564b9fa6115bd9ce1d28e328c26a033984598df50e73722373d85f8

Download Submit
/data/data/com.gamebox_idtkown/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
a7ab79d61eaf36f4a9d99845d79e200a

SHA1
234fc77529611db4335663f42f09513ec2aaf8e1

SHA256
57aa7a36326ad86a5c6f9febd0f8db2a48fe49c45ecfcc5c826662e2399634c3

SHA512
7285e034e530093af69bc2c928aa7b66a2b74fb63bae23c70b797067c844a0155865a04d2c853c2b128d78380dbae3f0acfdde187dc2c798be16030a25703615

Download Submit
/data/data/com.gamebox_idtkown/files/jpush_stat_cache.json

Filesize
138B

MD5
68aa1608e3fdffc57aa295fe68375a2a

SHA1
2982fe3dd6bd63dba736cb032af6c7bd7f0f4361

SHA256
7e3bbc7752845da4cd58f72e8f454eacad0a160d81a33a763dfacd88f857d09c

SHA512
a9bfa729bef15dc6e8e6d36b6a8ada8a864bc8f5f53e1f860e3c4518a372566fc437f344853713808271e2988eba3a58290b30655fc524382a6662d282f1e4d4

Download Submit
/data/data/com.gamebox_idtkown/files/mobclick_agent_cached_com.gamebox_idtkown114

Filesize
2KB

MD5
aeccbb83083222fff0af47d46fc90504

SHA1
bfb85de2ebcaafef250ffeb9feac9465d8ba091b

SHA256
0698c153be014bc5dec1e99fdd53ea4e9c80405659d5498e27693d4263acce6c

SHA512
8f2fe90c9858cbfdc4571ed704b2744d747988fa84e813a3e3792a9b85f134f026580bfc380757c8d7833c1a55f01e9aab4c4d85f80822065cacce37fd22c2a9

Download Submit
/data/data/com.gamebox_idtkown/files/umeng_it.cache

Filesize
498B

MD5
b0d16063c7671973714d50b3a8df492d

SHA1
60d494ba26fd0c909a5be70a21293271d95b95fd

SHA256
9ae638034616ab4950c0a3ae6b8241603d4091ce3eb88dfb00e0a5715b80ec21

SHA512
f3e9489115d410f76aa2061aa12190baf99f45e9d370dc30c0cd0b864abec005634af6afd572870329199cbccc9ccc4b613a4da422399b2294ad2c235af4aa59

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
96a0c206a7d92732b365b6582fabc1d4

SHA1
2ccae0f43c1d701407c3286cf5b87e77479924ce

SHA256
40fd6ef0321192b266e49b36855a771b73b6802952ebb20168eb4213794fc245

SHA512
de09632bb226937b57e3faf133bb2d818eb5d50442a8ff5c0cdefcd8530c2c30947b42fd1b570d1c477284e6eccc3d8900bdf3255ba45c84c6cb92c9f2813fc6

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
c739224ff9184a9d4a8693cc7030754c

SHA1
c91f6ee67046e17eb8050fa5575ee5a8e58ed772

SHA256
f56018d229118c05bfebc9f0a7c33448abf929bf3d93144e6f75cfec14a2d58f

SHA512
ff7fabbee2a404220da65c98311b72e4a2f3ccad261a0e21867a03114645d225eb45aca77846d62a8f319befc7f5dc0e03341c9009a69dbaa7252db1b27bb939

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
222B

MD5
8f9be153ab0d180b0506c297ba603ebe

SHA1
7dd4fb89f9de80aaf431ec329ec4783c9e622c57

SHA256
dd403b974762c8ac37ce7a781c0fb2b3da364c59bf00766e18e076d57545531b

SHA512
34f60b8d497f651a3bacc042d84b7e47865b25acc20b7011e4f97335fd609ddb495be11829f6c5c85a87faa704e5bdff52e25a7010e377e1ed9c00b0edb76464

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads