157534d824d25c89f5016f56ab7156d7c94d9cadb0bc05f9df232a4af332350d | Triage

Analysis

max time kernel
32s
max time network
146s
platform
android_x64
resource
android-33-x64-arm64-20240229-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
submitted
30/04/2024, 21:42

Sharing

Report Analysis Logs

General

Target

0a7aa7910ed65cc617f91adc5dc00a81_JaffaCakes118.apk
Size

5.9MB
MD5

0a7aa7910ed65cc617f91adc5dc00a81
SHA1

9ab6e381813bea14685f21cec15a7dcbdf9fc2ce
SHA256

157534d824d25c89f5016f56ab7156d7c94d9cadb0bc05f9df232a4af332350d
SHA512

0bccd7b4c7bea0c7741b518c54aefb874b46ae742e571e4d5897c89cea93a541718613e067809e519afa1096af77135e52f930346b369fe921ad33c2645443fb
SSDEEP

98304:I05QpmD41IQRk16EqgCab/UKEHlXwD0lZWbJoYgkDmjjb3uzyr1TjLPGm7vJa:b5hIIQOMEqMOHNRjWbJo3sEayr1HRla

Score

7^/10

discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

System Information Discovery

description	ioc	Process
File opened for read	/proc/cpuinfo	com.gamebox_idtkown

Checks if the internet connection is available 1 TTPs 1 IoCs

System Network Connections Discovery

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.gamebox_idtkown

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gamebox_idtkown

com.gamebox_idtkown
1⤵
- Checks CPU information
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4299

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gamebox_idtkown/databases/cc/cc.db

Filesize
36KB

MD5
1b77217d803a7c04af9466680b92d104

SHA1
0cb959f4773c6730e8aed5746706c0f3ecb35c1f

SHA256
66c83ae35e997c33eaffe9c0557d98ee31931c18b99585a64eb6cc8f63d303e3

SHA512
39ea189895ca93855bb71b4a5447815e9373ffd39b50611ac172ae321ee7716fd4af5f86c1fd0d17e12b771f4016a86184620a7c5d07f57b88f017c4ce8312ec

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db

Filesize
36KB

MD5
b986a138e325f9ed31653e246087baa6

SHA1
1cda06c101efbf7c89305f44b552e38282225064

SHA256
6945d75275af161fa082eab8b348f4cdccbab03854963f5e861fde210447e058

SHA512
5894180006885af44962dcd92c6f33a640d6080060a51a38ee4e348ee2dafe9abdcf2a931cfad4c395ebe20e08b96f810ca54b5b1f584fa232cdabc76be0740d

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
8KB

MD5
e087e5dfa7c39e45fd52761b0a4fe6ce

SHA1
b7da62b2025a391ce5fdf19b2256015925d3db92

SHA256
6dee88e441a7f036b6235af08785e037b720abd6c9aff536b2490ef83e6b17cf

SHA512
e188c1cf871fbe94a605e123d5215eb0175191aff88affc503564fa0e51b698c240cc06513b75553e132093b7cc5189f8fe3b2b30bd4aea5198097deb18c4fa4

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
8KB

MD5
b39fe5645fa935b4fd50c5208ad01df1

SHA1
f728cb76398a6f787475bde4d7e5ee372560e599

SHA256
4ba316a0f16b74fef0779ab92c427173f9749a965d4aa342515f93394d2dcc30

SHA512
a6efb1184e4e3c09d559d4e1d75c53f7858d4563a60e1444b65f537e305bccce3016c730833dea2810a88c4c9c089d0bb9f2beb6f8de54de6d76cbe362cd998d

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
12KB

MD5
ae49ae26a36b88ebdc983db8fab31fdc

SHA1
42dd5c6396d21d8dafd509451c111a644842fbb0

SHA256
0a928c2b5f3f7c02166284f82b6007a92c6f703cbc52cfa76b7e2f7838ac15bc

SHA512
8560c1e5fc78b71282f140a2853c7d593e3e64aba232b9b4822d8ad134b2eeef3842317fef4b6dcb1918d2dccfbea9db07af2d30af80c27c6f70e03227ce61e1

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
512B

MD5
5a6e57ce06e3eb3e9a39bc2733421ca5

SHA1
967fa04610b0bb2a0604c4b154992b228fabb268

SHA256
1cf24fecaffafff5a5650c9aa021bd5ece009042cfdab8149133db9960820acd

SHA512
3a7bfbf6934f726dc0bda0420ea0decfb02a823c4cfe08631be6d5e985f8bf90aa4e1effa08ff53978185468092b683fe2a92edac465a9bc4b2d4f4725eb1588

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
8KB

MD5
5d9e9cd7152d9912db2ec7a76fda7a5e

SHA1
e3a27ea89eb697aea305aa29a9048a84ce5e76df

SHA256
6c1f123b9756b1bfaf0c40173c899afad020afc5d322fe1d526fc3c007271ab3

SHA512
e8fcb2cb2bb4048e53966b8c6f406b2340c8147396dcee67345552b0c6179ae978ec5c068359f1d2dc65090fdb463dfeaa1b0670b0b935b6614876a70331a33b

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
8KB

MD5
736e09a09ee54b3862af4b8d80b2b2d3

SHA1
8f224be6f6602f0ac57d28edf39755d89fcae412

SHA256
32e7dcfc16cc69a54c1b39baa240b7ce1d06b7e428c62049be983a6461125778

SHA512
1ae6bcba02f9e5c272b8e30b8373cec65621629f2faf4e45973050705dfd71097a1283eb954c45e9e0a5bf28ba57fba97e0fe87bde50f3178457664d4b57adad

Download Submit
/data/user/0/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db

Filesize
72KB

MD5
3aa471fb2cd200b8c01af96853e3ad7b

SHA1
726cbb4789c0ab4ac783fc2f95defdf2c178432b

SHA256
708c9d6d08210a383c8ddbde8f778da488e7922839145d65183894f3538cdddd

SHA512
5156849acdc5c991c650ba54fe542947e285c8c1eb7cbf2009fdbb6a67d86740ce94b75ad5f8ef110e288dba76825397c26b35ce836fb056eba5f1da853fd9e3

Download Submit
/data/user/0/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db-journal

Filesize
512B

MD5
04e38b132c7b0b1350d43f553dea37fa

SHA1
987470c432439460aec19d83c5839ca8e874af13

SHA256
48f2ddf5a6283392f3db287b2865f33e730abbd17c68ff1ebd9adaf294313cb4

SHA512
f11b293184dc6c3ccc67d8a32b101a25109c26bab6cdffd58155219c757f3843eed5716cb351d9f91feaef77b0bd43ffa4007d298fce6485d1fec374262edc0b

Download Submit
/data/user/0/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db-journal

Filesize
8KB

MD5
e8fc33a7e8c43b2cd1f3ec3d3680a61f

SHA1
9848de6c8b466745ed1b3f9884fa103948342284

SHA256
1e48f7a5e8a3680219188b7f1360d47cbae71336a2d1190bac69d5e063adf953

SHA512
58f51856114b68ab26a0fb2ff8e3f49ec9af1b61f863cc3706b46a7ed22a6e9aec4f7e76e4e81eab1647bbcafe7c64a931155e7515fec6f8c96597eda34047a3

Download Submit
/data/user/0/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db-journal

Filesize
8KB

MD5
52a99cf1aa23658d9efa8f26d85ab45b

SHA1
eee0ac999c8f30391d714324f19ceab745677426

SHA256
cd236a75eff43ffac3a2361ef0ccf5825fc99af3b2168c908f9f1cd12fe09a2d

SHA512
7de66b34fc0dbeba42d920fc35f8fd1a387c7d28a13abe073f76be036e5ea35567f0fd81591e5c90b9cba09845549786837ee54aa415fc349c9a2266ca115a4e

Download Submit
/data/user/0/com.gamebox_idtkown/files/.imprint

Filesize
961B

MD5
3167e4358cca75220fbb12ef0cea9b93

SHA1
25eea72e04df6f7958d91fb479e7dc59ba453f3f

SHA256
39949f66838ae1a13a427b275570b99d7ff0d45a79ad5e6053056280cf2c9c73

SHA512
92b83fff966cd4912b71506cd84e1114bbd1226e6a9ef0b184dae17b3f9681f523e32457bec7badea3dca68bc185a3c464f275508c530afaa93c49dc2dc5788a

Download Submit
/data/user/0/com.gamebox_idtkown/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
d7f7ad558a53ad10de6e342c25a230cb

SHA1
213b21d6e47fbf6334e40f797a7c01b047ee5aff

SHA256
8cd1a53e2470f8368ae14267f72a7398d1355a14705fa34597db6d211c82fc92

SHA512
076a6957adaf0aba108d3d599ca86d982d2b65b3d227d2987a75639a2314e90b483011b7bd609a0342401cd6af7073bc36882ce47d80e9466a9b3250fa5ed579

Download Submit
/data/user/0/com.gamebox_idtkown/files/jpush_stat_cache.json

Filesize
138B

MD5
79eca0e4f528ed3f9dcf8a5f5a459191

SHA1
d1db89c2bd1283664c4c9c0f3ddd58cc158fb5d6

SHA256
e6336e8f6927af2cfb0ffc36e41ceeacb533c999998e4b71093b3177ca5e9d4f

SHA512
2432456d4c664a14b07cbe82204e2afcdbe22f86f34a0cd7ab27280134988aeb55089fc7f24ac36c793e8fc8bd6cca717a2b568c6c4c4ad9a29a87ebdc3607f8

Download Submit
/data/user/0/com.gamebox_idtkown/files/umeng_it.cache

Filesize
429B

MD5
b3c7309ab2d14276ad09c85d39c8e68b

SHA1
c10ddf6719107fd26de67ab795ea0e272df58267

SHA256
3d1fa587df063bec1cc07610d9e59054a17a419715b9c33f4ad530fe12da8699

SHA512
703435e7556dc8af0318820e58ff4dd2f29e51b7250ae7d9c84b5acf42b8767cfb99969025e77a13658f7a30ce0f325a59b73cbc895fd6c71d16317e16ac6bb2

Download Submit
/data/user/0/com.gamebox_idtkown/files/umeng_it.cache

Filesize
218B

MD5
3328daa78d94d232771fa30723c49bfc

SHA1
204eef52c1a712456e0ecdd3c47903831240093d

SHA256
f40d9433bf2a16bab2ceed6dee9072da69feebf2e956f59a384d289b86ef2329

SHA512
ed24d522d1cd54de3832ddfcc30c1979fc6a1932bbdda6a693a06fd5aa758e0177365b2da73e0dfdf9cc09ee6b2bba78556e5a1eca875e319f975dc03ae39c9d

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
677c565ae5026d5770bcd3d09c3ed8c1

SHA1
6735758d613f915393030d8ec8ff17c8c1e6e717

SHA256
cda5a254e202784162ba8aac796cc23dcfc0ecef86035751a01435322be8f1f6

SHA512
9bce6f0f1cbe540c068c0a1d7d313c26e7a741b4fc0515191f7454661ee538e82200e8b56f637bfb7826705821bb8cbfbbe5662bff042499b9b0d293222a2b64

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
eb00238adbe3509ca51991f1fb72aa81

SHA1
5cf9f897b27b6885b130fdddf9e79c7021a53e95

SHA256
57aa815eb018fcc2232466f14ce8320808d235864942b2ecffd9cce4475d6482

SHA512
91f603a99e6ca25d73db1fba89eb2062f897aef40c75b6f49d58af403a57376ae9391842d74a36104ac1d15e62e86bb7302019c0ca0e17a2b5835182ea978241

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
222B

MD5
0ef621e1f09e1d28e5d9284a2d9e0bd9

SHA1
ccf4171b24726487cbf958ac36a18c540d28d2af

SHA256
1b1eec6503aa70b886bc3317f1ff741f9f5cc938b00ef025d2984ec3470c2dbb

SHA512
f53e8495a1f134dc60b5a4e76c163be8de9933c208b1b09666989b29909d0306777e4dcc5cc05c2286d32a8f2b7fc1a30054dbd64e893a137868fa43f50f78e8

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit