4c056d273be07e3ce4a7dd3df335009be65695b72d72d3ea95e8a3fea7554fda

Analysis

max time kernel
148s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
01/05/2024, 01:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

0adee6c0c0a47739f8193ca12061979a_JaffaCakes118.apk
Size

21.2MB
MD5

0adee6c0c0a47739f8193ca12061979a
SHA1

71599a37afb4c5391daddc7d809e33f5334087fc
SHA256

4c056d273be07e3ce4a7dd3df335009be65695b72d72d3ea95e8a3fea7554fda
SHA512

981097e5ee0a98211bf416dee2faea1596efa71bb2efed4040bd67466f26517fffb622291d186a5e0a6adcdfba91c43cbb3aca24a207088be68f6620ba3e69ef
SSDEEP

393216:epchpepVUErGvxuxxVr7gE1r4dvUMVfHJAxBM7L33bnLBqGFy8zoTaUEFjalJzjV:Bhp7E6Zuxbr8w4dvUMVfHuBiL3rsGFGD

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.banafshedev.tekken3

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.banafshedev.tekken3

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.banafshedev.tekken3

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.banafshedev.tekken3

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.banafshedev.tekken3

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.banafshedev.tekken3

com.banafshedev.tekken3
1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4233

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Google/google.id

Filesize
36B

MD5
c5f118b9102b59fb464a786b6d9fed22

SHA1
16afd4803f4e925274d4e51a75874cdf7115b1b5

SHA256
999fcc9aea44a715f373a821ce78ef58b799e98481d521b2ae16e94cac8f95ad

SHA512
78ad05b5beb8344352def1ba1795584bede8ed3d26d1e0983d97a8fcacab9f12c741c45a79b4c60ca42d10609460956865b8f0b06c15090b85a5a8603a9adb55

Download Submit
/storage/emulated/0/epsxe/bios/bios.bin

Filesize
512KB

MD5
924e392ed05558ffdb115408c263dccf

SHA1
10155d8d6e6e832d6ea66db9bc098321fb5e8ebf

SHA256
71af94d1e47a68c11e8fdb9f8368040601514a42a5a399cda48c7d3bff1e99d3

SHA512
ea097d56a3a6fa41e23908fbf73fab555c951059280d229815a15d79a168285c4bf993c8be43275912c2eccd40a0c76c797a95c13e82d532e0d48aaba6597430

Download Submit
/storage/emulated/0/epsxe/cheats/SLPS_013.00.txt

Filesize
1KB

MD5
6935b8ee90aa85e2cab94de1e62f7e0c

SHA1
9102476f58be8cdaa49d48636d6d1be3393eff9d

SHA256
a448921dd144150b8c2b2c748d81fbecf4e85fe962b40bbbeaa8a5af1943256f

SHA512
cb8a94bb3e73af1528984257d62459059f72f3567d53b055ba98a742b13176d6e3718a209ea1e124190a06bf44ab98d67b3cf3e40c3f9861c3196a8e6e5cd76a

Download Submit
/storage/emulated/0/epsxe/isos/Tekken3.7z

Filesize
12.7MB

MD5
dacebf8352db2cbb38f0fe96ca6935c6

SHA1
2764f912cd894b9a8f93c91a9e0b5c15d09250f0

SHA256
8158d7232eef2e09941695e49f250ea70e3ee1d36ad8f790f368f0239353d93e

SHA512
84ab2ce3c42cb0c31e4d24cbc25140f80bbdb0d57ff1c9ba507c0797df302fe81db09295e8cd3553c571b77d5329732d50090c7449769e53a1245188518e118e

Download Submit
/storage/emulated/0/epsxe/isos/Tekken3.bin

Filesize
43.0MB

MD5
e1cd804832603c904b388f85598f45b8

SHA1
e4f86a977fe34e2cf199094b747feb266dfc15ce

SHA256
0f059c80b9477940f3bca0be680caae4497d0c71d74a7876f6fef5879bfd9813

SHA512
f2c96c9039059ba09b01063875c0944eba6e522ced98ae470c6090c52d73c62dbf598b5a9b3379ad18e2c5f4d1479f0ea3850bd242430731fbd83a80a1e5ab66

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads