c118746c2657f65b806f18e8f5787c30dbb010769fa73f080d827af5276a581c

Analysis

max time kernel
144s
max time network
146s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
07-05-2024 00:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1eddcb9c1e97b4b0f4c932b19a206063_JaffaCakes118.apk
Size

9.5MB
MD5

1eddcb9c1e97b4b0f4c932b19a206063
SHA1

fcb7c8672e14b3f8edb73b3e7d7a47001a1607fc
SHA256

c118746c2657f65b806f18e8f5787c30dbb010769fa73f080d827af5276a581c
SHA512

7a30885094d52b1ec44c27613eca203060e15452ec65fd7897d4d8bf65451eef168e5a822c73bbf524abc902917db69d3c45b628c5e552e9befa2cb6c6642df1
SSDEEP

196608:yxp5b6OhHfvJYmnWhZMGf8Di4dtGAtQr8J5ZW3wO/6ki4nK:yxVnsf8DtdtPFFWAOSkM

Score

7^/10

collection discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.oomicgame.zuma3d.sdk.lenovo

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.oomicgame.zuma3d.sdk.lenovo

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.oomicgame.zuma3d.sdk.lenovo

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Reads the content of the SMS messages. 1 TTPs 1 IoCs

collection

SMS Messages

T1636.004

description	ioc	Process
URI accessed for read	content://sms/	com.oomicgame.zuma3d.sdk.lenovo

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.oomicgame.zuma3d.sdk.lenovo

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.oomicgame.zuma3d.sdk.lenovo

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.oomicgame.zuma3d.sdk.lenovo

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.oomicgame.zuma3d.sdk.lenovo

com.oomicgame.zuma3d.sdk.lenovo
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Reads the content of the SMS messages.
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4462

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Protected User Data

T1636

SMS Messages

T1636.004

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.oomicgame.zuma3d.sdk.lenovo/databases/PayData

Filesize
40KB

MD5
02895dc1feb6d8ceb9e11313016a81b1

SHA1
74ed52cd73ba13e2a0635d854822983711d8ee5f

SHA256
01fb967ba6029263d9a55f6f377bf08e676f131fc0a814284f4ffffcca5f759a

SHA512
2f94fd45c9270fe7482571da68a83c9aace76029909922905490d51e1fceb3013eb07c04eebcbf4dbfe2ea21de2c4d287048a009986533b559e2f291d30e7ae1

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/databases/PayData-journal

Filesize
512B

MD5
696b98bc077e69a8d2449a390d9b0f09

SHA1
706e7074ebc1ae23efa803ac1aa7ced887ca8ca7

SHA256
0a5c02944e49241a168cc55fe278e012b3bd4b16517ddd06a6afec2ccc8dc981

SHA512
c1eb7ec1245b6a95c230515b3cc231850861f4c9302ee3218461a2430d328d488356f2cfa29d00f73f6e0c097e0bdbf907f8ea4eb7b6993909641eac5064154b

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/databases/PayData-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/databases/PayData-wal

Filesize
52KB

MD5
f4134f2eb1968c8cb88c2c0a43cc444e

SHA1
0c30c2feaa98fa95b088766e0c0e7aec27c03a78

SHA256
0bb1e104d8cf9eb7587a89a0f4944b00c48460f71f938c46c3b939fd8fa979e2

SHA512
3eb4603c5b17a4ee750c48f1578cdef65c0f0ee50328f6718401770bb554572925c7a939e932275122e24b4d7d3bf92becb87edd1b4575387655bacd2e45081c

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/files/mobclick_agent_cached_com.oomicgame.zuma3d.sdk.lenovo

Filesize
122B

MD5
c7d377b3043984997edcad622267064f

SHA1
e9dad0df8255e4eb536240e2f7e49a1232243bd0

SHA256
47d63368ffa84aa0bf7680f89d372093204e923bb35c5fdef50af708adab17cd

SHA512
d8dad8df37ad986e2fbe3dd600ef950b990c2d2ab131d29fc99f4ff171e9e53cdde180cad20ee1ed756604d79d4fffbada0a2c61dd7edc2ec4fefd0e95960c25

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/files/playerInfo.xml

Filesize
58B

MD5
9ae9e19a66a97ff6b989885a28d9483d

SHA1
6b21e51c7bf2808dc06f0d8170ea438d1b69d77a

SHA256
b55827aea5b3a93bcb1682cb4923e716c5f4e7b2a2b1d97f699e969c435d4574

SHA512
83f5392129f0b648c385a29fff8cdf4cd309188d4c821d724e563e55d79605b7f178bf4c6d75fc4d8f171d96eee9f65e4b9a38718e872dce1996b7bdd3faa4f4

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/files/playerInfo.xml

Filesize
134B

MD5
71e0a77837dbe98f1de486c46ed1022c

SHA1
94126ad7bb9da3fc5a9bdb0a2247727f941e7bd1

SHA256
13efc499da84809f1c028b73316c0de73a8850bb229e48f19fb1aad090a65f76

SHA512
59334ae18e2ead4a5860fb464f3509d5c1da3cc57eefe537073f86a03555a532622d31b2c6b18ce94d3e4218aebe8e0046219df4c1dea5ffe2dfc4dcbc851af0

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/files/playerInfo.xml

Filesize
192B

MD5
d91f840d259c6332605ceb8a6b242d83

SHA1
3cd1ff927ba1d3163e8246532810a239fb616bd2

SHA256
7590e2fc43bbb68e3026c7fdecc6404802115f4a7b72671de0f0754d5b19aa5c

SHA512
37917987e8521a046e7421f3436bc9029a476e2833a716ef8c2303bd282f94ca0bbd39d28f01559f00744ef23eec7db5ad1a90f2a4231a5aca27bafeab644f43

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/files/playerInfo.xml

Filesize
250B

MD5
7f50148ae45168cae5b028be82c71737

SHA1
55b18aabd8836c273edd5165238649a80ed66f29

SHA256
db64cdc005c76822bf341240dff018b4ad8ceb5261894bfedbc50c58887acbda

SHA512
b477a6fd8a8f05bbcb50b57689fcc842e1f766101ef3880d649019c19a8c18b77b448dbe6e5329c0514d7047bf3a9c337f52f47cc6b86ecfbb67d44d7d123720

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/files/playerInfo.xml

Filesize
308B

MD5
efe6f6cb43560f789b7e0aecea0cd590

SHA1
dfa09656883df456edd558620ce5d561aa73e5e1

SHA256
7e745b5f0a4675097b09cf38f6625311c87656c2c98e254c370e3cf67eaea16c

SHA512
90c05473d324cedf664cd49099c36948d2393f1b9a0f433893f12e923024e1b45d20e8f582e130c61a341ab759753de750c0dc80e8f3455ed5251e651ff3b5ee

Download Submit
/data/data/com.oomicgame.zuma3d.sdk.lenovo/files/playerInfo.xml

Filesize
1KB

MD5
b3daedeb2ee60d904d984fa9892d364e

SHA1
d06c0cb01a2f83e05d8ea9f4b3056d9aa57acb57

SHA256
60aed1dec35fed30d1b4ca2cfe5c44e0ad4507c69588b7abe59fdf2f2ac18b24

SHA512
1f1fd9e876d1a7fccc66fd19215ef3edc0627d019f871e18fc48cd32d323ee59ae39f747bc22a6039d79db502df7627f141f6c5445a066a42a92d7637cf98eae

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
57a90f37b1981b8d8793b93906102d5b

SHA1
bdc7042f47068869ca42368686caa26b6eaa85e1

SHA256
eff2332befbfd7c20f95b12a06e73986e3689926e8ddc7a2fc968b4fcbda9466

SHA512
cd6d7ddac612408049169fc4fd9dc299abd8fd1654164949934d612a9c40ce2c9bcad9ebb21096f2dcc6f1ae0d2a8bb4e570f631bcf20f626cf4989a2ee5644d

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
3728fbd49d0f994eafd35b35da0f8da2

SHA1
a7f456be47ac55267e5095153ee02103bdcc578e

SHA256
13ab2c2b587e0386a39582de8eaaca213fd0c0477452f6bd7986de677ee5d9da

SHA512
3e58e05f3c5277a32fb911d2e1a1b24a049dad35e92c121642f5a71f73d0fafa1893749a9d9499fbadf1e1ce75db48b5a5d923caddcf7488d7e9dbf62281ab52

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
a0fa73e8a4918a1cbeea9d84bd158120

SHA1
a07851127b391f0a4c755b3ad42479bc1c642650

SHA256
40cff1f7defb7692cfc8a0930416b44813618a9e714350cc9c29311827503196

SHA512
3a6112783574f0e36d0de43c26ca860d192092951cd12413623c057e2c41306f9318e68f686478cc7fcabfd5a6accc1b0fe169c24e8836b546aa8dcab5b674e4

Download Submit
/storage/emulated/0/Pay.log

Filesize
99B

MD5
e8d1213d93c2e8e054c8477218f8d968

SHA1
de887182bba2f3fe80cbc47e2eb2c70ce3d94fae

SHA256
d7979670759e26700d4198144131b11dbd75b45e0a542e811f5b25a62fcd740c

SHA512
1d2f6d29ddefda838581a722edde9bc3df403664500b06bce33ce90596f48695caead412466df509df5c9999ef6a8f68282aa9eec7c5a8a1b276ab81f47a0461

Download Submit
/storage/emulated/0/Pay.log

Filesize
127B

MD5
f1d8824320ae3845671de51494a7d988

SHA1
e1296db6bb72c4fbc2def4b40dcef5c7fd17d8aa

SHA256
f5f76eba35f0b17330dbb97a6cc5ff4d66149ff943b71339ca5bfc24cef7d9f5

SHA512
9d6dca2aa912b0806338410af8aa2a84eb44a8cbe9995ca7af711a28fc9394692404bc1b154d4fd590bc93b03db7291fc094b57f2b044a22245a6921a085db09

Download Submit
/storage/emulated/0/reaper/GSTA4.4__com.oomicgame.zuma3d.sdk.lenovo__1503170135948.app.ln__AA88/lenovo_game.db12

Filesize
8KB

MD5
33ac2447d7767bbf9d03e774338d2e03

SHA1
9406d93be750686f8da853fdff220c8fb7fe0bc8

SHA256
b3b7621d58da659e15d1337275358b4d385bd929a6f410a7d6ff220548db699a

SHA512
27c01734687d30f7194ae3746ea181f361406c473f7ae71c7e8b661c640670688143a06974a74068bc75ac74740a3b7075ae7891a7ecf8c7f13103be1965e63d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads