7e8d8293215d0d94b7cc649fc4d80008b6c69b16624c23c3f27201110a4e91f2

Analysis

max time kernel
123s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
08-05-2024 17:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

25d64ed5b4866f28432ae5614f16dd01_JaffaCakes118.apk
Size

31.8MB
MD5

25d64ed5b4866f28432ae5614f16dd01
SHA1

044866d01c34640ed184e25b5d77846b89b637bd
SHA256

7e8d8293215d0d94b7cc649fc4d80008b6c69b16624c23c3f27201110a4e91f2
SHA512

dbfa15fd4a2c115938da0b5ca4e9efeacc57647f67cb89e6d5b51d121134219ad485b0ee1d36104fb3a44b13c5638eae4ed423da4e7c7088dd7cc22059015dab
SSDEEP

786432:yjlmMN9gyafDW5eeg9yqRUw/2qKwi13V5uqXAIYNU:yB+fC5eeXqRUHPJL

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.eightelements.aduduattackfree

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.eightelements.aduduattackfree

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.eightelements.aduduattackfree

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.eightelements.aduduattackfree

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.eightelements.aduduattackfree

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.eightelements.aduduattackfree

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.eightelements.aduduattackfree

com.eightelements.aduduattackfree
1⤵
- Checks CPU information
- Checks memory information
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4239

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.eightelements.aduduattackfree/cache/1582435991586.jar

Filesize
9KB

MD5
e8e0527a01aefdb89afd2c508f131da1

SHA1
f1103e6b260c657ceb3d95f1b023af3fda8b133a

SHA256
f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

SHA512
fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

Download Submit
/data/data/com.eightelements.aduduattackfree/cache/__chartboost/CBRequestManager/53662880250

Filesize
329B

MD5
1adf6b47b7c15d5402c20fc6c94190e1

SHA1
2e75bbc6ee96d297b73cd3d1e764749f57bab42a

SHA256
09af4b23c659e4e3a9ee22cd14981fad035b4d3b844086617ccce712295bde50

SHA512
c5589c57a22849e42a52c013ff79a4b5ecfaa9775fc47349f6ad8fbd3a08de19f152b837d352add82090f48ced65ca3f50e5d1b8aec487ad2d9fdbca246ccfe7

Download Submit
/data/data/com.eightelements.aduduattackfree/cache/__chartboost/CBSessionDirectory/cb_previous_session_info

Filesize
189B

MD5
2a709ad502d1ee6e7d05177989ae9c43

SHA1
3a0f11cdcdb952639a21dd612265b218c4082bff

SHA256
55a1f54e80d07368306fbe31f0038fd4a442144892a5ce3239e29bc1a7f5a8d4

SHA512
efa0830f85865add6adf9ab275dab8ab9c76f9cd6b0ea47469da894b6d4af6ce429c00a2b6314f324522c62fb69bd7e7552718bf778b1703f0a5f9598b9e2a51

Download Submit
/data/data/com.eightelements.aduduattackfree/databases/store.kv.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.eightelements.aduduattackfree/databases/store.kv.db-journal

Filesize
512B

MD5
2d0272857cc7b4a645da3b8f4770bbfa

SHA1
c42dc4959fc1bb35a118bfa1f5f69dbe587a74fa

SHA256
95274362007f578e7412b6420736a7d29c846e0b2560a49568755866d0798883

SHA512
ee79b655a0c990c765d4971d830f1a3b0e6441e67f203e09c9bc1a757f982c3fd6edbf332834b20c9ae55d74c1160b2cb7dd18f57668e56f032e7449af5e991c

Download Submit
/data/data/com.eightelements.aduduattackfree/databases/store.kv.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.eightelements.aduduattackfree/databases/store.kv.db-wal

Filesize
40KB

MD5
2eea96137322a8eed22b216f4c1f30ac

SHA1
e63cb7d19abfa6f44372d06176e2cc3d10e1d2bb

SHA256
0177b6ed7f583fd2032d121f58f0226f523d2eda44eca6a3aaaa2b7b49ab4f5e

SHA512
bfbfef619b93f15b596c6a5126c2654b1f916bcf84b65a594ee1e00089559aa9c6f9cf0c0e05958c199803d4042ce02eaeeeafd7458b62623e89ded120ccb339

Download Submit
/data/data/com.eightelements.aduduattackfree/files/.FlurrySenderIndex.info.AnalyticsData_WT882JG7YQR5J9Q2JZWK_153

Filesize
42B

MD5
9dd3d062025eed377557587227da478d

SHA1
87c2c3422aefde32935e8172bb702c5a0a9a2ab7

SHA256
0be6f3333c47b8cfc08165ab34a13312fccb3f02667c5733d8463883b89cba0b

SHA512
365f534fbbb39700395a1d49ba43caa64414cabbfde47bfeb8249592c13bd0e09f625f03ff67798371cb6f7de5c4dec2a3258996285a9392866e44e31bc2e25f

Download Submit
/data/data/com.eightelements.aduduattackfree/files/.FlurrySenderIndex.info.AnalyticsMain

Filesize
44B

MD5
c6d7f4426b7cdcf25fa82aaf7ce83386

SHA1
f082b2a003826162207f56462ff82ac8de6fc45c

SHA256
d672e58484a3a43f55c35bf5d4cb6afca17e3b295ebaf86865b96aaec7a751a5

SHA512
e9cef25c21d561a970804d101c80b0c9a483cc14b86a660fd5e3d500433ea01374f51ae3cd2c2b7a2872310a2b27ac582b4c373cec5f177165904d478bd60316

Download Submit
/data/data/com.eightelements.aduduattackfree/files/.flurryagent.-262c1e6c

Filesize
58B

MD5
61018324777771df05d17e63bb59b2a6

SHA1
007b8235930a76af631ba26a618b0bab9c4bc5ad

SHA256
85efe1008d21b22c83ab26f5a0398f34c234e9638170b7da6761fdeb19c88153

SHA512
0ccffb84e82ded61e1d7bc474af2a9078d19c88ea10bcdec4c44563176b79916f9729361fca408ad58672a6783ba27eddae078a563422ad31ae08482ea6c643e

Download Submit
/data/data/com.eightelements.aduduattackfree/files/.flurrydatasenderblock.d9bb121c-1ffe-4f8b-a305-45b33189241a

Filesize
276B

MD5
4dd20389a66dc4d7b7acbaf776e304f0

SHA1
6943969fadd237727ee2cc78d375be89a4a85ac4

SHA256
f16454e62b2f997fb1c2cacfc3062ee6333a5e22a978775ca8846a8ba586169f

SHA512
ebc022aabf8484c978f55fb41deb885ed270d75d89eb1c2cd63bcb14bc0b2ef68354dbe7b986dd07712ca26bde6b607253081e3e8ef3f6728e7f172a9dc8f285

Download Submit
/data/data/com.eightelements.aduduattackfree/files/INSTALLATION

Filesize
36B

MD5
ae2cec828f0ae674cfc8eefbda264428

SHA1
f71f61effa2eb9abf050cf6eefed893756b029c9

SHA256
4a7e75ec4c47cf05d23c44a58efb745c2d566dc3df893a0ee6bc91bd5c3bca69

SHA512
508069011fb93d991e47bff01618904756c9cab3b6acfab4d4dd428d1728c91a63b7a74495d9720520672c1073375ecb2381b2d5c73ad3e2bd284fa1f3f973f6

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/305e92b552f0b149f572e401c5e9b4fb1d1c5bbf57888f31b39e47b04b42e92b

Filesize
3KB

MD5
5de4c723cd74e72aab3768c822b59f6e

SHA1
6bcf0e7641be9d5f6a9a360239ea17180c5c24c4

SHA256
634117884ad6e001da18755836bfb8a3ab8140a00d8e8e8a5ff401fb8fe31a4d

SHA512
f3d074e6fba27f33522f58efbdcc07ab5b01ef3c7f86ad62ed4fb15a25441e8b915f9a5160713c01ed4fba74dafbaf0523f2a172a54e5fd8e8008f3799b426cf

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/3c921cd2b98c8c100ddc593253cac7419975fd54535f06b3d11e88d730a84ecc

Filesize
64KB

MD5
6c2dd19dc3aa514c0e984736854be6c5

SHA1
1bfa0ee494106735a3dbbb1cc75915b7d8659ca0

SHA256
9399df2cf0b85ef272131e034a1c6ce5fcf45d2d19b55bb3e467ebd40426fc6d

SHA512
ec54562ecdfcb74f150025d077f8765aafb5f1113399c9fb31e05a221451f587d0630e5b90cd3336d74a6fe5f8564c816b88d0781ae00ee2cb34c67aa4e20fe7

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/4e21d20e12da3ec20c61443135cb04fd429d8f215b11932bb3ac8ede79786a66

Filesize
2KB

MD5
d408b91ce87faa0d5330c1064750b700

SHA1
e764d33084d46745756cb29f6a50d2be32bff3f0

SHA256
466c47903be3e8bdefe2cf6abe315db124a1cb02c77b370e2fef6e5b7c2a222d

SHA512
3a43ed841febab50aa4e815f0629b686fa2e3298c5aa158205855418b397ca1bf63cb1f1dd845f2ff81895e1d39af692b0b4b75831b8c3623fd91971ba22d755

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/63168e3ed73a52d955daf2ba1a80e4a23f6502e7bab815767c8dbc721122aa23

Filesize
1KB

MD5
f9c4c8cca335706d055b2a7f9b335cab

SHA1
3844a562df1c0b302cf89a827722a35e65b31ef0

SHA256
21f3ef332d56347efe1997b021a7b61009c3e2f4fece21b98d4008dab493d456

SHA512
d165a61ef732856596cb3e6052c05441b9cd53fde97fd7a7ca8b2755979816d954c85d801bae92d966ca05f35d4c8a68e0368561438f717dc2ddec1ac18e7b7b

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/72cc2ce4c849a74a571306657b38154530fc013c5619d2756cb44006b71281df

Filesize
23KB

MD5
cebd2eac9e5d22dde187020b1456ba55

SHA1
080d9bf7be8dcd1d0be2db35b9f377313e2ca64b

SHA256
d65370d78e962ec8db098b0209f1de275bc20df21e4889a5ace5c818968c4091

SHA512
3b90a1944af8cbd4f15b2f2c8963e69e3353b47a0ad1205ca79bbf630efd2a66f9e1fd66a3a862bbedc997af3ed29cfd9dde4eb6d2056aa074e24854542a9432

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/78bccdb344bf3cd656a6041269e82360f256c8b8fa3475757ba776dcfb73d5f3

Filesize
143KB

MD5
33d57764a71d98f9ce4218025f611c94

SHA1
7c44e674cbe03cc1e7065ee388ed7d041ac90a02

SHA256
ca60cf7152966daa66a804debdb2f6c9743a50782b5b06d1ae5741a4be3516eb

SHA512
697371d27204b38cbf4b0e7eb07088bbfcd7b287294a0ef91088a869c425f262b80454f50aeb1f210a999b6d9dabc46bc5f9550e667f2fa472de0ca8ed68c7a0

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/93ec032718429c90c4b6965200880f2a1d5bcc731a3569c18869a83bd47df03d

Filesize
292KB

MD5
3ef8eeddd818d11031931b8ad9e4c1de

SHA1
525c9b1e276c05c71c6af57e24fce79754b9e2c1

SHA256
aa7a6092ef8d912c0c84cd3f5410a522acdadbc8b58288cc30e44014a3b67e25

SHA512
f750acefb2b6e09952bf955e18b927484ae46bc2bd160465e23bed7f0fd84589e0edc4a8a9761dd51a460a1831cfd6ae27e6ab8feba57e81a4ed09e914d58b29

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/e11c7ce744d00a3e61f78268a6bd13ae882076abb0e151307788aba0f4d74565

Filesize
138KB

MD5
5b03475f90f230b276cb72c565f82b65

SHA1
2aa4927c4d600b7a2fdeb0b09cab53c60b731b17

SHA256
4553b467a78aa6bafaf82861c2ecbeb829fcdf187926232dbfc03b6fa57b0561

SHA512
914afe981cf48ab9b2336a4e8a10cf196aeee790d9d1a82ca15c2340852779d928d1bd0bc2539691bae69a1f2d80efbd408e29315e2bc1d4182efb0d8b8302a1

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/ee73ed0e7d96ae6e93c0cae7254f2b1befe0a2021a2c69f0252cac6db6ed7ba7

Filesize
20KB

MD5
391026d62cd88310b4cf0869b1f9738e

SHA1
7f9b43d44b4b5161036ec2353efc64d6918ce187

SHA256
ed86d847a3a844e02ecf98f7dd8e8640b9b47bda47379c3171e8991577ec5ca4

SHA512
b5b09624eaa7d29d9c0b83d85e4752c0c43b7653ac86d40b6ae2206985ac899b734d5040efde90529e5b721b6500dd8a9fcac8857530f38e8a3cb34db758f0eb

Download Submit
/data/data/com.eightelements.aduduattackfree/files/Tapjoy/Cache/fe34bfffbcd29b1755f133c19aaf4621aef426e082ee6ff530f12b91de36a0bf

Filesize
49KB

MD5
ef998efc9d10eef6fcd3d5dd8149c84c

SHA1
1c5089ba85c24230fea9b646e7c860354f71a03d

SHA256
a84b4119c5ae21da53194e5dea2ee3f9bb12e51da81dcf8f1823305603262ee4

SHA512
d3c937fc1aa8490d5348a73efaab7d28f1af4e20b3e43189364344efbf6abc2e2d6ed6dd03116d014ce94346265e6c293e01545bf246d57d8ea477aac47ec3e4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads