4496ca019cba237246777c24eea3696ba62168d679ac929d2c8e07dc318e1efc

Analysis

max time kernel
139s
max time network
129s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
10/05/2024, 22:45

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

316a6c2eb19c9e7a9cf46d1d8fec5373_JaffaCakes118.apk
Size

7.7MB
MD5

316a6c2eb19c9e7a9cf46d1d8fec5373
SHA1

24097b491a89e21012eec8adefa98d0b402280f8
SHA256

4496ca019cba237246777c24eea3696ba62168d679ac929d2c8e07dc318e1efc
SHA512

de68a6d584c02c2c5d43c7a2e6258e288938f5c685d46022410f76fe5830b2d2c2b3d9b9ce5b405506d3a22400c7d8986bd2020af904b797f9510cb06e3b4c20
SSDEEP

196608:ZQGrmZbvqY4U6eWxOs7gpCPknanXED1a2eS2zG+U2:GGyJ6es7gpCVnsI2MzGz2

Score

8^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.maaxfuntime.pocketrailroad

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.maaxfuntime.pocketrailroad

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.maaxfuntime.pocketrailroad
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5202

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.maaxfuntime.pocketrailroad/files/.FlurrySenderIndex.info.Data_6XXT4CZXBGKF5RS6389C_151

Filesize
80B

MD5
699fe9793f0e970b5df6787996a4cabc

SHA1
10f5a1eb04aed67fb7b0f179e0e19b9df24e0bee

SHA256
0029f9340153931286785ee426536d01c3f249ac9be0efab7422c79b55d06e2b

SHA512
da269fbe2044846afa85e69c8f15b89fddeb7b3d71dba03e35901199025b620fd052c9fb1050c168a737d3b001b64f3f09264f53a446e58b556dd49dac925a3c

Download Submit
/data/data/com.maaxfuntime.pocketrailroad/files/.FlurrySenderIndex.info.Data_6XXT4CZXBGKF5RS6389C_151

Filesize
42B

MD5
161719c0a26c29a6fba84d35041a5402

SHA1
74d266070ecb6e819fee497ecc33ac1cc595366c

SHA256
6d42f46c5b58bf16c91d9531de2fc8123691e0aa17a45a3f08535366465eb32b

SHA512
14dcb34bce598c5ecd91e5b51e878844409d52c46c5c171e4c435e381a12037100b235ba3fb4c93e52b160bfbb496ccfca090f9ccd84b01a865157c6cc606c85

Download Submit
/data/data/com.maaxfuntime.pocketrailroad/files/.FlurrySenderIndex.info.Data_6XXT4CZXBGKF5RS6389C_151

Filesize
80B

MD5
d3e5b0b6931683cd8e6bd4076a6fb157

SHA1
28ff21ab4fbd936417b0fac985ab9bc06486ec7a

SHA256
9825deb3f7b16c0dcb4eab80afe4e94ea3f3ae93dc2c3aa3e1eab1acde46f0e5

SHA512
91953efe4b280df11f96b623dff07063c9e99ba73a244934ec910e2484c1d5df759219d2bd2077bf8c22e3a7bbb0eb5972a956ee1695389cb5ab2703c136835e

Download Submit
/data/data/com.maaxfuntime.pocketrailroad/files/.FlurrySenderIndex.info.Data_6XXT4CZXBGKF5RS6389C_151

Filesize
118B

MD5
83bf9978c7409d5f89851e452bf4d618

SHA1
cc0cc14d9f538efa3ec83bc6330734a65b4531c5

SHA256
8bf79dbead0608a71595a93844cf2aacef479ffdd2ba1dc4fcf1737946d483bc

SHA512
ccb7e3910eebaba84297d28d7063e2442783966813da1ddd80733126fb6fb3d53ae1ded80da3f3bf024b2fa86b4cfa3011393c5f36b24a85d817770e8def198b

Download Submit
/data/data/com.maaxfuntime.pocketrailroad/files/.FlurrySenderIndex.info.Main

Filesize
35B

MD5
23a90a3817f93f1e550c31b9c1dc22de

SHA1
108a8c8e19580ba6595a392a7dceb4fc2e574466

SHA256
aa04a50e3a2e05da585feffd5c62dfa6a2b75622fde7fdb2a735f74d5b3bbbdd

SHA512
03faa057ac478a4fc99f5ff94728c9d031f06570a3bdc96345d38f06c637f1ad5c1053fee4d24537b74b10def5e94402e19876d98f2a9e16379ab8d11e607ca7

Download Submit
/data/data/com.maaxfuntime.pocketrailroad/files/.flurryagent.-44d269a6

Filesize
58B

MD5
94ea025cdcf2c2d1c96446023519deb2

SHA1
5a3c1d657216e0a6b723ce9fecacacf00d785005

SHA256
603528c9a79b5a81137c6a3624978fba4be6d046dc8d831d177778200d8628e1

SHA512
e040e9f893f68b6e46fc93fd2ccbc75a4ee128283ea6fb0fa210aa7c9c2fa5a6285ceb5c0e2ebd5d95ba72b2c71430c665e09fdd61c717d8da2c3f286cadd039

Download Submit
/data/data/com.maaxfuntime.pocketrailroad/files/.flurryagent.-44d269a6

Filesize
58B

MD5
12d952e8bef9ca351885fce93f7bbba9

SHA1
f880c22b5343b38666add6551d10117660d2d251

SHA256
fade1d88ea01ea6e75285bd45d28fe4e7e7eb1db8540cbc50cabcbf01cdd7b06

SHA512
0caac6286b52177fc218b42ad144c7db1971f004c02410b1ccb861d196a9c449625e6eba366ecc8eff25d412b7c22c95364d27a20af70125a826e69afc66dca3

Download Submit
/data/data/com.maaxfuntime.pocketrailroad/files/.flurrydatasenderblock.31133ca5-2a28-42f9-bf30-dde459f2716f

Filesize
1KB

MD5
85ea1db5aafbcd46f2c27b73d2d3e1aa

SHA1
3b4759b4369109708d80d8444d5e31289f826dc6

SHA256
5aa817c06a946d71b9777070cdc1523981a9d2f9b83e2e798e0212312442edef

SHA512
67abb9ee34e4b4dd61e51cffb6290561e8a7ba734ef0a8e2053cf66cb73efc4939bb912289f6d5021b9a84831a63c1e4f21a538dfd885e8c6cb763b806303867

Download Submit
/data/data/com.maaxfuntime.pocketrailroad/files/.flurrydatasenderblock.af5725dd-d1d7-465a-a3d9-633344b1b601

Filesize
254B

MD5
f0d649e6e4f5d39b8732ce3f8e6bb4ab

SHA1
edb9e55e8dddee8390538f052a5fa377893ef9b8

SHA256
495152b7236ff264d8d3cd11a5762efa8f038853e0dcde501b88464b83185566

SHA512
7db5ae42b37929fdbb7062f771487758e65311ed8bf731a3219df9fe81190957700006573803796ce0c031f5629fc4917c54627189c574a6e54e10ae27b94d67

Download Submit
/data/data/com.maaxfuntime.pocketrailroad/files/.flurrydatasenderblock.edf108dd-6b01-4735-9e56-f184b0a20acb

Filesize
280B

MD5
04b189e2952731044bd7f2ab581868ed

SHA1
f6a2f6ccbde14a0f5cb933f7e4c192818104b280

SHA256
bc1c96056cff2c948b4c918bd711c734eee9c3cc6511ce791981354a25ac38ea

SHA512
3743b93696acc4a4b38718ced4980e5072e0d5cc29e6a3f5fcafd8b6a6bdd43c930e3bf9f01f35ebc45f3d6ac424cfeb499984ee8600632ec2d77300e055bac3

Download Submit
/storage/emulated/0/.dmplatform/.dmgames/UID

Filesize
16B

MD5
f951afc00dc8dd4d8754df5bee2dcc01

SHA1
df4ca348916c5650b68746043668ee2e04f2986e

SHA256
4337e85d95537a6087a9e360e10a02ac46b71d2317d2fab16e3a428f9c0be647

SHA512
144af40ae8454c17b8fe47c00a3edd035a2ea71e0cb1d4d713b074f21d9b3d44236352c5d976df544dd807fbb3f9ac95f312020168b9be74fef972450591a6fc

Download Submit