ec4de6f9757d122bdb11d1d6dda5d3be6e2e95e310ec196104813f1903736ba5

Analysis

max time kernel
51s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
13/05/2024, 15:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

404140b80a2cebe837502bfb8f3010ea_JaffaCakes118.apk
Size

12.3MB
MD5

404140b80a2cebe837502bfb8f3010ea
SHA1

802ff87832c1ca5d007ad5d9b3d9379c367f746d
SHA256

ec4de6f9757d122bdb11d1d6dda5d3be6e2e95e310ec196104813f1903736ba5
SHA512

52aaa3f1e9deb3e92e3c7268834774c2fbcdfc1cbecbf801c5aedebb2cd7ae301238bf64086058d7fd1c5a2ffd9844488ee2e1dea26f0c2748208aede9e35ee7
SSDEEP

393216:z86aFEYQIV1prI3YPxrFQgQziqmI1uLnS2zU/:zHQOyrIIPx0iqmznS2+

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ledong.fisher.egame:lbmain
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ledong.fisher.egame

com.ledong.fisher.egame:lbmain
1⤵
- Queries information about running processes on the device
PID:4246

com.ledong.fisher.egame
1⤵
- Queries information about running processes on the device
PID:4322

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ledong.fisher.egame/files/d_data_store.dat

Filesize
8KB

MD5
1c7d51a32827dee85fba87973a89793b

SHA1
3b8ae681b841a7606dacce05a372093c97bc6f0d

SHA256
62eb1e50df827fe556fd73393ad0aa343ffaf24cba072a556e4ca824c94fc941

SHA512
b214a494fccb1c842222aa4cac5b4e315106760c9ae1477955a2824c4c413907e12244927e3d93ec5fb76095967eb76d31665a2c4f5a334a0a7f3c7bedfc3a50

Download Submit
/data/data/com.ledong.fisher.egame/files/iridver.dat

Filesize
8B

MD5
1417b6aa3d7768fde406548434f0d5d7

SHA1
3b761d03782c1adf35368443a5cb01c7fa49ec6b

SHA256
9af9067e8717bda4de78badd1bdab18b999cb1ef4c4bb7df5922b47f6e6226e4

SHA512
52f0902a65a6b51363359ac670b2127a77584f929c7f6ab49f8b84bd901b9643615a43e54d29ba1e1efa0e8b7cad2caeeaab868bcc9f2806e4ea054315c9ed01

Download Submit
/data/data/com.ledong.fisher.egame/files/libmegbpp_03.01.00_01.so

Filesize
583KB

MD5
9acc2a366fb8d0020e534d7f122250a1

SHA1
88944f671633ca222ed9c30f6580895f47bbc4e3

SHA256
c389ea9640bf025e212484fc3b7c2ee7ef9c5de2cf3ebb731c86eb8e0c1e9372

SHA512
0b54f3a19721ee611edee1de14b508d734053d588b7bfec0d0594e4f804b159d75bc8e6474ff1eabb96e89ffeace5d6bbe17ec2bc350d085f08e5f584e0f9105

Download Submit
/data/data/com.ledong.fisher.egame/files/tmp/AndGame.Sdk.Lib_24143_BBFF94A6A56C9CFE022E2E8600417A57.dat

Filesize
473KB

MD5
bbff94a6a56c9cfe022e2e8600417a57

SHA1
85e91e4c5e91fd7897ffb9de788e1eb10d28172f

SHA256
5f473bf63702741457228d0be364547c025ce4b0f15563ee12581074e96c9e97

SHA512
9628a05319f4b1b441529f5fe12dffd9cbc537b95d18813cee7c8db19ad4c2ae293398a9a83978e8558d35e98aeb9d08f98bed7e5a0773a0cee7511325a33834

Download Submit
/data/data/com.ledong.fisher.egame/files/tmp/c_data_store.dat

Filesize
365B

MD5
5bbded411166f4892555dd06cbafc691

SHA1
8ca85492abbcc39f4cb2e9c9272b0c485c48588c

SHA256
ee8038c2dbae07a3eb020834c8454ea1acda551b9d867554388b9886807109a8

SHA512
be867b65fc8c2877a154d09d9157d652637c9532258d9d5d026ee4917c95f02839945e1d5597b50734ec372cac08e700455654e3ce3bceae1521850d42a45c30

Download Submit