Analysis
-
max time kernel
7s -
max time network
129s -
platform
android_x86 -
resource
android-x86-arm-20240506-en -
resource tags
-
submitted
14/05/2024, 02:08
General
-
Target
3d806b31e4d3828447d490a997785299_JaffaCakes118.apk
-
Size
30.2MB
-
MD5
3d806b31e4d3828447d490a997785299
-
SHA1
f1bcd3b2918f7186534a8151829c68c4f34a87f7
-
SHA256
cc509dd8429d71bccdf3dd7c915eabddd6354e7fd186aa4d1508df7f13044191
-
SHA512
dd5be0cfeb8833bc58f185abeeb470658104480a0bbfb8483d57b414d6c0df33fc68cd433c69866135313cab5134bb8332ee3f44ef03854b6e7ee3a8abe1eb30
-
SSDEEP
786432:i3cTNF10VMMt0I8ugKseael9FBow6/a4qL2/8aZA7l4H:iQ51IpJlmweBi2JA7l4H
Malware Config
Signatures
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Checks Android system properties for emulator presence. 1 TTPs 4 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks Qemu related system properties. 1 TTPs 1 IoCs
Checks for Android system properties related to Qemu for Emulator detection.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.tqhy.gameshop1⤵
- Requests cell location
- Checks Android system properties for emulator presence.
- Checks CPU information
- Checks Qemu related system properties.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
3System Checks
3Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD537adc1386b71bf7262b180131d92244f
SHA11cd55100b58634e325a705d96e164366970cbd69
SHA2562fd7b5453f8493c85daf4a1957eeaa8ceb00b28d1145f17e207562189fd95f8f
SHA512069d8f759e4edb8cf47b94b79f0a961be68c1137b1a1d7ed828a52de67ca5a8743c8d8322f743546850ec9b4c3584365a348cec556d6c1a6dd28fc55d7e41941
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
56KB
MD553561e5783109f3df63de3c0d3c9cb01
SHA1fff749c196305c417b2925b3274de40c821aed01
SHA256ad002f370669225233ecba6785c1810a8a7b93dc215621697ebe4a45707e7d36
SHA5121b83fdd7fd1913903c67dd28412b07ecd668a538db6b8e667bcf3bcf726d40fff95c770f685bdb1e2cc115696178b9b2313f83f53e592da2bec517413d96902f
-
Filesize
68KB
MD57d3963d3024f56bf5ec7883650e29d6d
SHA113debe1d8568b7a7a7d338dadac9b6d81ed63fa9
SHA256e243ca4f26c337a75e006ce4a3cc2bfe1b4097c316e85f1a5261e41cc8d94ba3
SHA512a550e384a71dc70514e2ff2371745ee6a4573d57aa880779db1eb19c099299c583d980e46df8e664edfffc71bbc6d5ef397b3d1ad21c9e1253de43c8d71c30c7
-
Filesize
512B
MD5a9e6702693976d9cfaee675b14b7f943
SHA1ebd16d935cf984b5c5d01a170627ebc8b6636916
SHA256fbc6e96bf114624bdba84dcb5e3bdf52296462dbe927309b36c3648515e8e7a2
SHA512cb1eb1b3e16ca9d544e9a5e5a0fcf74d6493beaea2745dc77b8c314796e0f580cff6d5e2d3b5dd775a1c553da266d6f03861bf5ba1f199f4eec9b659caa78f96
-
Filesize
96KB
MD5b2f750eef57fe903ef57abb811469c40
SHA1f218d92e554b716a0f8b02c1925824fb5e19d19c
SHA25692bfb961836ec6975f66337c022eb3304ac9de7d8bf01e751d8c396dfd898766
SHA5125788268d8f4d1c0a331e7696448da15abb93321d0c548940717dd38157f680656724f9dbacda055ee7c5a2f0123a76589a2dda47e4c4e34b82c7cc48a6a0d67b
-
Filesize
189B
MD571154c125ccefde62b3341db626a7b6c
SHA1ddc612402badcfbf15de18a6012c601d5d0da142
SHA256e62a4182b104533e0e5b8bd3b3aa7ffedbae0e1f4806a30e05b6f9c638992bc3
SHA512977f385f23de76831f256f9bda517d137c5890f93d2e5868359dde43e0d4c8cbc97a45e3ff42287713074b030bfa6c9efc76d85cb1c5df37e7143a7ef481da3c
-
Filesize
111B
MD5cafbc1442de14bb3223774c44a324b87
SHA10bcd926b96faaf968309f74f4afc58257d93622e
SHA2565e7c29704e20c1bc274ed0d79fa83aee9f0505469693da13a572526d62277449
SHA512ca13b58eb9f598c05bc14b5b01f0541ac62b9775e856cda9e73bf03aa650932cc2adf24cd491b6a038126d8149f8965ea69264fa8bd790687dd4c39090c3ad33
-
Filesize
213B
MD55565cadac894bdc25b9fa8b2293f6e08
SHA1000f2ad7d9943387610a2867e6351f74e9c61226
SHA25634db60d8caf139855d6a00efdc796341f797f58fad8caee3355610e51ce2d388
SHA512bc719a66135ec41468f31d41f0508afa2e10d0adbab04d59b2f1215750c107f5033d33ce7a04ad9df3a57439d590f87b9514924e4e43c7744921be6185c1cf83
-
Filesize
111B
MD5f25f6cc9adfe04eeda36c671f8684cd3
SHA1acb02937317c0ecb9bdb42411322595bbb7f9a7d
SHA2566b3afbc51d177c1653ff1e1cdeacc5bacdd5e96752b9bbaa00f8b0a878ae799f
SHA512db1794678a9b284ff986cf8a656f9ec63e82fdab9cefad801472b71ca572db4f11bdf39c78ccbca4d63a68ae5038d74f4a961c9b676e90213598c801fe792719
-
Filesize
167B
MD5962a06984d186b14392577ae60b3b766
SHA1f6238db62d63529405bc4b47b396ae212275883d
SHA25622ed67c8bdec8ee87fd02bbb10f00be12d79debd83fdecc9b90b1f4f1d70c32d
SHA5128f3aaa94a822945b31b166f801195d965966707e5ef7f86b643057d5b461520261c2fdffcb7e191a6bf3ddfa1b0949a58c1072db8a6aaf8e0ebdfb9a520127aa
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
62B
MD517854020aadd8a7371ed7a9ed194628a
SHA17ecd4874c203ae7111a02c97cff6db1228c3e8c9
SHA256b2e4c6de4c4e345e83d193132cdaebb55047e689ae8ed9407b341431048aa1cc
SHA5121ad9caeff7cede95b283774799d9b44a0b25ff982c06f920718bf8fbd06df8c9858151596c191c1094ccbd93b3eb45cbd5767d8fa917f99fab047be45aa87e58