484a22861ac88afea80a9ed06c81529154009f32780520c76a4f4b3c10813a2e

Analysis

max time kernel
7s
max time network
139s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
15/05/2024, 12:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

46319e158b45c3983948419d937d2281_JaffaCakes118.apk
Size

27.0MB
MD5

46319e158b45c3983948419d937d2281
SHA1

9441f223cb19bfa753f10841fd3d607bd2670765
SHA256

484a22861ac88afea80a9ed06c81529154009f32780520c76a4f4b3c10813a2e
SHA512

7a186fbfbf256bdf82a79f8113547a91718ef013446c84039918aefb8e655dead4d17b6f30b64ef457ec049a836a67445b6540ee3b58fba06693316c1a9d8f98
SSDEEP

786432:vU2ulMOw3oS2yEqAQpGVozc2j5hS+2ZY83sHBXUitKtZUFpuOK:M23R2xQpGbAS+2ZpEGMXuOK

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.yodo1.crossyRoad.UC_02/.ucache/classez.jar	4547	com.yodo1.crossyRoad.UC_02

com.yodo1.crossyRoad.UC_02
1⤵
- Loads dropped Dex/Jar
PID:4547

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yodo1.crossyRoad.UC_02/.ucache/classez.jar

Filesize
434KB

MD5
8715dc056ad3f44dc9263f848873ae41

SHA1
f7df5941f35daaf2a68d2c7583632b614963a919

SHA256
49585cfb0a1b9ef6fcff2718223685a4fa75cf277e0a64be0120d198e495eb83

SHA512
1f0ed2ab7128e7fa4e96afe3dc8c111f7419d100ec959050d4dd66b5143d894616ab188fe93cce9ed0bf3fef44b2941adba9408197d77c65f311bed153db2913

Download Submit
/data/data/com.yodo1.crossyRoad.UC_02/.ucache/classez.jar

Filesize
1.2MB

MD5
e5d9aa77454d81d747e989ba2bcb71f0

SHA1
385f15861e155f47ba90382137967342eee2bdd5

SHA256
b85c516e4241b45025764a737b3806603e61dcd07129eb3a07547b95740fbc3c

SHA512
3ca6d22606162f9a8d43625e736835a6bb703b66bc9e2b3c7128988ac9a7246ce35a3eadbc868f92bd2e806f27d8f9daa69058af532bf8229d8bae8788b5e3d3

Download Submit
/data/data/com.yodo1.crossyRoad.UC_02/.ulibs/decrypt.so

Filesize
33KB

MD5
d77f0c45d6ef44aa6ffaebb0745b3f71

SHA1
b4bbd203af0df73e110edff1b4664a2479622718

SHA256
9e11157e8e75f1bd1b5f220fcde84fa775e35d54d032072d2383333700e8a76c

SHA512
5eb541be98a27c82d5eb227faa734fb644aba814770fb8d4d9f8fb1423a02b1df4ba43a44bfa3932fbbe2222e9c54589d653b0ddd204bcd43d86740726aa07fd

Download Submit
/data/data/com.yodo1.crossyRoad.UC_02/.ulibs/libunicomsdk.so

Filesize
29KB

MD5
1f5e92b0d33c4fa49b3d2bf741459165

SHA1
3863f02af2659ff9da9a570e01dfe821c2b17c39

SHA256
1f76971d227937b5f1d1c5a156965768e881cc40a9d9db3b5b06a62d37133b14

SHA512
b4ac9a0c3792ad2090da698bb9af12f604fa016c30def77d4c82bd47d4a170d83b0591d5b5bfa3ba967742bb4a9b6b0ce8accad327b2f3f8e2255336191c8034

Download Submit
/data/user/0/com.yodo1.crossyRoad.UC_02/files/d_data_store.dat

Filesize
8KB

MD5
96dc165daa50b264b6384dd898f1895e

SHA1
25be931490790f722cb2916aefbf5758efde2461

SHA256
85dd88f550139a6ca38f207a575b86e6ab82c3990995b93915d5412e0abcfc31

SHA512
47332089a4c6ade6e6cd607ef2ec1e105d6484f8632015c4d26cc3a6205b4a0afd52974717d9d4637cdef76d0e050199b69ba6b6adff9507ed7e0d3d0cc8859f

Download Submit
/data/user/0/com.yodo1.crossyRoad.UC_02/files/iridver.dat

Filesize
8B

MD5
0e599d726c9d190ca75091bd3d4860fb

SHA1
3ca2df040ce6530cae6256cf60ec66625eb4f362

SHA256
3a4d5be7d8464f47a78e3405225b68e9adece33c53f0c43ba0f350a4ecbb1f6f

SHA512
51d99a77c4bfd74058dc4bc75d874c09fa8b63415ef132b3fd6ead6ad9cb6e3ead560e935ef2ca36d0122fe477e93875b15277eeff0aaa75a15afebee7446d7a

Download Submit
/data/user/0/com.yodo1.crossyRoad.UC_02/files/libmegbpp_02.02.16_01.so

Filesize
632KB

MD5
7aef178d4ea9656f8ac064d64c3e5c7f

SHA1
3b92ebdbb82efcde9d300a902c91d45dd982b214

SHA256
88f05ad243151875e14421335a3ac3d4ac85b596ea3c2a30e3922a457cdc4387

SHA512
e79414d7f5028968c473fd1854b2604ecea119595c0037a5e0d4b2aff01a2dcaed011103c02643eae9d27e116697e0767ede1c89c7875b719824ee4531a51411

Download Submit
/data/user/0/com.yodo1.crossyRoad.UC_02/files/tmp/AndGame.Sdk.Lib_20130_4E4DB8F73D48429B0A74BED2D59DC7A8.dat

Filesize
461KB

MD5
4e4db8f73d48429b0a74bed2d59dc7a8

SHA1
45ac6f094d14583003ad91af70863b53723bc01d

SHA256
52c2a3fe2aaab5d061a9dd3784d0c6b24e616f1900b1bc989eafed1cc90e882e

SHA512
ec1d05295a5a79497aa69bf9b003f03ed608195bf67096ee44043585e2e3fa85bd1a648f9a0ad173bf98361ebf07bc939f6dfb5078644d8a3c9bf83d54da83de

Download Submit
/data/user/0/com.yodo1.crossyRoad.UC_02/files/tmp/c_data_store.dat

Filesize
365B

MD5
5287420abed55e5de4acb9b0d05239fc

SHA1
0bc86e245a256118bb46d96b668fe3d840a676e8

SHA256
c3d61bf7ed7f84d9cc6ea2378b8dc3d3a268544ccbf9bb4b8bf2469351114e14

SHA512
2c4aaa035ec966e1138efc22008a5f2d4a0b8b6422c193622ae2d82d7e3dbd0c8e28b6c0c1a18a58b147a9de59888e5a6dbf0c8b3b11b8634bf6017896c5de74

Download Submit