Overview

overview

7

Static

static

6

49ca8b1798...18.apk

android-9-x86

7

Analysis

  • max time kernel
    5s
  • max time network
    161s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    16/05/2024, 06:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49ca8b1798d95912cc6ede6ef5218162_JaffaCakes118.apk

  • Size

    25.9MB

  • MD5

    49ca8b1798d95912cc6ede6ef5218162

  • SHA1

    529f4a217891ab05ac0b2fd8cce101bee00eb510

  • SHA256

    c98789945c739109b1069fb3a4f9c1b5a654ab6918401b216e5c9160cc1b675a

  • SHA512

    d34d70b359b63388f30a2627f713a57482ecfeea386f6bf37b21edde7652f4112544de67e3a0ab0644d54c6fbbce5875245ea7758f6775cc092b5238558903eb

  • SSDEEP

    786432:91PW7LzLmKdLkSnRL36HJiaL6gHl81spsb1p4XFLBCxusj1pVBHueLL/9J9Lt:bEfmChKYm6gHU10ox9j1jVuyrX

Score
7/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 3 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.maco.dinosaur.racing3
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4209
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.maco.dinosaur.racing3/app_hok/classes.jar --output-vdex-fd=44 --oat-fd=46 --oat-location=/data/user/0/com.maco.dinosaur.racing3/app_hok/oat/x86/classes.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4243

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.maco.dinosaur.racing3/app_hok/classes.jar
    Filesize

    71KB

    MD5

    5c04e428b1cab5b4e3f92d3d814a8973

    SHA1

    8c757d13f81fd918bac3f2c7f3369fa243e200f1

    SHA256

    61659981aacc2e8ffbec700b16f2830c096e02a60df6cd8242bc4e57682ce86f

    SHA512

    010e8f68c656d37d11af552a59705465da1371e5fad6f75255df419792b1919de7af6a1cc2f82747ff2830ac72000d9c7a34e9ae7f7eab721a92dedb937ed9cb

    Download Submit

  • /data/data/com.maco.dinosaur.racing3/databases/dbrwqk
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.maco.dinosaur.racing3/databases/dbrwqk-journal
    Filesize

    512B

    MD5

    543b98a62b7e206031472197ba10d36e

    SHA1

    65fb51305dc0d75cc0bde1750308a1f3df88a39b

    SHA256

    3fdd8c74d77a9100d4ab15cd36207804e2da5d4fffa40bd45c7e72841c276eca

    SHA512

    7355f4eb4c4efa5970bc5a63078b239159699f79f4eb98615f701157cc0f8de9b6575ef235ed8a964e69c0ca723a3710abbf616b9a0bab4df1d13f3fcb233a8c

    Download Submit

  • /data/data/com.maco.dinosaur.racing3/databases/dbrwqk-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.maco.dinosaur.racing3/databases/dbrwqk-wal
    Filesize

    160KB

    MD5

    982097eef67dea92faa391a2b499057a

    SHA1

    35f9e9f07290cacc10d409c3efd91f229cba7904

    SHA256

    3407a0e7f68a76b2255e81b0ba19a4412da18af2bebdd51d9459d39973f551df

    SHA512

    c86124572b24ad8e3e9894a47733f4ce8cef6d8b7df335c18750990df43d4f929e6e0737e2e025c6b9bf80be539231fe88a553f4d50addf59c8988353ef18c83

    Download Submit

  • /data/user/0/com.maco.dinosaur.racing3/app_hok/classes.jar
    Filesize

    167KB

    MD5

    b8d31fd1afa290b5d9b78dca6e0f2dec

    SHA1

    956b317b513f32c73a51856a52a2161f765ed4f7

    SHA256

    454b0872f221d5f8670958cb08561007b668dd2d19f5ddc9aac9312a0218b58c

    SHA512

    265b7dceb018e635ddb2efcba2be284d719bc29211d9daca09436d6991c28e63e3348c34784261826c1fa772add05ab9a3964f9c7fb8f4cf9efb903f06bf206c

    Download Submit

  • /data/user/0/com.maco.dinosaur.racing3/app_hok/classes.jar
    Filesize

    167KB

    MD5

    04d5619e0826d90e876039772b359207

    SHA1

    2583d16ee29577f20ff7e4a5b89f5e9f591f25a2

    SHA256

    a067264675ee239900ada698b51595a13c0fad8f501ef6d4c9d8c3a187fa5319

    SHA512

    8cd5911ead52fcc6d3449b5df6b19fe5e7a0efeabf4ea7a9ce7df8cbcc5437c1df4ac6565ce05bad9a483000da51248466b076b13a2305876a3983cd5ce0ddfb

    Download Submit