Overview

overview

7

Static

static

6

4b17b1d559...18.apk

android-9-x86

7

Analysis

  • max time kernel
    18s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    16/05/2024, 12:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4b17b1d55903b88ba4e2d3d5265dd2db_JaffaCakes118.apk

  • Size

    18.8MB

  • MD5

    4b17b1d55903b88ba4e2d3d5265dd2db

  • SHA1

    f96f865d11beed40145f154bd4dd1f6b640c81f5

  • SHA256

    ae3525ba798f08bce978c5eaeca8603ed133234155ccc7f515530441e6e1a529

  • SHA512

    8eaa7a3ad6860af3720425ec7b4555350eeec135ca6280a4831b9816a14298c88791b89ab9771e623484e3d18150bde09f44f0a5c14ec973a8ddfe1c5f47f5f8

  • SSDEEP

    393216:cbD0tU95H7NnUUL1cXyzD1TAnbGHRUxJ7KNUwzcwT2Fvlp6kXirzDrJdpG:cUqbRF8WMbwRUxJ7GUsHUv76kSrtdM

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 3 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 2 IoCs
    discovery

Processes

  • com.marvelousgames.touchracing2
    1⤵
    • Loads dropped Dex/Jar
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    PID:4312
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.marvelousgames.touchracing2/mzwres/sdk/mzw.jar --output-vdex-fd=48 --oat-fd=49 --oat-location=/data/data/com.marvelousgames.touchracing2/mzwres/sdk/oat/x86/mzw.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4344
  • com.marvelousgames.touchracing2:helper
    1⤵
    • Loads dropped Dex/Jar
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    PID:4380

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.marvelousgames.touchracing2/app_Parse/applicationId
    Filesize

    40B

    MD5

    27a4eb84162c532432853168001c57f5

    SHA1

    cda2bfc1eb371a2da12e1ee380a80f9c9a6d5b6e

    SHA256

    36a25df032c2d9b98809e5fc6451e1c9bd3c7d7c4dc888f9d7cf1adec63f8cad

    SHA512

    d4341aa66e0ef5f219c5578678ac3de65aa265d7f0f7bd6ab286f2127eae9c7bff2b5a5c268c41bc16ea4c5e7b31e4feadb0bc1d2f7a96f5825e0929c0998aa9

    Download Submit

  • /data/data/com.marvelousgames.touchracing2/app_Parse/oauth
    Filesize

    274B

    MD5

    f90fbec055b0a74df59297694e47f793

    SHA1

    b3d50e59e7f0d4df0434f99c6a7929792e9570a2

    SHA256

    ec725b26a7ad755251ed4e8e2df1fc449a49de28ec8feaaa2dcdec5379d59849

    SHA512

    94675f1451ae25362d7716f4bcab3eff1aefbcbd1b26fbb3ff31be81930c05ffd601d50e8c0be79cb94abc8220d577a8273f5dc5e65bf035833379a3d7cb9db4

    Download Submit

  • /data/data/com.marvelousgames.touchracing2/app_Parse/pushState
    Filesize

    1.8MB

    MD5

    1633867b4d126f5dbd81201787c4dd83

    SHA1

    e18f92a169600c58e10ca7407f456896a35d33f1

    SHA256

    3f22854130791d6d9900597207ee09849b3224320f7ca41f9b1401afcbf04543

    SHA512

    20407e101bd6d2790bacdc9e664f352478b1222694d5435454e9763c9ca6ae1af52d3bee885a87e508ec5493bd91a6dea1655f432db94e6cdfcd8d7fef004959

    Download Submit

  • /data/data/com.marvelousgames.touchracing2/mzwres/sdk/dex
    Filesize

    4.6MB

    MD5

    2876428d40896f2540b06b487ec34120

    SHA1

    dbecb5a2a3030fbbe76f22bfd92054b67c68ed6f

    SHA256

    d1491cbf20c6cdc48f2d1d226ceb00adc4701682ffed1005d0ba3aa3ff415d2f

    SHA512

    cc24c32dcba4941d795b1b4ca3c316c261e8bced4a9e2fceaf16dfb22ed62fcfe364a18ef35dbb37f30a38a7c31f4df031b9e4badc99f4e7ba238a2cc1222471

    Download Submit

  • /data/data/com.marvelousgames.touchracing2/mzwres/sdk/mzw.jar
    Filesize

    4.2MB

    MD5

    66b07e83586f6ec2444f513877da4665

    SHA1

    93d2efdda138aa02b985b36491b53f1d69f1166e

    SHA256

    5313e4e6c408f4825036f8e6017de3602fee170871ef573a7bac77d4f4bf82c5

    SHA512

    6deab236bbe384ea05a8a6f3bb747d779822bbf35b744d15f51e13e05e461a6fb42e41edf91eed1fa0ba021e0338a4bd74efbe2043b895e2352e8d3b9ccc0620

    Download Submit

  • /data/data/com.marvelousgames.touchracing2/mzwres/sdk/pack
    Filesize

    6.2MB

    MD5

    b198d870534b446db14b2d41d3b25def

    SHA1

    f4d99f966e830b7ec755329049a2c927980fb4ca

    SHA256

    58af71bc92584520fcd9dd59c2b75a460d530c9118e2909afb3cd37f37bb2893

    SHA512

    751e9980268059d811767dec23901810b19c0c012d2ee01e0a39f9a4fff471abd97f03a55ab57dfdd9fa03d507dfd802abdc561bcb0f0d5489c125336da320a6

    Download Submit