Analysis

  • max time kernel
    173s
  • max time network
    142s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    17/05/2024, 17:19

General

  • Target

    5099a889a84379e11014209337ca246e_JaffaCakes118.apk

  • Size

    26.1MB

  • MD5

    5099a889a84379e11014209337ca246e

  • SHA1

    bf5bfc89602f54677980ad867eb49a6339eaede6

  • SHA256

    6944a50fd88c982cd080fc098f094ee710cc73049662267f987f7bbaf52a3d73

  • SHA512

    b30a0094f63b68fea2e3e378b8e54c77b49df6321998cf0697b62d0ab2310b6936e27228b342fe0d9de6769017d91520b2b6160aafcd3f18c4bcfd6c080f0914

  • SSDEEP

    786432:zDTf3qQ+RlqUV2SVFOMOqm+sRo1i5EY28h4v9izu3j5aZa8bwRzAnxPlJi:Xj6Q8l/ESvOMOqmNK178qjH8bwlAxPlM

Malware Config

Signatures

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • com.teamlava.petshop
    1⤵
    • Checks memory information
    • Queries account information for other applications stored on the device
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4276

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.teamlava.petshop/cache/saved_images/item6013.s8i_2v_31020

          Filesize

          136KB

          MD5

          71d93e38fbfc69ce1ffb6ce634f4bc51

          SHA1

          fd2998e745af5dcf3548a90be405e3b970c094d4

          SHA256

          059583ad6f5548725fd8cade4b51645871800d24406815f0f4cde60c7304df2a

          SHA512

          82480c2ec55b20cb8e622dbc525191b05efe5080ea0aa67f9b2948fb78afc589443f3031e0e764c145d1fe08cee2f93f90fd6aaea5b48c614b09c0bd0fa8cf3f

        • /data/data/com.teamlava.petshop/cache/saved_images/item9001-10.s8i_2v_31020

          Filesize

          68KB

          MD5

          f9cf0b8933eb8a21cf347804395476ce

          SHA1

          a63b7ed5eefdaa3b6d74c9813644f284f65ad85c

          SHA256

          2da1b8fa611c276a4dcdcbc7df0970c7ac1f73d55c15a4d64817824b76b28875

          SHA512

          6b787fc629700d470bbf9f1c95f6d39a55c3dfc9e24d1285a4200c4b1412ae23d387c918f43e6709911889abfcb124d498c9cad569f3d7cc6d64725cad5cc2ed

        • /data/data/com.teamlava.petshop/cache/saved_images/item9001-11.s8i_2v_31020

          Filesize

          68KB

          MD5

          df7955ea4d3025795a8943a6990dfe9b

          SHA1

          b6c9cf28ce7e8e29eb0dea9272c64338bae1e528

          SHA256

          c81fe755f78e874c310c65765e120d565cc6defcc9e2952a19a58eb8f2416f23

          SHA512

          1a92fd6d96e7a2a02b8dffcfb6f7b2db2c3d8c02b87301ffa16f0976bea5b6d96744c4776302e27274b8b7c330709bda0e3ae9a678f9686003c64deb8a969669

        • /data/data/com.teamlava.petshop/cache/saved_images/itemWatered3.s8i_2v_31020

          Filesize

          34KB

          MD5

          11a8c9946b00d9dbcf6e29a80573e51f

          SHA1

          7c774ebad555211ab11c9f1679cec96f3dba0c22

          SHA256

          be0042aca4ea715d6639850fe8bf25da034e82cc502634250877f3ac46b5a5e5

          SHA512

          3355bbd3944a9d0d38418f6171172ea7ad6fcfc1836863575296e6f16bd2a26d7351e778da0525710d76e5ebfb3f403b3c2e806d8a7fe5b9997e7c5176a9a05c

        • /data/data/com.teamlava.petshop/databases/GetJarDBApplicationKey

          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        • /data/data/com.teamlava.petshop/databases/GetJarDBApplicationKey-journal

          Filesize

          512B

          MD5

          4e6b36ee73c43f3e5d3ad54a9d242609

          SHA1

          7e3019c678d4e1227f17c26097bbdec782e04c3c

          SHA256

          f47f4f3f48a5c6588ad7da1746fe214d6158c08c59bbd774c1874feff6a97e4a

          SHA512

          db6a208e57e361cfd5d8a18777719b2017db30ebff2dddac74055eb8256eb26004f064db11c89aba2aa3ce9d79e2bc706761a5cef1fc9241a1db1b18bb9d5e85

        • /data/data/com.teamlava.petshop/databases/GetJarDBApplicationKey-shm

          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

        • /data/data/com.teamlava.petshop/databases/GetJarDBApplicationKey-wal

          Filesize

          88KB

          MD5

          7c0625d35acc926e182eb36a34b23fa4

          SHA1

          0911566a57b2132369ce2b57320282be3ff7c6cb

          SHA256

          e4cfb0fa7ec47e8a6bde7a688bdbab7cb5fe1ef86effde48ca8fe64b0e7abae0

          SHA512

          ee44dd498668eeeaea5caacc5d3f630d976f942037c80fb189181e8f4b9ab1bbae013a3f93d9e434cd8260fd061de00c638779023d289b8d426d7ac2971f3357

        • /data/data/com.teamlava.petshop/databases/GetJarDBUsage-journal

          Filesize

          512B

          MD5

          671a898ba0ee08970ae001fb518697da

          SHA1

          44306d18d188ab7925741cd025f39966bef473b7

          SHA256

          003ab3c4d7afea97295f479007312e06f70e3cc612b769c3fce1f7e6717bbec3

          SHA512

          15d2b4aa32c14efee175704a5cadcc405db77bb2c47841fbdb81f874546a6f815a6088ada390f95fb3bc68ab72f9ffcd71ebeede7e86ec1e9870ad74a703b26f

        • /data/data/com.teamlava.petshop/databases/GetJarDBUsage-wal

          Filesize

          52KB

          MD5

          5a5b628de3667fb4a02ed6a54b085c1b

          SHA1

          dd2a5b74fe04ecaf9eec9742654c7ddda6f88556

          SHA256

          7423bfa6e9eaf96e61c9acfda4bbbff75a64fbe161a4c4d4b97366e4ec04af7a

          SHA512

          427df47d68729b90c07cfec3df42e4278763bf01594ee0423b71089d7d17f6d7ed7041a81f474a1e7504049cd7d730329ff0480d115db503fe7d652b0b03a9a0

        • /data/data/com.teamlava.petshop/databases/GetJarDBUsageRollup-journal

          Filesize

          512B

          MD5

          fc0fc5dca6e35bf1dfd2603377d5d79e

          SHA1

          d439d49ead25710a7c64098dfcc0a0cb297e819c

          SHA256

          7114f820da8c2f525d5483e13b051b667b2622aff976708882b39d9d0b5ca2e7

          SHA512

          113fa7d3362b55cf740a81b020424aeb8f0b74d96acd643fd4eb84b18e3559d949dca89c0ddb1939f49c46ae91475556e3ad0398275ac5693bb7c28b7f7ffefa

        • /data/data/com.teamlava.petshop/databases/GetJarDBUsageRollup-wal

          Filesize

          76KB

          MD5

          e0a1504a2abc9c2a84baed479f1f2681

          SHA1

          8aa897aedc7468ae955f9198721aab7fff1dbc43

          SHA256

          74f8948a27ba3b41f1d7be828de17f5fcc08d77cfdfc92f0c0588fbe2566f3a0

          SHA512

          8ed7f009486ea277d65d683700929e85f15bf70c3d3b51b51ec0913182e3cfa769cfcc7da5c7fe73d12906119ae5cf2a9c87a01ec3a82ff9a0c02e5559824c17

        • /data/data/com.teamlava.petshop/databases/authCache-journal

          Filesize

          512B

          MD5

          216a09c8dbc7c80f462a181630aba475

          SHA1

          16223ddcdb71b7433d65e02809b8091bb5db13d7

          SHA256

          c780fa1ca204a3db4732c8206adc7dcc00dfd9948fcc358de1d73fc6915489e7

          SHA512

          e8804401cd5845fb9dd983cb1ecbee91f8489682736b66c56092dfb8aec47982c6febfc64162929527f1fb2673b36c2211a7a1f9442454663f100576c7fd3b75

        • /data/data/com.teamlava.petshop/databases/authCache-wal

          Filesize

          36KB

          MD5

          421fb9008866c402800ba466749c6e3b

          SHA1

          09424b2f448250039aa31660eaff668bbbd37fea

          SHA256

          902eeb186af7462a08a5d20e584e61a63ea9d3fffe11c248434f0fae707d7352

          SHA512

          a059a9f00b2b55376e34934a14191b85039df7a9cb7d166b0290de67a6ef4ad42a6cd285bbeb85906a818b98af44879b5fc60367c9d1d760d92be50d41c3c91b

        • /data/data/com.teamlava.petshop/databases/settings-journal

          Filesize

          512B

          MD5

          afa1b9f7c42fb5bde754b9006875335a

          SHA1

          5388b460bc7374bffba71ac38d2b2fa7a340c53b

          SHA256

          e0ce8c18d196dde9be4a71555216d4e711a233664268a1edf76dffe21f60f493

          SHA512

          ff32977a438e9de32963dd0ac866eed49ec2949308d2ffd6c39b67ce4bb1f67f1887f7e4c5b15accf4d5f04fd11057cd9b9d201388181dcbc85dd51ed94e5995

        • /data/data/com.teamlava.petshop/databases/settings-wal

          Filesize

          36KB

          MD5

          50289234a08216f39c6e499c4976d4de

          SHA1

          fc8b65ac88c86b9f0592b6a6ad31ba841d1d389f

          SHA256

          b90df1890023bb9a4165d056bfdf93c691c59202d597fba417ec05590df90bac

          SHA512

          d5b485435fe5d149ba988e1f24660bacd3a7ecac9278263eb72556aed8cd23acd4c9ca4064768277479b70d3ec74d29af1079e0de7eeb5e49b0c51f7810698f2

        • /data/data/com.teamlava.petshop/files/game_context_offline_cache

          Filesize

          1.6MB

          MD5

          1d13d914ab6dad1e1acde865abdc737c

          SHA1

          2a3b7cc461e498e23ac6593b9ee1d8fdb0743f2f

          SHA256

          0969c22dc53e19f75e0ea0b8ed23fc597722e152496603c4048cfd4b2b442ac8

          SHA512

          c51ddca3d6fccc9918acc9b4921fc7f05b7da13fac6134c5986b852f872ed2b398c2b4993841fa37cc0aec60261dd4176d44eb2b7e90e1d6d5fd36502b72dc60