e5f2eb8641e96357dd23b6e962ff838ff38b05eaf65181058a670b7fa8d2a1bb

Analysis

max time kernel
179s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
17/05/2024, 19:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5112d1ef49dbe1c7b1f0d8d771905d65_JaffaCakes118.apk
Size

30.2MB
MD5

5112d1ef49dbe1c7b1f0d8d771905d65
SHA1

bc7ddfb05de90354159becad118054376295bc91
SHA256

e5f2eb8641e96357dd23b6e962ff838ff38b05eaf65181058a670b7fa8d2a1bb
SHA512

f9dfc8567b6d91f28460431ba3488198223708d1b81b93da764c0c5fa79548511055fa8d1bc361443c18bb3dfdde8f2feb308108e48eeb679e6d1f43605bca77
SSDEEP

786432:26bXVcogk81LufXePsUaZFNToT+UIYvxwAwuAzlS1z+nCOxDosL:2MXVcomd441aZ7EaUFvaAwuMACnN3

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.nextgenreality.minimoto

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/64a7fd5d68cf8a8ecfea6c8a71d8b9b0_games.jar	4394	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/64a7fd5d68cf8a8ecfea6c8a71d8b9b0_games.jar --output-vdex-fd=86 --oat-fd=91 --oat-location=/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/oat/x86/64a7fd5d68cf8a8ecfea6c8a71d8b9b0_games.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/64a7fd5d68cf8a8ecfea6c8a71d8b9b0_games.jar	4267	com.nextgenreality.minimoto
/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/313ada85747779acb017d2826a429e24_nearby.jar	4417	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/313ada85747779acb017d2826a429e24_nearby.jar --output-vdex-fd=86 --oat-fd=91 --oat-location=/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/oat/x86/313ada85747779acb017d2826a429e24_nearby.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/313ada85747779acb017d2826a429e24_nearby.jar	4267	com.nextgenreality.minimoto

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.nextgenreality.minimoto

com.nextgenreality.minimoto
1⤵
- Checks CPU information
- Loads dropped Dex/Jar
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4267
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/64a7fd5d68cf8a8ecfea6c8a71d8b9b0_games.jar --output-vdex-fd=86 --oat-fd=91 --oat-location=/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/oat/x86/64a7fd5d68cf8a8ecfea6c8a71d8b9b0_games.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4394
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/313ada85747779acb017d2826a429e24_nearby.jar --output-vdex-fd=86 --oat-fd=91 --oat-location=/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/oat/x86/313ada85747779acb017d2826a429e24_nearby.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4417

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.nextgenreality.minimoto/app_.gpg.classloader/313ada85747779acb017d2826a429e24_nearby.jar

Filesize
1KB

MD5
313ada85747779acb017d2826a429e24

SHA1
335f5169da258eaab1a10c8072d92bea91c17593

SHA256
e5bee8c0888039904ba514562f708c9a2d9c85d2d8e0818841898ec0f17c072d

SHA512
06ed688e282914cdb4ea70ca3db18e518517985355747e631e753f210954c1f81735e13938b723fa6970180448310e19122576bf968f54f0812d37d29908f6e2

Download Submit
/data/data/com.nextgenreality.minimoto/app_.gpg.classloader/64a7fd5d68cf8a8ecfea6c8a71d8b9b0_games.jar

Filesize
1KB

MD5
64a7fd5d68cf8a8ecfea6c8a71d8b9b0

SHA1
107d422da543afb6554494acec1312f9fd3fbaf4

SHA256
1f5e975f465c6b559307e9483fac92afc0cb002ba83147f361720f195263bedc

SHA512
16302ed993fb9b0860f429a61c13703a5079d63d58bacd7fad839b2d11077f286c01bd91f50bb1147defb85e9e58f5f37b17446f456c692cab945b7313aadc4c

Download Submit
/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/313ada85747779acb017d2826a429e24_nearby.jar

Filesize
1KB

MD5
4bf80007560006a755c1fe686d481a27

SHA1
58e2720fd803e2bab0d19df419dd9884354037f7

SHA256
1ab0f91721254f8a38137182fd2699cdebbcc6e31546795e61d1051ca894c632

SHA512
60f999174054c641d059195a0dd157cd8008a0213c25d0d478881d1db7551f8813c9a05cfe82f6cb78500753b5b41b33b110916ca3714f6644614346d78ae7c4

Download Submit
/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/64a7fd5d68cf8a8ecfea6c8a71d8b9b0_games.jar

Filesize
4KB

MD5
c028fad8fcd0bd9dc1c56630463d73b2

SHA1
b765e064bb3e64a4a20fe31137abe2a5120ee401

SHA256
0a98c1fe9a65591fbfb3e9189d4d5047876ad67ebc0ec67118dd4b49bcb51ba1

SHA512
2c8a4dfb1756e27cc2d4bbd93602a92ec7ab0262ff0619f8909a54899331abf20674f725922ccf1089c85804b5e087b5d378c8ae3b376b375c6882bb9dd83d5c

Download Submit
/data/user/0/com.nextgenreality.minimoto/app_.gpg.classloader/64a7fd5d68cf8a8ecfea6c8a71d8b9b0_games.jar

Filesize
4KB

MD5
ef02c076f334c92f242425ae06f08dd5

SHA1
6c4e48b52519595b847393dba1a258457b761663

SHA256
aced7234b3770bf9c0e8b69b010c2e55aec38e15202351c09e1caa58eeeee5e4

SHA512
9cb62ac0e89a6d07e8143aabe7a79e76405524d62cb2797af5f82de4130bf33f509fa5efab2224e5582b93fa5cb805e76d88ebda394ce8420b90609c6ec47196

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/AnalyticStorage

Filesize
174B

MD5
5956846f7605961dfdfe0240be00f0cd

SHA1
735b5e30ba752a013923df72a386b668fd37fa8c

SHA256
c181990bed8221768a22a0e15205d0bea8a9f46c9cf3dc2516e24660b1f35a74

SHA512
495d9cf4f2fe5fa4efeb8bde0caf461cae24540acdc9ea03db1fb9f32c0baf240776527dea4c2982a01aca4681f1a3f2a8dae0652458210d422564ed3f482a5f

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/LocalUserData

Filesize
1KB

MD5
38b826358981677557b125e11611e50c

SHA1
2a17f3092ecfdaa9e02ed34302d9704d38329d65

SHA256
f0f1c35863832c7c37400ffd8d82e99fd1867191259dfade4a9d7d6fbf63a1ba

SHA512
a4a95d373fb36ce6773823f28887af14ea1d1232ff65416a24b6ae41cc6900700371b89059373d44ef76c44432a794011507b309a628866a418f12abe5e4461c

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597457500000.ef192700/e

Filesize
42B

MD5
0527e58df8b60daeb4e99269cff819c0

SHA1
ab64a4c410754466efc4dab28fee7d6e1a776af6

SHA256
b2f1f7368e652c587b0ec92da381827bd982a495b62c8446bf7c5777c9c3faba

SHA512
83c83c2f3afbaac906680dc3bbeb76063868fba74efb7d422a2205c2c5233a8553ea123815e1219313a908aec6f644944e599a49758c50e758ef83f5c76c2e55

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597457500000.ef192700/s

Filesize
334B

MD5
97016b89dfed07dc1dff4a035f0e4231

SHA1
c6c6e1fe7e77e6af35ff7211cc03664a56986054

SHA256
b091230e6e9f8174f8a24d9f2ca1f3212f469a70e45e87ba6094734bd918362a

SHA512
40c363bd04587e06c2626f01bea70cbcf5ec161a26dae1dcedf594a0a5de276ef3137b0a657f8644e064af6a65d4f81fad769f9e9469d3d9617b5b48e37f7adf

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597457500001.ef192700/e

Filesize
84B

MD5
fdbea19baef3ad6743531aa43444d5a0

SHA1
b7a90f03dbf9e44ec21a7978ab3ac2333315a0f3

SHA256
0bcc31b7a0ca667dfa110bde9d35237e94293605a9a093c9887c79067afea29d

SHA512
136d90cf7b8bcabc626dc6cbc5ec89ce23986d6db72cd8db33504281175b3383e2e858333a270a56304b6282a8b922ac33e5144f9fec694ab0635c0a29357297

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597457500002.ef192700/e

Filesize
980B

MD5
1f0aa4df209d233d4358900b63d69771

SHA1
9a7043099f239e03a15d11f227e1e9beee6a08c8

SHA256
8f46d9cc084660d98980870c320d7994dbf568f8c7f6232819a0cdccdec4c730

SHA512
ec49a7bcc01b6ec489bbddcb1cd8573fd51daf3ef5dd4a36d72dc98d55b91ed1f9b6201780c90eea0647fdb9603d9952acb2c3ef68d1157537684e143f4365e7

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597457500002.ef192700/e

Filesize
1KB

MD5
fcb54a3d3af4f8ac1fbe662945e76030

SHA1
197a1953a04eab82633454d6fbf782776d415798

SHA256
9a15135ff6cbe044ca7836ddf7d443b4af27bbbddc0d1a22ea661e4b7edd74bb

SHA512
f4bb1ca9c353b0f52203dc8050c3a13809d0c3638326a0b99013ba771ed3f8df9c5f00c81c41e149f42c0b40c8271041e1b304e3289dbbf83c0ee4b9edd7a166

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597457500003.ef192700/e

Filesize
144B

MD5
cd2da7290e68ae06be5c9958fd850330

SHA1
ab0ccdffe6d3aad03bda82ccae01cd0b6108b649

SHA256
639cd836fd48a27aed158b965f680434651c34572f91539c3e5968a49accb631

SHA512
f51012225e2ee43b06bbc62cdd69b2d8b91905b4ec0765c0c2de39033d7f94ef49c2f059c9733eae20f14e511d70659ba09ddbe9dfa475c824549668602d74c3

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597457500003.ef192700/g

Filesize
1B

MD5
c81e728d9d4c2f636f067f89cc14862c

SHA1
da4b9237bacccdf19c0760cab7aec4a8359010b0

SHA256
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

SHA512
40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597457500004.ef192700/e

Filesize
132B

MD5
5a2c1573317f03944b21ebd62b986ec5

SHA1
9145c93b92cc8376024a2f5c568e0c40db31e083

SHA256
87e6ba840f7c0a9f0951d4c7c5f33dab857f3166fe3a2ce048d9733b81923d20

SHA512
4494196662c835d71019b74af34a30ecfb9de2a0b38b5496f14e14d4f44e1fc6957d2634cb02a2bede2be9b9cbbd47d2f3ef076da7a901a804c59f96ea3cba32

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597457500005.ef192700/e

Filesize
206B

MD5
9c474b07b6db9a0f0691094087ed21fe

SHA1
4941a2baa82bfc9f8dd82a7f66f1dd55bee8613f

SHA256
8c78f9e62e3da5af22ef8a389ad7f3cc832c3ff9e652d9e505d230f64c887df4

SHA512
58848166f6322052343af4e30e7f74addc318577e9b68e35c5f4b60166bde7b6cfa0c52a0fdd42cf3bf7a4038bc0816a079dbbd2cecb36a480ea3c764d1941eb

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597458300006.ef192700/e

Filesize
134B

MD5
934925967733620988172fdd4f62dcd7

SHA1
c87357adcf17f8edd8233f17e537cc90a4467779

SHA256
495c512603ae59a8790b69b40193d5947cabf51eb22a7e9674b5762a88220420

SHA512
a1d21d1e31e3537c4542ce7efae433b39ae31e9e063e2e67fc953d6a09979848012bb628f9caf6a4be060a333a18af94f284fd70d1ecf89bdfd9a4c8c1028afe

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/ArchivedEvents/171597458300007.ef192700/e

Filesize
202B

MD5
a5ae295d594ca8479b5e44d422f8aecd

SHA1
999de33e5c72b1ab0f074cdd6e2baf681e4d8259

SHA256
ac4e6b648e97bfc07434e4fed8b0b2aa4ecd58c83a442742ec145afb4ee1ce84

SHA512
6843310baf98e71d5e732ec55a5e0128d51e35ebc7bd15ede467cafb586f4364e6ca133cea1043a67b41c435bf24dc56355b06c5c6e72ead2cccd3117ac5b551

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/config

Filesize
293B

MD5
8673a8ac0b06a9d056d08d62f857ba4b

SHA1
a351bea1932270bafbe468584058fef20dcfc31e

SHA256
83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96

SHA512
edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f

Download Submit
/storage/emulated/0/Android/data/com.nextgenreality.minimoto/files/Unity/46cf047f-05b5-4f97-be61-5eaa6419a40e/Analytics/values

Filesize
152B

MD5
075ca8fa8c181e6ae323ceaf245de493

SHA1
dd40d222b0837bc2d2b3638788833751edb1733e

SHA256
bfd12d958e5506c7f38b90349b43c16f3bcf831c256695e682f0b4e3004b1128

SHA512
83b12ec742ac7c2ccbf70e757982da1e3a66ff767f8a6b17a47b9fca46ee4ba151a939f3884214122da7edb7ef2b6e25b62a5909dab01c355e1d2891b58db35a

Download Submit