Analysis Overview
SHA256
2cb11b89cd9fab5ed4d8459ff84364ca8667dd541b9e3b8532bf7e857b5ec839
Threat Level: Shows suspicious behavior
The file 5676e2bdded8fb5da19447f1a9b07249_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Requests dangerous framework permissions
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-05-18 19:44
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-18 19:44
Reported
2024-05-18 19:47
Platform
android-x86-arm-20240514-en
Max time kernel
2s
Max time network
139s
Command Line
Signatures
Processes
com.szinteractive.GoBotix
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.195:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
Files
/data/data/com.szinteractive.GoBotix/.cache/classes.dve
| MD5 | c01204563003c40d28f5108a78ec8755 |
| SHA1 | c472ce0f002b2a604d5feada7e8518086c1d5ac3 |
| SHA256 | 0ac6ea5ef39067aebf3598cdbff8e98c837ad9620bd6c75b3e9022bbc146823b |
| SHA512 | a626205def49f0dc695ec7dd2b6ab4f625d2e03615aea999393aa377bc76f7e23bc517fb032e100421e3c4629fee9e25e8fa804bf592ba675926992dea68a266 |
/data/data/com.szinteractive.GoBotix/.cache/classes.jar
| MD5 | fd774c903bd3b2744c3eabcd07c3e99e |
| SHA1 | 07121d31fe7dfbcb1ac13007cc1c0fe6d4fc5b8e |
| SHA256 | 9178a95c865c53ea9621bd6a1f852b04422802ef87577ab534ffb840993924ec |
| SHA512 | ed253bfd14f87859165cc0633e239fa6def3a67dad3035e5d1fb3625ea5a73e4c0d2335945a39609c0cfe413032e38368e707a143de67ffeb15fbbd63f60279b |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-18 19:44
Reported
2024-05-18 19:47
Platform
android-x64-20240514-en
Max time kernel
3s
Max time network
157s
Command Line
Signatures
Processes
com.szinteractive.GoBotix
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| GB | 216.58.213.14:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 216.58.212.194:443 | tcp | |
| GB | 142.250.180.14:443 | tcp |
Files
/data/data/com.szinteractive.GoBotix/.cache/classes.dve
| MD5 | b77109e206aa794b1498bc0730299ac9 |
| SHA1 | dded470cdb496b1333950ee57becfad6be5e892c |
| SHA256 | f307ca427d9c31db99b0b786b23a0070cf70aaf1e8516ddfc8912884f82bbb97 |
| SHA512 | f94ef25557e15fe15dda9227b2f708636a459304a689d4f177552475564ed5073bdc43bc489184d2a3b0ab7e9e7fdaf70cba5b0d1b812c3d1468d961fdaee6a0 |
/data/data/com.szinteractive.GoBotix/.cache/classes.jar
| MD5 | fd774c903bd3b2744c3eabcd07c3e99e |
| SHA1 | 07121d31fe7dfbcb1ac13007cc1c0fe6d4fc5b8e |
| SHA256 | 9178a95c865c53ea9621bd6a1f852b04422802ef87577ab534ffb840993924ec |
| SHA512 | ed253bfd14f87859165cc0633e239fa6def3a67dad3035e5d1fb3625ea5a73e4c0d2335945a39609c0cfe413032e38368e707a143de67ffeb15fbbd63f60279b |