Analysis Overview
SHA256
67283252078f7706692582b6e28fd3590687ff928dc08a0fe6a9f8950508b9bb
Threat Level: Shows suspicious behavior
The file 58acb7aab82bb348d6d881594ada2e7e_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Registers a broadcast receiver at runtime (usually for listening for system events)
Requests dangerous framework permissions
Queries the unique device ID (IMEI, MEID, IMSI)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-19 05:03
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-19 05:03
Reported
2024-05-19 05:06
Platform
android-x86-arm-20240514-en
Max time kernel
167s
Max time network
170s
Command Line
Signatures
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Processes
com.pip.android.mcgame.vn
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.195:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.206:443 | android.apis.google.com | tcp |
Files
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | 6e9ceb0567afac398b22e963cb853da9 |
| SHA1 | 4dff99527c4cc5ac96741fdc6c5d4a94c60e5808 |
| SHA256 | d7b530231586761bda3183bdb951319941b45a26eeb502598e3335615a6f49d2 |
| SHA512 | 949f6f64212d8341326f0f9fe7ef14b59e2ecf5e75d98d2285ea22d15d5b15cc9afa610c5ac478639693ca8b07f772235ac5210057a717a29aeace7bd3e376bd |
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb-wal
| MD5 | 6d951500ac93f2aaf06f51cc545d9086 |
| SHA1 | dafa0dbde91ffe29041c58609322ff359d6c13f8 |
| SHA256 | edda043c59c1af4c3a3abefef124e3b79a85e98afc68e22c75922dd24df7153e |
| SHA512 | 0ee855fa3cc928c8bfe0044bad3d03975a1bb79c881e851b342f883a71228a5bdc0f546b2df77dc8a850de863e4335562a72b252a3bfd9499992e3a4a43daf98 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-19 05:03
Reported
2024-05-19 05:06
Platform
android-x64-20240514-en
Max time kernel
167s
Max time network
141s
Command Line
Signatures
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Queries the unique device ID (IMEI, MEID, IMSI)
Processes
com.pip.android.mcgame.vn
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.204.67:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.74:443 | tcp | |
| GB | 216.58.204.74:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| GB | 216.58.213.14:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 216.58.212.194:443 | tcp | |
| GB | 142.250.180.14:443 | tcp |
Files
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | 6a59300c8a12090547336bb09b7e2685 |
| SHA1 | 5dba8a9574b77d791e65aef0724e8b601ba4de6e |
| SHA256 | 2e12799af6d0e22d7ccd183806dd6ace05327a3ebb5356261565458c3359e138 |
| SHA512 | c136f42447ac3f671dbb68cd46aa0090437c9ee9e12adbe830740ab7142be177cb2a917a3502364f4c2e146c3d56757d9a067cccaa71966c80800f0d77ed1f90 |
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb
| MD5 | a474f0454ff762cf0febcbdd5cfc63b0 |
| SHA1 | 2759979940b313834590e07aff41581a3ab0c666 |
| SHA256 | 53a4666658f75028e77de3f16fa58caf3cd5a5521a3d1da6edae69abcc43febd |
| SHA512 | 7a12b058071f47ae326d06867fbc1e9a43550290acf5c35b33b74c1c044d9e180c60465ddd9a64a1732c2b47f325573007df862d6056a8cd296dd6071a7a9bd0 |
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | b7b180f3447e1527e8c13f557d428a6d |
| SHA1 | 022a595968c8346246c28bbecf2d62dd55eb7c3c |
| SHA256 | a0365ff4a24fd6d63afdba8c8978df56086411560e82aaeee022f3c1f3dcfa68 |
| SHA512 | 77135ff8a49039c953c3ae0f9abd339d1f7439f22f62f78aee6911cf4954ada4aadf9707c3b9206bfe8ca68f47ee84c67019baad080d19316a4fd6fe6a20ec6d |
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | 727d6783a364a1ca83993283e0602559 |
| SHA1 | 925780f2649b82b14d2dabffed6023d5359ac7b5 |
| SHA256 | 338e0e248d668871397715107e189a007c7c20aaeb56195b7ab23a8cc085648c |
| SHA512 | 67d396753ec04bcf3db75879f059b3c41f0183ff8301487e55963bc91f337e18b0272317479089dc2e693957963468ffd4c88c2612f8b6a04da9e825cb8810ac |
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | 0c15aede5ff18fb168149878acbe1d3a |
| SHA1 | ddc0a4719b38a0bb500c75c594f4d1e9e3bb5091 |
| SHA256 | f1071e341001900217c60bcfa2a8c11f140effc717152e27c0b1f37b50d83c00 |
| SHA512 | ea2dd39963702fb7b39e3c805fd84c60b750f6eaa9f2f90836652f497fcdc54f207cbab27b081904725e17df72720aa298e70984fafe6a43d4c2d7de16f0521f |
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | eb2a02dbc3e2194f378fed4b588ef1fa |
| SHA1 | cf6c0a93963a9fb2e1fdbd56026e148d6f925f43 |
| SHA256 | ce4b0eaddd7ee73651cb5cb3f77fdf0ca18b7add4716e7e2155abfe3a380a732 |
| SHA512 | 9471209fdd47d029cbbad3ee937350d7c9a1fa67c772f592e4b120063d09f2f5600c1de7d55ac04b42ddb10a1f3c1d05bbf54c9cb161ad0e9f2e052402686e28 |
/data/data/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | dd0e54dee8be47c8e21ba24c33edb18c |
| SHA1 | e572c7c533bbc26633c464b823e5c046d057852e |
| SHA256 | 1988bdd8cf498ad134b59a7f5bf897aacc21a4d408c53638d50b3984333ac84a |
| SHA512 | 60110a21ca714f5d7fac11aa635e6183d9017a5dd57f2c6d77640e384532c4c586cef8343ae600e6c4d4c506fc3e8dcbb6a7d695519b7a960074c9b5cf1f47cc |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-19 05:03
Reported
2024-05-19 05:06
Platform
android-x64-arm64-20240514-en
Max time kernel
130s
Max time network
130s
Command Line
Signatures
Processes
com.pip.android.mcgame.vn
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.8:443 | ssl.google-analytics.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp |
Files
/data/user/0/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | b173f1c72e800c031ebad4292ebb1386 |
| SHA1 | debc53c2cfcb9f0f318ccb3c12c1e79c248f2b11 |
| SHA256 | f2172ceb40dadb347127984811f4cde11518117861a5c8605d27ee04b19ed60e |
| SHA512 | 212cc2a7a1fa467f845c0085d71a42d50cc8b4af30808e0ab3192007bd228b69627835e5268c9ecda1c6aa6f395ce20d71e31a8fa1c30f91d4f113512c70db29 |
/data/user/0/com.pip.android.mcgame.vn/databases/recordstoredb
| MD5 | a1772ce3d99e15a58a4e2d4afc013df1 |
| SHA1 | 71dbf3f81b9edcd3c4958d1462799b2139652373 |
| SHA256 | dd4d818d3f59edf05287848722da963d232cda602744e0300582e47dd3d3f4c1 |
| SHA512 | 1a4de641e5914acfc7e76008133930bced60b20ccb287038343339d68cd41d59c572311f2356dd8ad69d8804e74cee8db8d8526c397969b1b2747581465dcf50 |
/data/user/0/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | e2fff0fa2994c83e343f9eb87aa90bfa |
| SHA1 | 40a908e99a58ca7be62801673132540e04e1ab0e |
| SHA256 | 75441b2c9bfc822d7111822a0771e77d23aafaef0fbd63661db587fba42e3d9e |
| SHA512 | b3114f5aaf491f207bd744bc39315a0809e3dbd59961ab5d3ba1392af9b257c326c81701251c82b88d773525a5b4c324c6343d1167291d32d6d4bbfea18541f7 |
/data/user/0/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | 6a164b56bfa3b344101b64e813195262 |
| SHA1 | c940a744e00516dd5eb2e01e1fc47856fcb9f3ad |
| SHA256 | 3a1c3909a5eef07b96eb4a40fcf4990540afe140dd6ca7a2d5965ae2b2beedc0 |
| SHA512 | 7b33cf725f64e025f93385ce4bcc92af965374ebe2909459ee2a822015e96228e05cb21c2351bd17b83e923535f4407951c98a72dc6df9cafcedd23f501fc7c2 |
/data/user/0/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | d320c53ddff83c3db62a6401179cc9ea |
| SHA1 | f0f2edbe1678d6ce7045aa95a7819cdc4c487e19 |
| SHA256 | a9ba24f408132c94d2f5941b0ad94ac2abe1b42b6d8f93697ef60197752a7e1e |
| SHA512 | ee021a26b2f8c9a07fbc39e124fdbd7584776c2f76cde48c90250bb86f1300a9961cb5982307a3f3e195bb810f77964395041afd04a0362141df4c750ecd2ca1 |
/data/user/0/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | 5982844ed2ba4fb74f717f54fa2b5517 |
| SHA1 | 8491e9c9a565a0fd95fb5efe1d1889bf014eeae5 |
| SHA256 | c1b80e99958b7bf968b737928783729c193f3d9c8a3afcf84f16a524c03d505c |
| SHA512 | 0c9929b36c907c1ecbcb17d22b03e795c2f941a04d54257f828efb39cbfa20d7551e21e6a534e87af80fd80862023dcd7f9bc4bc65a46334139634487dc75995 |
/data/user/0/com.pip.android.mcgame.vn/databases/recordstoredb-journal
| MD5 | f481a3ad57d5ab00cbc99d1bff6b5d74 |
| SHA1 | 6c051144c0c93b0febce614ecd48d1234c6d84e5 |
| SHA256 | f02efc56c472e3eb8f034c601b92ab0306ce516dba2c775f73077acff4017409 |
| SHA512 | 5afd1055fd2550c7136d15bd8eea4fb383cc63a29c5b201a9e79bf5794fdf7d4c85eabc039a99869bddbbfe7257caf767f3ab711b61378031a8c91fe198f2453 |