8543d9cc15eab4ca3e4a30291dd36bedc205570ae3586f441efe1bd53f0e4431 | Triage

Analysis

max time kernel
147s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
20/05/2024, 08:35

Sharing

Report Analysis Logs

General

Target

5e215451d3f2f695f55e57d25004e73f_JaffaCakes118.apk
Size

14.5MB
MD5

5e215451d3f2f695f55e57d25004e73f
SHA1

461c0c8deace9bbbdb1d27cab76ac8fcc03c0ec5
SHA256

8543d9cc15eab4ca3e4a30291dd36bedc205570ae3586f441efe1bd53f0e4431
SHA512

e1b2f236362c7647041f45ac22dc9687f7a814b37caeb8a8e20b8ba13024953108f6108ac83e45269bc79d734b7cfa4d1e7a5111b4b1d2f85b72c2eb5a3e5820
SSDEEP

393216:e4oN0kbN/9kvGEA6GiVZOFVQThvuBsI6KNaEpdLqIslaQlCfeTo:4pavk0KQJY6maOA3CfeU

Score

7^/10

discovery impact persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Broadcast Receivers

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.giantssoftware.fs18.google

Checks if the internet connection is available 1 TTPs 1 IoCs

System Network Connections Discovery

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.giantssoftware.fs18.google

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.giantssoftware.fs18.google

com.giantssoftware.fs18.google
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4345

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.giantssoftware.fs18.google/app_.gpg.classloader/3e691cbf16eec9eb7f2e4ab7280851c2_nearby.jar

Filesize
1KB

MD5
3e691cbf16eec9eb7f2e4ab7280851c2

SHA1
429705f1c8206841615910728d02b7c83ccd7258

SHA256
f393e2ed2d9c67e27dc9330870f67dadc12c8bf0afacf3533c214eab9e9ca41d

SHA512
bab1176f77e8ac89643f279daf66310e75aa4de859a09a02820d758ac926f2135f07be4f13d00b3f4aa64abab33da48f49f9eacff2f82d96f72fcee6cc0ba605

Download Submit
/data/data/com.giantssoftware.fs18.google/app_.gpg.classloader/98be487a6a276aea23167560c01cdc4c_games.jar

Filesize
1KB

MD5
98be487a6a276aea23167560c01cdc4c

SHA1
5c3ea7bf071bc62ac8e857a50e503c21f94e3a59

SHA256
8e657a748c96ca816e587351ec0a89221fd4f70cb8ed938e308ab205bbf2b5cf

SHA512
16eccd65b63b8288697ee4109c90ab22780debbbaa9f01ed4776b6662b40fbd753e87ceeb01998868825221d448c279d1cbcd98e0ced289bb816fea582dc734f

Download Submit
/data/data/com.giantssoftware.fs18.google/app_.gpg.classloader/fef9b298ae55d19b889ed42cf331fe65_games.jar

Filesize
1KB

MD5
fef9b298ae55d19b889ed42cf331fe65

SHA1
9fa138614fadef920dc56a94de6d91c81d9e9d82

SHA256
964880ad9c0445281e2a75525abb63a5ff5584a435d935c15115a7ec58d31684

SHA512
dabbe8f5b186a522a0744987a49b7f53a3d31ee1a0337eeb9b822790810c6fe3b1f058d1d0c02204d50c7b3535a16adf20f60165241f76f1a9ce62cbe9479087

Download Submit
/data/data/com.giantssoftware.fs18.google/app_.gpg.classloader/oat/arm/3e691cbf16eec9eb7f2e4ab7280851c2_nearby.odex

Filesize
20KB

MD5
eed981b8211db9586a9eb5a9c8584e64

SHA1
4bbd5b793d06092184ca5f67a14cbec2ceeedf7c

SHA256
278ba5c6aaa07833c054ad8d60d6d4ecc925d9336408c5dde4c18559b773cd05

SHA512
79916062fc9c64ab6ae3f7a678595f65e16c1c597d691e0fb68625f0c256b98a22a441adbf6df1c5c3e573c23d9bc3ab50525e3a2c1b7bf78173363afec53160

Download Submit
/data/data/com.giantssoftware.fs18.google/app_.gpg.classloader/oat/arm/3e691cbf16eec9eb7f2e4ab7280851c2_nearby.vdex

Filesize
1KB

MD5
524ed6a2b9947e9f8a99ff13130eaa9b

SHA1
fd8ae554387e2cec045742de3b2f2b90574816c1

SHA256
0f6aa9012a9ba28273f93d5efa4d2097134df0f03dc900277f4b4d2c83eced04

SHA512
7b0311cc5c5e43e57407beb434d40435d71c7c4dd01c0ed33dc2c919f83ee2e956d4811d17e82752f8c9aad46555b66364fd98212533ee16f43438b63a2e9857

Download Submit
/data/data/com.giantssoftware.fs18.google/app_.gpg.classloader/oat/arm/fef9b298ae55d19b889ed42cf331fe65_games.odex

Filesize
20KB

MD5
7299d9fbc3131ab253fed1a5ba660107

SHA1
e9b7b1d97ac1c66404ce546530e31358c346565d

SHA256
6adaea92aa0141b96bfff94c76ecd085c7c6166ad2920aa4e8813c1848d16e1f

SHA512
da97ffe0d7aec68c6fc0ebb03a55de7da8a35a42f9c977bb4f5d86b76eed6e8c185037e6f92cd8ce55d002b2a516652b974fcdddcf921c771eba0312692dbe00

Download Submit
/data/data/com.giantssoftware.fs18.google/app_.gpg.classloader/oat/arm/fef9b298ae55d19b889ed42cf331fe65_games.vdex

Filesize
4KB

MD5
b237484a6f6017fc37067db6aee2fbea

SHA1
9dc9680b4ce90b6b0e4ad9cad1aca8d4602d80f2

SHA256
fce45240c12db1804949cd1151627a40643b44838fc62bdb6b0353adaa73e161

SHA512
78a90dabc004d9da6a6c69945c80f2198bdd3af3252a884874248cbd54f1bfc9151da896ffc2f19a56c1f7d259a1e08ef8c0037403338e459321a6cb08e8d994

Download Submit
/data/data/com.giantssoftware.fs18.google/databases/DownloadsDB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.giantssoftware.fs18.google/databases/DownloadsDB-journal

Filesize
512B

MD5
8d5839636d8fd580c8877c0d1f467150

SHA1
11e2821a0a8c661400ace84288edb9dfdd29560b

SHA256
39775949fcc377fe4f6732593644c3d37f8636ac9ac5064209db93213e5a7656

SHA512
b0a43181efd01366bc38f95c73ce60efddb45f8b5ae9b21ec31bc8110805cffb70a2b3606d5d8fae639a13f50375ca75499a783098d82c811e48095e31bdeded

Download Submit
/data/data/com.giantssoftware.fs18.google/databases/DownloadsDB-wal

Filesize
44KB

MD5
b4759301fe1b50792d64f6931370361d

SHA1
e4563cb2cdd6acec4966ad18ecb6f611c1903561

SHA256
118118305568de9b138a5c3d92063ee660208264ca4b3a35b940aeb1c8679c05

SHA512
960b4e3c4f40852176c2571eefe4205bd2a52ca4c52f85fad0db8dda025246d7d0d7e5970bf9c4d79d14fb65c62d3934f310636d36f64cbe4ca74eace4f04d38

Download Submit
/data/data/com.giantssoftware.fs18.google/databases/dRcEZhV

Filesize
4KB

MD5
a6f4d22725d10fc2b6f75f6115c77ae5

SHA1
9c1d38fc8bd06ad11765b0831a26319afef3074a

SHA256
f6efbb10f99225a117698424fb248d99c67a8161affe31dd4d21d1acb45b3999

SHA512
39bfd7eac5900de27a98dd46f3bb00adb64a10308393fe16b0a85d6c7e1f28e9e083135d2786ad593c860e3cdfe81aad6f7df8b138080fee74eb7ebfb6741fd8

Download Submit
/data/data/com.giantssoftware.fs18.google/databases/dRcEZhV

Filesize
28KB

MD5
cce0375bc3ef29ec829b99134e4f50e5

SHA1
28abd7b8d4c8780cf80595ce7107f09e5885ec81

SHA256
6c8e679241cc5f50e7b140170cefa47cc07127e6757dafe88808ca6a3cd179f8

SHA512
02550db8cb9eebcfeec4664a8cacb5886b0b7614dd00bb878ab0ad939e2180ee449e29c8f209599a9de8556135c435e5dc03c944192ce139ebbc3c1fb7e50d31

Download Submit
/data/data/com.giantssoftware.fs18.google/databases/dRcEZhV-journal

Filesize
4KB

MD5
4aa1d3d83bb352083c3f466977da15ba

SHA1
4b0954e4801c223fa958b38bdec901f72f573d32

SHA256
eca7f5b30249192b6b04f35c765d1b2510503a735863b7f90afc2d88409417f5

SHA512
212131aa20bd07c6b6b4639144e945800c616b405c65ed472611e9fb03a9be6ce1329302c4b056e7748c5480b30803ee5dd07363130b58edd8169ff4aab00610

Download Submit
/data/data/com.giantssoftware.fs18.google/databases/dRcEZhV-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.giantssoftware.fs18.google/databases/dRcEZhV-wal

Filesize
60KB

MD5
92dd468246b29027746d54cd3aa0894f

SHA1
4797f19e07040c7638c91ecb1261f809ee45959f

SHA256
9e360d658d919b613b3a8d233551362775785886bf66aa302f49b640c1d16fbd

SHA512
b7294b61c34b426480c1803a65b5b6995eb6f14bbf37291b789ae53f19e477d3f126edb47f879191d7b3d7a6d92cc5bc344d7f4aa1f8629d1b6a1d21615eef62

Download Submit
/data/data/com.giantssoftware.fs18.google/files/.YFlurrySenderIndex.info.AnalyticsData_5TG4JGVTYX3S34VZQT7N_216

Filesize
88B

MD5
86285be63a24bc8c96ff4d41c6b7652f

SHA1
6a0ff24fb5a5c4e91764e815e351ff87739dfef1

SHA256
d224cf4f108fe226827bd64c9925c2771a292a3d0f1068e69675816942c1adc0

SHA512
c9a0d478d5c192aa14b9be674ef7e894720f10664b29c5a31f4722978a2ec7d16b43e0388fd46d0afd262c5dc64082226194b285ed366f828ece79f8c761f2ab

Download Submit
/data/data/com.giantssoftware.fs18.google/files/.YFlurrySenderIndex.info.AnalyticsMain

Filesize
72B

MD5
b93c096c4a4256a76a35955acf75f98d

SHA1
4c915d8ff701ee2d9e24fdda0ebc87cb37bde37f

SHA256
801ee8f13155406b640b4d7b630d0473100fcbb82eb727bff03585da4343ebe8

SHA512
a557418d61d18a00116c2c8de7c45e14b071fb933b45ac05c1b322952957594d6288abd2f95d20d0f724ac5acce18b14aef00009288206eb7c43ab60c5de6f79

Download Submit
/data/data/com.giantssoftware.fs18.google/files/.yflurrydatasenderblock.834ec263-7309-47f2-b15d-31255bd01784

Filesize
606B

MD5
38837bfecf09651f731aab4b7aba8d94

SHA1
8efe6c5049a2bd22f2191c10e78906a7f6e546a9

SHA256
3fcdc739c6ec99e58057bb8c32966638c632870e2c5061a6a9da3e991a17a132

SHA512
058ca1b425f5b1135e98971737d780b2d4218f439c9179e78c146dd9dfe73286338aeaa5c9c277eb06632312cc32b3ce973679e3a388a212bc8f6e57e9a9ff99

Download Submit
/data/data/com.giantssoftware.fs18.google/files/.yflurryreport.-26d308d518909af6

Filesize
368B

MD5
2f7cc6a6cb55941fbd1cc2665b2c5cd2

SHA1
7698237b39c0e28589238d50074a27db2addcf01

SHA256
aa28fff7c0e4cfd17cbea2763f43b974d7731636b51a770c92a596d26b0bfe5f

SHA512
1844f5cfe09f34aba83abbcd4550f788d7b34c7f1642f651eec653800ed8d56174e32454f787a10b2e21c83f0f076439942bfe4b0cbf9d7f8a88bf5cae436334

Download Submit
/data/data/com.giantssoftware.fs18.google/files/AppEventsLogger.persistedevents

Filesize
403B

MD5
233d9109fae1477dfdb5cd975ea91b03

SHA1
f7bf4b28ce698c5f4caeabc443165fcca0db46f9

SHA256
1d00a3ee0237341c82f7abc9fa5483b87e44033d37d028624abedaf3e79f6a67

SHA512
772b7266a8b6fc377a9a5a4245b2ffbf5e6522e72410011e7219ad07cc96debb3a1cbacecb926d737e499cbd62fa8c361f71dddf7b08c2fd45853daaea2264a7

Download Submit
/data/data/com.giantssoftware.fs18.google/files/achievementMetadata.dat

Filesize
38B

MD5
b519fb9761eb644994cf83a069ad6776

SHA1
db32874bf8007ceb2c9bb98c7f2cac77cac9769c

SHA256
5ed1bc0d13495c2ab52d75bde91262a12b3ffa1316f514d687d4908bbbf7ca10

SHA512
8cf09208b9709cfe795e739da6c79bf0c316da93d855c6a3ccd4974fc71b8fee0bdf083bc2a391317962330d02286d463a5284dce22645831dc35ed6bf06fcbf

Download Submit
/data/data/com.giantssoftware.fs18.google/files/master.dat

Filesize
80B

MD5
aecb65fd356dcf9e1978b4c4bdf3bdd3

SHA1
ff27dfebb732925847506bf137e7a3d10cc09d48

SHA256
7d8676b6ea1210b9b7ef40938c0a78cf61a84796be958c6f94d1931870c180cc

SHA512
9e8b20ceca3e8086f9c8d7c88959f35de5c2ab250d4bc3b56badc1a24311ff859f09a60eed6790b703633ad5efc83d25327c147c39e10ef3601fe27aeed0267c

Download Submit
/data/data/com.giantssoftware.fs18.google/files/save01.dat

Filesize
8KB

MD5
20be120654660e6897b66e2d8763f77f

SHA1
3bcb92b3a08ce888aa6d17dc2188c82d13f049a2

SHA256
727c7849c49820608211ea5b32d493bb249324eff474e80c5e226a7e789807a4

SHA512
042abdf398ddc46ac1993f577b88cd292e16af1bde0d66df496850048bdb5744349dc3626e8c1723416db183c32e2c8196493f72f4163bca0a41a7feb9646b7d

Download Submit
/data/data/com.giantssoftware.fs18.google/files/settings.dat

Filesize
164B

MD5
6b376580ad256620ded1901471eaf02f

SHA1
51e425abecab8856ae6febc48abad0d7f965e38d

SHA256
300034343ddfd447b1058ab95834be3a4aa89875ac601c54c42cc825b3e4ae48

SHA512
259bc2c127723bfa1495ee1262c78efbb8d3648e54c40242def1b2d2aa53e4cc5a0e7ace0cf798db554134e8cea89a14613a78cda3196727cba954a734690bae

Download Submit