Analysis
-
max time kernel
26s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
20-05-2024 12:48
General
-
Target
5f27dd84cb04b3afdf8c6128d1c70c88_JaffaCakes118.apk
-
Size
6.6MB
-
MD5
5f27dd84cb04b3afdf8c6128d1c70c88
-
SHA1
13c3fc0d0089a3f18e0e4986be57e31797c9f49d
-
SHA256
2912101be6902d0679f88c0d9174cc737bc1c63fa61c16d0cad93ea0b169583a
-
SHA512
cc707ad990a1cc33f048a113a65b82170dd2290e3e8bbeab5db5da53d4384bcd2ff3072a8f01e4a0f09b8afa8b1786c64ca34de7f67d5257fb7fedf59b58f996
-
SSDEEP
196608:bXY4z6xeDhge+PZSKyaR0PESdEVCnMrIi0WOf0KT:bI4z6xeVkmWf+EeM8tf5T
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 4 IoCs
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes
-
com.square_enix.android_googleplay.FFT_en2.hack1⤵
- Checks if the Android device is rooted.
- Removes its main activity from the application launcher
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/evernote_jobs.dbFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/evernote_jobs.db-journalFilesize
512B
MD54d42bd8ea09a420aa903fd7b871aac43
SHA106ef0e9397bb576bcef1dd06465f193fa197d051
SHA256accdf1b3fe79777bab93ecfcc37e60525c466723d335b9cd5326f25f6eda46bd
SHA5127d47dbcfeec258faf176e5a91db040c609380f6820591a4950c367ed9d1d5471452f11b41c5cd347ffce65cfc3d7770cb8cef4df1abb98ab67b13d63f170c357
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/evernote_jobs.db-walFilesize
32KB
MD51f9edac8bfef8e390a0682dd4f33c869
SHA1abda1288d4926a58f31e05549cc4c1ce700dfa70
SHA2562104061e2ea9f53b6051d9a9afe7760c8d4ed3fdc81c9509c658d8a0b7a96ae5
SHA512552e917cb69bdbd640af591a8b83747297346090d3b279fe8d7bf9829bb6c8391950ad73d4f8c0b35308d6fff5bd12e8c40f27c53db24356c8d0085961c44ac3
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD5932bd26b6deb30d70846af754d31da64
SHA1eb29660605aa7ff11460c8ab75f62998cd9d601c
SHA25656738f606987ef589c615dee9602bd64e3f3f9cf4321911a99d309d8f45423ae
SHA51227c374e0ca0f8d0bcd4be21b2a0070a142c11ef5b958acdf232ce79d6514882a650e56ef2bb39b16e5089899ea79e28006e0da5e58deb1a0fafe7eb1d65cbd8e
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD580a4773ae39a3055de33c423225d5ea3
SHA15bca1dfc7915ed940ec7859d61682218d357320e
SHA256f9123efde50635c3631e7b95ae7c0ee0de42529242c055c693dc9bbfde663741
SHA512e27c12520aa1baf130cf578ce7f798501d9ec07f99067b676eb222b023ba7e16a06c3a409cdbd986eaffd6a2e44741b127f63274f4d872dbea576b4c950aa200
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD55fb153da4e92dd0502744964daf66f87
SHA10e706fea87c7a1f2bdbb6d182208d92bbf79a1b0
SHA2563b73f8b0ed8cd30eff22bdef47439b2bcfac10a77b32706df1546ce1698374a5
SHA512483a0ef0ed9a30ae822a3d8b2b306cd35bcf1e6a0a0083409f843d607393bf1f5046a4c4d22e7a958645aece5649d344fdde8d094dbb8bd27fbc816879a40ca8
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD53b24098f7f6de1964ea1bcdc5351eb09
SHA1e793b288f4673a3b757ddbf48ebccf3dc8cda6d0
SHA2566ee9bdae448976418d9a58f6a40b5a059f64f68a6188dffafc4338016433e9f5
SHA512ad5d854a33933a81b36cc56a78279215c6bca297c55e0fb2808fda17921c2054a651352705bff79202b5d257c05d8699d398c0b5ea2f5f34780b3ebb399a586f
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD544693692da738db6eb133cf0e4cde91b
SHA1e6bda56494c325d8d37ad89552263ae85d9b0550
SHA2568fe0ac9db76d4a2dcd3b3d54c0efedcd223e25aabf716506493d50e243a7a2d4
SHA512b34ddfe1ae343b1b12f7029ae476a0ba8e1b4043ccb520afb412b3f71335ef679bf29723c9a5c00af7e922e9982d5b3af54b2ed779da8cb601f378e5b9d26be5
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.db-journalFilesize
512B
MD57c22a70b8e34361b765dc528968079fc
SHA1ee6114c90d37199a6b1fc1266603a29209dab346
SHA25630fba8dfceff6b629cf227340ab9fec8797777f0d778bf36fc534eb0b48f2e1d
SHA5122db78f9f125efd619d0d19f65e566f65c43b94bb165f5fbbb2468d3ff813195ff356d868343d5280b01efe0630b16582cd5e5dd30063ba8442f03247bb6e0903
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD58d07119d47e57ba1a36f4a3434d87f53
SHA1fc679c698fafb85cc65053bc9f9b9457b715fa67
SHA256ace1343c9b5d355c34fa0bb3a5a1a752f0e746f2a6735838405111601dce2e1c
SHA512132a45bf124ac1443edd13b8137567bc52d8155ff3f2a4cc4bf8220e7ee0dd62db374477227538c7cc32377d11ac8e65bcea5559e041254a23091d259c2d2206
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD5d87ea23e340ddf786dfe3dfcd99bdee1
SHA19ed725d948377096b62097dfacaab2d99794530c
SHA256fe8c70fda86e9f47009004dc327cc2f87c2f9629730e40ea69de284596cbe1d4
SHA51202e57be6dcf92da82e6f4fa84d098ab2011ffaa6ec4e1300133d316b789894363b63b0274561120e11288e1fd8db7f0da6bf85882529254390de703211b32562
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD53a2d47f0586b268e1824a27677c252c8
SHA13c3c4f0987cb2829b04b2f37ecac09ccac7e72ea
SHA2565dd6988172b0c2b736cf7595f8feb06bb5cfcb2f32c2408429745fa964ad6f68
SHA512385b7e5127ddd944e3a6aff2bb1131562ebcc096b5d4766bdecda818b15ce0ee1eb664dfcc6b2e766165e9a1ad2cb7022c9ca5658edb30efd1e90c0772b67f34
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD543bbc1084d24222ada402e5d2b255c8a
SHA19eb381d46ed32a2c41637a4e94dee0b39344892b
SHA256f47a2639695d6b58402d6f5a1de63d87a7d8ab5ec6e1bb6ec6ed99bcad79f32a
SHA512409c06dfe303937e3a290ba25b3ffbb70bb78e9ed5ec5000ba274b90c5d99f01b4fd4671d16068f284be146745085128f87838f33a1ca62d82109c7e45ed274f
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD57e50fb85a7bf68ba4d7f07504cb1440b
SHA1db651531cfc089bf2e283f1e6e2f19ed60374368
SHA25642e9c08f6c8c2fa5b9ace57b62be8dd950a1b6181f86c1d2862342d1703d0b31
SHA512a39e47eda0f6e40461be49deb5a18b9e55c9c961ba6fdae78870c4e7a45a4820ad95f77d0f9dd6594c4f5f02e7779fe2e7f0db6cba61ecdccf8a6f06c4145949
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/databases/google_app_measurement_local.db-walFilesize
36KB
MD59f5cd3a3520e6164887c4d5b25654e84
SHA1d0f323be7289e196dfa383b41c6eed842a958f94
SHA25612398a107e75fbc3ad9bacd2970546420b80d5ff61f0975d6eb8db28d187f7e1
SHA512fd53ef079a4af0c8d6f3f308048b3e3acfdd8eb8ce842b37fe7c647581aede472c65c6a3d162855921802ddfae191636e44b28d8315b79db337b6798e0d87805
-
/data/data/com.square_enix.android_googleplay.FFT_en2.hack/no_backup/com.google.InstanceId.propertiesFilesize
2KB
MD54ae35374b21cdd3b604d9ced7e3b1184
SHA19d2a3dd54b794f15abce9e4ea1e48b4234c7b319
SHA25697a85b59fc9bc8c6c6f7f856612f13f292de8f87424fce1d3f317071b65be0f9
SHA512eb4ef1a8812053512da31899b39bfbb87555d67c88b69bf7ab790172d556b813a170a2dacaa0e80ad745648a8440a10332b2e2feb38c2249353caf183d4ed982