10e046aebf5edc55dc6b1268f82ff0d302634dc259fa61fdcb81f88cd270cf8c

Analysis

max time kernel
179s
max time network
150s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
21/05/2024, 09:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

62be1a48220023e087048f914c52a431_JaffaCakes118.apk
Size

9.8MB
MD5

62be1a48220023e087048f914c52a431
SHA1

54b03a053b659a248782598a4248339be88eb45c
SHA256

10e046aebf5edc55dc6b1268f82ff0d302634dc259fa61fdcb81f88cd270cf8c
SHA512

eb095c8e5d2c32616193fafd58469d7d1ea8f5e4b97b409c6cebfaa7a8dcaf2788a38351366521143ef047e74997f984590babdac720497b18396dc8667c76dc
SSDEEP

196608:5fdBEil2/uwZNQ2m1cmmSQznvcktKBkH0GvsjGnTM72wiN:9dz22wrmRmSOn1IQznTW2jN

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	net.kairosoft.android.pirate_en

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	net.kairosoft.android.pirate_en

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	net.kairosoft.android.pirate_en

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	net.kairosoft.android.pirate_en

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.kairosoft.android.pirate_en

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.kairosoft.android.pirate_en

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

net.kairosoft.android.pirate_en
1⤵
- Checks CPU information
- Checks memory information
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4293

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.kairosoft.android.pirate_en/app_sslcache/h.online-metrix.net.443

Filesize
6KB

MD5
31e376878275f8b2d7e8d00b2d574859

SHA1
db2ee8001adf008d832e2d059d93dada12ac15f0

SHA256
78a02294169a2eb97e1d654c9cce1b547824674ff9b3abdb8b9f3993556e042e

SHA512
ca095f2a8d710ce877eca0fee94928ba02508d880d90b934fea67bea57e67e3c5e8cd7e1bb8b623971376ea0a14645e258461a8d2f78174618185292101aa4f1

Download Submit
/data/data/net.kairosoft.android.pirate_en/app_sslcache/h.online-metrix.net.443

Filesize
7KB

MD5
9579a278c8d6445d9f289680e929c84f

SHA1
44657b91043b90343e99d1bcacbe29ebdb97c8b5

SHA256
d517ac41f4897afd9a64f3fcc748e140fcf00b1f996ceacdea3cdbdd45c017b2

SHA512
54cf808b7ecd4cfbc41e640e7f25d6fec9a4ea0454194d43ee39c40d9e565c3545ec4e54f37538cc9b0eef9c850f8c4536e9258c108577399eb53a0fd7e1e727

Download Submit
/data/data/net.kairosoft.android.pirate_en/databases/google_analytics.db

Filesize
64KB

MD5
e41bc57d4e09a1a84d6a194a671ae7c3

SHA1
83ec712798437df10a3daaef541a1a46164e5222

SHA256
a844c9dcb724bd8ef7ac34dfd9e8759d7e102b68756b3911214adeec1db6b2ff

SHA512
2c5adb469c6161da9aa55f90991159ceb7090f4ddc2d7f0bf3f88d1b76496186197d03bf70854449c7b7eb21500082f139c523d389a5fa4d55c2fc72940c651b

Download Submit
/data/data/net.kairosoft.android.pirate_en/databases/google_analytics.db

Filesize
4KB

MD5
0979a592ae4161870d8646f2d9037a88

SHA1
b757fc54dc0e36fd12656d475a6cbd2d564e4377

SHA256
8118f7f22ec85e3a58e1138e54fcdfe6484ef2b00d5c1082a1d0889c64a62dc9

SHA512
8e1aee5fea09482d31f974a00d44db2ed8d5e4a4a34e967c779037fcdbe8fbb16525d663d407b30c8ef896e0af0dfe8afda34311cacfff0000cdfafaa3070135

Download Submit
/data/data/net.kairosoft.android.pirate_en/databases/google_analytics.db-journal

Filesize
16KB

MD5
31f9eba907f9bf691feb6e27a4b283a2

SHA1
6cc1628671f08d5de88e5b2ee85f6e3026eaa1d7

SHA256
89f1da13ae1cad9fa50ee446a29b5aa6961cb41fd21b983c4848e98a8587b6b8

SHA512
2f765efb7b89df1be3cb5e1f24c1ced6b8ff1bf5b69758483908507ce44d46bceafa56e4bf7253c42d986c2b2556b4e1f59ca9f6ebcb488fa7dc1c5c9e3cb258

Download Submit
/data/data/net.kairosoft.android.pirate_en/databases/google_analytics.db-journal

Filesize
4KB

MD5
e761e62f99b9c93fa0c5afef28e5a547

SHA1
63b0b9a480453e5e7b5f6ed5825ceda2c9aef357

SHA256
a501899a2ba8d478ef7b80333c3f45f7092b6036087a45edab75a68b249a6cc7

SHA512
ac47f3da0b805879685096d7663c15eb485bbf3660c3626b71204b4e9c3df19f2bc180326b6439ad472a50d4d8b2335852c5f6d9cce3534a9af51de52dd845d9

Download Submit
/data/data/net.kairosoft.android.pirate_en/databases/google_analytics.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/net.kairosoft.android.pirate_en/files/Tapjoy/Cache/305e92b552f0b149f572e401c5e9b4fb1d1c5bbf57888f31b39e47b04b42e92b

Filesize
3KB

MD5
5de4c723cd74e72aab3768c822b59f6e

SHA1
6bcf0e7641be9d5f6a9a360239ea17180c5c24c4

SHA256
634117884ad6e001da18755836bfb8a3ab8140a00d8e8e8a5ff401fb8fe31a4d

SHA512
f3d074e6fba27f33522f58efbdcc07ab5b01ef3c7f86ad62ed4fb15a25441e8b915f9a5160713c01ed4fba74dafbaf0523f2a172a54e5fd8e8008f3799b426cf

Download Submit
/data/data/net.kairosoft.android.pirate_en/files/Tapjoy/Cache/72cc2ce4c849a74a571306657b38154530fc013c5619d2756cb44006b71281df

Filesize
23KB

MD5
cebd2eac9e5d22dde187020b1456ba55

SHA1
080d9bf7be8dcd1d0be2db35b9f377313e2ca64b

SHA256
d65370d78e962ec8db098b0209f1de275bc20df21e4889a5ace5c818968c4091

SHA512
3b90a1944af8cbd4f15b2f2c8963e69e3353b47a0ad1205ca79bbf630efd2a66f9e1fd66a3a862bbedc997af3ed29cfd9dde4eb6d2056aa074e24854542a9432

Download Submit
/data/data/net.kairosoft.android.pirate_en/files/Tapjoy/Cache/fe34bfffbcd29b1755f133c19aaf4621aef426e082ee6ff530f12b91de36a0bf

Filesize
49KB

MD5
ef998efc9d10eef6fcd3d5dd8149c84c

SHA1
1c5089ba85c24230fea9b646e7c860354f71a03d

SHA256
a84b4119c5ae21da53194e5dea2ee3f9bb12e51da81dcf8f1823305603262ee4

SHA512
d3c937fc1aa8490d5348a73efaab7d28f1af4e20b3e43189364344efbf6abc2e2d6ed6dd03116d014ce94346265e6c293e01545bf246d57d8ea477aac47ec3e4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads