b1fd16e54426538fa9b69bab4ecad7433a31efee28914805bf0b48e741bf03f9

Analysis

max time kernel
104s
max time network
149s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
21-05-2024 14:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

63b1d4b072a6dc26e912296925233be5_JaffaCakes118.apk
Size

4.7MB
MD5

63b1d4b072a6dc26e912296925233be5
SHA1

af7b6943f913a9b8f27f29af3f56ba1a56fdfadf
SHA256

b1fd16e54426538fa9b69bab4ecad7433a31efee28914805bf0b48e741bf03f9
SHA512

791d2bfc237cc96bd568d9bf4871aa40858b0db9b47462581e12de87707f1d69a52d0bad3d44ee0ab09a3c21743a09ac6778a4d56c48a9dd5d3a36f9b7abf5ef
SSDEEP

98304:HHafc4//i3tWaVgFaX36mkuKPVmP37yZUJKMtXVbCdo1ilc268fSJRX++5XO:HHI/iBKFaXSUGZUKMrnw626tvXfA

Score

8^/10

banker discovery impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.sunshine.gamebox

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.sunshine.gamebox
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.sunshine.gamebox

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.sunshine.gamebox
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

System Network Connections Discovery
T1421

Processes:

com.sunshine.gamebox

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.sunshine.gamebox
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.sunshine.gamebox

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.sunshine.gamebox
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.sunshine.gamebox

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.sunshine.gamebox
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.sunshine.gamebox

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.sunshine.gamebox

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.sunshine.gamebox

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.sunshine.gamebox

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.sunshine.gamebox

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.sunshine.gamebox

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.sunshine.gamebox

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.sunshine.gamebox

com.sunshine.gamebox
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5107

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sunshine.gamebox/cache/network/journal.tmp

Filesize
33B

MD5
b45ba83b06d0324bfdb64cb730ba10aa

SHA1
02c1d65823ce94bf1e9d0dc5fe756017571d558b

SHA256
92e87187fa61d8d625dded97035fdc062811dfe4cd61f33632b2fd3393b7b84d

SHA512
8b0ae65ba4d013024c294c831328e942a9880e013999eac95ef87b1c54fb3f5c48068521f06f86f1790cf7e90cc27b5d6ac009b3a09d36bbb2c9ad6ca3eb9880

Download Submit
/data/data/com.sunshine.gamebox/databases/okdownload-breakpoint.db

Filesize
36KB

MD5
5953a027397bb8db4acd1b666bccc1e1

SHA1
86f9c1b48615ba33ce8ecb4da32fe988f1e76623

SHA256
1b547f0eef0a991f8e1494660bbc1ccb38a087e9ce3dcec84f61798ef20ea1d0

SHA512
3a9a56fffc18366885dc4e13c145d36e2afafcdaf9d4884c771609a46a8621662053a22b3a88dfa3d7f1a186d9c2674c37ba47f18c25aeecfd11f78573e4e1e2

Download Submit
/data/data/com.sunshine.gamebox/databases/okdownload-breakpoint.db-journal

Filesize
512B

MD5
c67d86f8b287084d2c3fa3e89b454553

SHA1
b12868b248262e9c8680fdf15952336d30418cd3

SHA256
24791d6bf673518a7dbfc40badf032b2937809bcbdaa3e2f213f65b363a7d31c

SHA512
3fc2c95440a531248f71f896bb6b38a52e92a88e8874746a11bf02721cfcbeb0434602184be7a64e762ffff2da46d662f919f86f23a1090fd1ea732d42657a73

Download Submit
/data/data/com.sunshine.gamebox/databases/okdownload-breakpoint.db-journal

Filesize
8KB

MD5
0c6e6092b8338d4a67487cfbc28ed9f2

SHA1
092339ad421ade6ef58cd7731d711fe9075fea91

SHA256
586065c2a10eed1968233097e9f4c29cfac2520c51bb0a218e08dad47cb52f51

SHA512
132ce8fa63d1ffee74708fbf69b7092dea40f634d28c3d5c9619687c0a4e771ff8d66d1544c88a56a1eb861965ad95c3aa139082bf14a33b433e50350aea71f1

Download Submit
/data/data/com.sunshine.gamebox/databases/okdownload-breakpoint.db-journal

Filesize
8KB

MD5
05b71da4cd2987a7c7f5c5f61c6fe5a4

SHA1
1ea76b289b7cbb836a54b301142c534026c550e7

SHA256
0bfa0c9d08ecb2561fb4092e8b7d1e3481827261184cbb82d614daff5691ec48

SHA512
d953c048678a188de624e807e434d1ac0aef533f210ce1af92f7d11fcc8a9a94a5978ee49b503bd97cd5048305a504cac728dcb73f90eb1e3da7a2e62aee751b

Download Submit
/data/data/com.sunshine.gamebox/files/__local_last_session.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.sunshine.gamebox/files/__local_stat_cache.json

Filesize
697B

MD5
f93d1652c1958cb81c9d806215cc50a8

SHA1
a97a808c872a811fc78ba93343f91f9f999e53dd

SHA256
e866f6973af00e011db3de5758835ad6d13b5ed10133a696a037cfea35c127fa

SHA512
217d89496d00b16940f89ccafeca0f807132286ad78351990a5db6c8087957c15b10eae483255b7fcd01621dc51b1a279e10a3ae8ded2b4fe2215841c7c83e80

Download Submit
/data/data/com.sunshine.gamebox/files/__send_data_1716303298846

Filesize
950B

MD5
4aa08c7cb653cfdbcaa3991712cc580f

SHA1
fe83adf449196987ef697d1e8de0175ccea1a647

SHA256
8ee2ccdc1f6e527f4ed0cc9771a998ff33aafa38ae452b3e4ba5d47f89b52201

SHA512
79e75edbee3890932fd1e03e9862a6ad9b93fbcc45bec3fe8030c4e5c4ef4f17becfc1d9e9810d1b12bb8dfceeb31b4e6867f971c914756fda4899a7ea79d872

Download Submit
/data/data/com.sunshine.gamebox/files/libcuid.so

Filesize
109B

MD5
4b9c2f1a05ee7e3fbefa5468d71d94db

SHA1
2928937f8c20b8af3000040a5baf9721f4c7f6ec

SHA256
c15eb5a7d4225f4fb65c19f59e946c4064da9482977787ccefbfacc648027109

SHA512
50be82ab3db83bd4b50bbff35e0fb316adb05f326e4e63e8b7decc9debcc76fc111bd43b836e68ce3372a03e4584900b79a9c41f347de5f9310e509414525bb7

Download Submit
/data/data/com.sunshine.gamebox/files/trace_circle.data

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
/storage/emulated/0/backups/system/.confd

Filesize
20KB

MD5
e31fe5c5207a9abb116e8b90aabf8b66

SHA1
10d6ad191ff9d46a65f264899f104f475a3b1469

SHA256
b3e5232237c4988c6874a205cb9fd093de022fc03df2a7bfae0893e466775581

SHA512
a378fa240b23f566a4809f621a03481a66942fb275431c87e58733a78c23eb5c7273c7b5b496ce06fb0ad14b7621e0b79efc888b401810ce08eaed8b22a24033

Download Submit
/storage/emulated/0/backups/system/.confd

Filesize
24KB

MD5
8f198adc65fd27fa2aab4678c72e8ca6

SHA1
cde2e2d31747def52da4a9fe9020db12d0befcdc

SHA256
e7c3d408ac16c3d4a6fba14a65eb2514671ba4c22b0b8948f6d7217468e7cbce

SHA512
e71e2da7632ad2e2214e5a868840ce37f52e9f8cec6093b19b422dd947311e511a6611c60f1740655d0491d54287364a363e57f55e39bb38b8b6e5da270e1a19

Download Submit
/storage/emulated/0/backups/system/.confd

Filesize
24KB

MD5
fad09929da5a21c1bf88132a709c6576

SHA1
cd725653d0bada678e8913ce6d33e458c9c2d50e

SHA256
988e511c4207ade5eaf5d4e9c743029b61348343aa4be161ed03c61d20bbcaa4

SHA512
7bc884db9d1ec4eb378e46f7d522ab3625c54daeac47e1950e140f8f14d694e144554ad39f18ba307cd3700502244ba1784525a634ccd0d7b702359ef6ecf299

Download Submit
/storage/emulated/0/backups/system/.confd

Filesize
24KB

MD5
786000c73f3d4ee909812680c602c6dc

SHA1
3603be6047ae2070f6731530eb430c454c07b25e

SHA256
323c7cd5c55a499924d75f9c9f8c6bb431b06a680621339e977b112319e4d859

SHA512
2a5ae5540665ac804af6bea1f8d3e69d313f8b11fcff3611a7c16f11899a37acf4e442656dab3bcb8429c82c928acaf7ba05a87c1d457030b0efc520a1a6a36f

Download Submit
/storage/emulated/0/backups/system/.confd

Filesize
32KB

MD5
c9c1faea0f8a88d6ead32f3676dc8dec

SHA1
6989e9f35a2eeab98a0f23c40a514ac59721b1c4

SHA256
42236a5932200b3c32cd9496c3bf1e73290a351a25326058c6777a91e5fd8476

SHA512
e21a44749eb4016ad0860f4494fce3b2716da255efcda3979e6bf36754b5038e7f0f62e8aa4af617d5a739d3eb36f52d988f146a3bb4a0e53ac6e6ddc2352b45

Download Submit
/storage/emulated/0/backups/system/.confd-journal

Filesize
512B

MD5
687f5ad3a09f14a2421f4bc4616dc89f

SHA1
956d8f39ce0e9c6c04fdf36986a96330a3f05b15

SHA256
621fc08b82129cc214ba8b03e32fdc430d3b6433bde13437b1bc09036243a284

SHA512
394b24adfe92829c4737179d9500557acd415851485da862c2279a50fab27bfd7db81d0c5ce1b82d17369aaef81eace7c6e9203c70a84c246ff6f9cc701910cc

Download Submit
/storage/emulated/0/backups/system/.confd-journal

Filesize
8KB

MD5
f07a205a0ee0f362527611d30ef04ea7

SHA1
5bae457b72bb7854da50cc0dd45e0c547c512ff9

SHA256
2b73dbb51b4b611f618a4783cb40b4d0531d719c45275d505c202943d561bff1

SHA512
8080547e11af09c9206e178ade4d2f7b2feb385ef944a45fce2066f38aadbd0c958ee37fe493892e8082a820a34a3f4807ba571d1fab3ebdb13402ec694d0d26

Download Submit
/storage/emulated/0/backups/system/.confd-journal

Filesize
4KB

MD5
009c865f8c4dbc3d51a0d027ae7b8c10

SHA1
ed1164f37fa1ae20357e74b8702266d31bb5730b

SHA256
6f3acb86947d4f15ddeebc8d7adbdcf2476b0f5ac741d4df08e22da679829315

SHA512
86c1184b20ee1fa2a772d48cb9be9fd53728463d41fc976ebe7959c12bedb01254c49db2b9fe923ea4f35019286dba64e7f3c7d68b4a6e8a7ae8d1fb80513431

Download Submit
/storage/emulated/0/backups/system/.confd-journal

Filesize
8KB

MD5
d4ccb73e69d74d3ec3556e1f130b81b2

SHA1
ebc23f69f7783f26999921e09c3d02defe57ea4f

SHA256
2095e4209399b0ac2ffe986127b8bade6a6bf26d2e163beb7ee2a89f55584062

SHA512
50b252f6a8632c9de7ec566db046bf70e0c2d6eab2884a6e42f2eae01a3d51a64cd82fd21f444932f8194656124c73c64d818b7fd14bd7d6f1aed27bebcc17c1

Download Submit
/storage/emulated/0/backups/system/.confd-journal

Filesize
8KB

MD5
08bbe7e1bb5596200bb73744900c75a0

SHA1
3592fe87a60a4f3998294363ddd2806bc920fe76

SHA256
c00296353ba02fabde9f3dbef255cb68cd5d0632fff00fc33f1d4cc67cfae1b8

SHA512
b7c9953bedfd47b2b61a4187e4e4c3d71b01f7b20cee6fce76bb3f3d6a8f70360efbeb7bde0de981d4048da99ab86b0ddbe11efe9d1f6e0ac02aec4e58b98ef8

Download Submit
/storage/emulated/0/backups/system/.confd-journal

Filesize
12KB

MD5
7b5dfabcd1d91d0f348b0c1aa8539697

SHA1
6c6a2fcd128da947f8a49419461453c8dfa72fe1

SHA256
c8e3d7392e9896a94513eb0ece2f08538549fce835aac8607585b0a0ad6a12fa

SHA512
ef18f4fb199391a8c3832caf61cc80640d129f8f37a881d061b155d242ae7cf465543facc53bac5fa4222e2956c2f46276d57f7d131148ef62468fdf7ce33414

Download Submit
/storage/emulated/0/backups/system/.timestamp

Filesize
25B

MD5
f7b63cf68c3612eb7ec136c9dee07e79

SHA1
f229662354f7f4b5ca0f601cb9e73ef6f5b33ce4

SHA256
97a5ae25618b7e63f28db90a97cb6c7fa051dd812100b94c586b3f014b1d347e

SHA512
c7baba172d1ac542eaaf1e5f047d1a6a501a2b5f7b85298a37fd60830ae5bf825886e25221afdee530853a26fa532f7359c93196d99429cebc70cf973ade6dc6

Download Submit
/storage/emulated/0/backups/system/.timestamp

Filesize
55B

MD5
8d0623199216f0b9ab0b9841f9692540

SHA1
b9cef6c3d3bf6c1d3d2c11eebf0af9531883f7bf

SHA256
92011dc94e1202e651cd4b530ea2f725008130ab61398a10f4e7b185c5526f89

SHA512
750bbc8452d4fe892cbde42f3801049ff97aca82070bf4dd2d418e53bedcb295ac30e79d953a1c19c05f1bedd69ac3f03db92b443cb88278ecd4c7e236c6eabc

Download Submit
/storage/emulated/0/backups/system/.timestamp

Filesize
84B

MD5
3fc884bc5f358e040b47f16ea65c9887

SHA1
63638c581112682c74327eca6a696a1b61ddcc1b

SHA256
88e90caf7a18162455dcbc615f7af601e9cdef26cb03c2452d4d8b1b4d43c523

SHA512
de5a3fedd77689214e8d4a1e96c3f5c06f8ef1dfb6d7e7ab38a09088482f6ad56f80d0827328158a3c5da908bc10894a9ab25b29088d1c4c4d4bce69a1edb3bf

Download Submit
/storage/emulated/0/backups/system/.timestamp

Filesize
114B

MD5
af79108d7f56ab80eb5c99cf642c4e16

SHA1
0da8f9c2a2a8a8dc5e0aa10166c590a3383ff3fb

SHA256
e2afc51b92259dd9d8ab1962ab600584ee24ea45c45e772b6789363558413380

SHA512
303be261f190183b676103da62746c2b590c93777e9d45b9bac3b706283c457c6a119121188e4d59d588486f94af401fc9493ea36d62327e74d0794a50e50acf

Download Submit
/storage/emulated/0/backups/system/.timestamp

Filesize
138B

MD5
52e60035eddbf7dc78ab58a42b2724b7

SHA1
b095591d0fa2d0c6f2fa994913c83a710fac6991

SHA256
2a253854162c60288cbf63f4865ce22e367b160b781bfed09d81f1597fe07b8c

SHA512
3c2bb32eaede10a2c414301a5cc87550692e1730a909de5b58bed946eb2db44ec6731f2e5096dc0c4da258e31587ed9d3672c8192181c4ceb5ce0310edbbc586

Download Submit