226cbcbf28bb47cbf0f1d7e3e0ea053ced9f2cc9abc79e497d742051377b7125

Analysis

max time kernel
87s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22/05/2024, 05:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

661fc4d9835c647d05b2e5fe09d0fcb4_JaffaCakes118.apk
Size

29.4MB
MD5

661fc4d9835c647d05b2e5fe09d0fcb4
SHA1

a34d9bade370e59351b9de495764e5fe9cee85c6
SHA256

226cbcbf28bb47cbf0f1d7e3e0ea053ced9f2cc9abc79e497d742051377b7125
SHA512

12085dcf636fb4e6cb5a13e41874d61a103136caeda971d7292620e45f29f308a1b339f029e84fe176e7c23a8cd3daaf421271b73a9256072aa1f256fbaf8d7a
SSDEEP

786432:1CtAtynGuIMdFPuDgmd1eMUn02xTCxJxFqe:5tyGfMdFWDVzUnxe

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 2 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	air.ydk.lyl.game.XLQX
File opened for read	/proc/cpuinfo	/system/bin/cat /proc/cpuinfo

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	/system/bin/cat /proc/meminfo

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	air.ydk.lyl.game.XLQX

air.ydk.lyl.game.XLQX
1⤵
- Checks CPU information
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4249
- /system/bin/cat /sys/devices/system/cpu/present
  2⤵
  PID:4276
- /system/bin/cat /proc/cpuinfo
  2⤵
  - Checks CPU information
  PID:4300
- /system/bin/cat /proc/meminfo
  2⤵
  - Checks memory information
  PID:4320

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/air.ydk.lyl.game.XLQX/cache/.AIR/certificates/javaTrustConverted.tmp

Filesize
209KB

MD5
406b9caf17ee0a349c0e94dc2d97d5a2

SHA1
57dd14ff3cf344e2dcee47b71a441eddf26200a9

SHA256
6382243d7052d12d322ec7b19be2d1804713e9b2ed0edea0470c7231d32a750f

SHA512
9068a3e11bc37188a882b833d2238c3db2d13b83289bb6b84cb25e7a2a20fbe5cbf9d0cae3be88f5aea6ca00683cb1b212cf7dfcf1ef370f67411d03e93832bc

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/.AIR/certificates/javaTrustStore.tmp

Filesize
149KB

MD5
5fd2aa3afaf22128ca1a798c9b94198a

SHA1
0d46dccc1c230d2d5054cc96c821d7a21f43f510

SHA256
62f1634d0761cd1ff4a7ef6fb207d8293533876532f5456df461f8a7036e46f1

SHA512
1b06badf5c22ed020a506386b7523a7fbdf0cff0a48fadd7a89b36e307f005baf6abbbb27970a6d868b177f21c1b00fb60590a89ebdec5c2e77ae511b2155d68

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/AND_Google_SDK.swf

Filesize
42KB

MD5
122c68a2b30a5c76fc02a74619499413

SHA1
78e59db190b7fe363aa1655630c03e2549c53da0

SHA256
21590b8e2c8563ed8aa7e59f86e248cc136abe9f1e13751a2593064ecad98b8a

SHA512
a583691766f3856929e10cbcecb047ab24432f328a1e35da3c34901f8deb6e32e5fc58dc869dddf011d4451f2eb38e27640144458aa85fecc763c861df3152b6

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/GameV1.swf

Filesize
664KB

MD5
b822360ac62636ba2a662eeb98579369

SHA1
c7fd9927575be867463010d28216e50b37ba04c9

SHA256
fdf28f9779946daa49cb1204b3a4b815e3adb29c51d9baae7096c90195694d4f

SHA512
f58ef2a1e50e02bbf02579675b320d579757cb6d5384620e054325e4ee9272ab008799e6a1d4da999f9c85aa32b1ad259ee85b6828f2459a65e39175446e090c

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/META-INF/AIR/application.xml

Filesize
3KB

MD5
a24cbcda2ebe36152ef94c418a521737

SHA1
9510429fea5874500bc7179f8a5a693ae923c80a

SHA256
f324323e0d847885ff69459c5c613c2d8900183b1b5f8d8724952561105a058c

SHA512
1298658795a225f60227546502b64e8d94bb7bfa62e22f036659fbb287c0b31561dbea94af597aa91fea303ac7b85bba9eac73f3124c35a08c6df2329f72d88f

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/META-INF/AIR/extensions/com.freshplanet.AirAlert/META-INF/ANE/Android-ARM/library.swf

Filesize
2KB

MD5
b6ca66c2b1b885163a18ff532ab54a93

SHA1
d95b8302a56e323e2b404052cea93a257d8dcaf5

SHA256
0f506b43b23b5fab2684506b6d00971e18cea6590442bd120d4cbeef93a04fd7

SHA512
8710b119a02dd90d5a2f6e2d5fdc298c76375cf018d4d1507fac454d53f6bae4a57c3354d95fb1dbadda89984a1bca01793276873e707d7eaa22a5237697fa01

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/META-INF/AIR/extensions/com.freshplanet.AirAlert/META-INF/ANE/extension.xml

Filesize
1KB

MD5
986e1a2de92b492fe5afe13a01852000

SHA1
aac35e6ee9bdcdfb0ab8e57c2afe05b2aa298ab6

SHA256
967b57cc0a1f20aeb6ed985c56542ef5ee7c1342f1d4789c5090798050b50185

SHA512
434329de77db73d1088e426d9e2c79754fee3d7d85f63c72a0604f6de953a0154d3f0ba0354322cc51f19ab66295253629df1dc33d0bb8666fc4d783bf39f948

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/META-INF/AIR/extensions/com.studiopixmix.anes.inapppurchase/META-INF/ANE/Android-ARM/library.swf

Filesize
4KB

MD5
634c730c57b9d36f04d27e9abe790160

SHA1
07eff4b207e19459d084ae29d8d00dd9495e7321

SHA256
146a96d8bc620bc4bedb04614814acd667e13fe51eea802951c821356f831b45

SHA512
53cef735c43311a371c41ad813955513d78b4ed1a5c5acdd13957ef7533af214ac54fa466453071a5d0d0026bc4ffd80b31c37bc2b264d7f6252615cfc51e69e

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/META-INF/AIR/extensions/com.studiopixmix.anes.inapppurchase/META-INF/ANE/extension.xml

Filesize
1KB

MD5
9e1ef9113a0708622d04918808d5a021

SHA1
b160fdb924c56efff76afba735f4417bd893b514

SHA256
155dc08aa0a614e2e34bc4c4bfde38c49dd7fb65c0b00d81366466fa853ae061

SHA512
76aca3e57b2fd5625eb28bfafc4f98c1bd393164efa86797f7e1db2fed066323d5f14fed8cc1d6a5bda1129a4dab8f471dcc155d00de76a99987881b8da93acd

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/META-INF/AIR/extensions/ydk.tool.ane/META-INF/ANE/Android-ARM/library.swf

Filesize
3KB

MD5
28478311a87cbbbf1c1309496e7aa183

SHA1
5c4699dd10893a1e516e1358e7ebe5a9e2766bac

SHA256
c5035e5674cbad1a11ece1139eb5f6d1d2c150ddd34f82f1e9288e28620c2a4f

SHA512
dfaa6f6336df6ef0795b155eae6629065e3990877153c95f5844115806fc06bdf832211e5eea3832140503d3516b2ed00531e1d557926708c2f12a94b43c81bd

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/META-INF/AIR/extensions/ydk.tool.ane/META-INF/ANE/extension.xml

Filesize
401B

MD5
1e4959321e91d2f5cc096536a95ec4ae

SHA1
5789d5bc259e75f60a674468bd28c1772101ce72

SHA256
d8e72c924dfd81c90e0fb0bb545fa834c663ae8fa2150700410cd0c08ec1b591

SHA512
97cfb418f6a5043384d1a06e3b3de0af64e0681aa183cd4c7b029d3865a64077acb00f587dc4730abf7100ad38fcdb1c6791407db68447d504c9d395646693d2

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/image/bulletList.png

Filesize
2KB

MD5
a841a30c7b7a6cf09a15278b1a8612ad

SHA1
6cbdb54f6ce869c150d3bfee9e14e7b5d1204103

SHA256
bc880c8d8c94d06f8e26e911540740751a0d724bd50c14384557f95fe3df2383

SHA512
5adfff05526378a294dc068f9f68eccde85e1d9e1546239f28755760a31fcbf2efee2fa19ffbd4e16bc1af961c664cd6edfe9e440ed52365ccd7f01f09f5d369

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/image/plainList.png

Filesize
4KB

MD5
c546c9dae75618a8b25cdf24b5d1f564

SHA1
0287e8536944c6723b7ebbdbac68b4a0ad9f824d

SHA256
9fb6628a2842a62b5bab995640f80cb7837de107fb72cb6e0a1368bccfb419ff

SHA512
c904f1ced0a8e5fdffe6369e8ff5940e8877a838d26324065d172e133b1cbbae814f5aac1859d6eb8e4ccb24910ec9aeba11bc7c3465c85230d8888923b8b733

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/swf/AwardV1.swf

Filesize
106KB

MD5
a79d6bd78aaee2d349e32abd8688cb93

SHA1
9326bcad7f5f668be4fd3d24849da1b96dac33f4

SHA256
30707adf7725365e2b729d2489be0c07a74277cb53dc4fcbda5ec6f3c6a26d15

SHA512
d4ea03e538f04490935e30427f35eca5a71c4ef5b262c8660811814fe10296ec28475f0a94b027302c4006ff5609b5f7b36ea497466110a84bc639483bff0215

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/swf/music.swf

Filesize
476KB

MD5
f3f79cf3edbf678706702cbaea717332

SHA1
6ea325ec86a7a3cbd56c0656799592c98c53d542

SHA256
dc1213931330a8d71ffc159837dfe29f58b25dc74872562656bcd3d8c67e0216

SHA512
a92e604e235ab71606831d10a5f7b92e915ec83162c3855fe9f76995d1ca33362f3beca153c82c6f4468eb692e22ea7e020b8f2032dc8ceea6b3bd6865b08628

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/swf/ui.swf

Filesize
1.0MB

MD5
d1e32ba4d9baa39c09d36fc1dfcc541b

SHA1
295ea71ed6972bd5f1d56bbb2985cab2537a016a

SHA256
d1003e5b8244b3429f1466282cc4d6130c4710a97aa691794185ff4505e5415b

SHA512
1830cb8c0459c16f16bf54d3e74369448d89e08fa3832589ad86de362c2210dbd1d939a55596e89460b2b65f88c87cebc88ce41785c34ccde612ff86830dc99e

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/xml/bulletList.xml

Filesize
1KB

MD5
1408b82cc1caf9a9af048b65840545b4

SHA1
70d258edffcef32164cd4d60fdc5382b660c4117

SHA256
af492be1142193df8320410560fb39f8c34a0d9427416be163af2de6b86c7200

SHA512
eabb569e2158151a1a1366d9dd9b024b758f485c16280a3163c1eeb06172eb27d1a0bae8b3819a7faf4fed04a39e6838136ad59f7cae26017a3a9e60de19491e

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/xml/config.xml

Filesize
1KB

MD5
2728edf1c6576acb23ebfdf790f1a0b5

SHA1
66c23ddee63594d3755c3c4431d07d76ef7493e8

SHA256
f03688297ecf4ca660465a65c57b251083eac3ce7f7e42424cc83180497fea8e

SHA512
f445486dff6e8bc10483e1432593b7b9bc26810a48f756697efac9f31a0b229271b5a2ef99b5beb6cd14ea4b673fff5f94291b33ea52702cf4d36edf73d71194

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/xml/effectList.xml

Filesize
7KB

MD5
b3d1bd0e7b203ac28a49bb7b9f785a5b

SHA1
3d2bff155169355400e10b93dcf9087d2ae1add2

SHA256
40319afb90238b2ebca2c256d8f4bad51f35156d4fd5b9941406d23f8e30e85d

SHA512
3464e5f60b62272012bf9c2e849d1f71796f17dff9c6c7901a187fe9c03390f9ecb9de1fe09874d91412fb555a6c36d0825c16306fb2939399036829a6bb88b3

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/xml/gameData.xml

Filesize
2KB

MD5
173f9902b7e2fb5a4c58097f5ab3f718

SHA1
9969b4741cb7d1929dc1f86e210ac82c83d1ef26

SHA256
2946c71cfc070e8016f47c2425ff1da4d5c655e69658bf9e9188d00b47c61b79

SHA512
69a76b84b1d6eeeda1beae5ea216f554cfc312c780ce091c4c6c49a933baedd6e5467bb2d6536e421f5d0a5d38542c9dff9e7e37995279a802bcb08f69208777

Download Submit
/data/data/air.ydk.lyl.game.XLQX/cache/app/654f737c-152b-46b5-b31d-912ac8f3ee08/assets/assets/xml/plainList.xml

Filesize
294B

MD5
a62174a2177e0b675a5800796c5fe650

SHA1
68a1b1eb83f3cace540c4023f79913777b1322d9

SHA256
fa37a706b5336154dc4be7b088854ce8df3305e2de615014d6095fc423b04596

SHA512
90c6bb160ced86ac4fc713213f93fc13a62f87fc756b623526281882c5ef4eaf0597e7916c294a8c006ec075de742b3ca00305ca7cd6a6162efd7ff9d910e163

Download Submit
/data/data/air.ydk.lyl.game.XLQX/ydk.lyl.game.XLQX/Local Store/#SharedObjects/jhcy_1.00011.sxx

Filesize
44B

MD5
4b28bda73945575ab9b3b2683084ee78

SHA1
c2af5aae6c52d53f539bdcbba4ecd4f2407013be

SHA256
00757f0ec1b1bf9bd50f96375bdd2e2fabff354896c07a63339e73a3d584bc1a

SHA512
75bda4ebaa2578562f0084e5825f6c0acfed75dbf76b28aa737034dc2e93b82907644011217af0cc4e93f64b6a6e950e149a617ecc78df8445fd32915a5636c8

Download Submit
/data/data/air.ydk.lyl.game.XLQX/ydk.lyl.game.XLQX/Local Store/#SharedObjects/jhcy_1.00011.sxx

Filesize
708B

MD5
c988209d4fcccee68af47f820d0e37e8

SHA1
15ccd2af33279650c2f9c0b80d4d748eed9f5d2d

SHA256
2ad63b1277dc6b754b77d86bb84e8ffbfc997f1df08124dfb3c9acba572a28e8

SHA512
8fcfa9c388a6dbb64483d64970ec19d70fdcc532911d529b417cab9f7b819071d3a194e8fdedcbacba243e66cbbb091519924bab7bab50822c0ffa33f70654d9

Download Submit
/data/data/air.ydk.lyl.game.XLQX/ydk.lyl.game.XLQX/Local Store/#SharedObjects/jhcy_1.00011.sxx

Filesize
889B

MD5
f7d08f8de51fce9cdae40bb070aed270

SHA1
9f18fc72bce420955731aefbd63fa7bd8bb895b5

SHA256
802a0c2c1a3d27525d0053528995da5fd4404c3e5f99db2059ec159fbca930cc

SHA512
56bbe2fd2e7ed8977e61e103a1de3b37872f145148860d289cdf8b695851ecc90106654a7bdf3d9df43e687a6a7b4ab41e5aec70e828ad4704c84cf1411a01fa

Download Submit
/data/data/air.ydk.lyl.game.XLQX/ydk.lyl.game.XLQX/Local Store/#SharedObjects/jhcy_1.00011.sxx

Filesize
1KB

MD5
8ae78e5ccd2c36568e11f34ff5a43286

SHA1
796c8b9232ff33a840cf6c7e7b8405ff8e4d6630

SHA256
0e58887f498ea33f660f804370bd279c11e6d844313cf76e2478896a54f9c3c1

SHA512
cc9be6b0bbbe4506228d0b0df22a6fcc37af964aea7a2a950c48a7df2fc301e9ba47970877ef9e175718788e666423f2f798ede1779c929e8e6fe7ca8327766b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads