85f7d8741ece7b61cbbea7092e93c1ea6fa4d7cca852f7acee56fe3cee3836fb

Analysis

max time kernel
161s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 10:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

66ead896cfa53af1ef1dba508b17d6f0_JaffaCakes118.apk
Size

11.9MB
MD5

66ead896cfa53af1ef1dba508b17d6f0
SHA1

84cd186d946ae93cee5bdda04b6a97d06564f2e5
SHA256

85f7d8741ece7b61cbbea7092e93c1ea6fa4d7cca852f7acee56fe3cee3836fb
SHA512

ed732f35756a26866d6c1f041d2eea8d08823d5303c187dd4179df2798b228ef06dbe685df4e05e65298181e727c90653a32dc250e5ffbf48b27e3a341a5c324
SSDEEP

196608:gcyDpSrccuh2BpM2mEQuttJr0Yncdxzl0tN0rY5sayVKMaRZ:gtHPwpUEZyKcrzlqN0k4VKb

Score

7^/10

impact persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.voolean.obapufight

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.voolean.obapufight
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.voolean.obapufight

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.voolean.obapufight

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.voolean.obapufight

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.voolean.obapufight

com.voolean.obapufight
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4296

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.voolean.obapufight/databases/obapufight.sqlite
Filesize
36KB

MD5
e4a91e5f5703ff3b11720346da39c085

SHA1
2c79dea122d109bab6c75caf70a7eedf7acfc786

SHA256
b8261c56d96b4c671200153a4405955da09d9b5aea33e2701dc9b4a869d14ec4

SHA512
ffe969bccc55e8b484a17c04315c931be843e99e0a53bf8a775d1e1b9e1526ce6d360bf9a62bb4f38fbbe6b7cb418268fb2e9f2337f352730a1f02f60b28e684

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite
Filesize
20KB

MD5
1ea3e4fa7d87a29c0bb88bb4b108daed

SHA1
2604883d4cb0740c1058949a1f7b131c05d17bbc

SHA256
27e102476d7ff06c7c1d12eb454aff1be03b76439b366cdd8db8a525f41f96f9

SHA512
0797776bb3e720ddb8fe0cf1ddab9cbd4c1d231aa0b76927e244b49a7b6f66cb6297e1c74df9068828903d168960bcee3e7ec61697e2a50e50d3c2c3115c2627

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite
Filesize
20KB

MD5
1a512bf2d6a821cafac02b0db46d7585

SHA1
8e8c8c5639b26ba340a7e2646d0d97204456a6e2

SHA256
e4cc6d77cb71ee608e9c4bb6c6c8a327d1eb7f475e2f69b1e8eef418dae9dbc1

SHA512
c74868d24098ec27b55d27987e4eb8045cad345be546d1b38c0d79d5e5a213330a4a548ac09557fd210f078f1da498f665a5784ca6eb919eb9cbcaba3c43f743

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite
Filesize
48KB

MD5
c36876a2054f46d075aea52a58d21c66

SHA1
a882d1eb3ace2263f79a194b110a379af595ce92

SHA256
f1a23eace828f9332fa4f7dfee4bbad7548dd844e42d1405db89d3a3abb6925e

SHA512
2b0288158d477cc8dd19d00251629b3139575a1e80f82e3036ec21c3d3e4028ba34e0b443477f2dbee1bc354043be53432a0b870f1a83afaeac50e39c3e07ae8

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite
Filesize
20KB

MD5
60455450bcee1e8db7b6788661800b90

SHA1
9b9e4b2379eacb0ff17bf2b141e57814e39a8185

SHA256
49eb7822015d49110c1e72d042eceb220bec8860145c1582643fb685d1d5c29f

SHA512
b8d60adb9d1b7c5b9d0c3f6f58617dacd01974ce348b8d9bc2256a786566158904e3e58172fd32a2c65d0802a123f2e26a551ed8a6af45f83afebefa892623c3

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite
Filesize
20KB

MD5
9fa949f8acbaaf4fa0fb2fd6f2620da1

SHA1
9ec2c8aafe2e53917b39bd64aa2ff06a29b1eae0

SHA256
fc8a3c270649c3d395413dfdf7ab26c10a1524b636f217a22d916522db8dc8c6

SHA512
9d84aa7893aa6b55feb692e72faadc7681fe512f03595aa67e5e950a244422eea92b4df4b8081c711d576a0afd156614cc958221cff06f2d57313e96382f6edc

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite-journal
Filesize
512B

MD5
c277a74da8b1d9935442a97129d91042

SHA1
1182130af90c35b512446f1208f275b8b9908298

SHA256
af58ec7625c8f25654a1fc310ce03e91614bf3ffed3faefd5bb449ae7021fd40

SHA512
8e78a4e35291042a60af6f5d68cf1857dcd471634d618a960d0dbf1126568060fca5f4e56fe2eb2f8bae90c6e953f49eeec6870c48f98615c50863b679b1b27e

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite-wal
Filesize
8KB

MD5
99b673e3f6d5d8504af4e01062c6dc99

SHA1
8f885ae8bbf69d6794d8574ad3221f65793115a3

SHA256
2eeae7fcdbcc90d192e0bf058c5f510e7768ed8e67bc32828dbe9e36b7ad3640

SHA512
52032bbbba4687e59955a32e2ed8869e861752e6347d9d6fd30e54133dc2b0683c4ab594350bcb71fbb192273c48d4489f92498881e5d1e0e305ec4312d6963f

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite-wal
Filesize
24KB

MD5
1b51dc556f4503fb2ece0884acbebe07

SHA1
ac92465df78475685741649efb003e7a92d49c96

SHA256
5b4819084efc176d4fbb86d368e950d619750d530f2cc3e9debcf15e0317a81d

SHA512
8245640ffdc25a78fea66d29dfd5165178776a98a679ea13b7a4ac64c1ca0fa049ec73deecbf55d13b0decc6332948f2913cbfee1b17866585b90a0c94266ba5

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite-wal
Filesize
48KB

MD5
f9d723d521ee9e32cda50254649934ea

SHA1
54a822a28e8fc61d288356f79584e6c9f12793d0

SHA256
76598281713e9ba97b824b0626292fc42a232a6801b417ab7146b952e8845ed1

SHA512
2d1dcf96c5fb07a23d1e88c62882b76379ce89ba57206792d1abab4f26b569eee040e0c0851fa0161b9e0d8bd91b72cfb47b21169df0b151d4abb34187a5430c

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite-wal
Filesize
8KB

MD5
3cd9e954023020b1e00494ed0a5bdd06

SHA1
5638700640ee1af9a8d904a6f563b9eb2d64b9e8

SHA256
52f3d964b4146849bf89f418ea00339a20ce57c58cb90d2f4535ec2498150031

SHA512
a862773a5be590939a31e9665c65312b297762d58f092e2ea2bf794e3dc7d277214ea74ced5ede7f4ff84c4f606d52b956065a6b8595b8aac3d1911907c0aaa6

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite-wal
Filesize
8KB

MD5
f345f6ea1c36d3fc901e826b7561fefa

SHA1
90078913eb50c51a264f686e8ce14aac57fb3309

SHA256
d3a8332049e1a1e910686b8ee4f793beb1f0f4b2a5728318fb3fdb2f9da792b8

SHA512
0a1ec2fb10fd72b492f906fa77a523f0ff5a8b66d9c62312485efe9e2dca78113d0ddc81c5c2c0dcf94da9fa809946d1815f5b7e226379c3042c4e916515003a

Download Submit
/data/data/com.voolean.obapufight/databases/obapufight.sqlite-wal
Filesize
8KB

MD5
17718dcb59055a0bf7eb47330b666133

SHA1
14fbae9ad3bc02e154ed23337437f3f4fcde9377

SHA256
94fea4151eff6286e54ef4029f0c88690b0ed65134d48af410e571876e687a2f

SHA512
0901097c528887858a5c1fcaae154b75e74fecb7c67211fe581fb66f9cb0a6f498187cb6fb588b2efd4418b7411654ca0d48d4b028c702d08f9bf82157e6e4a1

Download Submit
/data/data/com.voolean.obapufight/files/gaClientId
Filesize
36B

MD5
577c7a96f1d771b59ceb00724145d347

SHA1
af617640b112ad1aa4152aeae8e94e585d97f058

SHA256
f522513b58fb08d9dd1d91410108d0c1a8621c95cc0ba5a618cf32d43b17b287

SHA512
5443c9ad94f37073a51c414b559656bb0576c1cd6d047a83e6231ac7ef2f7693c42a6a41888bb6f1aa0023834528a9b8dddca2f188a415ba27272e605a5f5e6f

Download Submit