Analysis
-
max time kernel
68s -
max time network
141s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
22-05-2024 20:23
General
-
Target
688155558731904770da467f6863d2a8_JaffaCakes118.apk
-
Size
6.2MB
-
MD5
688155558731904770da467f6863d2a8
-
SHA1
81df9aadf80b6d069e978b4b4002aecf8081cf78
-
SHA256
ee9ced2c0fd002ea1a2c7de69783a6514f9d73d478901c6b3b5da65869d5c8d1
-
SHA512
0a1f1091f4b5804667edcc410582173fb5ff5f958a7d121d7b4c59f0dd3c9d99ead3ff2e03070bf055f05322635e0d6274407d18a8ccc66b07c246f4fa6a395f
-
SSDEEP
98304:r0drTLhEpUcxh7EMEjze6/SzDWqy7CtyuCCW1QQDVx7efR42SUjNNkvIXkx9zf0e:rxhoze6K/Q5NpsxSUjXX4f0KB
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 4 IoCs
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes
-
com.glutenfreegames.ultimatejunglesimulator.hack1⤵
- Checks if the Android device is rooted.
- Removes its main activity from the application launcher
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/OneSignal.db-journalFilesize
512B
MD5bb0e2a28d1f8a78071f74713d4915a6c
SHA120e94afe805dd86e75b237fe55d5684ab186936a
SHA256d7aa5fe2746f92206d8f6f3cdc421ae40c80f5c331f4cd8b113606e81429c2b2
SHA5121993f09dfe80f0d1037a4d3224514aec956963ad93cde4c720511e9d0d8aa3fb864e9c19bdb36b553b4317cd90f2942077087d24c7112e68997bd8f447ed6632
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/OneSignal.db-walFilesize
52KB
MD5d488547ab34f7a45fb6f7f6bf3a54847
SHA16326eb9fca21483089d74b0228436e0b4d45b27d
SHA256acfcb46421703bd083d6dbfe6fd9de24143590c53b6640a9f028c0edfd611ac3
SHA51200d68bcb893d099a1936723c5bc41465d6084e6ab69e8bf89bc515dc619ee5d45dfc59094b68bbd5132ee6bd869f8dcd3d3e21e7a940415360f65d15d02bd801
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/evernote_jobs.dbFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/evernote_jobs.db-journalFilesize
512B
MD5ca6a7b0005886ee169b654839ede6b89
SHA14e008d00002ed831a07473ba0b07593b55cf1c22
SHA256a3e2285c40d4c3286093b6f203f4bffddaab7417a4a7cb9352275afeaa56d076
SHA512a44c8579e13b3b30ab5363cd7db2ca8e1a61c3bd119a590942c4df0ac57254f37ac8e67993b42abf9d2f34304b30a9cca2f112e08fceeb99ec9846a3f0d48cff
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/evernote_jobs.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/evernote_jobs.db-walFilesize
32KB
MD56eaf59cab49f55c0d51fc77e80b9dfc8
SHA16ff5caa50021434131016237dcfeea73ade9587f
SHA25607616cfea3fac240e2a33eeef8bd60b3ff34d14f16d091b525b7ce9f98d916d9
SHA5124fd89e9c1ea37b638e61b597d86238c2d9ba164eee93776984b0e8b093ec9a98bea43a3278cbae07bd27bef725494200aa0c7395da2abc30144d8752a90cdca8
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD510145131f56364194ae21bcb0fda77ec
SHA197c3eec11303190b38c2a655ebbd72fd22c95520
SHA256acad4a018766b0837b81902ec7a66d14cd52d4ceb1d57e547d1552ada00f5cc0
SHA512807c02d873057ee00d2cb9faf01c71e1dbd7cb8ff079ffef9299013edb4445871b36b260d526a012df5864363256c6695c9dfaf905029f3a35f122ddaf981511
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD51fe68ddbd623c08cdac4133c153577ad
SHA1b06b36cd11f6185f0b339277d2ca4fabde4ae8e5
SHA256fb5f011382d94ac0278b1c27aadf2d4837da1f758ce0c209fc65331597fc92f0
SHA512db9e7d8fc163eda06ebe120b0e6ccc331f5623da4511cb6fcd3f68204b2cae3634d842d1f459fc91b9a709d2e78d5487c5ed73ce39a89e3eee3f273daf9f1154
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD54a9f1f16636eabb84083f0f4a1c48414
SHA1ea7568402246da12f2893a78adc868c0ce4478eb
SHA2567eec1bff856720856b2870eadc8eaca8e6125894768be12b0ab11f31fc8525d4
SHA5128fb45152fbf0729bd12d0db4ef03512de2ff173de620821b11a75a1cca779f5610c8efbf421e5798a4b339d9ed99cb6c43537b166fe760bda4533f0e83e9e734
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD5516189147a3ef9ccbe85189ed86e012c
SHA12dc21629ae994c5c481bf6f11be6bcafa4aed254
SHA2562cbbea93aa9ec84e04af22a91cc3a80765ba484bb32c9d7e349ae9731beefcf1
SHA5128adda87cae79775c1881b8c5ede220d6b593a6d201f1d3ef7ed6841083f7ad0c7648250bbcdae3f4a421620b2cc8d3fa22749363464caf3bd7f965e8220b8ab5
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD544693692da738db6eb133cf0e4cde91b
SHA1e6bda56494c325d8d37ad89552263ae85d9b0550
SHA2568fe0ac9db76d4a2dcd3b3d54c0efedcd223e25aabf716506493d50e243a7a2d4
SHA512b34ddfe1ae343b1b12f7029ae476a0ba8e1b4043ccb520afb412b3f71335ef679bf29723c9a5c00af7e922e9982d5b3af54b2ed779da8cb601f378e5b9d26be5
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.db-journalFilesize
512B
MD50109ca8c829ffe896d82023365475f5c
SHA10fa524d70309a8fb33c2229b1225da933b1677d3
SHA2569cc16b54421695c9d786dc49f5d2317f108d12ff5266886d105b6dba98ccc512
SHA51244f35eb7aac40675e4760177c81c9f2b61a87171570f5746edf223c9be73d18535e090c80826ba387dadab33ae03a94c9a862f02df135fca7664d90293d585d4
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.db-walFilesize
36KB
MD54944d27fddcafa130faaca2d1dc12cf3
SHA12fc571329583f479399fd6068d778f6b8039908f
SHA256ff43f1155fe1e76392a5b881c3aed04ba26d52958cdf8b393d74aefa8f26494a
SHA512929946571a815cbe8b9654dac3f3cb9b85ca73e5e2fe925747f0e6cbba419141845893106a9a2a715bbac9c5d38c180a2a12bb2940b5f863f1f2fe19a214ad40
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD598ae5a7de4f06f0c19fa3a8098c6d4b2
SHA1dab47ff623d5d3d3cca682b09a82f8ca80e0c6e2
SHA256a4bbea5c8b794e76a1854a38d6c63debe8a50a2d32f3d61a478d51a80c45af6f
SHA51266168977e59a2ed66c4959ee8ba76d0ea0e490a9fca60ef462a33f6ccf79b37374165f876f28919f2bf64c1e755c0bdf3058eaf126c3abb56c0937bc387d39f6
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD5e19465ffadf8ec2326488d1e782077c2
SHA109a68e8a860ed1b3bf7575ec207ad7eb9071f7a8
SHA256f375c4f54bb403f29e176af41b03374ace3bee434d6faa800a367f85fd215a16
SHA51266b05c93ed192a90d05c9b0dd2e439ebe2e6ee3be51b65eb609f50b943260f1ea7d55454969ae6907f1f9a1c0f8a9af2f9c3ba9c07adf09d6796560457b08ab2
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD5c01de8ac02db8e2193cfc6208bbbd23f
SHA15936e537e364530b0209279453acd28f4c6fc43c
SHA256a14f3e5e0886d96ffba7a633b8bbf12a381b6ac3e0266c74c7f11ac325e6dd83
SHA51263cc49a2f09814b0ee91eac82555ae4fcbc9998e436cfd1c37cf6af867d54b0b80c821fd38469231e21040cf45372ed775c9fa9708e3d7e3c58f0b98fe681429
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD5a25f74ff33e41d8b7f0e586a01d77a55
SHA1cd1c1931473c151388a442416eb8b96defab6a86
SHA256cfdd3d35a0205be524cc8cb512f692a6afdd95b91e23430fea7c4f20cbea27cb
SHA512c65f477660335bc9edccbdbd78a75a70f574e55dea1a18da8950caff6484978ad19a6238b2c20e092371d4761a95f40d9389d6d5667a4d269503945c20e6a6f4
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD5cf2fbbb8d5b25b66d32535298ec1864a
SHA1f2996adba2d3e63c9b7019bc890db536d1a7c023
SHA25673929ee7d24ddd244e159d41906f45eabb07ed6d605afb488bc2d1e035654e3e
SHA512348997feca25cbdc5d06ae30792d13b6312254ad63672bd8ef483e0a9aee668953eb63eb496e2e28f6b9c8fa69c2eba98395823801241c7c220c429ea86945cf
-
/data/data/com.glutenfreegames.ultimatejunglesimulator.hack/no_backup/com.google.InstanceId.propertiesFilesize
2KB
MD526547cdb8bc8e0382d5710d86c597d79
SHA17d5e3d09d45bd83b470bb183b1d134f31615c254
SHA256047d074b7367eb0af7fbaff5ec42a85491f5463ab2767f44a518db115d35fd22
SHA5127372608f7fed5def06a81c397b90bb5cac1c812b56c499d62994eaeda15afd3ff235e43a0675fdcca4532daf6cbf4f14768cb5166ad50b89293528a2b60c10ce