2a508361766d99e7855308851841046f34e373ecd3e4ca092301dd28ded9766e

Analysis

max time kernel
24s
max time network
129s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 21:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68a43ab8387c5ed0d4a9bfd89d2e18af_JaffaCakes118.apk
Size

21.4MB
MD5

68a43ab8387c5ed0d4a9bfd89d2e18af
SHA1

9b9ddd583cb7c2dd392905f3aac0c899ead24578
SHA256

2a508361766d99e7855308851841046f34e373ecd3e4ca092301dd28ded9766e
SHA512

109c216e0133ba9ee98a7ef69c0bb84e3479169ff8a034f5556bd9b44b1a3fbf264c17bb06516e0bb828f3b9341f30b38b308f670890d39cd0e61ec0d01ec29f
SSDEEP

393216:4CR09tbib9GSrS4KjBeCFJyDk76ULw796Um14Xn6Xj/4uoVwCv5q/u18yjV2:4CR09tbibUSrClTIULWXEMVwW5qW13jk

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs
evasion

System Information Discovery
T1426

Processes:

com.onetongames.kingofthehill

ioc process

/system/app/Superuser.apk com.onetongames.kingofthehill
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.onetongames.kingofthehill

description ioc process

File opened for read /proc/cpuinfo com.onetongames.kingofthehill
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.onetongames.kingofthehill

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.onetongames.kingofthehill
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.onetongames.kingofthehill

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.onetongames.kingofthehill

ioc	process
/system/app/Superuser.apk	com.onetongames.kingofthehill

description	ioc	process
File opened for read	/proc/cpuinfo	com.onetongames.kingofthehill

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.onetongames.kingofthehill

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.onetongames.kingofthehill

com.onetongames.kingofthehill
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4313

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.onetongames.kingofthehill/databases/DownloadsDB
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.onetongames.kingofthehill/databases/DownloadsDB-journal
Filesize
512B

MD5
d86b95986f035ff39df9b034ef4bad24

SHA1
e5e7ac8f6f9a792559ec0125964fc7829d1b4cdc

SHA256
932772082481747c4dab85e84c1f78e454014b3a370345852c7a21fc7ba895bc

SHA512
9790385e0e304749b2c9cdbe96586067c69efee985165c8bd88f559a8dc1e1367093627d42b46c1855c5bd25beb62d5cbb295e6ae5678083d207e0f21c529570

Download Submit
/data/data/com.onetongames.kingofthehill/databases/DownloadsDB-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.onetongames.kingofthehill/databases/DownloadsDB-wal
Filesize
40KB

MD5
a75112ac18bb0edd86719d8a85dc34fa

SHA1
ea3bc5780d790436310ef196a1ce185769f3f783

SHA256
95b2625ceb7d9014b0fd91bf94df2694c028e203b88b60d55f49f4d38e7d1334

SHA512
ffc30c15d4a5ae8c1110c5244f0f95629c99c01bcf44332c8853ac8282f849e613ae394a40c05e6ae8f662cce847c542714c78fb970e42b325eb97b22d889819

Download Submit
/data/data/com.onetongames.kingofthehill/files/AppEventsLogger.persistedevents
Filesize
403B

MD5
33af13c79730e153fa32ead0db08e512

SHA1
52d22fa2226a28be3b0f76763538b5f9316700b4

SHA256
32a983145276a3f3daf4ab52f108057f382e9084bbaf701260d0418d789127fb

SHA512
f0f50cab73dd308510a07b2d40d4ea9c2b38e916b98c3b5165698e5a70dd376e9a6729996f3fdaafe8f0a225bd907714cb16080e9a795dcf5722993f136dd2f2

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/ArchivedEvents/171641209700000.a1fac9df/e
Filesize
63B

MD5
b1ade89fe78ea9a166fad8edcb2d3309

SHA1
441615858e1453bd071fc97a5822a8b5798b3cdd

SHA256
a5677a9c33289ba13f9c6ccc75b5f119914dd2361badd668c59c89c3c3e7cf76

SHA512
ec50af35c04605d1c17edc6800dc7998cb7eee8a48dfde9cb51747ca1de7000effec72e23e252695787cd042ea97e1227081f25732af94381ff9c7e9c8798cfa

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/ArchivedEvents/171641209700000.a1fac9df/g
Filesize
1B

MD5
c81e728d9d4c2f636f067f89cc14862c

SHA1
da4b9237bacccdf19c0760cab7aec4a8359010b0

SHA256
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

SHA512
40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/ArchivedEvents/171641209700000.a1fac9df/s
Filesize
334B

MD5
c2ecd6317afc5edfb896846a844908a3

SHA1
28802cf4dce884b0322dce0d80726de42a60d844

SHA256
d8e57772547b80e971c75e2c9fec57a636910d31f8f4a6792ac7e78a630e3402

SHA512
e9aae424655767a4329969ba3fe098c881c5c4c23afb9e6270c3acf5fb769cad37b08a22650465caf32f0bdfcacc8a1c55bd62ae1d01ab23eb57782a4a306874

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/ArchivedEvents/171641209700001.a1fac9df/e
Filesize
105B

MD5
3bee73e270765b8abd2375be2bf9b826

SHA1
5f7cb76fd2847b557e298a28fdfddfddeda049ee

SHA256
777709325dc540c9b421c7363ad9ce11ab83417058b4a8245d86d8b07e42cc2b

SHA512
474b977f4404630c4b9a994aff4e1d89a04a3dfadda5ce039c7ac9986bf681abf9ab366b1b80a364dca04f97d34971a12b07af8ebc0fe9652d36e9afbbbdd28c

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/ArchivedEvents/171641209700002.a1fac9df/e
Filesize
1011B

MD5
6e0dda671ae1678605585b56c2ec2953

SHA1
f37db80dfb3608cc7859589ef95adb8111cda991

SHA256
4790c99068eb5ff5fb1a939740a02efefafc6d2a6cb64533fd5437dedffeb35b

SHA512
5d7ee820920f00b88cdbf4f150d85ccb58429b23ad246a2c5a594be87aa05280682542a0de4c49bbc0e4ca2b166015afa2b15d66e671f40882ab1fbca9afa0af

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/ArchivedEvents/171641209700002.a1fac9df/e
Filesize
1KB

MD5
f1512eb987051e8ac46b0c6263c1fd7e

SHA1
4048643070d644e2dba5a053c65c2c7e093b74e2

SHA256
2f4e8f389f4deb22bc0b76a6cdd0a610ca6cf42eac8085210afe55d71b46e9c3

SHA512
0dccabd510a920685432c0e479edd33676b626ae7cccd75544a077c0befe88c93602483e71fbfde4566f9f98b4182b25f7bfe53a9aa134cefa66af28779b3baa

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/ArchivedEvents/171641209700002.a1fac9df/e
Filesize
1KB

MD5
c34fd17d9bf9343fb30f0479b62b2a76

SHA1
544b3c1df4497e9f78a4c4f480daaf657cc8111b

SHA256
2dd8d8d0c8bb98e59d52b67c96c10ee8face0f7b4de754d4c5482eed3760c85b

SHA512
27e8387aca2ccccac62bebeea3dbffcc83fa0367ec6b5499e34d108898e7bb459824c4e07df0d42314a88a11471aa34390232b62207e97ac900a58903654b76a

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/ArchivedEvents/171641209700003.a1fac9df/e
Filesize
474B

MD5
1ca71fea86559a34d3013e5a9ab2a438

SHA1
3fed3f9288adaeeaf4c3d8c6d59ed59ae000f6d5

SHA256
e639e3defaa7ae1735b247b6d60ff0af7c8961a4b0ec9b57d09e3212e93d8960

SHA512
9f30d2994c5ad0ab7f28161907300ab588b31719420b45b490df165f874a876d73409b9a3a09695938cdce2377e79b8b1358354736cdda03810cf811450f9f25

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/config
Filesize
293B

MD5
8673a8ac0b06a9d056d08d62f857ba4b

SHA1
a351bea1932270bafbe468584058fef20dcfc31e

SHA256
83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96

SHA512
edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/Unity/f4a44168-1b7d-4e6f-804e-3b99089d45e4/Analytics/values
Filesize
152B

MD5
59f81caab3cad22afb77e2f8a45b330e

SHA1
38431e29d0bb0ce046e49a57faf8bac61823f103

SHA256
296e2102552078a689096b5c388c7f01b817c12428afd6f524d785dd0ee884b5

SHA512
e2f599dae54e5cc9900f5a43cd04b5597c063bdada5decae58d061efa4b51e2c5841296dba40cd52324b62dbc494efe3b0752925820ecf5120553e40137731e5

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/Metadata/global-metadata.dat
Filesize
5.8MB

MD5
2fc84b88e9adddddb9e60b6330d9f144

SHA1
ef70ed2210454a874ff596956919f50c8c7d13e5

SHA256
e575637c82639acc33f695f7655c7dea86a91f0939bca820eb7f329ebbfd57d4

SHA512
9abbdd1bb0f50fecdd0e602b1da353832646093a31ccc3e8da6ff6b1253943203eb9bc0598d1660e39b193b67edd4786a9fc52ff4577cb26f7604cea99d42a37

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/Resources/System.dll-resources.dat
Filesize
53KB

MD5
2c05e9758f84d7925a8ce0a27a43a66a

SHA1
4a94bc6cc52ef62baf32634dbc2726d1d427d7c9

SHA256
0a1ea11a162d65135b767e3ac58989912fdd45019ee091fc3c8398850f392a75

SHA512
4976b118854898fb7e5ab244442389f7723086b64686c0828505073d87f74d84bb2f44cf39c6dbdfed5dfce7540a9a9dccd3d206ae2b0d06b77d1e9e19263d74

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/Resources/mscorlib.dll-resources.dat
Filesize
329KB

MD5
21d06dbc8af6432b2b49536ed30609af

SHA1
11a1c0e2ab2f8c06fe4507535ed47e0dd279a60d

SHA256
c5baa176a5b72cd545266340e42102d393a5e43d38c95796bc828918bb95277f

SHA512
2971f54eaa14c3ce6e2352e5a1aea5b044f0894bf4eac92de8cd92515b6473b5ca56ebfcad4369a9d4935cbefea2540a83f332fd4d832c37768310e8776ceb5e

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/SymbolMap-ARMv7
Filesize
748KB

MD5
221b60d2118d087c96b52ed0e5475465

SHA1
de637237660cb15efb890418a79f6b8a997c8b28

SHA256
ddaa2719ac9e62851c12b6dd4c333782e595eaa4b118d83f8e4f8e695b60bb50

SHA512
d0dd54298e2e23bae187e7f25c17c2bdff1702d1962322608de9a85ffad3f803b2ddb27f78ca459b718d530832d8bd6ddc3c195c728acc6167d33567f55bdabe

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/SymbolMap-x86
Filesize
753KB

MD5
4907ce24ae1de64a05fa2623a328598d

SHA1
8ed701a63127a7d8ba1f45bf50c904b591bc37b3

SHA256
1e377492fea35f836df7353f9efd1b428d82ee9d460a1427858c830240d8197a

SHA512
e8948673bcfd0201c6a15c8890bf0188d579fd95a53981f8bfbb681351b87319d72f0030843992bb16235b50299f6f291e43335e214c3786475f655134815106

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/1.0/DefaultWsdlHelpGenerator.aspx
Filesize
56KB

MD5
66fed2411c14a0fc8ce4c593ef601bfb

SHA1
4680a34aae1193f1e4a6aac1a5dd3c307de257fb

SHA256
d87d5196b2ae2abf4e673315e1fd22c3a44df80192f23e89b78108579c287524

SHA512
331874a9956c87db0646e4d21937a88009804a59fdf5f5882ea5b1dfb7dd7ef17724e09877d98f52e7327bbf38a46dde0c54d5c85f1e860b88322bdfad64679d

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/1.0/machine.config
Filesize
16KB

MD5
4bad452a2ffc4c6f982e2f43fb44f6b9

SHA1
4445d53dc755ca2f977b01bf9d77357b3dfb0cc7

SHA256
eded908c507a7a230ee7ad3146d8893cf140638e6eaeab58bff05c95c2f3a7e3

SHA512
1611968d2c19f3c9472a43d692a4451fd140dec1d6d5da6b819d33e62936f1d69d69e65c13b893158aacf985093bd7167f50d9c80c0789a79303fe66a9ad956c

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/2.0/Browsers/Compat.browser
Filesize
1KB

MD5
0d831c1264b5b32a39fa347de368fe48

SHA1
187dff516f9448e63ea5078190b3347922c4b3eb

SHA256
8a1082057ac5681dcd4e9c227ed7fb8eb42ac1618963b5de3b65739dd77e2741

SHA512
4b7549eda1f8ed2c4533d056b62ca5030445393f9c6003e5ee47301ff7f44b4bd5022b74d54f571aa890b6e4593c6eded1a881500ac5ba2a720dc0ff280300af

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/2.0/DefaultWsdlHelpGenerator.aspx
Filesize
59KB

MD5
3b3452c399f27a24ea5a589c7bfe750b

SHA1
b06cb1d09ad3bbdf1d8214c910e3da2a228d113c

SHA256
ae044cd9cc2c7c42f8864195125ab440472d657e5f0d55e131f7890bd45c518a

SHA512
41c099350159e942be8bc04c8f59c7fb0fd4bd99db46f1c0158f0fa053c08ae0c73e9d169f6816b77376283cce5beafdcfe5d3d5e3b98e8b358d67c34b954a04

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/2.0/machine.config
Filesize
26KB

MD5
433d143955ab359dff61c0bff982a176

SHA1
7eab623c58d853d733c0a5e586a47e09c4e3efdb

SHA256
531d0d5bc30466a8a7ea6c032639721d7f16aab57c9701ef0afab5fdb432792f

SHA512
914e7043806fcc2788dbe388f94a2c9cbc6b0d5eae59609ee411a4815926d879b05ba8f338ee07b88e95a44304ebc9cbefa19a948fa52ffc0f786957c9729c39

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/2.0/settings.map
Filesize
2KB

MD5
55dac562878b7dd98ee8a7ad203a26e6

SHA1
d16baa15e7d3042bcf9d7318209c696f4daf2cb0

SHA256
ca89036b7d7f1ae9311a6a2fbcf05fc5b997bd43fd21dd54e11c18018ef65f08

SHA512
987c5cd86a9825953de670e5c15404694feb15cd5fa9afa8af4c2d5bda9d805839c9695d44122b32e0ffafe08d720c3df58000e89c8822fd9a5eb28eaf2ad478

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/2.0/web.config
Filesize
11KB

MD5
2b6303c4f12762b71051db6e947f90a4

SHA1
a4d7e05516f63d6ab67327b299d4fb2852cb840b

SHA256
3c1a76a5849074b437d297656a208a3bef6d84b982153542b9c797046c601dfc

SHA512
80f5da60654e1851ef21526e434b32d94e18883a08bacbbaa0e1f85b80469c46510b6ddb9b429f16cc4be89c6f2bb2627bbae9cb1d0c7e45b665efb7721c6d86

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/browscap.ini
Filesize
304KB

MD5
378be809df7d15aac75a175693e25fbb

SHA1
2d5454e161de8a5b65910f27bd70d9d0ad8fa476

SHA256
4ddd50f31fb968f30bedefc253a46dc3f2890192d05cdaa9e0a64a056eee807e

SHA512
d0d181e806cbd2c016eb0a8786f7d9db877463eaac0195db4e891be111c9ed87491a1abcfa0d9ed7c2743e004e1f4a3f4789333d0b535e63358c672ae833c363

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/config
Filesize
1KB

MD5
f95c345c1c53b820487f6b72e62d5485

SHA1
957e4e50e74c50347af92abf240c2c7aab3f3f79

SHA256
b585c70c70c88b3e03489361558f5d711c2ef71df9baaf37d92dbf95fbf6cd92

SHA512
6b06434d07ee51be064a3efdca65b73e6c8e7560b43fb61633b08c7d2a0d792fe0670e57088c1dabd23929e0b7f7a27f65f503f2b640587042c8bbe98946368b

Download Submit
/storage/emulated/0/Android/data/com.onetongames.kingofthehill/files/il2cpp/etc/mono/mconfig/config.xml
Filesize
25KB

MD5
f34b330f20dce1bdcce9058fca287099

SHA1
936520d5bb5c00a1985d7a4c4f0ef763a9031862

SHA256
0c56e34c69124510fa8c19e7b4c2ca6c1c4ff460ae19f798dd0ca035809e396d

SHA512
d6d4a8321eb44c117755a41a2590296be86a0568d27a5347f9d7f32f2d151d8f7e169675c83faed2dab5ad0f8d81858f8cd1167e439cd4bff7e68c243e3544fd

Download Submit