Overview

overview

8

Static

static

6

minecraft-...02.apk

android-10-x64

minecraft-...02.apk

android-11-x64

8

minecraft-...02.apk

android-13-x64

minecraft-...02.apk

android-9-x86

8

Analysis

  • max time kernel
    84s
  • max time network
    190s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    24-05-2024 05:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    minecraft-1-16-40-02.apk

  • Size

    94.6MB

  • MD5

    8b5d2d28bd5505e103a236cd88a38843

  • SHA1

    905ce11f18aa6255b9db62e380c7b8d325ed992a

  • SHA256

    cbae5ed2fe96e2a857c79068421a0734275410769f2468be2883e51a12a8153d

  • SHA512

    24d1880a1c6b9d4b2ef8bbfe09cb6ad623d0aa00cbc725e7d3b27518a05bcff23723d9199849f032382e60f45186b57cd92426f3a2ab5709267cc8f8365eb527

  • SSDEEP

    1572864:JIWt3uIAdW5pkmIujwriEK47/gIPqPecT/3wGRJxOC1nYv5NW9k1nzplC3HPgOn6:JNkIAde2m2iEZBPqPecT/3wSxOC1nsdB

Score
8/10
collectiondiscoveryevasion

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

    collection
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion

Processes

  • com.mojang.minecraftpe
    1⤵
    • Checks if the Android device is rooted.
    • Checks CPU information
    • Queries account information for other applications stored on the device
    • Queries information about running processes on the device
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4564

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.mojang.minecraftpe/games/com.mojang/minecraftpe/external_servers.txt
    Filesize

    183B

    MD5

    4156132439a386e889ef1cc999c4114d

    SHA1

    88a75c5ccafd7ea65f92ce34f590fa7b10fb79e3

    SHA256

    e9390b3110572436f51636a2c1be6969222afbd860699ea2ae2677304dd3529b

    SHA512

    0f5be1d89137aedcef650d0fe73b3c81d72c1da8f50b30f2ad1a35fdad73a248bc17728d77e81ec3a3c6e3e2b69b10344e8971eddab2c637ada49babadc1bbb2

    Download Submit

  • /data/user/0/com.mojang.minecraftpe/shared_prefs/com.mojang.minecraftpe_preferences.xml
    Filesize

    300B

    MD5

    3a972c7a0c293f8aaa2cc2d629a38441

    SHA1

    4d0eac7071921843ad4ee9624fa565e22cecb0cb

    SHA256

    ff9b6155af59fe8222fae20bc9fb4bf6d6454057ff66b4b7fc02c2de5fbb6e30

    SHA512

    68007ae49d5bf4b58c7afccba5d1befb7adb60f1c4676acf6085e13daadd6955dfdf43cd93a4d2001b53e43b8c003d6eaa422885934dc96803b6d805a9b65870

    Download Submit

  • socket:[73131]
    Filesize

    34B

    MD5

    1e636686eaabc12741c484bff7b87ddf

    SHA1

    acd440e521d23bc2a9efa7449deedeeec1f579e5

    SHA256

    62997d84140b4eabe3031980ea1b3bc74b7c387520ee5f87b2db0797ccfa0346

    SHA512

    3feb416518da0e729d2ae61efa118472621a3b3be5200b861420bb3a1c59d38f06e775e92d96ea854d4abbab75e7953105f3ba25716fbf48750def43363bb357

    Download Submit

  • socket:[74999]
    Filesize

    43B

    MD5

    c5786fa93a5dfa75ca902b36e13181eb

    SHA1

    3fb6b0fdcf6cd37671d7344f4c8fb10995c24728

    SHA256

    c3159e4e70a15fbb71b88a961d79f7a4d484e7ec34e08e20caab23728e5d7cec

    SHA512

    7595e36a09fa567287b998889f1c33f519f6a73fc9fc9ffcecebc47ab55ead10b1b26238bb2b2d50c8ccf9aa1817dd3e50230bac50451ed14b187423dc240c6b

    Download Submit

  • socket:[75941]
    Filesize

    50B

    MD5

    6aff0f7c139ce4711faae4c14bddc5a4

    SHA1

    85e99dc5db15ec5fdf0cff26cf55c772d06029e7

    SHA256

    8a692aaea92dd727efeea43dfdb0f68f7d1daf9bfe1e6010b39e12b74b4ca608

    SHA512

    3c39f8ed201a6888e74bdd72aa24ec0eb71148c17f1dddd3cdaae487145ebd4fd8dc906c9f332e14515a5b3728366969b3c5a0ee7c93674c239f53eeb1c862d6

    Download Submit

  • socket:[77637]
    Filesize

    43B

    MD5

    a4484775dd837ea29beb50bc506a9082

    SHA1

    aebd2dc8451abf4ec36309a6acaf1ece71667a37

    SHA256

    f1090aad31ba9d15fbf3b638b3a79058106741f237b2eec8ad9304d886ee23de

    SHA512

    e859352f7e25adc3e87f8269eb73469087b7d68461bffd93e9b46baa232a06f1cecf13383a25d0bb00be1921fc439a7d1f682dde2b17f1c00fc96e26dcee1554

    Download Submit

  • socket:[77984]
    Filesize

    46B

    MD5

    ba9b275099e796d0010cbcdeb1126d51

    SHA1

    4e3b3c2dddc6f20d45b0fc9d1d835ef560cef280

    SHA256

    fea86f797709b6854fbd61ff4568bc59be3a807dd06e4d6c96c7edc7b1b4a3af

    SHA512

    a158dfa4d230113c9f765702878ca049e874e1e33cf52c0538865f44575bf80748e80ad1fbdb1b19d9237ab40618ecb205bc027d1bd4a42924332301e828a7e0

    Download Submit

  • socket:[82681]
    Filesize

    58B

    MD5

    9100ff5389bbd376ce21e1e51bffbcf3

    SHA1

    d6d54eb96ce1392729ff21190db7e5825f157aa2

    SHA256

    66e5e8c2b00848339f65a45ba4c6b57516a6e083899dd56b3b34f2004bb913b8

    SHA512

    6389c3e07f2a6549130b9a7c8e337f7ff59e39cf37e726c1db8d802c5c2837d0ff901caa4fa7fa531017e8403322b80bb903f328f7dc17d50c4c60c221107fa8

    Download Submit

  • socket:[84263]
    Filesize

    58B

    MD5

    29dfc0765ef058eaf7a74d8d6f0e582c

    SHA1

    06914108f8d9422456be827545c759840b75d005

    SHA256

    0ff387417287049468eeb514960d1495fe1cdd1692d7de6c3ee6c957285506f2

    SHA512

    6fd749f7ead485c762a505ab23a47763f04892ed982de235a94f770f1e7499c4e7b3e567c30af7a224b0f83f2d5ece7a9c313190382c7b6f47cc9d78ff0f2d43

    Download Submit

  • socket:[96061]
    Filesize

    58B

    MD5

    09c7df4dbf3833b4c7765a5bad095c66

    SHA1

    23c057217d3f054864d18651d466985f61e1923f

    SHA256

    8f525664d961705623fce2039f97f619284fe44310ff98caf7c344338b8e105a

    SHA512

    4dcbb9e8e1039b3bb41b469b995cf31526ae6935b6f44dadc2e43173cd0c57f4460770e99fd3007551e17ea3dbddbf5c5bfd0eb63142da8ce6b60086d12be1d6

    Download Submit