0b4e810cc2851db1088c9af45e21a64be17cef9b2bd86020458fd3c798bb1aae

Analysis

max time kernel
19s
max time network
139s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24-05-2024 06:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6d952345be765766e2d62cd1a542a363_JaffaCakes118.apk
Size

8.2MB
MD5

6d952345be765766e2d62cd1a542a363
SHA1

f0cc0c0c1aed5ad4052524b336ca6ae8eee3b324
SHA256

0b4e810cc2851db1088c9af45e21a64be17cef9b2bd86020458fd3c798bb1aae
SHA512

f7c93321a8b17ecaa45c6b430369753c7ec559d122f7dac5af37f37ba173b3191eac6cca3576c3133a619029d26c0d9673e5c6a2adbce66a47855665ece45d8e
SSDEEP

196608:PC1isSA8N9jXU9QyhPAnA85ApfF54UgyJTiAX:JckjEGyIA7pbHGy

Score

8^/10

collection discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.jrtstudio.AnotherMusicPlayer

ioc process

/system/app/Superuser.apk com.jrtstudio.AnotherMusicPlayer
/system/xbin/su com.jrtstudio.AnotherMusicPlayer
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.jrtstudio.AnotherMusicPlayer

description ioc process

File opened for read /proc/meminfo com.jrtstudio.AnotherMusicPlayer
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
evasion persistence

T1541

Processes:

com.jrtstudio.AnotherMusicPlayer

description ioc process

Framework service call android.app.IActivityManager.setServiceForeground com.jrtstudio.AnotherMusicPlayer
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
collection

T1409

Processes:

com.jrtstudio.AnotherMusicPlayer

description ioc process

Framework service call android.accounts.IAccountManager.getAccountsAsUser com.jrtstudio.AnotherMusicPlayer
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.jrtstudio.AnotherMusicPlayer

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.jrtstudio.AnotherMusicPlayer
Acquires the wake lock 1 IoCs

Processes:

com.jrtstudio.AnotherMusicPlayer

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.jrtstudio.AnotherMusicPlayer
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.jrtstudio.AnotherMusicPlayer

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.jrtstudio.AnotherMusicPlayer
Checks the presence of a debugger
evasion
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.jrtstudio.AnotherMusicPlayer

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.jrtstudio.AnotherMusicPlayer

ioc	process
/system/app/Superuser.apk	com.jrtstudio.AnotherMusicPlayer
/system/xbin/su	com.jrtstudio.AnotherMusicPlayer

description	ioc	process
File opened for read	/proc/meminfo	com.jrtstudio.AnotherMusicPlayer

description	ioc	process
Framework service call	android.app.IActivityManager.setServiceForeground	com.jrtstudio.AnotherMusicPlayer

description	ioc	process
Framework service call	android.accounts.IAccountManager.getAccountsAsUser	com.jrtstudio.AnotherMusicPlayer

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.jrtstudio.AnotherMusicPlayer

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.jrtstudio.AnotherMusicPlayer

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jrtstudio.AnotherMusicPlayer

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.jrtstudio.AnotherMusicPlayer

com.jrtstudio.AnotherMusicPlayer
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Makes use of the framework's foreground persistence service
- Queries account information for other applications stored on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4265

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jrtstudio.AnotherMusicPlayer/app_google_tagmanager/resource_GTM-WW3TPG
Filesize
2KB

MD5
e6292eaee3f8a3afd6bbafff8a0d2fb2

SHA1
f1178d93122f8722cfd2c06f092ba07ff946f13f

SHA256
88a9cb81be15f2be3e50694ee6ae4413dfce32fa606b5312b9d1d7073c83b2c4

SHA512
6f79e0c14899b96a958243e6ea08713b85cff9cafbe265d0f764b29a850621e41d64602b1c99afd1d498aa5c5211b55bdb1c60c1c1f9fb4f202f03ca4cb75d4c

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/app_google_tagmanager/resource_GTM-WW3TPG
Filesize
2KB

MD5
52b04b02296ca73ef5c0b63024961b62

SHA1
6830665d808f6006528b9885bda31b3833a37be7

SHA256
ddf09d9e151ae65ef235a1edaf66c586c96fb02ff74fd04f45af60c183eae3db

SHA512
8992ac6e7641a474c4290a1731a766165c5a77297c54d6529812fc35dfcad0d086f50cab2b0c5a0ba5c80b736e9ec262ba9209787cd2bc15e370628a98cd8bce

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/cache/Log.txt
Filesize
5KB

MD5
12e3034364c94ec519f3c109de0d15e5

SHA1
2b99becdf2e7d3d84b44659aa47b4442d8624e74

SHA256
dd09baa6001ea404d530eec38a498280cd1f808f8cb9b5fa2276e30387a9563d

SHA512
213461303034fb61edce9a767678d6548b477c2f65e533ee1e0e367acd6fcbd08a0ca2248f4fe1e210d72013668d1e4cf12123bd4d2e6f837fe01cabfb039f90

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/databases/google_tagmanager.db
Filesize
20KB

MD5
5c0157f7bab02442289883c5db928a8b

SHA1
9023da3e899e1290d9dcdd0d84270180a615be19

SHA256
e061da032ed90676ebe9dfe4900f2c50d7a1c0eb5b9c55df1634f20a744153c7

SHA512
9e3730815a67f6c138faff4c159927785658ec4608d337a2e3f4a7c8db26f911b1f4a01d9f90f958c378bd88cd9185814fe5951d6a045ae3c32ba2b88d28932d

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/databases/google_tagmanager.db-journal
Filesize
512B

MD5
4d3e4ad29db4ae3c2933a011cdb23fe0

SHA1
eaf345b052418d172802686c04c4ed1830024752

SHA256
e12f5f3450a89bdc8ea0c0ddb20c1b41619238e012bc7cbed1e1451bbabc2a67

SHA512
f6300794bc2bfb08d3add81f5615d9b798e54ab6a56bc1e8f2a240352de838c806be97527b03b910e50fc93fe88214adecf376032c6d2afefff685c13b2934ac

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/databases/google_tagmanager.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/databases/google_tagmanager.db-wal
Filesize
36KB

MD5
7a70ce5917a8801ebd707c010de1145b

SHA1
894b4784e435ed718180ad7d2a729b2ac2d14ea6

SHA256
20ee8225a2b9bed3aff6ab2633bb788f1632112e27625e093c3bf850642d655b

SHA512
642395c125f5285d9da823e5484dcdfc52d84982c7c451aeab089b155671e2d11c3164e687ba7d73dd40bd054c647272adec1b76bb61214fe957a003ae7d7a60

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/.TwitterSdk/v/com.crashlytics.sdk.android/6650320B01D9-0001-10A9-1EE1D17F5610BeginSession.cls_temp
Filesize
78B

MD5
1c59e16f0fc8de3cb69fc42054bdd4c8

SHA1
b695c08d3077b2a90bc6a8f08f424b8cf22688a5

SHA256
59d5d3ed1529ff8631bce33828fa17d6aed6e26b014801fba36c8a53b0bd6cb8

SHA512
80e3502e9701852b84465fb1c2340aeee9c346d0177940629858c41961042d669440bd418110aae6d512f8ffa6b9bbd59f50d8658d5ff77fb70a2b747271f2a9

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/.TwitterSdk/v/com.crashlytics.sdk.android/6650320B01D9-0001-10A9-1EE1D17F5610SessionApp.cls_temp
Filesize
133B

MD5
dbec5f1f658b3e52184eb0e4398d6d57

SHA1
eee3a5498485f914972e1cf35a0b6fa0be29f98c

SHA256
419069dfa756164165ff696af0583b0d5cfffc99799aa1b04434de445fe9215a

SHA512
d304ceadcc62af48c236c56e51a20685da1105d9278387180b6c9cdc1f1eddedc8265a0f0b6a2356d3cf9352fe9a4d95231c7da9b7ae429f0bfb9fa03612703d

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/.TwitterSdk/v/com.crashlytics.sdk.android/6650320B01D9-0001-10A9-1EE1D17F5610SessionDevice.cls_temp
Filesize
101B

MD5
6bb8195c29133fd1e0e2a32fea87c4f5

SHA1
be0bc6cbcf0d8b755f64702739b5b3870220c2d9

SHA256
ffd6d0d367d849d76ad7674a2992f34e7a6335dd7224eef0ee6ee4de14910290

SHA512
4131f444637819eee9a1ebd6ee6995537ac0c1564b825b59922636ea037506970c349ba918c30af624493dcc47cd13cba381782c200d51c72d65ce38f69e2c9f

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/.TwitterSdk/v/com.crashlytics.sdk.android/6650320B01D9-0001-10A9-1EE1D17F5610SessionOS.cls_temp
Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/.TwitterSdk/v/com.crashlytics.sdk.android/session_analytics.tap
Filesize
855B

MD5
bac84a92e5772f526b4dcc9a9c2029ec

SHA1
b9427cd10a4c00e59f1967ac71e2a54cfa7d332f

SHA256
d1d6459c5d4abbff00ab44b101b6e44e388aaf6180128ee4e4852e09cca2ccbb

SHA512
dd71f7cab49638f2cbd65957d4d9ffbac427108fd3c07d31a3767f8bf5c2718c39fc3227b168c3f5a570cde577d6e96c33f59975b4996e8c6ec987d320e77ec7

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/.TwitterSdk/v/com.crashlytics.sdk.android/session_analytics.tap
Filesize
371B

MD5
0da4b9f5892c2994cd2c736c3d342fbf

SHA1
b9efb3b847e033689441aa83335c112955d676cc

SHA256
c44f248b8623c9b4402d6befe3523b247ac68c83bee4955f1a8ec636c44d5eb0

SHA512
9f2ff720af844fc0e393cc6faab4158ab7b5a973a804a0b3c6b4b7f01b3fd419d89595b7f4dc2f25cf8b57bc512b0b497321e824418abbc7b501687c9dad4eaf

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/.TwitterSdk/v/com.crashlytics.sdk.android/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/.TwitterSdk/v/com.crashlytics.sdk.android/session_analytics_to_send/sa_daba02e2-f605-4c4d-93a6-e9f69669c407_1716531723618.tap
Filesize
312B

MD5
43ec3dc5045509b9d0d36062692896d2

SHA1
1e24a985ab098e4d01dd8a530aa114e432a83142

SHA256
22660d48f0e0b34682559a7c56899668ed6a6b04d6b7d9cb42f00bf3ed6f3088

SHA512
20e5ded25c1a3fffdd55b440b8bdeb726e0c8cc80ad7b62f7251d233303b62f4ebd49d9dd920cf2a9ae8c537ee5bb66a4d92ea0316cdf440d256e26a821d1e7f

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/blob3.blob
Filesize
48KB

MD5
298986e32cbd1ea58bc5c8323096f2ff

SHA1
bb4b2fb042355c4eda82bd0c968b7dbbf38092cd

SHA256
f2652c31b88a16cd23a342ec1613ef2413f70b26b2bdd1443a48ec592f006277

SHA512
23f53e344ad6cde00e555b7ddf329f739071c7b7c91c3aabcd8a90f051b039e2c32267c55fb5c0af1e5148dd853fe1286d01f541c5e72f0162deb9dffcedd225

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/blob3.blob-journal
Filesize
512B

MD5
b555e6d6bd3eeb6fd0e6f08b59a8ab80

SHA1
0e8b53e62661c2ae0c67fb27cf894b6f757109ae

SHA256
85d9e89a61c9370f2c6aa1dd74209a5ddccdb6a5c62c1fd1cf41ba33ddba00ad

SHA512
accff3527b535475d8f9d01f0bdd2211056604ff1e5a3f494055e31add14ed5f2aa99252b6b1b9cd49d1ba7ec4c762878a11ed9c23b9d870efa1dd967da147de

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/blob3.blob-wal
Filesize
402KB

MD5
ea86323963ac101a3f3c6db535c8a858

SHA1
ba8c548e1456f0cbb557f4432419b975a95c68f1

SHA256
41998c84774d1b533dc3ae0f253553b0e2bcf9857a9f70c939c3e8f21f52bbed

SHA512
75bcb5c51a14481f948ba9a9c83544c0e4bee6f81a3d80c28c895eef5c572269da8089eba8ade69881727d4632d20d1c1e31b715387717b185ba35df8e412892

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/gaClientId
Filesize
36B

MD5
73291b8276dec22e52646493ee42515e

SHA1
880d0850d4a05f3200fbdf0dac52a19053687228

SHA256
bb3577d4b0844b2c934399859ef572d720c439235bf20f5bc134e97cf0d21f5b

SHA512
e62b550ad13eed95ffc528bf31ef9be6dc61718452cab2ade5c80c0d0a093eb02b58b1e3336dbbd1585a318e9b618b9494dedd999572230e29dd9fe683b7300a

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/gmae.ver
Filesize
4B

MD5
8f6543b1eb70c8ad778f8a35c5280aab

SHA1
80a16639fef3e46de2576260fade7372a5be5c8f

SHA256
99d7eb9a40541dea22649edd718c144dafed3b3ff91627ef5384fed36aeadb96

SHA512
b929c4808b5f8674ee7dc295e798a7541d30e684dad0d34c1bbf39d9bf26ba4e1b5e3ebfc40cb5af16c3617deac166be85c5572aa60422ca019ed11c14faf9d9

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/libgm_audioengine.so
Filesize
1.3MB

MD5
438ebf370614d81a417a8c5b25dc8f6d

SHA1
a2173b3d96343e4fc3f4cdccffbe04abdd1a0dc4

SHA256
34935e6b6e313d090e59fd3481121d448f774758ef1c9bbdac596cfbf7e2baf5

SHA512
34b87320fcb55d4583179891840cd53ec3d1ff535e76317be7bab6f603d27c3a675eb5dd07527b0b653966bc79bbab0c6215fbd70f55b552cb7ae5420d4e1ad0

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/libgm_ffmpeg.so
Filesize
912KB

MD5
7ffffc119e4004c5007467b0f1a70b5e

SHA1
3d8df43a59d5e0c9f1e9232cc78091437851c499

SHA256
e7b41cf73150469151bf91c17a1b73a17636ef06e2bfbc259f507f4bdc3c1540

SHA512
06775639cf4f6fce06a211dfb36d54200bb7ec4d16674303a81f5ae8a94b48aa36aafb2bcb6b6992f4f82d21e67707d1062d6138e6495e273f35a61b8f8a253b

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/libgm_sles.so
Filesize
37KB

MD5
1175c6d6d7a6e3e6095c946c4f4a7d34

SHA1
c75175289cac1ea4c2f263f028dc705ab93c2263

SHA256
f070d1118cc746732a0a06d443ba9ffa932c3024ab24fec48c7b55789fd9e29c

SHA512
e58092bbcfeab2c31f21485d8a65693ff1af4a7cbc1984820f62f3fa6b0b6cca085139a5a44a62bfb494c9396aa4d3e48a3488f67103c7811f5ff568054ec307

Download Submit
/data/data/com.jrtstudio.AnotherMusicPlayer/files/libgm_tempofilter.so
Filesize
45KB

MD5
d5dc51b428cddfe682c4148cf6a87d5d

SHA1
92d96cedda3a59b426e5b1a4d1bb5c58a1313e71

SHA256
ac5b94c4eb75755f2caabac130b184982f5a3b458dd43beffe3d384acb8e8e93

SHA512
04c60cd9f5a859904d65c0a1d11f7c05ac942ac9e240795116a99ec98a772e429d5f46e6ef77a9f4e5b6296c138bac90406d6df9fb33d532f83cd1cc74a43958

Download Submit
/storage/emulated/0/RocketPlayer/LiveLists.tmp.xml
Filesize
272B

MD5
1bb911bc029b54f5493103ff0fb5b069

SHA1
22a59ec455b6d7fbe81478af410614da1b9ba286

SHA256
7f042df60e03239ea892bd829c6fdbff738da2094f6591cfb33725b1d4b80d71

SHA512
487086cf96d22dcccedd79f73994cc4b4675027e85eb67cb6adfef9e64dc5d0441f2837f70c6280db16a579d92abfe8cf72111a8da3c24bdfe9c2387123c2639

Download Submit
/storage/emulated/0/RocketPlayer/LiveLists.tmp.xml
Filesize
482B

MD5
eac753820b0e7ad76f328bf6a25cc9dc

SHA1
4909ffd2e988d3846af839beeefb88777e4a74ca

SHA256
c60053283a487a4cb86e4c405f68b48979c3e918e701830de3e95c8065da8389

SHA512
def7980e01f80c1c2376a85782e9a622da7530a3d8d836a605233d0f75c483b72b7f6ede0e8cf6fa955893b08085f574a8ce88d4c133e0503fb35023289ea10d

Download Submit
/storage/emulated/0/RocketPlayer/LiveLists.tmp.xml
Filesize
690B

MD5
b83c6b7c0f0c9a84972c4bae581eea01

SHA1
5756c59995ea9d9683d1ff9267dd3687dc197106

SHA256
51a9fb70c88f1356bb73609b7b8db2bd09c29462e7d1332db72a3eab83446225

SHA512
68e1de83dcff8117330e3fed6352410e290f746bd38e27371ff09696ceff594c31d66f3828856508d4c8a8c4b098f184ef4341f0f99846bb3babb9b6143ab233

Download Submit
/storage/emulated/0/RocketPlayer/livelists.xml
Filesize
69B

MD5
7a21e9f4c898779bc2b06418a391831c

SHA1
ab9c84cb9f7e516c677e7d5f06bb50694058271e

SHA256
1e5ea7316ca7ab84502b0e566cb07584d05e11f58218fe01e656136d04eb6ab0

SHA512
3bf249288dd556d1c23ce680f102a54ea4619f4cf313c19bd6f2e249cf9dd85220a822c43d48aa1b03963534196bfd619f1526ef6032e61bcca1b04ce39b120f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads