Analysis
-
max time kernel
47s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
25-05-2024 14:20
General
-
Target
723ee5b451a7bac1036f6937aba08fb8_JaffaCakes118.apk
-
Size
6.2MB
-
MD5
723ee5b451a7bac1036f6937aba08fb8
-
SHA1
62d8a55af2577df2290d3004fed8a59dc195591a
-
SHA256
dda6f880eeebecac2ff635568d148071bf29a877c74167e08423795ed68bcdd5
-
SHA512
48908faf351938993495efaeef1c085ab829c756d14a9f727f45ce3d00bb08200f531d2d5761bb65fc9f89ebd461951e6943df25b06081de03137b901fc8e0ec
-
SSDEEP
98304:cddrTLhLpUcxh7EMEjze5N/L6q7kJS4racOOZBtTYcaCBaYCl/rkUx9zf0NYAV:cRhoze5N/SJSOachBNdCl/f0K2
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 4 IoCs
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes
-
com.ea.games.nfs13_na.hack1⤵
- Checks if the Android device is rooted.
- Removes its main activity from the application launcher
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.ea.games.nfs13_na.hack/databases/OneSignal.db-journalFilesize
512B
MD588b5161fb2af8a7bdb87412d364a110c
SHA1c93dfe3f76fb951e4b4cff90821e7847002fa2b6
SHA25625957d80c34036766fd4106fc403fc875e513a29f2b27149576f6fe0bd7b770d
SHA512089f4d28ab7caca2ef4c4d2418481dbd7ddaa7349194376418696d357c4b676b67e999331cde3156294e0c96e5d0c5cba9456475fafaf88794129abf9f7e3d13
-
/data/data/com.ea.games.nfs13_na.hack/databases/OneSignal.db-walFilesize
52KB
MD5332998c8314b44578fb28030c1096884
SHA1631ada344cee78817a3eca3d8676ee86d0869c97
SHA256bea01055a1ac44cca7387b94fd620bf2d4f1e3ff2e7c67e354e6decce1a4e716
SHA5122af1920ec926dbe1ada4328711585f4d621ddbdba8866be7f36629791a43a4936a85c5991d05489fc5790b9c49c15c929ffd40629a71e3af7fe757b91ec39740
-
/data/data/com.ea.games.nfs13_na.hack/databases/evernote_jobs.dbFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-journalFilesize
512B
MD54ef3d4771508933f98e946b1f67c5ccf
SHA19a5a1069bbe2b8427caeef72bb4833ab2a8f29f0
SHA25683945601369c65a7c2a2a081d67d09271281201a7a0b6672c7f60febf9dba28f
SHA512b4b5c5de52e0575c06aa6d0c460a68d7690b147c7cd3e4c3b88add3c28047b823c6d8dfac7f32de2c750c754f0445b5e98c33b1cebac30c658ca8d10247fe51c
-
/data/data/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-walFilesize
32KB
MD546ae3e6a4a0010398f8c877db8517a0c
SHA15db9f5da3a8c3d25f9fcd27e987e8940a54a81c7
SHA256e0b87e38e809d43e180085b7e0d7aa3e1b903951a503a897e56f82593ab80f56
SHA512f26fd7bb31f10b44ddca6f59b4c1cefe6389e2ea8de6a1e1ec6b8ee5c622c8d61c180352950888c0560cf18c8d58b974161c188d7898ed84ada7709dd4e67705
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD5c66a971870ffe5531125b111a8aa1cfd
SHA14800cd170a83700b8131888766c01290c1dd0060
SHA25656c8bbd21b16721978bc2a8c2c226ed1e3c5a11d510d562eaea04d21f4702499
SHA5123e9e81058a9a51e38218494e25ecbb54f42ad05c6f92b3dda8089d19bbc822f8e2854e780e2f9df629cf8b54ab4f412d02207ffb7d20a0c2a98127c9665f9c2a
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD531cf723613a748240d097e8f5a69cfaf
SHA12cda90628666bb52b5116948a9e79beb4734ba68
SHA2565269eedb50ba2b543d3ecd8ad788210397d0db82928754ac205a97ff43f58fbb
SHA51269508dcc468b3292bde67d03516818c3dd6b92e48dfa0eb27dff0622bf731588fae83cbd7c2229ef7d778a039f65f95051b5829411a51835f42c2f8cf6b04900
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD58b89a56ce8423b6b256eb10f1d9c542d
SHA110670be4c69eb41ecec747be25ccea7a07479f70
SHA256bc343e646d05e6209b38abd2feee3bdd54d01df09ede79be7e8c32300a2e34cd
SHA512acbc3189719e8407bed6af9d220b3bef9fe04d1d7612c016c30ce02350e66bee2ba6e2605a975ce42ee9c08fa0bc575cadbbd7fe8a6ee307463f446e6133cee5
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD5362a627a41ab82e8c9b94ab9ed04e3e7
SHA1d152da1eef5f34e6dcacc089be0a0415eaa4d384
SHA2560c46761af97a556b40ef4cfb0ff622867a7183206fc7f864fd9aedc1fbc08cdd
SHA512ddcbcd81dd8df58774b7f0123dca76f69d53da15a15076c8b0e97c7ce4832bdbb13831c790b70c85da7b41a1d0ff90ddc4bb73fb73a80b30a50ae7ca63197b1d
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD544693692da738db6eb133cf0e4cde91b
SHA1e6bda56494c325d8d37ad89552263ae85d9b0550
SHA2568fe0ac9db76d4a2dcd3b3d54c0efedcd223e25aabf716506493d50e243a7a2d4
SHA512b34ddfe1ae343b1b12f7029ae476a0ba8e1b4043ccb520afb412b3f71335ef679bf29723c9a5c00af7e922e9982d5b3af54b2ed779da8cb601f378e5b9d26be5
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journalFilesize
512B
MD52bc57b53ab3c6b8d4dede248841f26d8
SHA1bbc171fa65029f3a090be1910ea773fdf14c3953
SHA2565b15ce1f38bfaf66643e5c67ae8e3a8697fdbc1866f61e62618bf84ff967d8b0
SHA512f6f8206d215440f5ec8e990d71d7f659f2d590b665ee3ef10179bf80cd677599bb9bac9724b2448b236071af36b2b731e9515ac8acfd74c20a02e1d89a84d5a8
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-walFilesize
36KB
MD5bf41874f0a70ce33d55b7c150c457314
SHA1b83d5c6b0c5f1ea6b372b0e8509ddf157cfc4e94
SHA256b654edc89538a8056f18430f881f6720309dfbb58b77d159e70c95d6740903a1
SHA51209632dad46bac79859aa17d5c49ad02847d3eab6d1d3fcfdb7696ece8811023c0fcdd992c55b0dd9abccdf7810d56668e5c23a2d5b3fd91fc0e2ad805d88f00a
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD527703bcccb4c1af3b20bb7b5383708fc
SHA1d09af86420f1ff53e9df527c46da6c010031819d
SHA256e1a0f5ca184be2d5dbd32eb3071a752cb02df3f5f959af54d4c498f3ccacc919
SHA5129700b792699635998fea420a4960328d66792afa1fcfcd977a6c6a4ec3e47781ddb8a52e821990f0f413db1c8f7ccec9ffc370e1a9d8193d54fbc5b65eadbc45
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD5f766f4885a92f9581a23ebc69da2dcd5
SHA17ba19ba80c10d3effae80f61e44104638cafab54
SHA2567212d981b5eac5db445f004adad96bc148713d47d19a847167458b308b165c24
SHA512e198a1ea915de40e1b9bd1e8340d4aac8424e49e67a454498e3ff4016f360772c98e662df939d417dd197f2772a46a2e05ab69e49f5048f59635c04ecf819ce8
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD5acd8e4e59a2d4e7d977f0fe820a835fe
SHA17825825a0dedc653d355159914140930708fae0c
SHA2569cca20fbfeeb7c3bda4dae8971a5290a9b13effa8365e50bf1a873b7a96f93ca
SHA5129e4a679e4410bb3b08a8803532d06a28f22b0938919f6579a0970b43692523aab16c3fc9fab055914068e8023b04f8da65430ddfef0198b6f5fec1c357e9f465
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD5972e4321c9bf186aaf0a0ac2e415008a
SHA1756a52a927debe709107cc3745fad118415593d0
SHA256d02e29b5c10ef41042d9c5d431b4ab6b614be4d7e092a7dc80439714b03468c5
SHA5127a1a4dff7bdb669b1403f07c2b2486524e02cc645ef49ddab06ec0f9d46d38e5818ee4a149a7c66d3dd2666ddbcebfd456adde910f5b3c84c4f061e701fac1da
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-walFilesize
4KB
MD5bd752b8dc9020421646c7ed3adbb7336
SHA167b572b05d1859f68cc66756142f8bd2b0f3b1ff
SHA25631453fa23e84f14368e4427d3a3f1617837a87b43a5c86116b64e71a2a6c62a9
SHA51287f66ebda2a5985d50300ee6cb64608c38d53a29df913bc88674e59c08ac3e8b5ff2cde1cdb5fb01ba8a33968e8ff5f63df1f39213660546f539c1a92f7b5457
-
/data/data/com.ea.games.nfs13_na.hack/no_backup/com.google.InstanceId.propertiesFilesize
2KB
MD5d16aefbb6398ade0778ca47b8def46fc
SHA1c604da9ab26e012eac47edc55c746d0fc431e98d
SHA2568760fe1028345be0ed94b70086ebc5abaddf46f5b32fae12d7a6868243b6b016
SHA512bd413ad6e372b233b126e0494acc65c7cf0aa887fc5501e5b87a742ec7cc7a56442e814661b0af1fb1bf5083f22ff9a2057925c651cfd8858d1ec68590bfb372