Analysis
-
max time kernel
45s -
max time network
150s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
-
submitted
25-05-2024 14:20
General
-
Target
723ee5b451a7bac1036f6937aba08fb8_JaffaCakes118.apk
-
Size
6.2MB
-
MD5
723ee5b451a7bac1036f6937aba08fb8
-
SHA1
62d8a55af2577df2290d3004fed8a59dc195591a
-
SHA256
dda6f880eeebecac2ff635568d148071bf29a877c74167e08423795ed68bcdd5
-
SHA512
48908faf351938993495efaeef1c085ab829c756d14a9f727f45ce3d00bb08200f531d2d5761bb65fc9f89ebd461951e6943df25b06081de03137b901fc8e0ec
-
SSDEEP
98304:cddrTLhLpUcxh7EMEjze5N/L6q7kJS4racOOZBtTYcaCBaYCl/rkUx9zf0NYAV:cRhoze5N/SJSOachBNdCl/f0K2
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 4 IoCs
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes
-
com.ea.games.nfs13_na.hack1⤵
- Checks if the Android device is rooted.
- Removes its main activity from the application launcher
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.ea.games.nfs13_na.hack/databases/OneSignal.dbFilesize
40KB
MD56ea5817dfb71687d648b0e4763152545
SHA1b5a1a2a1fb579520ddeb9861c0eba5f7109d0d74
SHA256be512b097518bdaba39e6106c143a267f56e98d8f980ed6295773c4082149824
SHA512cafff4c86b710428753e528aed212096fef264a36cd6d6ff48af487ce1d5cf90065b4be0ad6460e4e7631040f7a28657f31811be1a5cb417c4b2725c51fb5186
-
/data/data/com.ea.games.nfs13_na.hack/databases/OneSignal.db-journalFilesize
512B
MD5ccf6ca205b27720c51acdd0663ef0371
SHA18bd98bb81f252bab68978072a3b721fc5ba74215
SHA256be7c0e3e654cefbef6f0852df4950e91a77b53b4db699ee63fa2f626ccde00f1
SHA5121be874ee3e9f65e9f507d863f268bcca3f59963ef521f5e72b723cec4dccce790618b6ddd0e7d31209677fc340a114dcce7ab7134c42b952570252346796eb4e
-
/data/data/com.ea.games.nfs13_na.hack/databases/OneSignal.db-journalFilesize
8KB
MD5e69c8958a5410457186e9b83d4158ef1
SHA146d3079ff7b48f679b271e4cfebe8bf8932232cb
SHA2561c4e830ee2f10af8c4c60b05f626580e42e27789ff242d78ee1466d416814107
SHA5120438a93bcc7b92c66d8fa021ca84ecd7cdb1e1874fde5403dd83ddc317a78e06a45ddab73842323911c1c6759f2781cd06af3397672000a6087ce0edd6f87e90
-
/data/data/com.ea.games.nfs13_na.hack/databases/OneSignal.db-journalFilesize
8KB
MD53ee59be098e3f47b682b8d77ae9be610
SHA1ddcdaeb48d5e9a021347748003b5e133289a022c
SHA2565221ccc7666f439b17dd55aad7f624a7e89e9ba122f7be1a66787e7831977d38
SHA512320af2cd2db0671f2e9e733ea52472838af334c360ea0e96a66525f12d841370cc6c941e45475ff49bdf5ba83ff8066728baef7f60092c78c9a2f5ba9fd149ba
-
/data/data/com.ea.games.nfs13_na.hack/databases/evernote_jobs.dbFilesize
16KB
MD5d660933a5bc45f5273107b4fb0ddda3a
SHA18ee9cd6973719cd87f6a321c08fda17bcd464015
SHA256ed88050fb9b3f88a241e5a25249c3c50c22bb249dcedeab713f93cbac741ab0e
SHA512954d1d075278ca06614b891e0973ab668266ae4d28145753a9241913236dd51f28c1cdfffffafda9ad95eef19043cd97cb19fdbbf74305e6d3027e278bee6507
-
/data/data/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-journalFilesize
512B
MD58fd0ca60ab7eb4a27793cb7ee044d80f
SHA178d6efb99c0895a6745c48e3debc894f83d5a0d9
SHA256d8402040bc0569f8f1b6d956f666a95f68718a6e43b0f3aacd14b8976d84b909
SHA5126cb0557892f1b11d122cf3a4f68fbab0bd7cd2443090872bd5a6b2a5da9c50362bbafb0455feb402bbf589d7a0a83eb24d0934513be0d970458d1b1c6ffe3411
-
/data/data/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD5d449881bbdbcf14ab1638b0cb9a04319
SHA1bee7ba4f124739822199c2b915a59502ba886312
SHA2563c71cd6d08de8a58a61b8ca4bf7479db88f2787434e161c773adc53db81ef467
SHA5122cad550509b8514db00e7870f9985ccf9609fc74b0ead9682d6ca4fadc4b2ce1cf56ec5482610508ee2e6ebf7bae548b34b881d47afcc3a24e065846fcac3e2e
-
/data/data/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD5aca0b692b57ec2dcbb06fc0aeb35e879
SHA1599004a79c523e05866e9ecbdec308fdd2156c87
SHA25636e3269e2ea730713b4d51fc1cebd2b41d97c85932d20ca9e601b4529d5ee9e3
SHA5126ab2873236f5ce39eaf73e724fb51ce8943e88dddfa09fc3a0e07c150d895a878bbd4fecbbbeebb507ea6341a3cd96301a14778a1bf3ce1610126c1eeaf829ad
-
/data/data/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD5edfec87277bb7ef894661d6a44fb7e21
SHA107ad44ffcb3982447d291c0b3bd786a5db6c8820
SHA256cf0deda6e8738a52a59108dbd04702c892759a025565f1a2ab147968e464edda
SHA5124f5332fe1837ad7bdf09182bb1be92bb64d8ebe08d9c9cd5750b4528ec0efd03a5a802eae52c83130e69529acb5b5b24fc6361a121d733967317afa6c62014eb
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD519ae97d34e378df2bfb34c30134be9a3
SHA1928d77e837cfd2b18735e3fd272c9c45d0fa0e9e
SHA2565d91ce81733d998a8a7c23cb6eba4e3123b608721aa4f16ac38066f03093f71c
SHA5125a4e179f3ecfba9bc6bf14a7390323704b1d10e69bf83c49815af80ea6297699eda7c43d222bdf795157614074ac1c8955bb1b2529d92732c71cfed3ab978e77
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD5ccdb6b9a25bd5479f472a1e22c9e9507
SHA178f2fd713135171e79af4771f8042d8a5e46d82a
SHA256c974ad5ff3dc870f8c6e968fcf799f62a7ae611e6a663a48a6890d781f000136
SHA512b109e3ebe05b6c1785dd3405f04b109c0d1c4a953b810cc6dc945639958b677e3d8c23594f4384a32bfc329bfd3c9ede23bbeb29d85b68923b5701440c47e682
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD59adb2226ba3a18889ca95486f52c6ac9
SHA1887cccbd2c484e5365dedbd8d1157356fa41ee57
SHA256b07c1c943eeaed643a6bd294750994da194e4c4b283b095b4059facd0d2fed35
SHA51244764f3a82b8ade7e92d37b1b4a7d8ceff837bfdf72c6c537e5bb4459de1ed888d60d50ef3ca29c24b62fa9817cc619e5a4ab3f18368b47d8a73c8545571c138
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD5ae7c00e6094a624c4a0ef0f6ca168241
SHA184bf6a51ca33e1c7da983bec43e2e7eb20f482a0
SHA256672054708ce3ec89cf6e9a7e03dc6fe1c09d6b61d28fc973ca385bf828b36d81
SHA5126b14031f7298a7b131f91794804aad45fa36b047528412fc3c7cea4038763c40423e8e6193f9f6be67d2db77086209ff8771a408c6473e27e816ad504390580e
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD52f1eeee3602c828b8e9f81f6fbd20d41
SHA1d240b568bb6929702815b9a5edd05ad635671caa
SHA256458aa953a9e0adbf5b8765ebcf6b51bc5b5a48b7664e85d25c7a8ce9781a2d5c
SHA512a8642cc12cb9af0cd9d3fdc4bb1fe3b246d02af6b36714d80cdd2809def699b0b93eb585187c17f0a8e19801879e2e9edef7963ee416ae9e8cc35fd9cede2859
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.dbFilesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journalFilesize
512B
MD5b5c55db8c00a43c09d5010c56e46f116
SHA1092a2fe0450f10f766fa57bc0ec96e7bc5923f5e
SHA25645e34da110e3fb3ad7175c4cf01414b7aa452ff9ce538df606240d8eef3a15a4
SHA512e94084dc8be80ad51e0ff34e00cb085e77d1021ffb58fb9340626d1c1e9daca2be0a614ece2fd843aaa9ebd37bee6e140970926815d234fbc712bda5690e2ae9
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journalFilesize
8KB
MD54dbe9df2e153ae2dcdf2f50e6884a8a7
SHA1ab514f45f9987aee6d4e74f461c36aa8f6c9b330
SHA256a8b980e023146e04136061a6f7d5a557db43bc79e997540d678b1133769a820e
SHA512bc5316ac337e5857eba8a585b617fc4b92163797f46021650a5f77d5dec48033e3a0ffba9fbe23305b2e4fae9aeb87ac0a95c0c877afb060f89d659c5952185a
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journalFilesize
4KB
MD59e6b128a04e043d1f760fe57deb3fc43
SHA1371260db23572bacb0b7394fc86e2797f42b66dc
SHA256e97389a8137b19c67eabec44270268b7ca9b0395a14abc5000be99555c6a466c
SHA5120bf25d72f09d41e68db7082af2fc9493daa0b4dfdadb8bedad6ff31d0cc9a0353ca5c46f83725ba952e2b9b2f0d407d8c63b96248eb15a4656e704d81405220d
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journalFilesize
8KB
MD5a84a2bff24fc75e9fd04180b686aa4d8
SHA12b152e1a158c73a9200986e631bda61d8a9fa48e
SHA25651cbc2961d06147695cbf1bf2aa67fb304b0778f7279b6ea3b519bd1a3556ab4
SHA512e2b0a1334b10403b4744ca1ca27468c89d298fd758bd9950e7eab01786e49f7e3339f337896eef401b0659be736bcb764e67ba74b76a42ba386062b9b242fac0
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journalFilesize
8KB
MD5fdf781e5dc440dbdbb3d4c61efc504f0
SHA125b0d5fd447ed43fac9edba92cbf8a6fe58abeb0
SHA25616efa11c03c0108bf72653f98ec9341de4e017ca46ba1de2bcdd9ef1ba4cf63e
SHA512672b4ba64d99e7c5bcebbdca6c40c568a36e8297e55adbdc67317f1c1da4d06d9614328f35e1ee6ed0cef0f4851bb42d98964c66565e92251c11f07d906f8aaa
-
/data/data/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journalFilesize
8KB
MD5714a407765c08c27fac6ac782b7ba193
SHA14040791839983e0bbdcc900e520e2391ba1640a0
SHA256141154b3e64c13ce6d667e695541212225c745cf0181692e103cd4419917b4ec
SHA5120fcdb52d94ce11a87f8c4991a02060401bdd2da000316889d96b0567fcf302705c2122348797d160e12ccd6b0fd05a7b91b4686c6159cb9dee936538ceff737c
-
/data/data/com.ea.games.nfs13_na.hack/no_backup/com.google.InstanceId.propertiesFilesize
2KB
MD5a3692b03b8f1fe8ba2b736e8977d8224
SHA1508501357a000f9eb0563c85bfe6dff785c65d83
SHA2565754260330195e3656a599d1a1978d76b33f5b09b5fa8d90b3093ed82eda9ef8
SHA51283a132c6aaf3e0ebdc3baa8ad8a85f07c2a26728c7847f68e76b38d33c22c6f7133d2f5e0ec072f400bfe033df1744d7641f62ffa70b32242e8ea0d1c65fa7e0