Overview

overview

8

Static

static

6

723ee5b451...18.apk

android-9-x86

8

723ee5b451...18.apk

android-10-x64

8

723ee5b451...18.apk

android-11-x64

8

Analysis

  • max time kernel
    105s
  • max time network
    177s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    25-05-2024 14:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    723ee5b451a7bac1036f6937aba08fb8_JaffaCakes118.apk

  • Size

    6.2MB

  • MD5

    723ee5b451a7bac1036f6937aba08fb8

  • SHA1

    62d8a55af2577df2290d3004fed8a59dc195591a

  • SHA256

    dda6f880eeebecac2ff635568d148071bf29a877c74167e08423795ed68bcdd5

  • SHA512

    48908faf351938993495efaeef1c085ab829c756d14a9f727f45ce3d00bb08200f531d2d5761bb65fc9f89ebd461951e6943df25b06081de03137b901fc8e0ec

  • SSDEEP

    98304:cddrTLhLpUcxh7EMEjze5N/L6q7kJS4racOOZBtTYcaCBaYCl/rkUx9zf0NYAV:cRhoze5N/SJSOachBNdCl/f0K2

Score
8/10
collectioncredential_accessdiscoveryevasionexecutionimpactpersistencestealthtrojan

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 5 IoCs
    evasion
  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
    stealthtrojanevasion
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • com.ea.games.nfs13_na.hack
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    PID:4634

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.ea.games.nfs13_na.hack/databases/OneSignal.db
    Filesize

    40KB

    MD5

    2479ff01e32c1445266304f37e9e7b35

    SHA1

    63a2b50d03eff98a4b5e684f1f95996b78219e6c

    SHA256

    c276033016c0ae04c4e1a7128d443a01aab24d99c434696ee1b01fef2d3acf15

    SHA512

    14b24f8be6f9a88e31a2d74f3f13cf9e84817bfe445b8b8a873c1678f274714237b3f1a2fc9c5821c300fc72418e3229439107c2a2ff307007409dee6fdf16d3

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/OneSignal.db-journal
    Filesize

    512B

    MD5

    e78149c5c87d15dbe5460174fc91f47e

    SHA1

    10150892ae50be5b2ca328544a223b0826e4100f

    SHA256

    d684636db12a5bd50bc735caa91d1c6b8e54df8b580a545befbaa04ab4416da4

    SHA512

    3ef0a64f33bbc3cef73eb120c1681cf02f39beac1ec541ed88e39b488a37bbea76eca122fa127c19e3c4f9ed57047f49ff6dff887da7b8ae3e3c94007f7a26d6

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/OneSignal.db-journal
    Filesize

    8KB

    MD5

    3690468a063ff8e196b7a01eb508998c

    SHA1

    47fc70c266cad38a8d62993996c11f84371b611d

    SHA256

    2cf4601451ca824019dd3305297a8549b783d5f4964ed74b2cdcf0547d6f22ba

    SHA512

    539b305cfadb0b584103c58ed9ea86fc9547314098f3047c0d41d8d8d36710c1d98dc4d480cb2bd9062f74a0e1f3bd0fce35a5fca7b5acda6c818876d86d3b65

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/OneSignal.db-journal
    Filesize

    8KB

    MD5

    020e3a7f39bf3a3b3e3fa5620e52de26

    SHA1

    933b28813a7140a86047b38cecbc7a3874c19c5b

    SHA256

    3ebc355f35b0ae5c71e9d64dfa85b24c42780ba99aa9f5b06fb026a4ca1cdf63

    SHA512

    9b9cba70d7bac9726b3b6cd3cd5d398606ee43778b782a545305d1d2449bf19530758392743c97efaa57f325fd194c97bc542af99a26e809f96e08f61ab8ea4d

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db
    Filesize

    16KB

    MD5

    50cec7c9dd566dba2b8f5c2bc32086d5

    SHA1

    4c252cbaf8aa17807fafbe753cffe610c11a8c76

    SHA256

    6d6ad721c74070fb642e2732515454b1e5c9734932a72b516d4a0a7fe4a68a5f

    SHA512

    4e80db0e31cb6bc59f6c9d0faab5009bbb6dfe7de6231e2f69d1c0dcbbee095cbe1a644dfe1d301ab1da0f7729fbee98b15c84a6bf58aa390a514183843a9b7e

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    c39246da347e5c61aa71bf27314151e4

    SHA1

    5d60f223c9bc5daeec35d93f9e8f76869cd2294f

    SHA256

    3552ac1e996d25991cdae70dc726ec1dd262edc281c82d92b89f88b1fac85e71

    SHA512

    6156955520e2fb830289cf1f21f622e737349a6fa5517f1102bda9d1a484f532109f1565235f2304b21d6d9d4cd726bae24c2da7d5491b9022933d15c8435721

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    d8bcedc2acfbc064f87f7e3abd47df31

    SHA1

    1bd5ee3b247db3dbdbeced3bd5f09e5126e3996f

    SHA256

    4b3899799392bfe7ecdd49981e3b5a4f17118cbae42af797d5adfa6dab19eb79

    SHA512

    2e98868063264bdcee11c87eaf82103824e1ed34f622994373dd004420ea2e9df7e0a3beb27b7c22dfa32bdb35765780b4a48ea248065bc94222f679746e42e3

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    b5cad15354b827659885d124eaf98f4c

    SHA1

    826bb5842b3d44bfc2e8f7b13dc4443727061c9f

    SHA256

    4497b94d2d43362484e702b87d8252180d6c0288273be940241b95d04f95a661

    SHA512

    048839640e1926cf8020e4e14822846590daca1b134c428fc0fb382acc66b96a4a309b071a494b1c13b2d7177571bac450143f6483ed8d9d6893c3d7453d563a

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    700bebf964b7b6327ce9c7cf24493471

    SHA1

    077f7966ca4556d807c02fd27927ddf993cb8e36

    SHA256

    9e236a009314f668f8dda8274ef60372493a5d27a2ea9e0e15ecc44f8443c3c2

    SHA512

    adc8cd68fc3d904a9ae0232cfa2e6bb4517e06b05d46ddfb9c6230ee0d6def99c0f26d7f7dc8eceb39bdb99d8f258c522a2d48d981d883d0818e22cac4f6b0bd

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    d99350e89433a3b2fe20fcc7329f4b6c

    SHA1

    01efafb9cdd696a6a17b862cd149858bdc0c5869

    SHA256

    257e60c2782182bc52a02425148e9dc4823402d8f90e04d8add981c567340cc5

    SHA512

    094e4bc6f02f72a4db7c3a6e084b3ba54111cab4437f6b0b1897ee4e43192746819916e165eb0ec46f8aa0389c5ac6fdc3f72d3ebe72aed76f468d376317d10a

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    062b8f46c931e5caeb176e69b06f6dbb

    SHA1

    c51a69e432ec28280edb8f1d8f84c1a6e93b5ffd

    SHA256

    6cf746eb4626fc0cc19ea5b98dada44231f4d2ff54a4d91bc6e0d5971cf586dc

    SHA512

    e2be50282a28f1c7b9504cfb38562384f9014ea5607037e1de871d6163e176fb9142017fbc46aef9135c0f52b0aca343fb696618bb6c312ebce4661fe5086347

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    40cb6142a76277b9a7e76eb801675ce1

    SHA1

    993b999d9ffcc210ba942f2a431b4d0ae2108330

    SHA256

    c2e83811da22febc03ebcb9ca29a4e7f76a8e259492fadced824834b97ba517a

    SHA512

    2c7448c9dba675e54bd10001e8e0f549de268a38ab4e4619afc3f9db2db91cf6b06fecc93e0848b800b018a5538ffb9ddf9014a295a7a0b3a896fcf3ae7c7a48

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    641b7ee74d362fd6849e309f2fd42c8b

    SHA1

    fbc752b1fa56cbffc2f704f34670c61aca456d08

    SHA256

    5707129abbc38335e646d2b768cd48957d883cced1ee2beb877ea2f2c558d644

    SHA512

    627c8f47fb139333547020fe14ead7192291ea1746a1a0d8dc5c8c8f5cefc4016f7e3e8a6068466cff4807f51ce39770b7fb732424c954bf0f0533062c0e5847

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    818548be1885386cc995f564f36a8e8e

    SHA1

    008b0c602ed55b1122dadfb3a20db517d55c10b3

    SHA256

    b4765a86f69c122307448d0c6e81cebd52ffbc59b0d19da42971e2857f773e6d

    SHA512

    47840561a1eded73600b656576a7a9195bd1beddb79b08090b9e6bd9ab610de6cfb0a334310bfefe0b33ef157d420aaa17c6315fa2e689398da3328c4460a02f

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    d9cf75fdd1c2292d986f6c3d5d60f2c8

    SHA1

    07ecb1d3a26d952ae5fecf54f36699ab498510b1

    SHA256

    2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

    SHA512

    442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    4764146f05ff33dde7adc3832689ca52

    SHA1

    1c874d96171bc96206ed7c00f4dc10156f36053e

    SHA256

    4a4e27ccb75f29012a20413fad1526aa9a2931420d8039136cbe96231fd2fdcf

    SHA512

    2d0b5d0a10478cdf2db980a08f1ae7a81eacbc534421d0a8c8c490d24c1cd0d589c0410767ab6866bb5be10ce5edb2c2b9a232fe48d187405fdc7516f2f096f3

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journal
    Filesize

    4KB

    MD5

    a6dca0e1abc89b0fa174de1fc25098cd

    SHA1

    16e9d471bd6664b05bd938adbb5c3f9291865152

    SHA256

    ed89e87d70e3c22cdb9afa2665b9b323e3cc4a1e6c1c8056cdb50a3c8cb4e829

    SHA512

    8b8675d49fc05e7951b617eca7dc9284da38348ca1853a0882190b3a259f704d95f57c8872c9fd90fd0b6205323dae56a808abda3bf03e97df4481e3a714f595

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    40972436bfa0f51789cc6d7e936f00e0

    SHA1

    9b806910e18c25b7491aeb952db91f7b23fcb46b

    SHA256

    43970e5086ec22f3a27e7150868385f0c791252125b4a171295b603382814e77

    SHA512

    c6075c9b1451de628dde6f92833fea9caee53ff3dcbd26ab754ab6b85dd988beb1a79ca84961ee7e042d7f98797beb0fce9524dbfb551b734522a24f1bcd36ed

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    c81b118f095a10c25e28639fe691411e

    SHA1

    2e9b511fde8734fa7bfbf148f31923b94605fafc

    SHA256

    9ce45ade0ac06f0981f65fcf36e0f1ab8936011f1a688e1969f51a2bbc2543d4

    SHA512

    80ad3561a8e15cc8bbbbfd1defc6ccde593ca228b2c28f8d7043119c9bde4852b4a4d8bd14b5cb8ce65a821ea2e380e80c39df945cef9f27b53424c64ddff754

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    5c8f23bbc462260cfcb8c7e4909e630d

    SHA1

    9fa16537fd44a48d4cc13a1fe048abbd77eb7ea0

    SHA256

    f69b94fdcfc2aff66212ee8feae9db08cb37f4d19a98afd13790dbb87724698e

    SHA512

    fd7f645dbea4c92cdbf5a496fc03f64abe7e4cf15fc00dd89a812d08c6884e437c8bd34e0b2d757d489bf6863f682649fe2613fd87146a790b561df48f4a00ce

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    ef600095251ca2b38cad8d62818ec271

    SHA1

    68410f0671aa5f766f435a862ee1621812de79e0

    SHA256

    93842e365283f3ca08efcaea7b37568029716c34fde23b6f7e7836698bc56262

    SHA512

    caad41e1114006a01689e825ade7883aa5a5ec91e27e338bf72bead50bf5526dd6f526fbe19101546c1c83acf6200b533d676e16d90643fb972e085ac9ef1a77

    Download Submit
  • /data/user/0/com.ea.games.nfs13_na.hack/no_backup/com.google.InstanceId.properties
    Filesize

    2KB

    MD5

    b4e1d33f00794380ef125d022de906b0

    SHA1

    34357adbcecacbc190e31649db63a38168af776a

    SHA256

    74203f7ba433770c37014a63b3c4925c29d7b1dbbf39faf405bdb126302ae67f

    SHA512

    59b3ba632d57c5074244907b93067a1df4a2a38aad38763e1ff2e7865718e6fb7103e67e0a0f45eaceeb725cc8c1bae5a8d2e0a12dfe200d9c24809c419deb06

    Download Submit