Overview

overview

8

Static

static

1

7ff4395816...18.apk

android-9-x86

8

7ff4395816...18.apk

android-10-x64

8

7ff4395816...18.apk

android-11-x64

8

Analysis

  • max time kernel
    26s
  • max time network
    150s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    29-05-2024 07:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7ff43958165e7480e6bafc2f46ff3991_JaffaCakes118.apk

  • Size

    1.9MB

  • MD5

    7ff43958165e7480e6bafc2f46ff3991

  • SHA1

    c0c917acd604d2541dee447ff9bd1701e10c05b1

  • SHA256

    a2cf49470ba61389d381beff0547022e86e99c247fa5915e9e379d2ae0c35e98

  • SHA512

    3c16c47271655efda57f3224e93f8fa126ae65a1353f915f80953ab6148e953f898eccfd3b62da8cd31c5430e9f47b82e84db826bcaf94a80bbf43f81b187099

  • SSDEEP

    49152:JDSfu8uDQxeHPxmqJ730nCg21l50Q0EfEkEe73Zoy:RSfFLxeHPIqSnbs51j

Score
8/10
discoveryevasionexecutionpersistencestealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
    stealthtrojanevasion
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • com.templegatesgames.RaceAndroid.hack
    1⤵
    • Removes its main activity from the application launcher
    • Checks CPU information
    • Checks memory information
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    PID:4334

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db
    Filesize

    16KB

    MD5

    5d85664f8e614fcaef42be2e6f649027

    SHA1

    09c6288922102f6114a823f4992415fd3373d61e

    SHA256

    55f8907e91226ef43a05583c7b4623b4e26994b62d20c8603975ccc1fa3b9409

    SHA512

    3d6006a3e82d00fe9bc443e940acc5df12ec84114fcbcf8fbc8099c085cb1229b21a217b7445129b50558bfef5100894686d7359eb80b7ef087b65c7be3bc6e9

    Download Submit
  • /data/data/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db
    Filesize

    16KB

    MD5

    6bdd67f81ec9b02859a0c15b1f5e7005

    SHA1

    9018d86a5cddf6b2f2e575862dab076a6ed0b6ca

    SHA256

    5aaee589710cbbb73a852513d999546f4adb424e23cd9de7c9c76c6cfb2cc71a

    SHA512

    42215121cc2f8405c85b5d9e4819285a3ffc859cf0c35b6df45f8b3fdcf15beaab8f0177c3b2da2aa0ed7816967917c569980c727b351f3d67388f33320ab903

    Download Submit
  • /data/data/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    a09a7276f7fad5343e4502307b4e3779

    SHA1

    d5167430ac9dde2802b0d19accf4a429fdc88b57

    SHA256

    c26971d1277e120df3d66f4d592d93c911239a8e473d712f0b2e29bdc4529a04

    SHA512

    3c0b8ac76b3de84af6b33d589c5e26d46e773ce61d27b9333c6624d072be63e5636035abc91be9cf0b194908d8a95e1cbace4171719a242343b711ae42db4c78

    Download Submit
  • /data/data/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit
  • /data/data/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db-wal
    Filesize

    28KB

    MD5

    fc6a7d05146560d9bf2878953ff630b6

    SHA1

    25415cb0b871c1785fced659eb758a3f2aee358f

    SHA256

    ad97108879e11df50e4c328731fdeb3de7796efd98aec69139a677e6b8aba0d6

    SHA512

    4a41012a6b4016e2060f1148096b674c1e1fa96da08ec27eefd189d86061546ec57a54327499a11d6f1c68942040a56b24049e3f15555e04b2358a433f6d27bd

    Download Submit
  • /data/data/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db-wal
    Filesize

    4KB

    MD5

    fb652b92eb477d1e9ef6eb57640f9992

    SHA1

    6f519c7fef5e3e92f40ebe00cb94babb4e57f79c

    SHA256

    201da59b2859ee892bc3e5e311494b74e6392f613529e08e787b53aeabffc586

    SHA512

    db0a4cb1566cf48542a86c5db2f75ca44897dcc1b8908b8b8fc0699800c2f4ec22dc22462543ee8b3426c0f718669989c51378aaa9b10e49a86b6cb4bf1df5d0

    Download Submit