Analysis
-
max time kernel
27s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
-
submitted
29-05-2024 07:35
General
-
Target
7ff43958165e7480e6bafc2f46ff3991_JaffaCakes118.apk
-
Size
1.9MB
-
MD5
7ff43958165e7480e6bafc2f46ff3991
-
SHA1
c0c917acd604d2541dee447ff9bd1701e10c05b1
-
SHA256
a2cf49470ba61389d381beff0547022e86e99c247fa5915e9e379d2ae0c35e98
-
SHA512
3c16c47271655efda57f3224e93f8fa126ae65a1353f915f80953ab6148e953f898eccfd3b62da8cd31c5430e9f47b82e84db826bcaf94a80bbf43f81b187099
-
SSDEEP
49152:JDSfu8uDQxeHPxmqJ730nCg21l50Q0EfEkEe73Zoy:RSfFLxeHPIqSnbs51j
Malware Config
Signatures
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes
-
com.templegatesgames.RaceAndroid.hack1⤵
- Removes its main activity from the application launcher
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Schedules tasks to execute at a specified time
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.dbFilesize
16KB
MD558c0b6e45328752b20ac6e719ac034f8
SHA1372b2638afd00bbbc4034657b3df3d2e428fb367
SHA2569d74f93afa5a179b1ba2f19f154b2880aa8b99c88209802099045a0874d2426a
SHA5122d347d5824b9ab701e341c89e8327a95fd6bab8e92ee15ce9550da368d773e22bff304072a4854df5ab763750a7401f7aa61a49e3292d62c27fa9f20536eb3ab
-
/data/user/0/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.dbFilesize
16KB
MD5d83b4a2ff6693910eef5d774a7e1b96f
SHA10057b88f57fca407990755a0a923697d0552556a
SHA25698a3ab365f0f95850455f9f7ec307eae3177e5779aff67b570fb0e4314554294
SHA5121a267f68fce319374a544f51704fbced53ba018241b097e91869e79c0c25c514869148d9d05d504b2619602531875e8bf0716f3ac7f19ef66aae6773919e8a9c
-
/data/user/0/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db-journalFilesize
512B
MD55e80a859a70cb71c169c84310e06076a
SHA11e5f5e4a7e86cb1094fc8a52a8c2331bea1d4f91
SHA256dbf101172d6e8c87d82a3442c2fe14c3703d97243c06f046f7e68ff51235bd47
SHA5122fdcb099bc1a9bce76b61958b283aff468d30d602a8985fa9adb5f3163801bf1441a0e0d3dceb560a1967e1e9268c55d0444113513fff3827b7395307dd52179
-
/data/user/0/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD5cddd9c5d2f4387e99b266f22e4856cbb
SHA16baab2220d3234f1114d1f9257655d1824907095
SHA256d9d436b686745542ad428b13b2fdd5e740366b58817868bb477d9e4252bbc8fe
SHA512a86f022614bb51a17d637a0d132c693d3bf24e8501500d6e50b2bc42e19003db67e5739cfb4201e8f863326bea4dc9d2869eaa6dc7a1dfc77e96912190509539
-
/data/user/0/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD51459d187c7949062409340305d7fd46d
SHA1f2ac4f4a526f97606ffa3d3bf7032223d5e56500
SHA256a4fd7376e8bbc1cdb51f8366352a03f37f617689739ba90a86d342ba490264a3
SHA512a9557040c37b54adf7e8648f7ca23a7a585bca1e204c63024dcc3b9fbd0691a9a560d9e9d7446dea230a8f66062c1a18e0fab6987ddf7aceabbfa5456fad5491
-
/data/user/0/com.templegatesgames.RaceAndroid.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD56125f1b17441e1b81fa031d9e6284d98
SHA1b598cc761834f8114fa0beab4b0efefa0ad99b30
SHA256539416bb68ee42f3c83d8ab0965c99ce9c0d4cafbda7531f0abd911f4937df31
SHA51227cb7c56801d5b279c416b90d292ceac254580948707200975165ee1929fc8a286dacc4185f503e727bfc291c7d1b8782389066931a7e21cec8344cf1514aa70