Analysis

  • max time kernel
    7s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    02-06-2024 15:10

General

  • Target

    8e8069293783668c84b449f0fe24e3b2_JaffaCakes118.apk

  • Size

    14.4MB

  • MD5

    8e8069293783668c84b449f0fe24e3b2

  • SHA1

    071103dc6475ac1a57011abfc4848e907eadb551

  • SHA256

    a0b9837f9e2d60528b6e49e21a8e2770487f71607e72f56bfe6e4569e3a0e08b

  • SHA512

    3b29370520ec8b238ba280ddf9bd1e8d97f1b1ab4f75de61429ed36e47cd2f2e69aca5800df28d6f88eee7e221f03c8d7477f050c7392746d272bd9c6e9fa988

  • SSDEEP

    393216:9uzySpSDJrufTEOcxcM3ZG3iEAV9XBp7yNS1SHo0IaTg:+1cNrurE7w9AnX/yLU

Malware Config

Signatures

Processes

  • com.qky.arealracing2
    1⤵
    • Checks if the Android device is rooted.
    • Checks CPU information
    • Checks memory information
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5230

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.qky.arealracing2/app_app_apk/arealracing2.dat.jar

    Filesize

    306KB

    MD5

    903f28652432627489b5a538ea86bec9

    SHA1

    ba1f589036af496318fdd7df328e9c231e590ca0

    SHA256

    9bfeff9003583c5440e80606993154c4e5ce090424176e3d54ce18a6cade8ffe

    SHA512

    2349d1a854a610bad74f914e2eeb2bf6c393332ea32d5e31820d68d87b67685076e26dc5187894e1bbd5f903a6733c81085cb11ca1f66874ee196bb57cfc336f

  • /data/data/com.qky.arealracing2/app_app_apk/arealracing2.dat.jar

    Filesize

    306KB

    MD5

    9c9e2d273606d14831b64b59f37017a2

    SHA1

    64ea038a4d42efe54bd24a23ddbd89f0702710e2

    SHA256

    48cbcd6655fcbc5007134c9f718d4d135944e8e6b27878e318cb441604ec6d7c

    SHA512

    ef66402aa2e0a4ad158fdedfaab0befe7aea06c2c1ca135abd4960c8534dfc2deda4989e890d2e0728dc98e3a3a39a71c89575cb7bc2332b43f9e53eb9ce0370

  • /data/data/com.qky.arealracing2/app_jc/dfp.jar

    Filesize

    114KB

    MD5

    1047cc5aaa16cd39cbe53cfb73002f1d

    SHA1

    560edce1216eedb4911cd06c7ab19090c08b5ec1

    SHA256

    028afd3d6cabc11e33e3ffbaaaa1e7145d0d9cde87191584a497dfefbba02714

    SHA512

    e008db765b4c5f2b152345c1e547b44371170bfd5875ba5cec34afc0bb96c2837cdc2afc899a81e9774084da699cd01d4163d001552f66622d878e975720f704

  • /data/data/com.qky.arealracing2/app_jc/dfx.jar

    Filesize

    133KB

    MD5

    59705f3af17d5b6695ddc0d11a3a63af

    SHA1

    dbf6ffb0a256cff76db302a7022c18174ed58c28

    SHA256

    7a1c09b07f3c4178849bac88e545b9ded9ccaa1980f934ab3d99cd44f16f6762

    SHA512

    fb7d9f85a6515f434dca2988b81dd9245f1e517cafa38edc4f2510779874fbbf72c1a7577af9a70f339df138f02fa51074010bd9f13560629792269d1e3067d3

  • /data/data/com.qky.arealracing2/app_jc/tfp.jar

    Filesize

    114KB

    MD5

    0941a865befbed90cf7bc86a1af0602f

    SHA1

    e161a14cd80fb88d81c7181301bb59120e1fff46

    SHA256

    d36b6598037d04506721468478630617c492ac642e11695d6e188b78359b54cd

    SHA512

    5fdaf04dd705497b23fd900991a047a1b2011a8c626e3553e7af3fd6822134a038a4a96cf25672eef4303c8f9cf89d25ece9897f1bbae6663b525afd2798d117

  • /data/data/com.qky.arealracing2/app_jc/tfx.jar

    Filesize

    133KB

    MD5

    e6af523b04ea1f0c64c48e8e94c35f96

    SHA1

    eaa37708f0e4a7fef0d197b73a03c2e830254442

    SHA256

    820e2d992efb9c6eceebe8e020876b596b70e8ed09ed9273266ad47af36e01f9

    SHA512

    0faee6070d2fe649ea1ea4d10049a79d2a8723b41687c9a74e6d806f9ed3cdf062375b466cff8973814af355e7b7809c8d9825e970a430069d14120d766d00a1

  • /data/data/com.qky.arealracing2/app_jni/frame

    Filesize

    39KB

    MD5

    a997b9dc5a7f028f33c331c5999383c2

    SHA1

    0c163f9ba2796e47669999dfb349021a15d670d9

    SHA256

    b263aa2dff9f516ad7cd11c5d0393b09ef32979d8481692b55b88d9a3643c149

    SHA512

    05c6fb8f7e6d41cb3cf68c9ddb21ed772cb9f236d586327e60c7da52ee1182b25e539b206371c0dde75600f66d31259eceb3c798ae81e5317aedafbaa7af78d4

  • /data/data/com.qky.arealracing2/databases/db_default_job_manager

    Filesize

    20KB

    MD5

    c2810d7e661b18a9ebc3d1b2f4993403

    SHA1

    ef14c987c020481a22fb475223cd3d4b86d64692

    SHA256

    eed45ca74837fe7ffd934a7359ac11dc2394ec4f3a55226fd752c186e96fa337

    SHA512

    90be91836668216f3f9f0c954d75816efcf6fdf296a76f997f7e4e845e89509f6d923f27c9d2a1b0c7747f57100e2d2a63f1fcb32a164be923ffd9886f5f2732

  • /data/data/com.qky.arealracing2/databases/db_default_job_manager-journal

    Filesize

    512B

    MD5

    db8a5888274c639989537bfe5cd58f75

    SHA1

    6d11ba36563e9750d0886e39d63a3e0b59b8b356

    SHA256

    9c07f323224b2eb0154d8f9478c166e0233dc658c230c426137f9f8162df4ae2

    SHA512

    97cce59a2a717639a0d4d37dcaf812675bcb676cbe5d77c0e782d7baac494ce04d4849bc65ab0b1c23893dcc78b47d6f608ce648988278b6697d39917055f014

  • /data/data/com.qky.arealracing2/databases/db_default_job_manager-journal

    Filesize

    8KB

    MD5

    625443419fff1d8215091759fe10e9dc

    SHA1

    9927b3a6da84d10e2a8d6cfd2f157670c10ce467

    SHA256

    1ab1c7fa89a657f68a579eaa4d8d48c879808448435bef0b80cacd86fa5f4c43

    SHA512

    9776b06a1990f984a20c9e5f981676b91b699d309fb3ed66dbc69df9bc1a6ddcb6c0c30b6ac3c07cdf002ada01d871101cea497730f5c8ae7d1b8d0a150b50af

  • /data/data/com.qky.arealracing2/databases/db_default_job_manager-journal

    Filesize

    8KB

    MD5

    7556bddad6ff958ae858b315c8610cb0

    SHA1

    badeae1ee0dce2980039b05d32921d2a8d83856e

    SHA256

    315192d0763e8bd86071465b8fc836b3d7a1fc16b1abb7a4e5699553d2c02837

    SHA512

    fc6a505cf954362a9d0db43629855e70138387950ba53d4e58d03bf9710dbadca9bf42e6d0618eda9ac5e906aa592c42467e10e98f5c0af8624cbfb008bde2a1

  • /data/data/com.qky.arealracing2/databases/fx_dd.db

    Filesize

    20KB

    MD5

    1a10d94b9f872d4d84d08a12fb45596f

    SHA1

    c20c8af8550655c3ab32365fee2fb109544f118a

    SHA256

    9aee05d94cab147521dc1c78a3f5cae2e5371e1d2fc4a41cbdb554e9c13bae6a

    SHA512

    c5a34d7af36f16d31d014bc11b7b823fe6b6cbee1266bca049bd974fe0be0ff68faf8b3bdaea12d5246871df31488566c8bfb31ead0a0f732df0c148249adcb6

  • /data/data/com.qky.arealracing2/databases/fx_dd.db-journal

    Filesize

    512B

    MD5

    a27bd8f0ba499c2f85dcdea3dff93d10

    SHA1

    83403fad3d142eb1d34f4dcadc5658b5f37de7d0

    SHA256

    894e693e0f21a8fd34ced046fd2ff449c0f31e7faa2449b144e797b735a2b379

    SHA512

    6eeeb939f22f978f1e7731c8fd4c58d2a1b345e113e5dda544885ade4eec334d9d2a05117b39dcbfe037729bc54d61cffdac41464485e5836d62fa5a8124243b

  • /data/data/com.qky.arealracing2/databases/fx_dd.db-journal

    Filesize

    8KB

    MD5

    76c946734148df44156be58f78414265

    SHA1

    858fedf822ab5b985895c4f92d85c476a1fd21c3

    SHA256

    558498b0d7bbfb7c7a6e963db191530ade19410b31748b2e134f62fdfc484450

    SHA512

    e79e8d3961a0863b36db2e23680320ae570fe34839c702910a153af5f58c309c63b1bb6d63c048970cb6eecf8086cbc295a4faf073ddb1854f29d76aa02391cf

  • /data/data/com.qky.arealracing2/databases/fx_dd.db-journal

    Filesize

    8KB

    MD5

    d84700b58756c1abc3efaef2ac8468f0

    SHA1

    cbd9ba22db26f102a2b3d6df977d33935a1d19dd

    SHA256

    e35c7001b177ff57114d9642bfbcf8039562e060aee712a88ea918fb067560e7

    SHA512

    ff4e93c8a3f8603c04e6de940f26e5da3803ba54ec8843656bfbf3664d7f968081052d2d9ce3dcb8b04534cc6f097b01c1f59994fb51f73161673b32c106bbde

  • /data/data/com.qky.arealracing2/databases/fx_dd.db-journal

    Filesize

    8KB

    MD5

    5c82ee78efca4e730da4039d90f61b90

    SHA1

    2fdd66341de4c110f2cc2416f2d9dca7d56ffa97

    SHA256

    710b7d38117b279ad41a77ac9c12404e85471fd4a39e95b6669c5c7832a36015

    SHA512

    4b2f5658a9a674494fb12b8be0a4d86972989551f86476b557a216f18f19532af99efed2e7fc4667dbc4055b0b4b4fcbcf9c591b3fca1ddcf0aa4728510cc37c

  • /data/data/com.qky.arealracing2/databases/fx_dd.db-journal

    Filesize

    8KB

    MD5

    19ddc151a4492249cc6db9726fced20e

    SHA1

    7fc2ec3b1ddf98cfcfe440d566b9f63dec9226aa

    SHA256

    7f014a62705f23bf7e9a59da9575869db9d95114c18b8cbb38321886fb8037e3

    SHA512

    c6793726b433a870851b98cb07f4f8f08d46a28bfd3cc28bc8eca39ada1c8bb416a3de042885cb69c2ff2045d3b7dc671457f5b28b084a1e938994b602bfb17c

  • /data/data/com.qky.arealracing2/files/Mint-lastsavedfile

    Filesize

    34B

    MD5

    846414187252099435cbb816da0584e7

    SHA1

    2ca54a41b26340533690e48add283d8b1f438bb2

    SHA256

    29330ca9ab25c7f9ef70d8270d8370e094aa2a0d15ec7d30164993c65873a25f

    SHA512

    70e799aea664a81d283a5ee944227b90287096956dda67dbe28367e1462d2565518cbee8c4f914d89f86c7feefe5b7f7c8986387f34fe189cbe187b8ebebd7b7

  • /data/data/com.qky.arealracing2/files/MintSavedData-1-1717341067902.json

    Filesize

    566B

    MD5

    7bd19fb9bf9e09cb26af06606fc777eb

    SHA1

    f1d528407eaae497995be9a6143efb12c5799ce7

    SHA256

    42503db351a8f052e57065c7dcd371d950f488fc11ea2dad81cf43e7339cc724

    SHA512

    27c11957e3d209b7f2d7d50072441a6dc2c76d63cd3f16b5f88fdd5dda81b860156683b69f1a198dd3d2b896613a7f5709f8118a6e3ed8c3519462d265c8bcd3

  • /data/user/0/com.qky.arealracing2/app_jc/fp.jar

    Filesize

    171KB

    MD5

    6ed19d0fda7f59cdc1d8f6586a3b3ed1

    SHA1

    843e50f2458eb8946a0452ff4e6fa3e72d277cd0

    SHA256

    1920b1320d130034aa987dd20f9f222b9787caed651a0124abfb3657891f965c

    SHA512

    8b593f3ce06874fe840b1b1ce06f0a8a0e8f89240ae5211e3225bd2ed8d5dc43a4ce6ba0f69500eb3e8195c79d6e4ff3f0b15249def27e5254f28d6807009a5b

  • /data/user/0/com.qky.arealracing2/app_jc/fx.jar

    Filesize

    176KB

    MD5

    73f49c3686814005f266cc14e24fce54

    SHA1

    fb059dc5248a7334ab947be8cb19876af04657f6

    SHA256

    5e4887211cc909a540e71a3707e9f895fb2a98312f12989585ef7fcb87fa0fef

    SHA512

    6133b74b7ad68e559c30a8b67077f8c5bd45c4502c0d5d7bfec2978ca83490f7ed12678dd64be5e79b2fe88665068db73325eb0efc9973ff6b4c6687087e981b

  • /storage/emulated/0/Android/data/com.qky.arealracing2/c2.zip

    Filesize

    21KB

    MD5

    d14ca1113a0e79962b5f2ce86188fcbb

    SHA1

    95aa1ae1169812f065f3ef78a7cb88342284c25f

    SHA256

    a35c52e87a9639512d93e95199358dc5f01f8c2c1d67a22000bfdb6cdacdbd7e

    SHA512

    14b799b7751be9780fc19bb5541f840e4b953d3cfadd49fb6eff044015ccb09e3885fb8a8928d4304dd72e5a298127d21d36e7a7b7043194e7f00b20bee7af00

  • /storage/emulated/0/Android/data/com.qky.arealracing2/c2.zip

    Filesize

    55KB

    MD5

    925c4be52ca0973bd2b10cd8569c3a23

    SHA1

    a7b189f3557c4461fdffde2ba888c5a815fb1a09

    SHA256

    704d15dd2a5de50f6b2076d3fd4ba936158703634190333e8ff2475b7db3d17c

    SHA512

    1f02714df0ec9c2375e39d310e031d7ab883986c845e0ac11656022b0b21b5fe4c0e5369b286debba7861b7d44d8387b0a448bec55e174cfee184d8b3b9bd4b8