Analysis Overview
SHA256
74ff8d1ad8450bcb636ab8c590eabafbc339ff40fc0a6ea3ad6342f248c7992f
Threat Level: Shows suspicious behavior
The file 91259f3c92e136a5326b9b2500433eea_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks CPU information
Loads dropped Dex/Jar
Requests dangerous framework permissions
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 08:37
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 08:37
Reported
2024-06-03 08:40
Platform
android-x86-arm-20240514-en
Max time kernel
179s
Max time network
148s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.headupgames.bridgeconstructorplayground/app_app_apk/bridgeconstructorplayground.dat.jar | N/A | N/A |
Processes
com.headupgames.bridgeconstructorplayground
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.195:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
Files
/data/data/com.headupgames.bridgeconstructorplayground/files/TrzqqcDfq
| MD5 | 304d468bb1ddfbb833cdd8555b4372d2 |
| SHA1 | cf82325cb767935d71d56481d09711d060aa6efb |
| SHA256 | 4fdb5c1d929f9d508df09cc23183ab8e967e7adff4ae0b8d4afdbb75d5523372 |
| SHA512 | 6f99ef1fa4252497a76cf7fe17c8e045a7c752116b2a3b68292c8130186aea605155e0e838c8d90f046502683f1346da3daba4a79d29571404fe964a8a4e476f |
/data/user/0/com.headupgames.bridgeconstructorplayground/app_app_apk/bridgeconstructorplayground.dat.jar
| MD5 | c5175d33d0e809a662c85a9a163cd6e5 |
| SHA1 | 68db29bc71ec2ed0d0d3c211867e964ca49be62d |
| SHA256 | 4d4cc16aa973e24801fd5546877ecfda96a62f3eb24c1c59459ddf870abab4ad |
| SHA512 | fd2c8f82fdb61a7d063634f1100435e2d61b5a901998c048c5b11a0606b0b8538a46cf05c46b8c0f278a396a56702ccf862f25fdfe077fa5cb0064ad5a9c451f |