Analysis

  • max time kernel
    177s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240603-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system
  • submitted
    05-06-2024 19:08

General

  • Target

    98fdb47121935e5c7b61250dc501c3e3_JaffaCakes118.apk

  • Size

    1.4MB

  • MD5

    98fdb47121935e5c7b61250dc501c3e3

  • SHA1

    d054c042b25723579fd0e54775e86e94e7549d77

  • SHA256

    106242de5841d95b49f8cf14ba0804ab234d773b557d4681f2009f6869a79495

  • SHA512

    0d30d0df806e067082dee6f3296c6c8bc105cd6ab77c0e44c25b85be8352c5466dc174d55da2d6d0317906279dc595c99ba710a09412ec5c91db4eafcf7ffd73

  • SSDEEP

    24576:QEaFmFN9v46flH2UIbxMeh+CY87waIIj9CqkMnFP0JORSAireJK:QEaFmL9AcMJY873IG90ZcS0JK

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.bjin.gamemaster_main
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4557

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar
    Filesize

    276KB

    MD5

    9aaea567e0c93e51718ba7eade0e83df

    SHA1

    0005116aad1779361b70093db00fed5ac090ae23

    SHA256

    b30a95dff6f65f444472971c8aaf895ffc8e66e0117ce242ec4cb8a8a519a5ec

    SHA512

    2aef1034335d8752f4e25ce6c5823ce03019536cc6e51ee61b5291c77a0f356a2517e0cbe7f2c4cc2d897115dc856449a342cfdc247c9d34d313187d15b2f890

  • /data/user/0/com.bjin.gamemaster_main/app_ttmp/t.jar
    Filesize

    587KB

    MD5

    f72c3d07507c3e26d317e9117ba757d1

    SHA1

    cdede4739e9dd9fd95243aab5e44c24f93f825c3

    SHA256

    1c65834d9ca018c6496a8b9957589d0e94657911b6635dc21a448d78f9238887

    SHA512

    3420714252e7503abc13c99274d767b0bc08671d769460dc61823ab9470e145fb75c5dfaadc617d3a05cf251ed5ecf38ea7e8c1d7b343bca4d7e8296f1b805d4

  • /data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb
    Filesize

    72KB

    MD5

    ee8514bfd1c7734753f856870a60a3d7

    SHA1

    1fc55e310a84a060e51079e59ebad1b84dc5338e

    SHA256

    8eba0f67fa317f6d741e950b023c2ae6607ff94e906dd667638ad87f8a191d15

    SHA512

    ea586cd9a5e1ea6cc484914e667c2a72039c8d0dfdbe707a3f4cceb51b5e5acd8d9915c8d95cef70319ec49f3bb591e64ac361585c05d19d3cd241b682c9a8ed

  • /data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
    Filesize

    512B

    MD5

    b9ea3cb58ccb83b58af27f0829b34412

    SHA1

    80fc082c6a14349ebbdc6f396190f4aa3389fd35

    SHA256

    7cba7160f9140bcbbe54d47c57a8287f1f09d7968319313e4b070e3229471dd9

    SHA512

    9ba4f3a1dd755c7ec361e9161e200453f646873b997e520f3ad4ff3f89d5cb57b71141081245243c0dad071209f051a8acd1689cdf92f23fd081c6d1a6419d58

  • /data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
    Filesize

    8KB

    MD5

    51e5288e5454115f0dad154c9f0f84f5

    SHA1

    a387699bf0bf456cf5783ea4ad847184f326e1d0

    SHA256

    026c8102efee3f6b777c4a1aa7c1889d2f66e5889cecba79c3eaa9f438e49be5

    SHA512

    47846733c1821036192b058a6738f91375414138ee3921e030c7767a889bcde0a015bfe19d46c8a0b899464844794f0505fc64d81e01a433a314dbafea9aa466

  • /data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
    Filesize

    8KB

    MD5

    e4a29b5ed0e1726e2c4421c8f0ca1d22

    SHA1

    5c59fd3236bdb1ee51677ce3ff9127543ff43d53

    SHA256

    fe76a924c3245fce7e392de82616e49db48e05ed14b6f3d3a9d6e4eeaa3bfe98

    SHA512

    9d4a7dcfe8a7e047df5dfcd7b3049a1c0a363fed2508d19b5bc76ef8d975649e80a737acd83318f76fcfaf80b6cf482a2fd7991615beab04c79affc0ded6c9a7

  • /data/user/0/com.bjin.gamemaster_main/databases/com.bjin.gamemaster_mainb-journal
    Filesize

    12KB

    MD5

    69bb3318100588f0247b996561ea840f

    SHA1

    c69fd3c132b2fafeb03b3c48a9c455490108ef2b

    SHA256

    06fc6256456e9bf9d615654f5e61ad8b62edca71fc67fba35825ded904487ae4

    SHA512

    8d4d9265fd0da44aa0ce8b41ceafcc2715ed5abc122d33c4cca04e341209926955cb680085c8d9e847957732e90cadecd101cd506b8fdfb34bf394f3ca8ca511