58e2a0d2dd23351d4cf152122c017aa6806f2ad3a5d887378ef36893763f399f

Analysis

max time kernel
7s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240603-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
submitted
10/06/2024, 15:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9b3aab05c249ee2404b92bb641ebea15_JaffaCakes118.apk
Size

16.8MB
MD5

9b3aab05c249ee2404b92bb641ebea15
SHA1

3b8d276ef7dd5975c99fb25e3f19627239b68948
SHA256

58e2a0d2dd23351d4cf152122c017aa6806f2ad3a5d887378ef36893763f399f
SHA512

8efbf2ebe4c41724d34b95599a2198a52386920a2d4b8420cedd0a48520d07df396edcd69eaeff005b538444fa06d0a43d71e08f6a988da0a5f8b0f783d7c255
SSDEEP

393216:Vdeuu5ocyXhRehx8FAWKIEqWXAldmtPl46qT1o5SWgJQYYXBkAt2:Tu5olXhQmSXADYJguZ6AQ

Score

4^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.tradegame.airtycoononline2

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.tradegame.airtycoononline2

com.tradegame.airtycoononline2
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
PID:4277

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads