67b31cbfe555b4fae735553379ccf4fb8e1eb5de84a4b84d85979ef7078f8b5c

Analysis

max time kernel
126s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
11/06/2024, 22:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9fc6d82bc3e35012c57dae30a5f37182_JaffaCakes118.apk
Size

22.0MB
MD5

9fc6d82bc3e35012c57dae30a5f37182
SHA1

9f3c5e7e36fd56e5a140208f0a95e6caf2e3cd40
SHA256

67b31cbfe555b4fae735553379ccf4fb8e1eb5de84a4b84d85979ef7078f8b5c
SHA512

8f0dd7049d87ff41a82f283533942dddbd0faaa27799c4c1e65631d8926733a08023642948b2c9372418b36b3d50e54a56db3128045a252c29ce5db8dab34fdc
SSDEEP

393216:Q/xXu0fpDV5IMQgLul3P9E92MAjOreK2MTZNl0xc0ZECQ:Q/x+Wp3IVgCl8AjoeKzZNCxcGECQ

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	com.abzorbagames.fortumo.poker

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.abzorbagames.fortumo.poker

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.abzorbagames.fortumo.poker

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.abzorbagames.fortumo.poker

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.abzorbagames.fortumo.poker

com.abzorbagames.fortumo.poker
1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4290

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.abzorbagames.fortumo.poker/files/.FlurrySenderIndex.info.AnalyticsData_HPBQCZRC93XHS5TQS3NZ_153

Filesize
42B

MD5
00db5abe9a5eaafae2854c4fafd91bd8

SHA1
3876998d70f0c7aee7890dab207462ded6b01d49

SHA256
7ee691c6829002f70fa2aadc7d5c23146f85752825d39364ff935d290382f225

SHA512
f6c9d8308b08c9979e0882726b83f517569ad1d0ea5d69620013c1f096e83c13676d3ee2234911ea59f8839dcd3a139c69ff20e5a47475c810362047e6c08b97

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/.FlurrySenderIndex.info.AnalyticsMain

Filesize
44B

MD5
a76ac65b35aaf144902e9e017191b2e0

SHA1
c4ea2aaa9202efb3bdfaf3e77a2bb4af603f26eb

SHA256
ce1bb83fba7f6bf0132954f1b0158cd41cbfbb13b7096e72fe71ded1cbcbc8bf

SHA512
363d32a06af734c37386c1af50e4485cddf9cb0d15ebccb48dff172c51f7e8e0c21ab56f48af057c340227dd71f21a440e3f2a4bae19b2ee034de3075983bb43

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/.flurryagent.45fe7894

Filesize
58B

MD5
cf809a7d739f5c2da7cdcd058b7c14b3

SHA1
7e49e96783ddbe6172c9dcb9ad02bd2878a8535b

SHA256
e2964f3d9154ebd6548a750450d4762714a9af2374f970773a5d50dcad1f0709

SHA512
4fd4c434866018e5e8b48c5bf411622a725983726c55715dcc29a3903fc84293eb832cf44dcefe4399727d21f43eeafd89b567205dc32008fb0eb80f3e82284d

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/.flurrydatasenderblock.0a945e63-cde2-4a1a-8d85-faaa8406d1ee

Filesize
277B

MD5
ab12494b74a2cc2cad6b249892f8ce19

SHA1
512386d2ba4e62537849fbba7ecc6277277c4131

SHA256
b746fb9cfc75b2d81ddf4a48c9b571975e679fce26bdf3aa30b3627bf8a5a4b7

SHA512
f2db24d87a49757c2d7de4c5b94f7e9e10fe7ba40fec3115a6d5c0e3ff4c4fa8c03a249f885ab2333f2ba6e1dae06d8f92c1cf98dadd89eaadd3af25fcea4af8

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/AdjustIoActivityState

Filesize
222B

MD5
7df5adc1e194299c4905cb6dfbbedf76

SHA1
6f819a3d943f892160b646e0bd6974e10cffc64d

SHA256
6963022a72f00c74b07feda24c504549129974dde0eb5a51d31bf390577b70f5

SHA512
68f155b6fcc84c931b5c9c436624bf921e7bfeb5e70db9987f77a2ab53973bffa2682ef11f3510c559efbf96a9a970886fe3a98640afcbd127c94d91bd15adf6

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/AdjustIoActivityState

Filesize
222B

MD5
269911e9143cc3b1b4425bc0c5fe19aa

SHA1
af21c77f343e99346f92cd70e64104dec392d32a

SHA256
715cd75a00192f3db28aa47efcacafaf34136516e014949722876f1187a74586

SHA512
49dbed97b23a55d41cb11209bda235b9a17c7f2f80845a887f260f0f89132e93840cc3f186177db49721783303ab189d3da97fffe988a561f579d0718d8513d4

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/AdjustIoActivityState

Filesize
222B

MD5
1d9b52a15a47ffe3952a44b5aa3ed8c7

SHA1
24dbc17de0a25794f3e6b30ce04c78a0882ea7fb

SHA256
0c356d4cd7da3753af6cf195cbe80abd13c2c083976403b556eab6c98eda159a

SHA512
e544a140b9bff54aae5715153431f375fb028a44fb02e1bc986646da0a04dda58abcd441f80f2ce88ff9c5779a00c94060aa0044b662edcadee69f103647165a

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/AdjustIoActivityState

Filesize
222B

MD5
497171dba3bf4e2a6b38c1115c789652

SHA1
fdb8ce71f9ea9580d94397fac548068f7bbd9a76

SHA256
d1e87505984a9a4ea8a2722f64ae99676a6e5c9abb68ea5230277003f1b26a47

SHA512
a1e6370ea74d1c49f419448b88ff2ad6ff18ebd46cd1cb91a427e9dc54f508faa8fc734ad8a485cd1631dd0a75d178ce3395725ee7a4189a4cd5277f78dfc99f

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/AdjustIoActivityState

Filesize
222B

MD5
6aca476e17f2d628b54d66f89f25bb82

SHA1
a38936c1b6308d6f9725f9c028323ad99976a18d

SHA256
61b7245c3d505d44af1460934743a8919619a93b57e074c2ed70b13b499b1392

SHA512
a21dccffdcee941266894672cc5dcda161867dd39e3ee06fac8c022af4f6a98d967684943a0514fa5f495e69a75268b825b52b7aeb313e74c86f2feeb272fb10

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/AdjustIoActivityState

Filesize
222B

MD5
5fb40d974135313f5ad2829a23e6f734

SHA1
fe16599d5dd7fd9978ec477b2dd7bea479c48457

SHA256
636301908c348c66c4a82b1375cc030ac7a9451f3334ea59aa15a94318a7d994

SHA512
2581f468a03b21862437bf8361a5f86c34b062b187f78c5b13fb2071c00b56fdf4def4800b7b89cf7a31b18820bb05711d334c77e6cb153d9b1a8b11eafb6c0f

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/AdjustIoPackageQueue

Filesize
811B

MD5
8ad14d91bae5ebcfd00ac9c104a74b6e

SHA1
fa5b500e58b064def1926d4b2e7404596dc073af

SHA256
2209d1954a4bd47ae24ecf960ac3f942c305dc694a4d91f9af41309547ccfecf

SHA512
71481971f5d600d5a9b365426b352206fc705e190a22d919ad480f423e0ff8cba060d2fe04df08e17a21164b24916f6ed226c7bb01ebb1e3eaf08aa7744dba41

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/AdjustIoPackageQueue

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/Gnip_1718145536863-78979

Filesize
52B

MD5
9d02b44e83646a3675227669580ef03f

SHA1
969f4b1563ff437f31ce27ae631ebc6f3032cbd0

SHA256
06e40f9977e7a8383450018145b45ffba6a3c0319300c71584c571c53fabda18

SHA512
a38ff979b66c45f7768843eed12c90d914490a4177e20f0a6090464d3ef2d413dd902da06f7b0a2a5445126aa96882678d51e476354857abece9406522ebca42

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/Ping_1718145534102-13292

Filesize
52B

MD5
224c0a0655ee617ae7b12d6550ceab9c

SHA1
9db4723c89f1e8cdbd3923f912f1ae75babffea9

SHA256
1d9791dbfac38c9d4240376f9c59c0386d310542b44056f384fa9dcb6612f422

SHA512
406cb7ad15ed6bf2dbe35266d812fce3dafff67dfa1258f40c08cad8685c65fbb247b1e940237e31ccf34974d7693376767415c8d2671482fbbd980043ccdc7a

Download Submit
/data/data/com.abzorbagames.fortumo.poker/files/Ping_1718145536387-42441

Filesize
52B

MD5
e621409f76addf31a438c09fe5500178

SHA1
3e85ae7fc380d594fe7d192cd53965d084f3327a

SHA256
6424101ddf80fbbb628c3e768d7abcb7c8388db2ff5b1c450792189d44775659

SHA512
0c5dadf5920fa24bee757518ad1d6f938caaeb67946b9da85c67dc33e7ef8f95e2d05db65ae8a9a2332744e4bcaa364d6ffee27f17d3be142734a152d6d9b4f1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads