9a4409031523b93c97f46f91e2764bdcb714bc637fbbf8b7d9fe6cda214ae770

Analysis

max time kernel
45s
max time network
185s
platform
android_x64
resource
android-x64-20240611.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
submitted
12-06-2024 13:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a0df7ae495ce9ac6e84699c02aaea9a3_JaffaCakes118.apk
Size

6.5MB
MD5

a0df7ae495ce9ac6e84699c02aaea9a3
SHA1

ef5e58b2010a4cbd87ea0de529c5e5f84a53025c
SHA256

9a4409031523b93c97f46f91e2764bdcb714bc637fbbf8b7d9fe6cda214ae770
SHA512

76e5599e26d0e918a169ce59497df26c2beb51ac5d209fb5ca440d6a98b8fe6d02a863d5dd22b1ebf2e38c19e1ea492b30ae6c3b6db75082c4438458f3be32a5
SSDEEP

98304:lOEDdtJxOk690v93gfIj8BpZd3hcqE/erIRza6df+M9OLaSzmWjqCH6vCCgi29ja:lxTOk6U3gQjabxc9LzaUr9Ou6JqCGCxa

Score

8^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.bkidshd.movie

ioc process

/system/app/Superuser.apk com.bkidshd.movie
/system/xbin/su com.bkidshd.movie
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.bkidshd.movie

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.bkidshd.movie
Acquires the wake lock 1 IoCs

Processes:

com.bkidshd.movie

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.bkidshd.movie
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.bkidshd.movie

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.bkidshd.movie
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.bkidshd.movie

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.bkidshd.movie
Checks the presence of a debugger
evasion
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.bkidshd.movie

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.bkidshd.movie
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.bkidshd.movie

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.bkidshd.movie
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.bkidshd.movie

description ioc process

File opened for read /proc/cpuinfo com.bkidshd.movie
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.bkidshd.movie

description ioc process

File opened for read /proc/meminfo com.bkidshd.movie

ioc	process
/system/app/Superuser.apk	com.bkidshd.movie
/system/xbin/su	com.bkidshd.movie

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.bkidshd.movie

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.bkidshd.movie

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.bkidshd.movie

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.bkidshd.movie

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.bkidshd.movie

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.bkidshd.movie

description	ioc	process
File opened for read	/proc/cpuinfo	com.bkidshd.movie

description	ioc	process
File opened for read	/proc/meminfo	com.bkidshd.movie

com.bkidshd.movie
1⤵
- Checks if the Android device is rooted.
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:5068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.bkidshd.movie/databases/dbbobby.db
Filesize
248KB

MD5
3489c502f94f1a7add92be4e63db8efb

SHA1
34d2db936e53a57093d7d0eae668c831f341c263

SHA256
48d47b8b0ffad165ec4fc22eeca19ae869437cbca82b6907d3982fab2478edda

SHA512
6d58a2b342cdbd0a244b59c32ab002566aea34dc4073fd56e96017140b1665a052f214e2990df49725ed1903488f0bef1e07798991da6fff9359b28a668fd92d

Download Submit
/data/data/com.bkidshd.movie/databases/dbbobby.db-journal
Filesize
512B

MD5
a5ee6ab04e972dfb6b201ccdd0aa9fb4

SHA1
23536686f99987dee122902dc0aba843a0ed16b6

SHA256
942bfe5e1086bfc369c5d075599b3537a4998e4fc5bc29019c0034597cd85131

SHA512
5dc251c50c25e1e1412c7a4ee163aa222acec19e52982986982b65704094c55e50dfc4287c8cac865324779fa2e5ed4c31b26a49406a26faaf6a373c09f744d1

Download Submit
/data/data/com.bkidshd.movie/databases/dbbobby.db-journal
Filesize
8KB

MD5
dac85ae0941b1b744d9ca001bad01ef0

SHA1
559721aa4d40d1b479b55d4935105b44686db781

SHA256
d0488618a6e2d5abc4cf756d4f189cae591051046b54747ef323aec8f65feb99

SHA512
fa9a8a465dbf87a510a31ce6f7a6cc034e2d92701c6575ac3fef07199f344c8b4f93f15be6356780806d39502c6934ca9d9139a0463141a242534d86ec4e065c

Download Submit
/data/data/com.bkidshd.movie/databases/dbbobby.db-journal
Filesize
8KB

MD5
a4a88f1c1f05790a1c9b56a0f42a3a3e

SHA1
3c3de785da9eb0afd6f93830f3b980d0327abf5e

SHA256
e5e5c7eb69a5f96417a1c6b6f059c7adf1f3ca80e011131446dd4dc6dd7c47e0

SHA512
2a22e0bfb638a7c8bb560e7e2289b222bb5d7bd79e60ea32ecea525c708dc85d724aeb39e8759532bf387e98c1b048d103d5be976e458d80129a55a519da11c1

Download Submit
/data/data/com.bkidshd.movie/databases/google_analytics_v4.db
Filesize
28KB

MD5
b23af8fa12c8087ef2e7bbbe667a7c23

SHA1
e5a279bbb57f7f498695eea4535f9025a20d7107

SHA256
e66050e2a763993c2c7cd40acd1bcdf8a4168c6f60ecf3461ae3b7665b3febe0

SHA512
b3e13bd58461c736d8359b309d8b1cedb1d3759c12b8eac1d7eabfbbbcc72f21c7d06b7b54c960ab83bdbb109034fa03f9f2a4064d1046bd6d3e8c2a075426cd

Download Submit
/data/data/com.bkidshd.movie/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
f09a5592819d7f0e1e99ec0027f9e073

SHA1
302c07a4e93f0861a12d8eb3e41113089f8487c2

SHA256
6167209023dbd345a5a95ed23e68632e8734fc62c2a073f2a81d8224c4f9e746

SHA512
89e4ca609b3ceefe2c784721d6f1fecb4a532de738f790a3cc616cd3212d544576bb86dae2ea0595d399910b338a9a095609b114ff8b6eeb638e834be5300dd3

Download Submit
/data/data/com.bkidshd.movie/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
6b5a60ed32ad71a4365c397a7013fe52

SHA1
1f881c05bcf00adcefc95350c11efa3afa880801

SHA256
764aa03e35821b5f9cd03ce558cf94156c0a646353df78327eb9b4c7c175e0f3

SHA512
c064c76072549fd43ee906db66a318f9d2bee1224ef2fa7f1259cdb706b1262f6ebe9e1e0d089aa9b68aa70e0e75967a430f1f0531c1886c9d74e36f9953a95c

Download Submit
/data/data/com.bkidshd.movie/databases/google_analytics_v4.db-journal
Filesize
12KB

MD5
308696d767f619fc69ba9d8a2b751993

SHA1
23ef222bb5e32e8dfe4fad6a58b24f1158fa2955

SHA256
8f746eabcdc39dc556e985b1a9ee9216f89f5527e58c4135053d1b42ffca627a

SHA512
543cd49e44d6447e1dc9559224147b558ea691a3482491baa677c9bce2b327917e9581d840c755a58f158b2ee27f528e95f8fba4789aa3fcd768f3f44fba7bfb

Download Submit
/data/data/com.bkidshd.movie/databases/google_analytics_v4.db-journal
Filesize
512B

MD5
d8f54e1acb529fe3baa3fc560602ad1e

SHA1
2e47121b97bfbb7cebfd9f77f53fc30a8fab6f0b

SHA256
8250c0b053f172d49d4adf55c97bbc08ea8f0a00afe424cb111f2c4ee5ba4b71

SHA512
e50352affd26eeefaa8d280cc147e60bc70c29f1def60dcda6054e61a02a2f470156385c7965186f06810ea101180ab8a21752099a09b59009031880d8e4c79a

Download Submit
/data/data/com.bkidshd.movie/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
b1f1f420256712cc61c223ee3a73ada7

SHA1
e21d083e4dffe8df6474caf7074fb42480cb233b

SHA256
0edf8a9c466fe26fc53550036df365fde79391f83090f1b655bb5d7ca78225a7

SHA512
c3ef93eb7db496d5073a429c294e020b0695b602f54535cc19f1645e58f3240c0dd0982ff7ecfffd2c1ef6e4cc0b897d47a439ac74adf1978820c08295f742ae

Download Submit
/data/data/com.bkidshd.movie/databases/google_analytics_v4.db-journal
Filesize
4KB

MD5
cb9e157c4315255a3a0a6fce8cfbab3d

SHA1
a7f96502016ac3aef399adaa1fc9949891c7cd9e

SHA256
36d8c95b24c07483bce2b0af41e72b602331f80f32349673ba26f37d1cdcd77e

SHA512
c8c9ac940147f7528dabc191010dc6b563689909d0fbcdc6241401c8678555523ba41ea6c9e21769ff949f16841ef6ffdc92c47b0a249967b2d4bb6c94e3f387

Download Submit
/data/data/com.bkidshd.movie/databases/google_app_measurement_local.db
Filesize
16KB

MD5
f0b277606dc4d6a7695aa0357c53caaf

SHA1
79c378ef0a5207132c1b74531748a8e77931bbb4

SHA256
89df2bda2cb6e2e4ab645bf4f6937885d8fdadff8f3ea25fd51f3f367166b7b5

SHA512
294bd4937267610a0b823230141fcc750d0f921d9967827e15872b2090cd0646b105b71863b764e506652fca528bfede21969ea71b4e8f8bac127ca32cf1dbca

Download Submit
/data/data/com.bkidshd.movie/databases/google_app_measurement_local.db
Filesize
16KB

MD5
b7602f458617049b0a61b479a501afa3

SHA1
85ac94c5f8f5d7c20f07443314d1fb589aaee311

SHA256
334647613f2ca6d9ac0fcc5faa1fabfe7b28b2df377bbef9aaa988dad2b4713e

SHA512
078c306bca16529951ebbc4bc2e86e3b24bc915d5cab63733c08459f11024799d9787bee173e83bb3372a609221a469b82ce557087da753f589f2bc7cc2b8ef8

Download Submit
/data/data/com.bkidshd.movie/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
9200b9d46cbe280eec98e7045bc3e8d8

SHA1
3bcce5f621b9e1658bbed104d21762c3b3126374

SHA256
30d2db04029bfe80e65dc81f1c01b50f9258cac161ea0c4062b74e5614a82fa9

SHA512
248d66ba72868ea1d964034607d78976eafa26e083f858a992cd975bde7a28f9854cfce2aa317f456e62e786a806144bdb0b5a804769f08bbe6ee6469943ed49

Download Submit
/data/data/com.bkidshd.movie/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
4b33357b38f7b77169e7020ba0ce0dcf

SHA1
847c374dc3d0c5e97ad4be82ddaf5eabdc3ff40f

SHA256
1e2624ce76d158228232bf855b74a90ffd28ed6d65ffd9212f4c3d4c4bc15fd6

SHA512
7d8aa96852bb46af115547b607019a4dad55713ad514b7a04bd49e191afe7da33a6f40c7c3401d3e24a679b565ab6c94aca8db4f8e4c3a732c452e434f6a4389

Download Submit
/data/data/com.bkidshd.movie/databases/google_app_measurement_local.db-journal
Filesize
4KB

MD5
e5dd98a60c456d20ca992d797dadd3e3

SHA1
569b235eac1a7bc417a6e7b3926f22549d691d75

SHA256
18acfa4a6ec3f4d4fd805a210a81ad462082ab4d7800ae5dfed60aba4f30643c

SHA512
90a4919a610fa2d1b6ffe6b4d00b16cd6cb817768ba822ff6f65429057a8e6b1f77c75dd4636eef4f6edd0be5d925db0828ea6797bdf991d4cd3c592bdea2f72

Download Submit
/data/data/com.bkidshd.movie/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
0c9504e9ecd87a0df5eec5b1db45c831

SHA1
93c423dbdc51de9f587972ef960428c79a8d764d

SHA256
6afe0e5900fd4e3e954a5a97d8ee6a29ab8211fd799fe13a08a3df91d4c054e3

SHA512
ceb528a59a1f42c0d8a473246dfc189905860ab8d42a974fcfd788d10214081edfbc5b5f7035b7522f5f7d46bc7258faf62a091f71c6b33d9bf8ebd1ab2dd944

Download Submit
/data/data/com.bkidshd.movie/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
5b13b24923c92efb9baae73d8764950a

SHA1
3400455e01d02b2da5344f2535b8d0516798e0a2

SHA256
6aec9e0e8e6be63dacbe0c7dbbae21dea26f633be0f940f780412f375403331e

SHA512
f6500336bd8f34137772664c3fbb7df2ee75cd04a94fb76432edeca271343ebf1fce4311bfa40860c14879315cb49260f8a1d6af8cb530966813b3ec09814da9

Download Submit
/data/data/com.bkidshd.movie/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
06cea18155e714710f17d74960726391

SHA1
341409584adf3ad567a2c3f630a739db37592eae

SHA256
51a367321e4d20e06945d6df6c7a4d027bfec2bfe5db5be492641608df17bb01

SHA512
76d85ff1a105bb00f891f1f2a4cd1e8ef85a0f321b36cd7fac6332a93a96b08a3dcf656a0e00e73137016fd0101aeca09bc489e7e4e33726d28dda71719ac310

Download Submit
/data/data/com.bkidshd.movie/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6669A6950340-0001-13CC-6551C2177011BeginSession.cls_temp
Filesize
79B

MD5
d6024115894cd4fb642f98e2bfb9ece9

SHA1
88d9d57daed3b07b835acccd6bb538d6ff4cfee5

SHA256
b7203aba9ee9e0f32cdf6a75a97727e1fb7125fa1e1b5092ac7d99ca604b88fe

SHA512
2a9bafdc23787732173512e6f91feba338869761c089fb5f4822813392ce9f4ab243f9207ea6bfc068bafb10f5a5a96f9b8b52bae58e0cbd3afebafc5a409057

Download Submit
/data/data/com.bkidshd.movie/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6669A6950340-0001-13CC-6551C2177011SessionApp.cls_temp
Filesize
111B

MD5
e0cdac3b148d06d3fd96aec29f6756a4

SHA1
c1d201526ebd75f72d7c2532fbc74a8f1c9831b8

SHA256
8946c234a84c43cbd3dd881e0a71f136587e6d5dc36f68159206cc98df9f14f9

SHA512
fc9e1cbdea74597713f74e6da8f2d84ac57af46a633ada28e809bd95401efadb0861d825f73cecf27989db476d8d575f0f9a93d559e8f4905e6d4eed17e03cca

Download Submit
/data/data/com.bkidshd.movie/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6669A6950340-0001-13CC-6551C2177011SessionDevice.cls_temp
Filesize
131B

MD5
02950845ced94304999ee30dff372fd7

SHA1
ac9243af747f30435d926a7f983442bf40871c2a

SHA256
d189f846a9ea627cdf5a781cdabb930efedcec4113073461fb9e07ae1599a1be

SHA512
2b0fdafffd7009dcae5f3ef6df3745f80668f15bbbe471cf56c8b96ad038fce9514cd061caba12de188c3279dc0425e93a6eb15a55f637f16ac3aa077955c575

Download Submit
/data/data/com.bkidshd.movie/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6669A6950340-0001-13CC-6551C2177011SessionOS.cls_temp
Filesize
15B

MD5
2566d27ce8c28d8961f082c375d7535e

SHA1
92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf

SHA256
5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a

SHA512
1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

Download Submit
/data/data/com.bkidshd.movie/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
515B

MD5
3a7b93d64e133e12b66bef29c4d515a7

SHA1
f6579ddb8b720d47aac69aa888b7b5b43fd528a2

SHA256
d0b218d41400de3f55284552863f09d25c2075fd882497420c16f6cc5ab1f151

SHA512
ee7a121dafedbb6ea84149934aadc6eda9fb9e040d6e8868f4127e50eaa55862ff8794a83777cafe88a3a01c83988fd9e97fabb6028332ff976375cc1628ff9a

Download Submit
/data/data/com.bkidshd.movie/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
1KB

MD5
cb7941e845d13063d96112401256962c

SHA1
591c4dfea4343ad1569d8460993cd47f8f3fa50e

SHA256
1cf5572105dcaa7955dec9bf1c0ebbc7d10bc77a3af89eb63cbb54b999f27d0e

SHA512
88465cee2e40ffcc86499a13d1e71a8eb3556ec2136432167c2e5a66970491d2ee23d587ada377f507193063447147df79b130faaf4f03e11dcfbea244b38233

Download Submit
/data/data/com.bkidshd.movie/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.bkidshd.movie/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_63172a1b-b9bd-4e81-9a98-1afc00f2a573_1718199965334.tap
Filesize
397B

MD5
d33c020f9f19c525ad64ef186be05d0e

SHA1
a55ca562546969d96a3fed5af7ec531af0f5f622

SHA256
78bf12c52aed52550d0ef9f842f97fd23c88ee6bb41a4e11cbe1008244be8c73

SHA512
34c9349149fef477f14b23f4abeac9d378efd4570db8eb8cf2efaf7e2c19ee138076c20502b6836e541cba913ea02070d134c68e218c4c0132949532d4066053

Download Submit
/data/data/com.bkidshd.movie/files/gaClientId
Filesize
36B

MD5
3182b55b6ca033c629cb69933c06f383

SHA1
56ddc2790809ae6999bc7f7217e6b36157ed7455

SHA256
f5aeba038060583dfdaa71851cf178966cbbca4e25fb2997a3bee6f84ba3d96f

SHA512
f556f3020d60f6ff5316a70f502302572b785429adfa6d44533cb6589c7eff7a1cd7c0a94b51ed35b07a0f657b87122d5b8ed65c82afbf8231144b45d799a82f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads