Analysis Overview
score
4/10
SHA256
c3121346f0c3a823452d4b5fd5b5df38f742ee65c107cd9831b05fc4d3a94d15
Threat Level: Likely benign
The file a6d2c79b65ee6b4a200489996d4ddb6c_JaffaCakes118 was found to be: Likely benign.
Malicious Activity Summary
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Checks memory information
MITRE ATT&CK Matrix
N/A
Analysis: static1
Detonation Overview
Reported
2024-06-13 22:11
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 22:11
Reported
2024-06-13 22:17
Platform
android-x86-arm-20240611.1-en
Max time kernel
88s
Max time network
179s
Command Line
com.roflplay.game.aiya
Signatures
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.roflplay.game.aiya
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
Files
N/A