Analysis

  • max time kernel
    177s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    14-06-2024 22:45

General

  • Target

    abd4fbe636a55ac5bb053d95dd405b14_JaffaCakes118.apk

  • Size

    29.9MB

  • MD5

    abd4fbe636a55ac5bb053d95dd405b14

  • SHA1

    ce4cd9407dc986cd7d1c39e1b906fbb4414ada9d

  • SHA256

    d81b4b850953be52510e319e641cd1655ed667caa76f62842b1b06a323bc3dab

  • SHA512

    93a43a4dd8a699efa7d5ebf02f9fff49c156a958830cbfc4d096745ce2c22f1e1eea0896a1dfb1f6b928d35defb854903ef5a545c0e9367464dbe041e3e5327c

  • SSDEEP

    786432:vjUIdkzEmamKZ2/Buxk38+DhiEG96kaTD0yTfPu1:oIdkumH/Yq8+s3969MyTfm1

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.redantz.game.zombie
    1⤵
    • Checks if the Android device is rooted.
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4268

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.redantz.game.zombie/app_fiverocks/events2
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.redantz.game.zombie/app_fiverocks/events2-journal
    Filesize

    512B

    MD5

    c33aab2f12f7a5a46957ec4c671410b8

    SHA1

    14a58d2af7cbf6a52b35304b10bdf765ff021e3d

    SHA256

    7921e3df35b83304f73ff65d915d36cb0b53d4792440f8f3815d91b078f13767

    SHA512

    19ee674a0bab86765fce265ef6439e9b048d95be5412379233beb4fa311302e390d0ae47d7dbc5f7ec40c22822ef90be0b193798f03eadf57ae9f292487ce657

  • /data/data/com.redantz.game.zombie/app_fiverocks/events2-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.redantz.game.zombie/app_fiverocks/events2-wal
    Filesize

    36KB

    MD5

    6b0e3ccb4ab8bffb461476c05c535799

    SHA1

    822e0c3e2402e29730354cabf0730dc954c3a8aa

    SHA256

    f839b7ce838ea368b143e958ae880f888567cb32f2fa7711b73b6142f1dbb2cb

    SHA512

    d4984670fa130d82bd4533e38611eef43f1afccda3658016a2e27856d2629818d4f101276feb09d8593bca6cc9d69eeed2ab46e6455b0a6f52a52482363c5937

  • /data/data/com.redantz.game.zombie/app_fiverocks/install
    Filesize

    36B

    MD5

    df473cddd4d6d68fd69f435b5a7d472a

    SHA1

    c6bf68b42c1a84e1ed5be74e48948c445258903f

    SHA256

    3a93a73f983bf1803e0eed17889ac50ce5e3c82752b8d824dcb8967c7c4595d0

    SHA512

    83c17769e62e59217dcc8cb7cff4a765bbdc93aa58b34c2837572f5998358cf53a19d1bd89113515c98d5d5ec1739b63bac046ecc3ed65ce001238335bee7ae1

  • /data/data/com.redantz.game.zombie/cache/1582435991586.jar
    Filesize

    9KB

    MD5

    e8e0527a01aefdb89afd2c508f131da1

    SHA1

    f1103e6b260c657ceb3d95f1b023af3fda8b133a

    SHA256

    f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

    SHA512

    fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

  • /data/data/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
    Filesize

    2.1MB

    MD5

    881ec613b4a7aee9fc4ccab0fac3500c

    SHA1

    98612188919b3a3778834264e0cf98c8f041d1d5

    SHA256

    0a397b5d0f04474cbdc02cd8993778706fcffcdf91a9a7cba8dd6e71e2852b1b

    SHA512

    1154aac87ac8555a48d0d22cbe09ba7a56ec4d3a835ad38c9ad1da52b9e388c04bffeef3dadd3b3b89f684d7ed892d66d6e8adabbe292311b88718bdda2079c5

  • /data/data/com.redantz.game.zombie/cache/oat/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709.cur.prof
    Filesize

    1KB

    MD5

    12b4c27e38097b1f8c4c39379a2d022a

    SHA1

    e0f7481555273657136338e81dfb5b22a4b3be24

    SHA256

    7e5c70bf57be92e9a6d1d8ddc5f525776c05537e54c10fbea7c9c1e82897fe30

    SHA512

    5a5418202b5bff200233659a60e9a54780b9057ea930730e3c6ad048dc0049f305906e74624ec722555f9182c414b721c37b6744cde713b0aa3cbac16b74ffde

  • /data/data/com.redantz.game.zombie/files/Tapjoy/Cache/305e92b552f0b149f572e401c5e9b4fb1d1c5bbf57888f31b39e47b04b42e92b
    Filesize

    3KB

    MD5

    5de4c723cd74e72aab3768c822b59f6e

    SHA1

    6bcf0e7641be9d5f6a9a360239ea17180c5c24c4

    SHA256

    634117884ad6e001da18755836bfb8a3ab8140a00d8e8e8a5ff401fb8fe31a4d

    SHA512

    f3d074e6fba27f33522f58efbdcc07ab5b01ef3c7f86ad62ed4fb15a25441e8b915f9a5160713c01ed4fba74dafbaf0523f2a172a54e5fd8e8008f3799b426cf

  • /data/data/com.redantz.game.zombie/files/Tapjoy/Cache/6bce43f65203077f42b45d0b80f9e1168cb2b4c8d1c563e4c9d69ae8473b83c9
    Filesize

    105KB

    MD5

    7395d5aed853676551ada33de073ab7f

    SHA1

    bf7fc45e83a981bc9514df725145ac1245cc4ed2

    SHA256

    4fb565c9d0bb9379c355f356a907ddddb352b953a35fd345d7e7996d00d2c141

    SHA512

    b49d528472e4d9b16dfe5458e99128a2544714c77c0badd232e981da05d7825914b2ac92b5d9b360ba8191c4e0e1ade0af2a0d2f0346ee9828a18c29967cac6f

  • /data/data/com.redantz.game.zombie/files/Tapjoy/Cache/72cc2ce4c849a74a571306657b38154530fc013c5619d2756cb44006b71281df
    Filesize

    23KB

    MD5

    cebd2eac9e5d22dde187020b1456ba55

    SHA1

    080d9bf7be8dcd1d0be2db35b9f377313e2ca64b

    SHA256

    d65370d78e962ec8db098b0209f1de275bc20df21e4889a5ace5c818968c4091

    SHA512

    3b90a1944af8cbd4f15b2f2c8963e69e3353b47a0ad1205ca79bbf630efd2a66f9e1fd66a3a862bbedc997af3ed29cfd9dde4eb6d2056aa074e24854542a9432

  • /data/data/com.redantz.game.zombie/files/Tapjoy/Cache/72e3484d76ffd0256ab079e173aa17b6bc094528c1656c98e57a4578c449656e
    Filesize

    9KB

    MD5

    5937982a5c3eb5dbeee289f28b2ce0dd

    SHA1

    8352eb673463331cc673f61a116bdec8e6c5da6f

    SHA256

    b280da88ae423243813a609a714cf1afd38cb2926f81ee8c34b69353441f3412

    SHA512

    4d5de0252a4266e94ada5d54a0b1f21106e6ced6b1c3556d2e775e060fb064b0aa4f788da73d42ab5dcff369e7120ce59e2b8c5c051c9e09c2974ab3ec636fcf

  • /data/data/com.redantz.game.zombie/files/Tapjoy/Cache/a27f8ccdc8168cd94c7600ec4ab3b6d1b78512555a57b9c5b879ee964d89b1f4
    Filesize

    850KB

    MD5

    67393e47821fd53c8b37ec482bedef3c

    SHA1

    6f6196b5f79ed21578f01a097abcc3716d013668

    SHA256

    5c9092ec37f7c56a545af4e1b63c313bac2384970d4226fc89dfb908d3b6ddfe

    SHA512

    81a69f3c69b1d9fe4e4942634951670677a5f7d6268cef201587629775e29b62e152b1e1e0433575605398f18f9300f494882db912a4e30d6ec364569f00b763

  • /data/data/com.redantz.game.zombie/files/Tapjoy/Cache/b7836f6048295e919fffb37194701696dbf248def687a7c4dc2852918a7c030a
    Filesize

    1.5MB

    MD5

    5049f59d60199d15103da59a225a7432

    SHA1

    025eb33c46c3617e652e59d89e0fbc751cba0375

    SHA256

    1505943aa24e94fb01c2d09b2d5863b74be3392ca987a65fbcc951b9bdac7454

    SHA512

    04025ce55f9408074d8d19af1e005385ffd52e3538ebf4f6e1b46b781014ba1c7cbd5199131e6823e51d0503ff20b633fddadfb94e7d8adf3c5269dd8af76495

  • /data/data/com.redantz.game.zombie/files/Tapjoy/Cache/e1f9674f49d43c68038e13a9448588c07c8150956636e79427eaa80449f002f3
    Filesize

    4KB

    MD5

    c46a4afc01c72523d169a8d41372fb70

    SHA1

    ed24b99e499811bad855182f5e363288ccadcdc2

    SHA256

    29742ad431270e06b41ac4bc321b7603ac6aaa32aecf2196effba14aa07e2976

    SHA512

    9b1165308e4afed0058963a53fb52099e9c235e44f64979bdd741a0d55fa956a33763cbdb2a38432edd6f4c372c7a4cdb915515fd81bc7bb01257b1ac232eaba

  • /data/data/com.redantz.game.zombie/files/Tapjoy/Cache/fe34bfffbcd29b1755f133c19aaf4621aef426e082ee6ff530f12b91de36a0bf
    Filesize

    49KB

    MD5

    ef998efc9d10eef6fcd3d5dd8149c84c

    SHA1

    1c5089ba85c24230fea9b646e7c860354f71a03d

    SHA256

    a84b4119c5ae21da53194e5dea2ee3f9bb12e51da81dcf8f1823305603262ee4

    SHA512

    d3c937fc1aa8490d5348a73efaab7d28f1af4e20b3e43189364344efbf6abc2e2d6ed6dd03116d014ce94346265e6c293e01545bf246d57d8ea477aac47ec3e4

  • /data/data/com.redantz.game.zombie/files/Tapjoy/Cache/ffb52b85291780d3d22d25da0d2f96427b82b4497fe944ba2902da1e779b1007
    Filesize

    294KB

    MD5

    2b205b382cf3df60ede9f9d4532b923e

    SHA1

    6ecdc72f90b066f51278e36d5adcd17524e0340a

    SHA256

    bded4e27c96cf731831a123e8cc96ace17cf2ff608a85407b1cba6971bc78dbf

    SHA512

    33ba92c30e779ef1fb4d746c90b642bd6b7d802f485a44580735af03434d334c37d76116d63c9294d3059ebd535603baa068c3db19df25f7b1b4e740d9afcea8

  • /data/data/com.redantz.game.zombie/files/UnityAdsStorage-public-data.json
    Filesize

    2B

    MD5

    99914b932bd37a50b983c5e7c90ae93b

    SHA1

    bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

    SHA256

    44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

    SHA512

    27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

  • /data/user/0/com.redantz.game.zombie/cache/1582435991586.jar
    Filesize

    20KB

    MD5

    fde2ee00cbd121cfab5290b078aa3ceb

    SHA1

    e2b77d5320e155e413d040a8c20020962065b2f8

    SHA256

    2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

    SHA512

    a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

  • /data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
    Filesize

    408KB

    MD5

    09090675f907af2982ab884d5a2d5fc5

    SHA1

    a61963a69f1f8b3eb4f4732a411c53161dc5bc44

    SHA256

    9057dca92fb1b7ddd6c7559bb737912099947609005aed33d1f64b1568de518a

    SHA512

    9b179480d352705080271d3a85546e8a6a6fd30a8914e5affe082d859ba0cab49290b8fc5cc63a69bfd421537fed5229e76c4d0a092b1f66e0854b4c329ad28f

  • /data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex
    Filesize

    4.5MB

    MD5

    bf9e9553b1aaf327bd903e68fa73a327

    SHA1

    5deccb0f474cb1f72d3a221f2fd501ea00f70dfc

    SHA256

    c98adff68ea25b3ac46c0a4f04a1cfcf84106114f52409bbba09f1821640ab8c

    SHA512

    991cd548529f9ae3604c019af31235699802762270212a7239622e6678592e6751bcf506630f81cf214c0d87a8f6f220d304c628e19988f2fb3a4122d81fb26c

  • /storage/emulated/0/Android/data/com.redantz.game.zombie/cache/UnityAdsCache/UnityAdsTest.txt
    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

  • /storage/emulated/0/Android/data/com.redantz.game.zombie/cache/UnityAdsCache/UnityAdsWebApp.html
    Filesize

    1.9MB

    MD5

    e9ade451abd22e54d9e775cada5d9dda

    SHA1

    2b2f315e8aa60587efb51a3b52e86e57763312fe

    SHA256

    531bbd57154753e5e1b3af8c3aa77b62aaa99aa4ae760dddf2a9940c702494d4

    SHA512

    0ded12cf4852bfea9e60337182bc7037c63b4a6d9b35d1aa6ae7667606b882d43208ac14f519ee2149a1760ee1b2f8effa12dd0be39facc0807cd2237c077ea7

  • /storage/emulated/0/Google/google.id
    Filesize

    36B

    MD5

    8e94f7b283b3e5657d8ea4f4fd400705

    SHA1

    c20cebd057620c7b5defefd1ba943ac43719418f

    SHA256

    1d77951ce164e0232460b95b1978e73e92bc35e2bf17c9464a7eb0425d1ef699

    SHA512

    83f0c9d595b3008718b3732dcaf4d323d5b4bec77f2219c82edf6f1f77c983eaa1548146e8984a27406ce13d7852bc82391679a41a4d991096f6172c5e55e419