Analysis
-
max time kernel
177s -
max time network
137s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
14-06-2024 22:45
Static task
static1
Behavioral task
behavioral1
Sample
abd4fbe636a55ac5bb053d95dd405b14_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
abd4fbe636a55ac5bb053d95dd405b14_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
abd4fbe636a55ac5bb053d95dd405b14_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
abd4fbe636a55ac5bb053d95dd405b14_JaffaCakes118.apk
-
Size
29.9MB
-
MD5
abd4fbe636a55ac5bb053d95dd405b14
-
SHA1
ce4cd9407dc986cd7d1c39e1b906fbb4414ada9d
-
SHA256
d81b4b850953be52510e319e641cd1655ed667caa76f62842b1b06a323bc3dab
-
SHA512
93a43a4dd8a699efa7d5ebf02f9fff49c156a958830cbfc4d096745ce2c22f1e1eea0896a1dfb1f6b928d35defb854903ef5a545c0e9367464dbe041e3e5327c
-
SSDEEP
786432:vjUIdkzEmamKZ2/Buxk38+DhiEG96kaTD0yTfPu1:oIdkumH/Yq8+s3969MyTfm1
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
Processes:
com.redantz.game.zombieioc process /system/app/Superuser.apk com.redantz.game.zombie -
Loads dropped Dex/Jar 1 TTPs 3 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.redantz.game.zombieioc pid process /data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 4268 com.redantz.game.zombie /data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dex 4268 com.redantz.game.zombie /data/user/0/com.redantz.game.zombie/cache/1582435991586.jar 4268 com.redantz.game.zombie -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.redantz.game.zombiedescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.redantz.game.zombie -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.redantz.game.zombiedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.redantz.game.zombie -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.redantz.game.zombiedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.redantz.game.zombie -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.redantz.game.zombiedescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.redantz.game.zombie -
Reads information about phone network operator. 1 TTPs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
Processes:
com.redantz.game.zombiedescription ioc process Framework API call android.hardware.SensorManager.registerListener com.redantz.game.zombie -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.redantz.game.zombiedescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.redantz.game.zombie -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.redantz.game.zombiedescription ioc process Framework API call javax.crypto.Cipher.doFinal com.redantz.game.zombie -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.redantz.game.zombie1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Listens for changes in the sensor environment (might be used to detect emulation)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.redantz.game.zombie/app_fiverocks/events2Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.redantz.game.zombie/app_fiverocks/events2-journalFilesize
512B
MD5c33aab2f12f7a5a46957ec4c671410b8
SHA114a58d2af7cbf6a52b35304b10bdf765ff021e3d
SHA2567921e3df35b83304f73ff65d915d36cb0b53d4792440f8f3815d91b078f13767
SHA51219ee674a0bab86765fce265ef6439e9b048d95be5412379233beb4fa311302e390d0ae47d7dbc5f7ec40c22822ef90be0b193798f03eadf57ae9f292487ce657
-
/data/data/com.redantz.game.zombie/app_fiverocks/events2-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.redantz.game.zombie/app_fiverocks/events2-walFilesize
36KB
MD56b0e3ccb4ab8bffb461476c05c535799
SHA1822e0c3e2402e29730354cabf0730dc954c3a8aa
SHA256f839b7ce838ea368b143e958ae880f888567cb32f2fa7711b73b6142f1dbb2cb
SHA512d4984670fa130d82bd4533e38611eef43f1afccda3658016a2e27856d2629818d4f101276feb09d8593bca6cc9d69eeed2ab46e6455b0a6f52a52482363c5937
-
/data/data/com.redantz.game.zombie/app_fiverocks/installFilesize
36B
MD5df473cddd4d6d68fd69f435b5a7d472a
SHA1c6bf68b42c1a84e1ed5be74e48948c445258903f
SHA2563a93a73f983bf1803e0eed17889ac50ce5e3c82752b8d824dcb8967c7c4595d0
SHA51283c17769e62e59217dcc8cb7cff4a765bbdc93aa58b34c2837572f5998358cf53a19d1bd89113515c98d5d5ec1739b63bac046ecc3ed65ce001238335bee7ae1
-
/data/data/com.redantz.game.zombie/cache/1582435991586.jarFilesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
/data/data/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709Filesize
2.1MB
MD5881ec613b4a7aee9fc4ccab0fac3500c
SHA198612188919b3a3778834264e0cf98c8f041d1d5
SHA2560a397b5d0f04474cbdc02cd8993778706fcffcdf91a9a7cba8dd6e71e2852b1b
SHA5121154aac87ac8555a48d0d22cbe09ba7a56ec4d3a835ad38c9ad1da52b9e388c04bffeef3dadd3b3b89f684d7ed892d66d6e8adabbe292311b88718bdda2079c5
-
/data/data/com.redantz.game.zombie/cache/oat/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709.cur.profFilesize
1KB
MD512b4c27e38097b1f8c4c39379a2d022a
SHA1e0f7481555273657136338e81dfb5b22a4b3be24
SHA2567e5c70bf57be92e9a6d1d8ddc5f525776c05537e54c10fbea7c9c1e82897fe30
SHA5125a5418202b5bff200233659a60e9a54780b9057ea930730e3c6ad048dc0049f305906e74624ec722555f9182c414b721c37b6744cde713b0aa3cbac16b74ffde
-
/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/305e92b552f0b149f572e401c5e9b4fb1d1c5bbf57888f31b39e47b04b42e92bFilesize
3KB
MD55de4c723cd74e72aab3768c822b59f6e
SHA16bcf0e7641be9d5f6a9a360239ea17180c5c24c4
SHA256634117884ad6e001da18755836bfb8a3ab8140a00d8e8e8a5ff401fb8fe31a4d
SHA512f3d074e6fba27f33522f58efbdcc07ab5b01ef3c7f86ad62ed4fb15a25441e8b915f9a5160713c01ed4fba74dafbaf0523f2a172a54e5fd8e8008f3799b426cf
-
/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/6bce43f65203077f42b45d0b80f9e1168cb2b4c8d1c563e4c9d69ae8473b83c9Filesize
105KB
MD57395d5aed853676551ada33de073ab7f
SHA1bf7fc45e83a981bc9514df725145ac1245cc4ed2
SHA2564fb565c9d0bb9379c355f356a907ddddb352b953a35fd345d7e7996d00d2c141
SHA512b49d528472e4d9b16dfe5458e99128a2544714c77c0badd232e981da05d7825914b2ac92b5d9b360ba8191c4e0e1ade0af2a0d2f0346ee9828a18c29967cac6f
-
/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/72cc2ce4c849a74a571306657b38154530fc013c5619d2756cb44006b71281dfFilesize
23KB
MD5cebd2eac9e5d22dde187020b1456ba55
SHA1080d9bf7be8dcd1d0be2db35b9f377313e2ca64b
SHA256d65370d78e962ec8db098b0209f1de275bc20df21e4889a5ace5c818968c4091
SHA5123b90a1944af8cbd4f15b2f2c8963e69e3353b47a0ad1205ca79bbf630efd2a66f9e1fd66a3a862bbedc997af3ed29cfd9dde4eb6d2056aa074e24854542a9432
-
/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/72e3484d76ffd0256ab079e173aa17b6bc094528c1656c98e57a4578c449656eFilesize
9KB
MD55937982a5c3eb5dbeee289f28b2ce0dd
SHA18352eb673463331cc673f61a116bdec8e6c5da6f
SHA256b280da88ae423243813a609a714cf1afd38cb2926f81ee8c34b69353441f3412
SHA5124d5de0252a4266e94ada5d54a0b1f21106e6ced6b1c3556d2e775e060fb064b0aa4f788da73d42ab5dcff369e7120ce59e2b8c5c051c9e09c2974ab3ec636fcf
-
/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/a27f8ccdc8168cd94c7600ec4ab3b6d1b78512555a57b9c5b879ee964d89b1f4Filesize
850KB
MD567393e47821fd53c8b37ec482bedef3c
SHA16f6196b5f79ed21578f01a097abcc3716d013668
SHA2565c9092ec37f7c56a545af4e1b63c313bac2384970d4226fc89dfb908d3b6ddfe
SHA51281a69f3c69b1d9fe4e4942634951670677a5f7d6268cef201587629775e29b62e152b1e1e0433575605398f18f9300f494882db912a4e30d6ec364569f00b763
-
/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/b7836f6048295e919fffb37194701696dbf248def687a7c4dc2852918a7c030aFilesize
1.5MB
MD55049f59d60199d15103da59a225a7432
SHA1025eb33c46c3617e652e59d89e0fbc751cba0375
SHA2561505943aa24e94fb01c2d09b2d5863b74be3392ca987a65fbcc951b9bdac7454
SHA51204025ce55f9408074d8d19af1e005385ffd52e3538ebf4f6e1b46b781014ba1c7cbd5199131e6823e51d0503ff20b633fddadfb94e7d8adf3c5269dd8af76495
-
/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/e1f9674f49d43c68038e13a9448588c07c8150956636e79427eaa80449f002f3Filesize
4KB
MD5c46a4afc01c72523d169a8d41372fb70
SHA1ed24b99e499811bad855182f5e363288ccadcdc2
SHA25629742ad431270e06b41ac4bc321b7603ac6aaa32aecf2196effba14aa07e2976
SHA5129b1165308e4afed0058963a53fb52099e9c235e44f64979bdd741a0d55fa956a33763cbdb2a38432edd6f4c372c7a4cdb915515fd81bc7bb01257b1ac232eaba
-
/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/fe34bfffbcd29b1755f133c19aaf4621aef426e082ee6ff530f12b91de36a0bfFilesize
49KB
MD5ef998efc9d10eef6fcd3d5dd8149c84c
SHA11c5089ba85c24230fea9b646e7c860354f71a03d
SHA256a84b4119c5ae21da53194e5dea2ee3f9bb12e51da81dcf8f1823305603262ee4
SHA512d3c937fc1aa8490d5348a73efaab7d28f1af4e20b3e43189364344efbf6abc2e2d6ed6dd03116d014ce94346265e6c293e01545bf246d57d8ea477aac47ec3e4
-
/data/data/com.redantz.game.zombie/files/Tapjoy/Cache/ffb52b85291780d3d22d25da0d2f96427b82b4497fe944ba2902da1e779b1007Filesize
294KB
MD52b205b382cf3df60ede9f9d4532b923e
SHA16ecdc72f90b066f51278e36d5adcd17524e0340a
SHA256bded4e27c96cf731831a123e8cc96ace17cf2ff608a85407b1cba6971bc78dbf
SHA51233ba92c30e779ef1fb4d746c90b642bd6b7d802f485a44580735af03434d334c37d76116d63c9294d3059ebd535603baa068c3db19df25f7b1b4e740d9afcea8
-
/data/data/com.redantz.game.zombie/files/UnityAdsStorage-public-data.jsonFilesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
/data/user/0/com.redantz.game.zombie/cache/1582435991586.jarFilesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56
-
/data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709Filesize
408KB
MD509090675f907af2982ab884d5a2d5fc5
SHA1a61963a69f1f8b3eb4f4732a411c53161dc5bc44
SHA2569057dca92fb1b7ddd6c7559bb737912099947609005aed33d1f64b1568de518a
SHA5129b179480d352705080271d3a85546e8a6a6fd30a8914e5affe082d859ba0cab49290b8fc5cc63a69bfd421537fed5229e76c4d0a092b1f66e0854b4c329ad28f
-
/data/user/0/com.redantz.game.zombie/cache/DA39A3EE5E6B4B0D3255BFEF95601890AFD80709!classes2.dexFilesize
4.5MB
MD5bf9e9553b1aaf327bd903e68fa73a327
SHA15deccb0f474cb1f72d3a221f2fd501ea00f70dfc
SHA256c98adff68ea25b3ac46c0a4f04a1cfcf84106114f52409bbba09f1821640ab8c
SHA512991cd548529f9ae3604c019af31235699802762270212a7239622e6678592e6751bcf506630f81cf214c0d87a8f6f220d304c628e19988f2fb3a4122d81fb26c
-
/storage/emulated/0/Android/data/com.redantz.game.zombie/cache/UnityAdsCache/UnityAdsTest.txtFilesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
/storage/emulated/0/Android/data/com.redantz.game.zombie/cache/UnityAdsCache/UnityAdsWebApp.htmlFilesize
1.9MB
MD5e9ade451abd22e54d9e775cada5d9dda
SHA12b2f315e8aa60587efb51a3b52e86e57763312fe
SHA256531bbd57154753e5e1b3af8c3aa77b62aaa99aa4ae760dddf2a9940c702494d4
SHA5120ded12cf4852bfea9e60337182bc7037c63b4a6d9b35d1aa6ae7667606b882d43208ac14f519ee2149a1760ee1b2f8effa12dd0be39facc0807cd2237c077ea7
-
/storage/emulated/0/Google/google.idFilesize
36B
MD58e94f7b283b3e5657d8ea4f4fd400705
SHA1c20cebd057620c7b5defefd1ba943ac43719418f
SHA2561d77951ce164e0232460b95b1978e73e92bc35e2bf17c9464a7eb0425d1ef699
SHA51283f0c9d595b3008718b3732dcaf4d323d5b4bec77f2219c82edf6f1f77c983eaa1548146e8984a27406ce13d7852bc82391679a41a4d991096f6172c5e55e419