Overview

overview

8

Static

static

6

a74f71621f...18.apk

android-9-x86

8

a74f71621f...18.apk

android-11-x64

8

Analysis

  • max time kernel
    7s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    14-06-2024 00:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a74f71621f8e38e4bbf349a47a7625fb_JaffaCakes118.apk

  • Size

    17.9MB

  • MD5

    a74f71621f8e38e4bbf349a47a7625fb

  • SHA1

    db1ac13bb4437e4fa7c41eff81331d65dbc5bc30

  • SHA256

    34a247d024b33eee39976a0bf734bd9be91d9706087ce92f103cf77c4a4a2199

  • SHA512

    d574898866391191f2b46b2f23762ba08805fb51f65b4d30d3f928f26848de832bec8c5b2f9acd57c5d7c07be6ed0eab7bd7b10fc8d376990ce566bd157dc57a

  • SSDEEP

    393216:X30GfxH9zfIJi7qvtB2ipUXiFeNBWRLNuQkp24HdZ1g5:X30S3LIM7qVrpUSFuBOuQZ

Score
8/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Checks known Qemu files. 1 TTPs 3 IoCs

    Checks for known Qemu files that exist on Android virtual device images.

    evasion
  • Checks known Qemu pipes. 1 TTPs 2 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

    evasion
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.imbastar.c5game
    1⤵
    • Checks if the Android device is rooted.
    • Checks known Qemu files.
    • Checks known Qemu pipes.
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4278
    • /system/bin/sh -c getprop
      2⤵
        PID:4326
      • getprop
        2⤵
          PID:4326

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.imbastar.c5game/app_crashrecord/1004
        Filesize

        58B

        MD5

        0d210bfb2a0e1f1b4c082a6a0f79de07

        SHA1

        bb8ed9e364db79d1d9f2fcde3f15091893222faa

        SHA256

        988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

        SHA512

        536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

        Download Submit
      • /data/data/com.imbastar.c5game/app_crashrecord/1004
        Filesize

        235B

        MD5

        f3e702e2cb957207277121ae22283528

        SHA1

        68c4a23dadc7bbe6dba380b543e34b62b15d33b1

        SHA256

        7fecbf03370211957453f56797b052631bda60c341694e48293b5dc56314c32c

        SHA512

        cb9d225aec9c7c1763f1bfcd9acc0ff25407b9f8eaa42164549aba287b7e77285c34a52d86ddc0ab1fc4186a47fa59086c3797ac56bf3cca182bcc54d9a757e2

        Download Submit
      • /data/data/com.imbastar.c5game/databases/bugly_db_yaq
        Filesize

        4KB

        MD5

        f2b4b0190b9f384ca885f0c8c9b14700

        SHA1

        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

        SHA256

        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

        SHA512

        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        Download Submit
      • /data/data/com.imbastar.c5game/databases/bugly_db_yaq-journal
        Filesize

        512B

        MD5

        e9d27a07b17016cae8e2e855193930ee

        SHA1

        6cc49752dfa55cab74b9d20a5169aa336e296f9e

        SHA256

        1f385e3d5ae8b671600333122e5366f472a6fc2e51f0ea96d6c814a3e7c170ce

        SHA512

        b056539579d005e0c88734f8c8678c73aff40b8a2856f5126240690aa0fe9f5c4ec70e30e33b5a88c949c0d17426cdc130b796edc5d3c3f6d27318e071b954b2

        Download Submit
      • /data/data/com.imbastar.c5game/databases/bugly_db_yaq-shm
        Filesize

        32KB

        MD5

        bb7df04e1b0a2570657527a7e108ae23

        SHA1

        5188431849b4613152fd7bdba6a3ff0a4fd6424b

        SHA256

        c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

        SHA512

        768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

        Download Submit
      • /data/data/com.imbastar.c5game/databases/bugly_db_yaq-wal
        Filesize

        104KB

        MD5

        eaf5674f906adeafb272750b66ee89c7

        SHA1

        65a4f784308df2ef479de79282fb2414cd6cdb7f

        SHA256

        e84cd0099c0f2cfc9370d758b12d2e5c773bc4b33bb0f0b15f62f195d93e9000

        SHA512

        940e0eccb3d69e362a488a167b8ddbef3a879e63a76dff039037099d1dbb62e24df3c3c047f631ec11c0d845ebdd974b9b9e50fee01736896155c49db9e540aa

        Download Submit
      • /data/data/com.imbastar.c5game/files/prodexdir/0OO00l111l1l
        Filesize

        6.9MB

        MD5

        bdb6373bc93440621c21970e3f2041fc

        SHA1

        55963e9dc8bd4139cfd2247a3525e45b6cf66c22

        SHA256

        82c26271597f21a98c0b459d47322d067ee41d6702208def4ddd939ce5ed3b69

        SHA512

        6ae556ca18bc2d2571a1db9f875503e2cd4c57f8185cee697cc5dd7e9911ad855914dbfec5155c1afb7352426b531c9abe846fdb019d2e66c20e9ef5b38569f2

        Download Submit
      • /data/data/com.imbastar.c5game/files/prodexdir/o0oooOO0ooOo.dat
        Filesize

        144B

        MD5

        ca323993cc74b9dc8eed0346db81e124

        SHA1

        1f390e80748e0ad2ef4e94d0b8b284cf87a2c271

        SHA256

        8eb37cd1b34ec2e95597702cd6cd66d99638926f09c2d2ed75e995f845d843a0

        SHA512

        d9363faf4523704f232bfac055694039f9e8cdcc3e3a7e1f06731c3f1970b221b06499536cb66bfe39cf7eb4b356b596491a9d0ab7b22a08123bd31f524a87dd

        Download Submit
      • /data/data/com.imbastar.c5game/files/prodexdir/tosversion
        Filesize

        31B

        MD5

        0d0e31fde8cbf2067ff52fa81989a048

        SHA1

        84b628f411f4b4b21bb178d2e412b4edc7a383d5

        SHA256

        915546fdab44d271ff40d2252d8c575381665d9bd4a4df806f2cdc1aba6677a8

        SHA512

        2d452db5ded7b146c033e610ca003d0d7abbca9386b4f45c4f4d5546a28a9fd0e7a9084433df8b2ee91a2a11d6f8b64798b9b2fc6f24c5fabb4011994c0ebd9a

        Download Submit