Analysis

  • max time kernel
    6s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    18-06-2024 10:46

General

  • Target

    bb8600094e4351f47e99b13655390911_JaffaCakes118.apk

  • Size

    6.2MB

  • MD5

    bb8600094e4351f47e99b13655390911

  • SHA1

    071ec100f9724c16c03c7f760ac6103ace43bf27

  • SHA256

    465a7e3320df58a9a604f39f286b1eed4c7086bb8a47ed60ea8a139736265772

  • SHA512

    ed1e708a1d2207b7e1338ae3f86cd2e95c7359ae415684c01082068df41fa70aaf462fff08457a1f63899835d91cb2e92b4e5adfbd4ee9614e96169975599f88

  • SSDEEP

    98304:JT2KhcDjVJbavFVyzbuPzC/zY2Fk1Lb0HS6zVkR9OEXLshGUHVyCnBrnnnn1:J5+fiON/zYfLb8kCzrnBrnnnn1

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Checks the presence of a debugger
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.bskyb.fbscore
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4249

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.bskyb.fbscore/databases/com.im.db

    Filesize

    20KB

    MD5

    7f5f65fac24b5af49ea53b4016f4b35d

    SHA1

    73b3dad6abcea6585bbcd50e038a33e16f95fd32

    SHA256

    4240342b0052edd3fe45948dc511246295dc7b3291848d2dcfc7952d8ffa9eb3

    SHA512

    e5de3d2ef8d446c4087bd36dbe4d0007303bf20d5a37c0951addf456d22cbf4f6c9b0014a0212dbd85c18597e693ed2cc734cd4b9fa7fed7d5a86ba395ccc500

  • /data/data/com.bskyb.fbscore/databases/com.im.db-journal

    Filesize

    512B

    MD5

    3effe4836b3701ec0f2e17079a558fb4

    SHA1

    19a5f63578a843527994f3a39a55982432812d5b

    SHA256

    764d35f3d6dd0617b3dda811157622c4e7c3b8e3d9d8e5c2677fe675f5a45e38

    SHA512

    4598908ca07b10bf28173a2999f72dc19a82013ebab97b488c2929e68b32858fd2eb514bf9c1cb5fdf15fdfe1a8e5aa9c7ab04a515fcd3b4ba256d7e04171da7

  • /data/data/com.bskyb.fbscore/databases/com.im.db-shm

    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

  • /data/data/com.bskyb.fbscore/databases/com.im.db-wal

    Filesize

    36KB

    MD5

    e581805c7c311ec40b33802bb9e218e7

    SHA1

    455607bec349a554d82624613e3af12e0a137f21

    SHA256

    1362c2a4e9894928fc58332eb839bef17e691d044eb65f374bacbb3afa81de37

    SHA512

    d1f858f9f0a29c156015ae85c74b48ac758e2e04c5486e263acca0c8b51bd5175e3a4bbd2fc36f3af61ceb5631c0ad0ce31974ecfe0860d1d24663c5477083b1

  • /data/data/com.bskyb.fbscore/databases/com.im.db-wal

    Filesize

    28KB

    MD5

    526353931a97a354e6644cfeb16f50e9

    SHA1

    15c54cd5e1b97cc551bd15c0c8fd619709b00695

    SHA256

    1d5714809649b54d36a5dec33dc50b8c8cb3d397e552000a1ac05dab77098b7e

    SHA512

    597c8b3b54d0219facec05f626d16403380f5455c1d5e5be1f8841b78e9480f54fb6bdf7fe61f2ff9c363130abf9cadcf9952790293bd76f200d8acadda75206

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6671659303DB-0001-1099-1F9E5FAFFEF7BeginSession.cls_temp

    Filesize

    77B

    MD5

    ff046facce574a9d7e4babd8fc4b6e6d

    SHA1

    db9e974e23532b6db5e943f7337e4980439e4a66

    SHA256

    c205764e9a023142f55673012dda5623b1fed1461a5aeb2f2952f8a582130825

    SHA512

    a77e7e49d9c5597d4d7f8f41eacce81bb92424ecbc27ddd313eeb0cee55b976e44bb008a69005d21106d54205940ab6a97a812b2209f0a8b1877a95f54b6e5ca

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6671659303DB-0001-1099-1F9E5FAFFEF7SessionApp.cls_temp

    Filesize

    113B

    MD5

    846ecbbebf838b9f1a998caf4ec308f1

    SHA1

    b128cfb3879f229403b9eb8641e3cdc405d4bb59

    SHA256

    4c7d72c8c4e19f2422e405e5115362d847b87d6297b7e9b0f863f206b50603df

    SHA512

    053999619767acf8bb5475244f9f76e56b68f2ade8f438f6e729b00f1665116a500ff43dd8320ca223866691860240a58ea24d2696b6579c37cf3ee642cb3be8

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6671659303DB-0001-1099-1F9E5FAFFEF7SessionCrash.cls_temp

    Filesize

    26KB

    MD5

    a54b873f7678f2fdf77c234a0ed788c6

    SHA1

    bbc04d9450fef17788fe4d4c46700d560777d16d

    SHA256

    52aae5777fda339ea39c7fc0b8f503f70e0fe6651e19fc746e53a08cf68d2257

    SHA512

    c2333b96d7c405a0eb50878bbb86226ef300bdd35faffdf0697ef363fd3f21dcc72df6cf432432b360d96e02eee2bccef461a9be3b106933e38faa93add71c06

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6671659303DB-0001-1099-1F9E5FAFFEF7SessionDevice.cls_temp

    Filesize

    131B

    MD5

    9b8608a7732ea4e678c5cc4e62e77f3d

    SHA1

    afa664617eff62a9386573c56de194b2e044423a

    SHA256

    f88368d66a4cc162ddb10cbb8f0a54ada64e0e5a72cbd6a7ededd3f361c54c97

    SHA512

    c9c110c08cf6aa1b2b8cf11492af040157552965395f158f5e438056258ca174408283b6cc65ed9adabae7dd51405ff5262957b3828dd0a88468e9fd93923bea

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6671659303DB-0001-1099-1F9E5FAFFEF7SessionOS.cls_temp

    Filesize

    14B

    MD5

    9b3d4522944ce6396563812bfdb92fa9

    SHA1

    6d2a6133c8f01938a48ccc77ef86ad8ca335c020

    SHA256

    d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

    SHA512

    091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6671659702E2-0002-1099-1F9E5FAFFEF7BeginSession.cls_temp

    Filesize

    77B

    MD5

    36687a8192be9b254d493f0cc998f5fe

    SHA1

    f86748194fe4c6ec751fbe700a244c80ffc02a1d

    SHA256

    53ccb4884e144a173ca818f0fa4d824bf0cf1f08a52070b54ab67861feb9f8ce

    SHA512

    0e9e51b9fd9ca5f94ad91166d9b909e51022e0327c4e448a3ae5cfc931d8f346562d53dd1a56c2a9577f4307c0940d751821afb3065b2a101ff4240897029edf

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    474B

    MD5

    4551807cb02511ce69c0938a1c5a21ab

    SHA1

    a22a725bf8aae8c7a5203bd415c732bc079bd2af

    SHA256

    8988d390763c97f880e6b544645ef993bc62937db8e503e9bd90fc8cf129c076

    SHA512

    85ac014c8004b23e21b684c883252d6a5611e8a9ae3856eb3e28ab8e932900741c36885f570a1afef37b0fb993aa86ce101b84084b9a52c99e3a8967ead5c234

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    1KB

    MD5

    be1ff190b8e96ab5d7290526d12f22a9

    SHA1

    2982ec4a94aa216e1e198aa6b7e2e19b627713db

    SHA256

    c2ae118517aeb061e21c92acdf7a7a890a254f8f16e047f2862acc72095db7a1

    SHA512

    7792bfd0aef16031de9b760d18bc00ce9160ba3057718c2c3180be297767f5e3dd0b7d42e67fa73b3578cf62e7965960afece5fcc022c6e20452ccae668eb0d1

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/data/com.bskyb.fbscore/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_f43aed5e-342a-4e33-8cc6-e7c17b392c1e_1718707606362.tap

    Filesize

    377B

    MD5

    a549576686c409b29fdefbf8b271b83e

    SHA1

    2ef8bf7b05a105eb21b2451264763386bfdfb2f0

    SHA256

    61a4f4e61b6e6e73928ddd9cce220171c243b2a86749df0055f12de7c22dec33

    SHA512

    363dcec84dfe2162fb6094ca6e6d445e6950876c4fd82656b722283bc65d62afce746a62c667244f31c400ae3721f452a7b137d8f64c774b566056200116e336

  • /data/data/com.bskyb.fbscore/no_backup/com.urbanairship.databases/ua_analytics.db-journal

    Filesize

    512B

    MD5

    ea70fdbdb7ad9d3f0cedb551f9cc7602

    SHA1

    04f89508221d773cf616b8d6917aa9bd9c6a7f6c

    SHA256

    bb1558da16253b8cdd5210680259d977d5de4ad342d4ed992a21c01c4717f37a

    SHA512

    1b798ff7edf6fd76bd03e318d22fff1f12296ad90136afd4350e97b1ccfa89d6670b89f678107682a1ea1800bd707e444cfe2f157045e8850c6bfa8b90ca508e

  • /data/data/com.bskyb.fbscore/no_backup/com.urbanairship.databases/ua_analytics.db-wal

    Filesize

    40KB

    MD5

    cce2a01979c963c3a1ca9389ad744dba

    SHA1

    91542be1981f272f63808bb9da9efab8917a9d27

    SHA256

    b7bfefe60ee766b9039d52d1115ad4dc50deb5a1eeba89afe0cd888346ea60e2

    SHA512

    ad012550b9b5735bc3820c1c263d2c862149355e84cec2661bffa9634aa3abefdbe94baedf0ac8c69c760c2c4ad6eb2ce7012c4f1a547e488d76775de79c8315

  • /data/data/com.bskyb.fbscore/no_backup/com.urbanairship.databases/ua_preferences.db

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.bskyb.fbscore/no_backup/com.urbanairship.databases/ua_preferences.db-journal

    Filesize

    512B

    MD5

    83ee1ae8dc3cefd2bec82e3c1388c5ad

    SHA1

    7094283f4dd1edd54332ae9447935a50089f50c9

    SHA256

    f46f4334dcfe4dd79620d8ca72eca52a69b13ca25e6cc9335308270e869b41b1

    SHA512

    910491451d64645a7f5212c1985c8eccf8b3b8b0a767a15dadce12e81eceb9f7829ccc6a9f5eff50d4680d9328ba6640053eda309fb27652634d68c8fa995344

  • /data/data/com.bskyb.fbscore/no_backup/com.urbanairship.databases/ua_preferences.db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.bskyb.fbscore/no_backup/com.urbanairship.databases/ua_preferences.db-wal

    Filesize

    104KB

    MD5

    bd519552c48ee41d4f7a0c1be9a81450

    SHA1

    8b1e5a26c89716dca3ab82d3142813c15fbdc6e2

    SHA256

    204b480413c0f4d3f641384751521d05da41a21fe02bff88227fb28d25462234

    SHA512

    32a91c57ae60e111a344316624f04d408dc0fe620015be3f999cf435a38fd6753778a55b4dbc9b19eeed37be22be3d1c3a9c5bd3996db1be1e82638b55f01fcb

  • /data/data/com.bskyb.fbscore/no_backup/com.urbanairship.databases/ua_richpush.db-journal

    Filesize

    512B

    MD5

    f4813d71044099cbff2f1d080550988b

    SHA1

    728ee446f9e2b3e8a6ee8738ce2ff12d83a1ff6f

    SHA256

    3f5e549ecb8ad1925f5d7dcf542a8db096a072af9f0694b5d96540576a373476

    SHA512

    a161654377ec1a4ebb41638290a94ad064a3f4640dda65c5644b8c9da8657c5ee6a0406056701c97ad464211bf45e8b9ea076f37e821de265150b995494e4ee7

  • /data/data/com.bskyb.fbscore/no_backup/com.urbanairship.databases/ua_richpush.db-wal

    Filesize

    36KB

    MD5

    edfd8c91140f64cef4e1e6f2ff0198bd

    SHA1

    d8c3a3a6519b3f6132a63752aed6b864e3be98f9

    SHA256

    f4b021b8eab1cf5a485dbe63ddd27500f41f217bf4edd2048e4061bd678c1997

    SHA512

    816a98e8f398d18a2c8cd76f5e640ad932f37c8ef47476531e25fe476bae2571b7ed5356f9861f3ddbc9a40ab4dee1e1aa87210f1efde8d3e668bfd36b3b486d