Analysis

  • max time kernel
    23s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    25-08-2024 13:08

General

  • Target

    c0cfdf18b4670edaca2db15601c2c1fe_JaffaCakes118.apk

  • Size

    2.0MB

  • MD5

    c0cfdf18b4670edaca2db15601c2c1fe

  • SHA1

    47a32a5220a9ad41aaedc6cc50006542e673cfea

  • SHA256

    bc057f0bae84d48e79944eb98154795acef33f5e6670766227eb68cc73a3cdeb

  • SHA512

    a867c897f2d62db70d73da605525398222c00092e8d224047bd53bc8199fc33de0e75a9523f59b4095722a1c7132b9ad7a285b4748cfe7a22243273d696d238a

  • SSDEEP

    49152:U+7zCZ5clmITPhMFB50QfFYAYtYj73ZTe:i69eL51e7uQ

Malware Config

Signatures

Processes

  • com.aim.racing.hack
    1⤵
    • Removes its main activity from the application launcher
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:4237

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.aim.racing.hack/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    5d85664f8e614fcaef42be2e6f649027

    SHA1

    09c6288922102f6114a823f4992415fd3373d61e

    SHA256

    55f8907e91226ef43a05583c7b4623b4e26994b62d20c8603975ccc1fa3b9409

    SHA512

    3d6006a3e82d00fe9bc443e940acc5df12ec84114fcbcf8fbc8099c085cb1229b21a217b7445129b50558bfef5100894686d7359eb80b7ef087b65c7be3bc6e9

  • /data/data/com.aim.racing.hack/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    68b7ec01933967addad46a2e47701e7c

    SHA1

    eb7e8731a3bff12de987e121ec6935948cd621bd

    SHA256

    2d6a3152023a9362a4e7956fb2a2b79fe372384b3f5833a4c3e36aa12cecae7c

    SHA512

    6439864732b0c718859d8c0485fc912783b52b60729f0168137e91dc8afac5cfb1e20c0c44c6eccaa6adba23ecebbe3b293d1d9183e461e9e137bf41718ef29f

  • /data/data/com.aim.racing.hack/databases/evernote_jobs.db-journal

    Filesize

    512B

    MD5

    0bc131468ed45ab7046f3fe1717fa6a5

    SHA1

    54a557d2137464b89d5f733cd450de0a10898b36

    SHA256

    30e9af5b948d3111cb43d7d255bd7658dac5b9e266d7f48ac049f20480d31678

    SHA512

    4ec2be4bfb4f6f2af75cf81bc3d6e976a4df214fad590367c35e4d7fa9e3439156f7e7c2fc3338b061b0782f7729b17d85fef06311cae2bfdde99f62fcd08a82

  • /data/data/com.aim.racing.hack/databases/evernote_jobs.db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.aim.racing.hack/databases/evernote_jobs.db-wal

    Filesize

    28KB

    MD5

    07e008dad1d6df348fd3edc8ca14f151

    SHA1

    7fffb68b7d5919d2f5b9c0cd15586bf2baa8d426

    SHA256

    ce785b57d1eda5092b08c9a32fa9af8e0b8a3fffbf4a460c48212c164ff1b350

    SHA512

    d584f8d694851e5ca690acbecf1b7a3ea395183293f4a39690545d48c1982f66fdca9a99004a9b214d7d9d7810a88f6e958820c4d47d011215b3edc367294b27

  • /data/data/com.aim.racing.hack/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    72b05d4d5556c1566c3320cad4f4ed2e

    SHA1

    9b8e99862b4393a8ec383b33750a4d702eb09fe7

    SHA256

    d627d59aac07138fee83b930cdbcc18632fd37147c951a74fb2d92ccc5070b72

    SHA512

    d9b03b0f4a65adaf2e8ce2b53ecb60193b3c1881719c0342e518f67777a771804199d4f43e825b5146fc24c5041a5ed74f5d1fe373ecb742bc26f01643643ef7