6367d4b59e6aa99281fc98a290f693b2ccac6cc173c957396401f25874c50317

Analysis

max time kernel
149s
max time network
151s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
07-09-2024 19:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d2a2ab77640fcab6ed29c6815b20999b_JaffaCakes118.apk
Size

32.0MB
MD5

d2a2ab77640fcab6ed29c6815b20999b
SHA1

98eaea3c99a66f2ebbbc02fb728510d9dfd8ea16
SHA256

6367d4b59e6aa99281fc98a290f693b2ccac6cc173c957396401f25874c50317
SHA512

a8ca34f56f7e3ee92543542f28530fef437a4669ea787a62174f462055daba7669798451c64d87bc217a41a1ffaa3db462a1920e7db012d52a5beeda304c95c1
SSDEEP

786432:d6S1aXvVSDf46cMzJZ3QOOhSZAjoWvfUxnB8NJozr9GR08PEvt4jLQDoTmcB6vvI:cIaXdSj4A3dQoWUxB8NU9gPIt4j8DoKs

Score

6^/10

discovery impact persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.twitchyfinger.google.furballrampage

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.twitchyfinger.google.furballrampage

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.twitchyfinger.google.furballrampage

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.twitchyfinger.google.furballrampage

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.twitchyfinger.google.furballrampage

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.twitchyfinger.google.furballrampage

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.twitchyfinger.google.furballrampage

com.twitchyfinger.google.furballrampage
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4271

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.twitchyfinger.google.furballrampage/app_sslcache/live.chartboost.com.443

Filesize
5KB

MD5
533c4e87aa2c8cd415ae63ed8479cdd3

SHA1
a1a3dccc0258f537280c6f67d2d55df408f3d389

SHA256
5ace94c0214ce28e0f333a4fcf79792939446bfacd28791226b069d1acfa8c4c

SHA512
227268769f5b8d771b10aaa954e96c8c03996b142d742ca83ac62ae9c5fec0f8119a939bec99d112f77ace26d9f1a623a6e14b789bf76a914726d5ef6f587f17

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/databases/store.kv.db-journal

Filesize
512B

MD5
ec0a83bcba98a069d1e5853bb0096aa3

SHA1
16e1fec2e1425d3c58d60cd2cc88e2f0075ab746

SHA256
69f876d5549ff6ff4027e86ed00294ce20f74aa2284d7203c24abd0975414aa5

SHA512
9676e9193e512f8d1b8f1ac44e82b7c50062eeb389daf2bb08f3c17a1c9653fc59de41b9adb27010ce88e92b9dbb207a45d06aa6c4ae76d8e01a7701d38117f8

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/databases/store.kv.db-wal

Filesize
60KB

MD5
cd3b8950ff147b55357bf0486d281d2a

SHA1
5f80ac4ad523dedd51bf90a67ea1c72cf1f0f720

SHA256
34dde8e0413c0a5fbd27cdf95a53f7ba8c8f1083479809dc53187abb5ed543b6

SHA512
234d204d6312745246cb1f7462ffc3d2db4c92ca6c765ce5aa92db1b2659c5e95772e6d23a6a62eaccc8716348cc6b5aa93dd002023b491611b046c25f550685

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/databases/vungle

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/databases/vungle-journal

Filesize
512B

MD5
047a4c178eca3f5ec06517f8ff84907a

SHA1
9da8c27b31bb7fe71aa5cb5f68d7cd72548d47d3

SHA256
a7f84b1c6eb6b7eba26d510172c9296cdc8f58b4de2f77d1c82f0de761546c3f

SHA512
51078c1314335d7c56838edfa50bc5f0df76285a273bb61859ea1dea3b16673ac3dd0a2e72afa7c5ca527a685bae5a0b9f9bd1168caf20f6e034087982334a08

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/databases/vungle-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/databases/vungle-wal

Filesize
76KB

MD5
49e767f15ac336f6f9b0b66bd1a7c2b2

SHA1
26613d916e6943745b186baa483c477ae123f65a

SHA256
dcb8f4c7aa0171e389a34564173861de99a18f6a88d970a1b0a4c460b4278709

SHA512
224ca350503940187e4afaa1935b6d9adf2c37495412f5ecfed54d32dd4af140e8dcfcb79f5bf59377f21d9a4d83c6613dcd881909d5ab506e5f2f5867b85c81

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/files/.FlurrySenderIndex.info.AnalyticsData_W6M5KT93ZXY6YD93HDR4_171

Filesize
42B

MD5
638d9a7fc38977bc0ac6eb92e2680a5e

SHA1
a9700069641f492c9dff137d987971b9ed2f9192

SHA256
e3565b89097853c78de84b27baf7e568eec6d4b3ddb4bc5458e6beb8a9c79c76

SHA512
d7dee0d6c51bc82cbf8736b6a457646e92fe705d686d90a583a1bde0b95a6a15c8a9608455b49b3d48a0031804d74588019fe3f6a9ce418a7b4c30165df2ef42

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/files/.FlurrySenderIndex.info.AnalyticsMain

Filesize
44B

MD5
0d6d011d3ac4095f26b89fa4a54ae7fb

SHA1
33e2cc6776672552fdd5b016f1a4d276c6c91c04

SHA256
5ce66824f139c97c43ed3ab408d25918904b768baa751544ea201aca0b71fb19

SHA512
735a45c95babd74ab3524e130256781ed45f7c80873fe480f20f17e7b0b0824bdeeb8af814ab1bc7eafd319aebc4a1ad03de505865ac9eeeb0550c3c7a17f50b

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/files/.flurryagent.-d1e26f8

Filesize
58B

MD5
317f233f19b574655599d03fcac705cd

SHA1
a52f53371bb5a0d551d6b15a42785169d2124340

SHA256
067bfe4e8e4ac5246c83eeba19b7626764e86bf4fddd867c732864dbf113e6d0

SHA512
08d9e66cf48d2c9c4fd4038d26a11010f6e02c86ca4a5270862c1cb730730c4598e6e2e03112008f58a60341fc40dcda697603f8cc1ea9d4d33afa8ada95fb3c

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/files/.flurrydatasenderblock.e97fb18b-6988-49c8-8802-52fb6abd07f5

Filesize
375B

MD5
ae598f2e22e66c01983c44e725784c16

SHA1
8590801a18dfce46e32be8166515490c266f6d37

SHA256
13650e3f6e0a96712c6a2dcdc3fcf90eddfcbd1fc18eee2e8363219afde5c1d1

SHA512
38454f180231611671b30b35a68fd2f48969cb151c0270016ce804a7e15131cf85421fc8feefa1a5bba9f57dbb5ae1d2f10128eb3a046a66178ded8cf3b860d7

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/files/Tapjoy/Cache/72cc2ce4c849a74a571306657b38154530fc013c5619d2756cb44006b71281df

Filesize
23KB

MD5
cebd2eac9e5d22dde187020b1456ba55

SHA1
080d9bf7be8dcd1d0be2db35b9f377313e2ca64b

SHA256
d65370d78e962ec8db098b0209f1de275bc20df21e4889a5ace5c818968c4091

SHA512
3b90a1944af8cbd4f15b2f2c8963e69e3353b47a0ad1205ca79bbf630efd2a66f9e1fd66a3a862bbedc997af3ed29cfd9dde4eb6d2056aa074e24854542a9432

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/files/Tapjoy/Cache/84ebf27b0810971222f1451a1c83d2a1233fe95db413aa73e3cd08cfa056e84b

Filesize
3KB

MD5
3819d5cfdebd650db22be12f580772ab

SHA1
2f8ccd6186d850177c16ad62c62b3560cb63c031

SHA256
01783ab3e191cbc3872808dc5b0d5592a2b32d8f3e110bebf2ebcbb6d6f9084f

SHA512
857e69852c3f986c16c9769c4795b730dc46fb907f1c903eccac5813d85b53cc8a6a8bc317b7971635e70b34a9395d2f9d03a3171494063a94129a4332738c48

Download Submit
/data/data/com.twitchyfinger.google.furballrampage/files/Tapjoy/Cache/fe34bfffbcd29b1755f133c19aaf4621aef426e082ee6ff530f12b91de36a0bf

Filesize
49KB

MD5
ef998efc9d10eef6fcd3d5dd8149c84c

SHA1
1c5089ba85c24230fea9b646e7c860354f71a03d

SHA256
a84b4119c5ae21da53194e5dea2ee3f9bb12e51da81dcf8f1823305603262ee4

SHA512
d3c937fc1aa8490d5348a73efaab7d28f1af4e20b3e43189364344efbf6abc2e2d6ed6dd03116d014ce94346265e6c293e01545bf246d57d8ea477aac47ec3e4

Download Submit
/storage/emulated/0/Android/data/com.twitchyfinger.google.furballrampage/files/FR_SAVE.txt

Filesize
22B

MD5
ed8bca3a43596e62066513e3c34ad7fa

SHA1
8e4b41bc45fe01532602440cbf84387ebc451466

SHA256
5b926db3027b4dfb325d444eb8fad595c8bff44caa2e9c8e4890162580d55b93

SHA512
702fc2c3f23c5e32c528cc7bfe5dd114341b27ce6fa6e84788930eaef555354f3b600b7470cc157819d77085955d9b835bd600a0c124f53bc7aef6890dd9463b

Download Submit
/storage/emulated/0/Android/data/com.twitchyfinger.google.furballrampage/files/FR_SAVE.txt

Filesize
59B

MD5
019ba85250c710e4b7e10cba1dfd069a

SHA1
5aff84898ce1bf4d09ddd887b57aff886c74a026

SHA256
e135f76ea11d04fbac6563a6f626a7859e40e1ff1a19c3b85249939a6226c7b0

SHA512
b3098f61d84a7bfdc4787d0f5397e8110a1ba6bc0a297902076e803cd9fa92313d14c3feb597cbc433158ea11a49eb723b0040ff442d34000e768d94ed8512e4

Download Submit
/storage/emulated/0/Android/data/com.twitchyfinger.google.furballrampage/files/FR_SAVE.txt

Filesize
59B

MD5
fa5528df099bba2cfcb57d8021f0f0ad

SHA1
caaf51c94aff5b10c7a2b5437877742f9f59a934

SHA256
4189859847ca754bb1c56c6d56f3ec37a0db29fb55d251f05d7a707b00088fb2

SHA512
c0349d88a8b59a3927a7b6cd042528e184d8c48b316d844b4b713012e558882080cade73ac390c0b7f701ecfda7a54940de2c35f54a92c90de7c226a5f13e32d

Download Submit
/storage/emulated/0/Android/data/com.twitchyfinger.google.furballrampage/files/FR_SAVE.txt

Filesize
95B

MD5
878d2c5d443fa41aab3c590ec1649843

SHA1
83bb9914c11e875eb52df98f103296810142e13c

SHA256
7b95346749b771ad2d715173bad7a3373a5a299b27448bf48769e90b3225a569

SHA512
32dc130dcfa43abc2ae0b28b92091afffa7d672952ab17e65dcb27a523f0e51f4414050e33cd5e9c68e4c4bc272883b1d67f3479d0c9bfa55eaa9f72b75ccb7c

Download Submit
/storage/emulated/0/Android/data/com.twitchyfinger.google.furballrampage/files/FR_SAVE.txt

Filesize
95B

MD5
2d3b2c363cb8f43307c61a02893e1da6

SHA1
7f73c2846ef83d9a4b406e3418a259cc1af2ad5a

SHA256
88b74f56f7d11c0c57acc0e026cedcffcfca2c77f8c59a6008303f3e9581c349

SHA512
8081259b08212a7c10ec193c14be168ae669f25551681d253406c32d914112e1a4b79655bc93be824429b5673c820b265c22163ef57ea05a6adc53fce6d1ae0a

Download Submit
/storage/emulated/0/Android/data/com.twitchyfinger.google.furballrampage/files/FR_SAVE.txt

Filesize
979B

MD5
f4e81c70f3822e824afe7fc8ebd638f8

SHA1
daa16ba092b0c4bc07788dda208e8e017569019f

SHA256
2b352a845e430a5375de7fb863ff546ef0c9162d133c7240b7e40ed2e542ebb0

SHA512
c4ff73e80ec3f41e8705407be154ff5dc1311251f0c559418a2d6fce8a5eecc38ade841b17110f70e0f9c7eea034e884eb5084732248d742fcfb463a9afcfc02

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads