0a0859bb1c8d468ae38325bae4fbe939a05d2c40bab20cd4d24979d1483e908f

Analysis

max time kernel
65s
max time network
157s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
14/09/2024, 01:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

df39e1bca46ff9067b170af3b2f005c3_JaffaCakes118.apk
Size

5.7MB
MD5

df39e1bca46ff9067b170af3b2f005c3
SHA1

f30c640cad1168f315644707f238c642dd3d7fe5
SHA256

0a0859bb1c8d468ae38325bae4fbe939a05d2c40bab20cd4d24979d1483e908f
SHA512

04c673038277711f3e9e499537dfe8cc87b3892e26aaea5050802c7be26cbd00b5e9b59d4f836164e3cf60daa63490f279430b773b76a5915eb3f5780cf81d6c
SSDEEP

98304:gcpk9rV8BO3BLVhmwCsqDylf0AWgqPBUqojPW33tvpmGJ1DQ4GvLW87C2iWR:gvwO3B8sqOt05gqPBYrW33tIQDQ4QW8D

Score

6^/10

discovery impact persistence

Malware Config

Signatures

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
8	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.gamebox_idtkown

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.gamebox_idtkown

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.gamebox_idtkown

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gamebox_idtkown

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.gamebox_idtkown

com.gamebox_idtkown
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4976

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gamebox_idtkown/databases/cc/cc.db

Filesize
36KB

MD5
67c12933d1e0e63d9801a6aa43092ce7

SHA1
b6936908554e4a1986b8eb08289e2d3545e8ff74

SHA256
abda5dd4cc2e7dbb951637c4b49d6990f9f34411fab4dee1a387dbcc8e7eed40

SHA512
db8b818daa3ff4ec7678645f84bf8b45c809bcbb758ea78b28982d071572655bba2d20e6f1ca4f0d057ab34fa655c5bc40457dc65050180351a2fc04a47175dd

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db

Filesize
36KB

MD5
0908e924aa236931dc7166fef6e00862

SHA1
7782648d6d8f6e835bd47058d4852932c096a467

SHA256
38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f

SHA512
3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
8KB

MD5
4b6f409035003b042db665861ab8b8b1

SHA1
9f43c6b7818120e7e80868fa05c19aeaf50b83d4

SHA256
f05d70d79693ad7ae2832ea1a42c50a672fe56bc5ed6ba0e540e8908344a34ea

SHA512
808343425acf852fe24bfb47b0419faae52b040a1736b22d12758c05f28a37fdefeb257538a959b914730238cf4ea53e3cf01bc05f0eaab87ed50a576a0279c6

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
8KB

MD5
bcc40649535cfb3e8c0f7ccb75f28973

SHA1
3fb6b20d4d855f3fbc5c16fe4179ed25e5a6d322

SHA256
891f2d1b83ecf1fa71261473f16ad584ebe2fdc6a28ba1e1387a120b1e9503ee

SHA512
a22b793fa8f4a7d4ef84192a84c272ae7d31762364fd454f1b19123d893708e438d45f964dedf51bd23f872942161c94fa8055927cf76b838eed0b779e97ee8a

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
12KB

MD5
39ee220c08253c08479ef39b36b3d9bd

SHA1
36ef33af9d6d2bfb0e30c3d8ff911e55dd60452d

SHA256
1edec25009949ae6a3d3ed757c3d2f97d865fccc820cf755a2619f0c00efcb4d

SHA512
271cfd284fe398459504153f1653ee6562f43df99561a8cecbad5cce5c106e61c77e00789623cb2e81e3547eef1539af1ac261049cc0bf1a09aee7c868fffe1b

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
512B

MD5
57d76d68317550c12e4b2caafd93ca71

SHA1
198fbb8cd5cd0a0fedf3a3ec5b1a0c30696559bd

SHA256
ed1212bff40559c639c3a7c5499e3467001875173c114905208ef9793c1e1cd3

SHA512
92d9d5943bd8404b37c9ed6bad07ba2c4666b455aef3715666061cf3b5ffa111be61fbc599c9210585752d47affed8e955a37389499ae8ebda3079f664d48d24

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
8KB

MD5
72c048897d6864a3527194d5206346b7

SHA1
e9232fe4287b1aa7a3699367a9cfe877634de278

SHA256
2e83d6c0c66f6b04f8d6ee5890b94e24e41af21c16223089c8115b593f245426

SHA512
8eb5c7d138db24477804149f9a8690e486b6b7a313340bc34da4e2c31271bac13a2f82bbdbea59c23a148fccf2c5d55c232ad4ea393f72ae82583f1696b20e52

Download Submit
/data/data/com.gamebox_idtkown/databases/cc/cc.db-journal

Filesize
8KB

MD5
3e23f5ad5bcc118f19ca4a8c756ebfca

SHA1
235fe328cc267dd77f8f09498c7cd93e5ef9def0

SHA256
4f0f4de57a53dd30affe5fe68c8d7e2a6aca448b4227dc1bbe5f9c55423811c1

SHA512
056ba00e983ca56dbad7e7e9d644c3e578fdb6bb3e0b4045ee9d1eb2e6bf3962b43f2a21afa07f53d43d21f72ef890aac51436c4ec9d43a8e65c028936adf665

Download Submit
/data/data/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db

Filesize
72KB

MD5
1fa3ecd0a3d1953701344b0afae61a01

SHA1
450cac7c0bf3af3b060b885a56be8771a83724b3

SHA256
eb9467ffdd569fb47cafa7a0021be91d7f21c19a037ab1d51323f7c6ec5fb317

SHA512
db91e99e766b8da695e7e775e06f5af37d667ccdff9db8e70c33e710d6cb54de4aacec8304b329dd8700a02d269a5ed9437f4bc15c8b4d139e270c9efdc0c076

Download Submit
/data/data/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db-journal

Filesize
512B

MD5
55a9e9cbd4f0362081348807c5a667b0

SHA1
f8efc4454f25fffa49cccc86687af18cc7d76984

SHA256
e78bdd01ccf1eb1a58fdd50027f510280174edb660e814b3d9ff167dfc90863e

SHA512
e8359b3b4f78430cd8f3c8c39ab61acc473fa11a975f08df627d9ae9fae786d4875393b88610481b42c9acef098e4482a7a6c7b7ee2bb77df2cac6e34e853f81

Download Submit
/data/data/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db-journal

Filesize
8KB

MD5
d3cfbd52e9259c682f9e19aa8cc426a2

SHA1
e17eeb073094c46aeccc8f5e666b2ce187b463a2

SHA256
a4e33ece72735c9ac275ffb4a7b3b25a37da61de93ccdcf8a0fb9d60b80a98df

SHA512
e239aff1f7c2b50382b449912ff7007ed8a4df9f9d3aa2aeddf8d8740edc1d40b77f51581ff4bace91eff60093e006e5af7d2c6181d50f100340849834749f62

Download Submit
/data/data/com.gamebox_idtkown/databases/com.gamebox_idtkown_6071box-db-journal

Filesize
8KB

MD5
4b680045d9e112edd485f8607efc3d46

SHA1
e0aac914fab0ec1db3007bf9bca2a85cdcf466a6

SHA256
50bb1b0e8dec52822b451f964ded02c9256a51af1be93d963073c59dd5b507ec

SHA512
de95f9e55a079a0134d2454e55f1651de2b994635ad2b72e0ccea4098e68ad4ec50568cdf694446b3581f1ad49c4c017aa82e4ef5bcf4c12728b549c5962e75d

Download Submit
/data/data/com.gamebox_idtkown/files/.um/um_cache_1726276429629.env

Filesize
1KB

MD5
a5ca9a689179e2524606a22644a36432

SHA1
9d3690b68e76aa09aaef10e4477b1081cd5a29f3

SHA256
82a7a03d5560e02281d364113246316943ba7dafdecd2c9f9e4ffd9174843f5a

SHA512
d7763dec9afaed8ffe4f5ab2ba235b4dd647134e1890f47b9ab8f9278b31ce108dec284384542343854fd0a4057e62637389c2c7ee1e12b047fb01ce79f54030

Download Submit
/data/data/com.gamebox_idtkown/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
a9e29696d141ac305f26de44e16e1dce

SHA1
1c3aed80663af7245b8063c9413179e721465bf8

SHA256
2c6f0f744bb98e85d53da216c64b304bef16a8cbfd424f57fcf909dc1c0aa471

SHA512
bcd879967ca57cc5ed52007ef50defd33893148e07b05aebfdfb0eccb0d46966f2433357cc025d49e9623644da226c65e415d01233defd5934cf84eaf9aa2b29

Download Submit
/data/data/com.gamebox_idtkown/files/jpush_stat_cache.json

Filesize
138B

MD5
883b899f3507bd44f7546744c4bfd734

SHA1
ab0b1ad7bb484158a8663fbfe88544760ab6c3e0

SHA256
9ef2d5e605300b329a03b545e833821564d2b437493dc2432f08de301457fb44

SHA512
99a0d7df52b2059fcd71629e0a02982fd302f1936598b156856bb3600782f745baf40a140d0dc04d787519b55ad3312c4d399888d87105007a04d0534a2a7064

Download Submit
/data/data/com.gamebox_idtkown/files/mobclick_agent_cached_com.gamebox_idtkown114

Filesize
2KB

MD5
f2fda9728589fedc1c30d284a9d7088b

SHA1
341d886b2f05151a76c7c0b96f52953873075a62

SHA256
4bb8f13391782869d387acfa7beec5158e67ebc6c8c346e5a27cec38a1f22e7f

SHA512
e7e6218751fbe6d05605ad405ce010c0e1a2d5db0885c219a15a85cadf293bce5254908897fc53b54b85cf00d687f18c08b98317105f732ab1c45e227bcbc031

Download Submit
/data/data/com.gamebox_idtkown/files/umeng_it.cache

Filesize
435B

MD5
a8dec89abce607932bb1ce9779d2221e

SHA1
788218eb6553a7db64fec0493fbb44a652655adf

SHA256
7dd7a6b666fb856905242aa39ff7fc39de4828ab32bafc8fcdf139bbffa5a014

SHA512
2a891d2170e23902239d95b217089d8c8ad1a298d72b0a59d4b36b14ac3d1b805708b94427dcb2542a395e777e2451c4cbaf7762c1714779cb173719b2f4c66b

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
ecc279746c270bda4834caa31dc2e517

SHA1
17a959c588a23478d3c96c679a89ae015715ea78

SHA256
5b6ce9da18f362f578fdcf872e4d457d011e482d912daeecaa40f8b53fef2176

SHA512
2cac7dd640758b4dd0a189d208654a52bfe9cca77e91eaabcefec0476907a524a071561153b22b0a4d709ba6e22f03b0e1c5a76e92a8489d7816cc3b24bf5b49

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
60914bb75723682be7e93b873c03f1b1

SHA1
162da186bcdc92821524c3dee493c206e27ba110

SHA256
09d9427ba8a98166df4605ed26101f976fb1acdc5e14297ef69d53e262b3cab1

SHA512
2814ecc7091f2931767712db5a5bbd8986872c9a7b3dab562fddad913af1e1d22ebeb553172f32073d440de3872f4d24c95bafb66845a2a6c8325408552efc56

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
222B

MD5
fb6a49d547f494c3985e3a3e8329dbb9

SHA1
2ce8ca769e94e042022cf5de4026afc38c4ec0c4

SHA256
f89ee043ae3044f8d27a840c95e516b7da8fd22f08062dc0026ebf94d8c41ecf

SHA512
d3c8ecb2244a5d3de1db8fff90d288282d5a3360d49dea87a26e70ff117131ccc544cdb6847ce1dd9b84c6f5afd1d0bffab8ff10e2937b88bc27e4ed9d796031

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads