e8b4510fff45c29e3452bba0bb9067a62455df16d61bcf5ae91903ee00be931a

Analysis

max time kernel
127s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
27/09/2024, 12:33

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fa6a3e0969381b028759b55f3c6e7d29_JaffaCakes118.apk
Size

14.7MB
MD5

fa6a3e0969381b028759b55f3c6e7d29
SHA1

bd89ff2531d5ff05ba9863a0f9d05f50f1b1a7da
SHA256

e8b4510fff45c29e3452bba0bb9067a62455df16d61bcf5ae91903ee00be931a
SHA512

e8db1f3f1f79b688e716a92688ae60bdbffd69f99cce341d9bc47c34ba36372d4312f0e4edb60df4b2eb7c7682aae2494bb8d17b62f6cbea6e587238ef68b0fa
SSDEEP

393216:JlFc3Fc/Fc5Fc6Fc5FcNFc9FjciRZDQkIFmAhvrwC9P+FURTE21ki9th5EULNH:JEwW3qm+ZaJDrxd1Nki9thh9

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.ea.game.nfs14_row
/sbin/su	com.ea.game.nfs14_row

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ea.game.nfs14_row

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ea.game.nfs14_row

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.ea.game.nfs14_row

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ea.game.nfs14_row

com.ea.game.nfs14_row
1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4248

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.synergyidmanager.dat

Filesize
143B

MD5
121d7f49ede304b5b00b964464c0e829

SHA1
5f9525a64077dee808adbceef5079cf3292e6e1e

SHA256
4b67ab0827884be39fc8259db88453c790f6e2ea76b0fb1f6d5a7334cea3d532

SHA512
1a6da59ce02565c249d9fd92a7f0dfa53ec4471cf87efcdfce9384989d34ced4868bd452750a3bd3374056778b80d5894d51ea19ebdd22f5147a1769c7210e80

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.tracking.eventwrangler.dat

Filesize
157B

MD5
28f82ecb3c2158eb006cdf43e907bd3c

SHA1
191ac1b3e33445247eedb58e840287b36f91d481

SHA256
b2eb0e91239f3d3d1c59e0f769ebba7ed9d815cbb5d10ef8623188fc8e6f2737

SHA512
9353497120ce4600fb20415f2a15a3c8a2262269b0c2145f7cc083271562e07a54646cf0553c6b74efa1947aba3dc7a217e1b045a537a6fb00f06fcb0ec52ce3

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.s2s.dat

Filesize
1KB

MD5
c2a90bd264e3195d21ba2c4f173514fa

SHA1
6fa1d409acf4cdecedd903b20fc459ddf365c6a5

SHA256
91bec4849ca61c418e70614350c5b8f16616f6f83fa01a14e84f8e744b81c8ad

SHA512
c1776cf8efc4a5e0055a0a73841f04046468ce30af4ec16b9f3f007adb95acce140b5808e6ab419066e825af0b192fad7f5418efb3ec1f03ebabc33b8c2403ec

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.s2s.dat

Filesize
2KB

MD5
7a3ea8b3768d902fe77e659c5c2b178c

SHA1
5222a35aea668e4871d7e4acf91d4627376518d8

SHA256
acd8e508ef86e756da0702f6929e85783ca415e651bfc67c9abcf630707ed867

SHA512
e57c3c09f47885e8ad885a90f6ef9278fe87627c7efa487d6d2bb855970e99cb073259fa88ae68d73906dce889aa34213707087b0de1d2fbc61160f1d458a508

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.s2s.dat

Filesize
1KB

MD5
e0dad55e1f8a316b2c0bb8f21d83667f

SHA1
7eb04354a6c40365e3b22dbb3adc187e7aa04f12

SHA256
e1f8b43efd56c29062a24eddcb454f314231566d4323fc7834dcd1720144be69

SHA512
4d7ded031d8880e9222c918f4d2735f1d433de931a1a6ea736250825412b9da39132072ee28a9733de7209a0b05d5419500c373b36d1798d3a1ce9ccdc95909f

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.synergy.dat

Filesize
1KB

MD5
dc972787bc4cfa9ff367897149ffe163

SHA1
a6915be4c7f7cd40b09c24917083e8d83a539a00

SHA256
15a9d3cd8ecbcf0c427e2bd08b8df0a93d4129d6d70c67149d8c5b69ebfb2f4d

SHA512
ce49c6b220095006558ac1c36270517b3ea1faa1202fc22681ac812bda899c55e04c8779ea91d7e2885860d164d4538cf1f6aa49f55f9ca58d2eb79f73ec98ba

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.synergy.dat

Filesize
2KB

MD5
f31fbf5d717c3b1cded388476df6e50d

SHA1
64f48b5c21a169927e27f7009e2fd6cfd9f0268e

SHA256
5eee33cb4468d26bcd030c6819f812985ece5c335a382fa619c58cbcc0e3498b

SHA512
894445853f43e22a79ffc1aceba56aa525ed01bf12172930477a2f25ec6d8753c1d4b14157f04e40d4f85f7e3cec488c344f31e6db4d4ebfa958852c7d172c54

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.synergy.dat

Filesize
1KB

MD5
076927ccf26bae3c24841f28ebfb4356

SHA1
7e51fe925594a72c785e83b92956c9a8af85c33d

SHA256
80b429150afdd3119c5ac0687b3708634777b570064d502fdeee6d1930e6ad9b

SHA512
dd04113438995b53855af469c8a607aa2162bc477d31d5af42742ffc5092ccd20235e23e382e6e9c0bf7041718c61a5cadab0a4f522fb3c0312b07676fead176

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.synergy.dat

Filesize
1KB

MD5
c0a61a66f1d9707842c2fa7d4dd5b1ba

SHA1
0cff8a7daa712a8ec3b88314e16abd2be2315392

SHA256
9906c0ff6fa53e0660d39c7e01b17618b497ce6abd7c13b83229e19dbd0e55ac

SHA512
5eec2de1877bdbe97f4621ae51a892f7c05944389455e57136d69f6fa5fdaded54e9c6d2d7e0a65361843526ab35a1bd02e1c135d016932641aca98eecb43387

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.synergy.dat

Filesize
2KB

MD5
674a1454c90956656edbb384639826ed

SHA1
f9fb9da07b341442030dfbc0c2d4e29c71343d94

SHA256
d03d8c10d527232c67349ce31c3bec1986e3f4dc28bf6b19761d7e6579b7b499

SHA512
1572edbdc6b96d550cafd4c5f8bddd9c2d52d9b998b642b61d9260b0ac9486d5f59cff6b20c4beb543e25302f48a7c5f4f96fdbb070b216a1891068ae1eccb1d

Download Submit
/data/data/com.ea.game.nfs14_row/cache/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.synergy.dat

Filesize
2KB

MD5
957a058c0fffd80defd560067a9b7349

SHA1
827bdaa82983abd920725114fe41ed5a39376224

SHA256
e09989616fde548e130b8f520c6f0448c6e7c8741bfff468a7038c943a411ff0

SHA512
abd64b849e0c31f91d248fbf6c697010984e35218d4005f547da0289eb49af2f42b1582c74d19a60457f4d0a7528a5bd3dca582511a63a6ae308e8008041a7a1

Download Submit
/data/data/com.ea.game.nfs14_row/databases/DownloadsDB

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ea.game.nfs14_row/databases/DownloadsDB-journal

Filesize
512B

MD5
3c65f4f0c7878d54b5a781b001078424

SHA1
31bd4ed84ffa8b3340905a8bac310e38dadfab30

SHA256
735f29ab062b76ee452ac1cd6064f6a766edb23115e5e62faf2173d0e2347ec5

SHA512
11f062690742fc4c5dd730d588c0bf83970975d6da619dbc2c54890cd7a5fedafe56f38a3bf341759d18db1c4cc5594e7e16f6821b40c08ea99ccaa18a52689b

Download Submit
/data/data/com.ea.game.nfs14_row/databases/DownloadsDB-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.ea.game.nfs14_row/databases/DownloadsDB-wal

Filesize
40KB

MD5
84f373463e4d372192c6012f42b10b08

SHA1
cbbacc1fee9a8808579c1fc3a01b082cfc656580

SHA256
bb1471c3a78a0b3948916bd7a2d324ae45021f44e6cbddbf15f1f7a35619a0f3

SHA512
8b68468b50dfb15d136cca24c0b37e6c667fb1e74caca76366491ec417e6313156fc61219f5a9e5c81d269e59d434b06fd8c7de4ce387828b715b22d6ebb8ea3

Download Submit
/data/data/com.ea.game.nfs14_row/files/Nimble/live/persistence/[COMPONENT]com.ea.nimble.identity.authenticator.anonymous.dat

Filesize
175B

MD5
111c3abccf7c4ed8d63f652f98468fe6

SHA1
de6cbf6a3e3370a3a24a6dcbe5f72f0de27a2f3c

SHA256
fe6ae2de25ae123756a65eef641d2af89505e5b51d6b9e00d5158dafb036464e

SHA512
59b8e19ee20396bb037198c8c4e269048641955d05f0773b1a11e61071ecf32e6c52d7cf4aad64c1b6ddf89704a5a3df556eae3021222605e9661ec479218c17

Download Submit
/data/data/com.ea.game.nfs14_row/files/Nimble/live/persistence/[COMPONENT]com.ea.nimble.synergyidmanager.anonymousId.dat

Filesize
143B

MD5
8daad16c646ffc1f5c8d185393d2a9f9

SHA1
8bdebf5dbacc91ee32cb3696826ea75de8b93478

SHA256
7810351cabb60625f0e51dd9679ffbc8908fc81ebf5e3ec5a42c684c5dab006f

SHA512
4aa440d71017dbc38346543aee1ab6f6fc2ec1b198e6d3fd32662b921aff86db384bc73c4d9a3152b25e4620732472e9c3a1689888276e82cf9c41e522e6246a

Download Submit
/data/data/com.ea.game.nfs14_row/files/Nimble/live/persistence/[COMPONENT]com.ea.nimble.trackingimpl.s2s.dat

Filesize
186B

MD5
247493d224527af7ff09a4a7a938eace

SHA1
ad5699c6d0201160c71743645ed8eec7721c3b7e

SHA256
890a233ce914cc09e84cf566fe23c715aee6d87bd2f8dfc3b727d2c9ccfa6c0a

SHA512
5f5c1d4478d0225b291ae5136472a731b74d86786d0cded20fde6a0aed8d43d464feb5c0456a0d2e84cdd97ee14cf9ef3d3add28e16aa5de37eb2e4a35670c52

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads