77ad8ce5a6593d298604da0a8a398ae45149fad940fe57f73882bdd5184f9d87

Analysis

max time kernel
149s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
02/10/2024, 18:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0c12ee83f9441e51a9fb6e01ddb6be67_JaffaCakes118.apk
Size

10.7MB
MD5

0c12ee83f9441e51a9fb6e01ddb6be67
SHA1

acb15901f6267eb469c5adc688fd87666f6204da
SHA256

77ad8ce5a6593d298604da0a8a398ae45149fad940fe57f73882bdd5184f9d87
SHA512

ccd99597ac5e7887ad556f56aa49d422bcc5e3a3aee1886ccdd11c32293cf44c2c89c5ca085ff0364a16927b07ce208df1248f98aa675754ee4cfcaa64b54d0f
SSDEEP

196608:dFM5i0QZWKlS2stSJfHmmcmbOS0znvthc1czuOeU:dWi0Qg8b+O+mcmCSSnlYguTU

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	net.kairosoft.android.pirate_jahjfjlkfgh

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.kairosoft.android.pirate_jahjfjlkfgh

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	net.kairosoft.android.pirate_jahjfjlkfgh

net.kairosoft.android.pirate_jahjfjlkfgh
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4311

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/001_libnakamap_account.sqlite

Filesize
44KB

MD5
a469e50c2484e37bb529f7a6cded8852

SHA1
e4b237bd270a65fa3e7eb3fc0a9ba9f59533d136

SHA256
f11e1d716853485bf60470c04edca7919288db9e991cc474017353e47d590f6b

SHA512
3fe8f6fbe37912cf17acc4eade2c977629962f64c54d98e409654d55f7d300279b8dffb8a0d71df056c5560fb1e6d7e581ee6284018ff702d749b444918dfbf2

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/001_libnakamap_account.sqlite

Filesize
20KB

MD5
30610eb31ad1792a26f93660f90d6298

SHA1
72a866e4134f17c3ecd94540cd0f7844112490fa

SHA256
8553ec1dff2d1ba021f10cdc398c4661e41025f29649515f54fe178d65882469

SHA512
426f6610fd46012c3a7efdbf6fdc06e0784bfcaa4e6982693af6001b564b97960b6615ba165605a7393996d0223d21a7d5a72ef8018fcf097ffe4f8a49678d62

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/001_libnakamap_account.sqlite-journal

Filesize
512B

MD5
4c4cdf5ffc36be071568e1f1fbf8beb8

SHA1
287a1be2282ee6685fe9b6fc6f0777714d77b908

SHA256
5ba66c2e04445e26a719b1dffd5adb90f43323cd43159962c853de3f070f6235

SHA512
e2856d27e956f0d791250f84533461744c0522b05030bfd460f1111370c4f490332e51040ef0230a2a11bbaf0fce23e3c0b8a88ebdff611266fccdbcee12f3ee

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/001_libnakamap_account.sqlite-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/001_libnakamap_account.sqlite-wal

Filesize
56KB

MD5
98bad9f12c1ba27827d3a270cddf4c40

SHA1
ee3d73850a6e4417a02b12e4aa9b933a4bd3bca9

SHA256
7602e1c62dba485ee178326b4ff0f55fdcd826e9e4f7217eeac39db5b113f0d7

SHA512
bfa76e089306d0bbc953ca4e98f49f91c3f66aa3d55c594bd3d3ea015b00e5e32f102c2b43434c620190f3913d7f30e90e1e6d3c435966556c3a95a2fde17530

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/001_libnakamap_account.sqlite-wal

Filesize
8KB

MD5
7aeb92e6a7303c9bec0d83fcdada2dca

SHA1
aa527d2d101b764f2d211e8a302ca85053560edd

SHA256
0d36394484cd2e702144df7449f91758cb298622ca44385f6f394401723f0fa6

SHA512
1ff60c4839b89340506806af86324fbc1667cf0a0f062bda10b05e612d25d80e8d27b14f8eb50de84543dd31cf4ab1f3ea74f645a9abe4984b1aae8449f391b6

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/com.kayac.nakamap.sdk.sqlite

Filesize
28KB

MD5
caa63ede32bb5fa4b654bacba5895fcb

SHA1
1c2f88044054fb934bf4648d539b31bfe7ef6c9a

SHA256
277a6de58cb45c3b474ab9c13dce21bc698fcb49a7d83e085c56e6d048c71d49

SHA512
75fe477e49a2205d648a92afe31072acb1f5b52d11547b89301737253fec986fdcd69860151f9c0bc4c5195724a414376a8698ce940135e17f05e4fc3aa30aa4

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/com.kayac.nakamap.sdk.sqlite-journal

Filesize
512B

MD5
15b1c37700aa3546305dd469e9262457

SHA1
f2f87c777fb87f675690755b96c2bed60c62c0c1

SHA256
0692cbb92dfeae8ba40a8f481286eade86c42504c0dd704ba559e6626f463960

SHA512
be07f468fc2f05506dc65dad1149d029fa4666e9e791635dfbd463f446f6e45e4ce95417ae5ca01f810fdb8103978ecf6432ba94c3be3eef33fa5dba54e4043f

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/com.kayac.nakamap.sdk.sqlite-wal

Filesize
40KB

MD5
d229119d5e9bab7961de45857084acc8

SHA1
5ce087b234147ac5592e2503d72c1678a3dfa523

SHA256
22a257b1c7f7f38bd084aff0fd0f6b54d044537bf46caefb2174bade0362555a

SHA512
88e8bb00707812ae346020c2649b47094bd6dc52893dfebd11c687fe251e012f4e04036fdb58f0292053c903f72bc9cbd8691fdfb681038bde84ea7083ae9faa

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/google_analytics.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/google_analytics.db-journal

Filesize
512B

MD5
0a4ae2f24fa0c8fbd5fdc911d9241f3c

SHA1
715c0b4b9ca716d329a01bbba39a914997e13304

SHA256
ede9b33c01c9ac8063a3758911029adeef27ea6d393de3976aa44fd1a122d58f

SHA512
3c0a76c3be5c55bf798ab08b44739ea608a4c3c83484611669cd8e83072b67563f0400b44ed30e9decc1156a7207388f0c1598e4ab3e73bc28359805f0445cd5

Download Submit
/data/data/net.kairosoft.android.pirate_jahjfjlkfgh/databases/google_analytics.db-wal

Filesize
80KB

MD5
4439fe43eb86dd3794ed599b18ba3764

SHA1
6a650d7096127750bbc0bd9be996f7721e1037fd

SHA256
8febcf2c48780e07242d4f6b07c597ca31ec676d9da51199b16412343bad0445

SHA512
a4f30863232f5d9c9081c4b110f94ed1ba89f3b4db59b54a23bdc9fb376a09ea1b6dfc30ff429623854365fbe0fe1d0d83add819c96cfab7812e5e0a7e89d11f

Download Submit