Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    17/10/2024, 17:55

General

  • Target

    52f2f89bbb0e21deba46196e5fa0dbe1_JaffaCakes118.apk

  • Size

    5.1MB

  • MD5

    52f2f89bbb0e21deba46196e5fa0dbe1

  • SHA1

    ed1ffc91b5f0ace16909fdf5e2e4283328758922

  • SHA256

    e9fca967da7de00ae2020859ecd1a958fed3597a780443375c1405c5ef56bcce

  • SHA512

    853ff8076b8083f596221860318063ca266092657103f0b8ecdd949d78ce911896406ce10b48f0eae478e22bb78b9b6158da6fd63f930c6b222c6590ea2f718a

  • SSDEEP

    98304:LS2EbF7lCGhzbqKQC6lKjaxOM+GbxJfpQY5hMgUKg8PiHqGVCPmwPhw1F:LS28l9vq9C6lmQOM+sfV5hzgLKGQewPu

Malware Config

Signatures

Processes

  • skydownloaderv7.facebooklite.stt31.ua83247992v6
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4242

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/67114FA703DF-0001-1092-633B272B21A0BeginSession.cls_temp

          Filesize

          77B

          MD5

          d7ee280b8321ba256f8f336c525fa359

          SHA1

          d2eb7b4eef105f8d3e71c7270b0537c93ff9ba7b

          SHA256

          9843634fd7b4c132c49792891191de78d820a7d3fbee41ade5f24bae0971f6f8

          SHA512

          f31bbbb989c943c3eca42b780929f7fbf665e8703952ec0e9feeb21726ec76e7c366a9c6d9459cefa1cc3d47e6b1d90edc1b9a38cd10fedb8f4ecfff0e1e1acf

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/67114FA703DF-0001-1092-633B272B21A0SessionApp.cls_temp

          Filesize

          140B

          MD5

          c668c4f42f26f66eeceab6629bd9ce45

          SHA1

          78a7b8ecc999053e0a680d0a3d57ec70e06d62c7

          SHA256

          03d403d25d972db8c11d28ea22d46669089ac2f404f0b5659b041890591e7d38

          SHA512

          31c9602f87c5e6ad79de41dd1fef47b572f9df3f0df2b0e4bf8251fe6ea4d060f3d699252f37d5c30c062c152a8347efab08d63457111328bc81c9d6a6b5a5ec

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/67114FA703DF-0001-1092-633B272B21A0SessionDevice.cls_temp

          Filesize

          131B

          MD5

          099b737fa8fa693bbba99160f993ba58

          SHA1

          d415b2f3d43def4a9d9c2546a1892c9ee85b6ae6

          SHA256

          c66db99024ec543d9e87c2f1ecb4f014a58d455110cb4282e2d2c587c7c1434e

          SHA512

          4e8a91c51ebb8af774d4f93abe63dac481fef76ae8c9b386e9ebaf6f6f2e6302526b52f10d14d25c1f4f9770016562ee0af54e53e78e4d753ff4e869daa7b591

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/67114FA703DF-0001-1092-633B272B21A0SessionOS.cls_temp

          Filesize

          14B

          MD5

          9b3d4522944ce6396563812bfdb92fa9

          SHA1

          6d2a6133c8f01938a48ccc77ef86ad8ca335c020

          SHA256

          d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

          SHA512

          091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/67114FA703DF-0001-1092-633B272B21A0user.meta

          Filesize

          51B

          MD5

          edae353642d165f254e34d0ce986c428

          SHA1

          38116bed3c236a65e676886ac23cde72a19cd561

          SHA256

          e8041f569777ee119f9510bb9950bf517ea3316522a667d1eec5c02a7655e36f

          SHA512

          8a4f210ea2bb86227dcb50ba72d4f6ad4eb0139159d21558fe662894c69e5349dd48133e7fc6351a92e172342160f1a01c977d0dc06f1a29b5821de65242d93d

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/67114FA703DF-0001-1092-633B272B21A0user.meta

          Filesize

          74B

          MD5

          53dda71c22a8f65e4ba24cda94a62efd

          SHA1

          46b6a688792ef54114e4c95387e9dbac96f01c59

          SHA256

          d73681cc7024c74acfbfedc2ffbab30c80a416121217c5d051c672d772025515

          SHA512

          f8fcb5208ae3bcada65b04b6af7e82f3407e394b397eeff3e2f71c29fbbe547a1e6da7cd458fbb00f417bec42bc104b02ecfca5cbab8066469dc54391d2ede5f

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/67114FA703DF-0001-1092-633B272B21A0user.meta

          Filesize

          18B

          MD5

          b6d185f6efbe50a888d05ae408e74ef1

          SHA1

          ede36bece85511cd1cbf752d015b7c4463c9e669

          SHA256

          769ab80ed0b2e202f9e10da0018179ddb92ad4afab7c268bcbcd827124a68b00

          SHA512

          c0cceecd2738c1324bae5fb03e833b9cbdd009c8a800efe7a558fb804523f79da2690d34fe157eaf8d6619012b0f214a07852581625abcf35f54c90498e24b58

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

          Filesize

          3KB

          MD5

          36d18f665d96a98a38c8b76272f34ac1

          SHA1

          e0edd7d2b6d9c767b93faa03ed2b9349e97337cb

          SHA256

          6da3d98e2a7d9c8f03bf9e23a77f8ae4a7be70cf44a0b182c5da16ce2b5fc83d

          SHA512

          3007a223acfeed9f4faab61faa123a11a7a8e86fd085fe7c2b97278053fd603784b68f3abc2fa637ed3641fd0517f00363b9f25349fe5eb86bcead468a090a88

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

          Filesize

          500B

          MD5

          98c10db439cb346644fe6110b1ea2abe

          SHA1

          d66d1bfcffb9a5a1dfca8b1028007b663d0d3032

          SHA256

          4f8db53d949dcd74e8784da27fb0d0ff4fea53c451ae1c9349af6f2c723ae28b

          SHA512

          5a9f1f11d173babf02d7b1f4f326f36d763e8d9933e3fd488e0891fbb355e933efc13dd53c770e250a85c13609753628fe08bea902dfdc3ed1e25d4f892eb236

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

          Filesize

          16B

          MD5

          c33583fae4e0b61cde1c5b9227963237

          SHA1

          fe2ebe4d27469af1460f7e852031a04208ef629b

          SHA256

          35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

          SHA512

          fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_ccca0317-8722-4d95-aca5-b007c9df18ad_1729187752293.tap

          Filesize

          394B

          MD5

          bf4cd0a9ca754ee6ce6adec045b57ee7

          SHA1

          9db24014312d502045e72f79b66c94250198a364

          SHA256

          c117c463254267009d808d96c15a5cdb6c71e3f66949f6e90891eb8fbb1808a9

          SHA512

          2ff63d19932d04a8b329c14a863ee8ed7db3318ffe038413c0545a98cfb27355686beb4c0d5dc5d7dc99e7dae28fc83dc5161708101a03c501839f49e397c024

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_fc4863ff-e4c0-4088-a2cc-75a8e75a8f69_1729187766771.tap

          Filesize

          500B

          MD5

          6d564878218f21c5c66fab05c708d192

          SHA1

          251072f0d6619f4d50ee9fad8980cb8c7ab20633

          SHA256

          11d9e14783376a52e8743b6db8f128a7769324ef52212ecb9dd9976e430299fc

          SHA512

          d238e993264083613c9cededb12498e63b0c599f75d65d8555d0251de1f46ee8da4eec73ee0b8167fb0520b494823e68593dfda89c2504949e080db69621190a

        • /data/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/files/gaClientId

          Filesize

          36B

          MD5

          6bb1d703764d13b722ef645636865582

          SHA1

          471034c58e6421b5bef3df8afe6d56573098ebe2

          SHA256

          fb5298defbb87d8439db1f2688900ee4e31aa65bf002cd99fdb72f54ab4c10db

          SHA512

          33e36f839d9183eb54997232f2828d4f30a610030f18757e3204f954d3953fbf346861dd5c1c97cdad81c776400caea7c89e7600324981c9e289c19eab7b12d7

        • /storage/emulated/0/Android/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/cache/1719428246.tmp

          Filesize

          32KB

          MD5

          054e5897fccf583739be3e03b644be1a

          SHA1

          6c9b76155b2bedee7e75ba070acbe8698bfe60eb

          SHA256

          c93a7abdd8d7918239e47f1cf92d09b840f498f593ac2155faf8b354242ea8a6

          SHA512

          819f417e341cd33fa19d31d10c7534ff19a8103e5d9a5ff0bcce875a04edc558552fdf2604f8bb0caf0a50f6d76317c5a54a66bfdc465c897200dc7e75839d4f

        • /storage/emulated/0/Android/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/cache/392045835.tmp

          Filesize

          38KB

          MD5

          9b9e83b272e4f69339ed5fa03135d59f

          SHA1

          e6061b6ae412c2ec10e1e0a12ff1e5d741fc622d

          SHA256

          ebd736ae33d061327236743be3ba5a692c5dc202d21aeb726414b7558838cbf3

          SHA512

          44ef30566b05ec909ab463f1c8247f9861f3ad836555dc8b462e9a20d5542bc849c1abaa538a817a78f8316f43c731e85475a91260cc2975b5c1dcffbb596211

        • /storage/emulated/0/Android/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/cache/425486677.tmp

          Filesize

          23KB

          MD5

          aa20ee1bbd2c88b98b22529fcfe531ca

          SHA1

          6563a53227d7fa5a0940f2ad30e52dfdf2f8e3c5

          SHA256

          cd242338345a19897d4546a9faec393bbc5beab6ab2a1f844ef74ac9c31ed795

          SHA512

          91bc411eb2dc5ea781d165346eaebbb21800ebbca66277fa7659d09906345def2b6cafccd924ab0a75b3d12d48f6cab0a5f206573887c0c65c968ddab5939441

        • /storage/emulated/0/Android/data/skydownloaderv7.facebooklite.stt31.ua83247992v6/cache/790093723.tmp

          Filesize

          23KB

          MD5

          b9d4ca18c503b17808e8c212ccaa0459

          SHA1

          eb641e029b116e4a838bffc57a2db7e9d0ae2852

          SHA256

          e0b0665a2d5cf862db53ad32109dc6b3021b022ee89f9d67228ebb331f4fd6e7

          SHA512

          c68967a7e794829ec2e936c3159987b46c6678f20466db9ea1cccc97a006b9f68600b720e555e934a93e2669114ac672a5254d1730eda36d57d2e3ef3c5c43fc

        • /storage/emulated/0/temp/com.mobile.indiapp.tmp

          Filesize

          2.0MB

          MD5

          35b57713d34ed96d3e0d916582cf0353

          SHA1

          e1830cba66de430bae779e839df280c857e2626f

          SHA256

          1b7106549255a7e1dbcf8421533aa62e7ee9800219f9afa958dc4e55814e5284

          SHA512

          97e97725940985d0ae811426ce52f5ed7310e85735375da3edf50e2af44bc0c5416ebcd4a235277c5a427a1bc10b1dd60ea8408ba8246b63ec78ac454b3b3e54