Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    17/10/2024, 19:02

General

  • Target

    53389b449280c29c1f078960a467facd_JaffaCakes118.apk

  • Size

    5.7MB

  • MD5

    53389b449280c29c1f078960a467facd

  • SHA1

    df95f996aaaad05894beca4116763b8a51fff24f

  • SHA256

    ecb48190068500e532387f2e5183787d2c9f747ee2e4e84aa60ff1399d32c46c

  • SHA512

    0495f229ebc9158c0a7ac8ac41a8059c0680219d4de6f881b93f0520c263e29e4475d848d020ab843ecd7931a63c457a893e7859f77172f6f414f95ffd12c416

  • SSDEEP

    98304:7CeKkUysC5+aYRG6wNoQQzhdnwojUKvBnZG86JItwfCgUDxVh75d/y:2hyXoStQLnnWJItwfbUDxpdq

Malware Config

Signatures

Processes

  • com.coco2dx.org
    1⤵
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    PID:4250
    • /system/bin/sh
      2⤵
        PID:4289
        • ls -l /sbin/su
          3⤵
          • Checks if the Android device is rooted.
          PID:4311

    Network

          MITRE ATT&CK Mobile v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/data/com.coco2dx.org/databases/dataeye_database.db

            Filesize

            20KB

            MD5

            7f546ef76c493d2770486adde68ed942

            SHA1

            8f13b50d67756759c2bde09292ad84d254c293a1

            SHA256

            5a634a5b597da8a9ed9634b67a80f451f7cf0c07800e75b8e5e8c5bbdb74bcd8

            SHA512

            7ad801769c79d389ed0248faff4d73e128603cff67e94d9cdc758db977afb515a932ef7fb1047ccefa83a5d4c6d42565ad4246691d536b30f5c4badbd249d43f

          • /data/data/com.coco2dx.org/databases/dataeye_database.db

            Filesize

            24KB

            MD5

            388f908642292feafa5b00dccd8d37ed

            SHA1

            3d1e7786bd4f849a5e4aeed1e1f1db5775b69186

            SHA256

            786cf8c14d77d427087eb4c1e8722ea3cf576c79812cc19a4cd57b50157e93a1

            SHA512

            c630ad7a7a446a98c70f875902c23704df8f97e8f06342eb93c01d16af8f72f566e448672f747aded15650a570b4502ef52a1692cd8b3f11406d31d737e0b6ba

          • /data/data/com.coco2dx.org/databases/dataeye_database.db

            Filesize

            20KB

            MD5

            ce1d1a5192e0ac4fd5530cd0754c3b93

            SHA1

            474518ab4081fc822cedba6cdd84b9f9f813ddfa

            SHA256

            41b07fbc8df4da1fa681a6be11f83340a7523f8b94fcb95c4cd6eba93eab1683

            SHA512

            03e287822bea2a8fac1bc5b9596d071c3293036bc851114cb7c1732ac427f14c4370eccb590122dd99398fc4cf0c781a222453f10205537b85769ba3b0918478

          • /data/data/com.coco2dx.org/databases/dataeye_database.db-journal

            Filesize

            512B

            MD5

            70c043e4468e3bcda39f9b94a980ec77

            SHA1

            b4eee6e3e7ca301245183cc0f22a3b48bc183e54

            SHA256

            b8262f60b0fd0302f5429803caf89177ea13e01778908de1d79d6ef5d22e4d77

            SHA512

            1416faa03e525dcdac364adf3040879481ac8ef1bd17dab3c555e967d79056aa246282b5605075046d42ab7b62b26b3643847f57dd1be6c595ff7b3c4f87d42a

          • /data/data/com.coco2dx.org/databases/dataeye_database.db-shm

            Filesize

            32KB

            MD5

            bb7df04e1b0a2570657527a7e108ae23

            SHA1

            5188431849b4613152fd7bdba6a3ff0a4fd6424b

            SHA256

            c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

            SHA512

            768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

          • /data/data/com.coco2dx.org/databases/dataeye_database.db-wal

            Filesize

            44KB

            MD5

            28fc8228c7bb643ec0c54ff794d50cef

            SHA1

            82d402137ecf29630bfc302d5a0924a82de2319f

            SHA256

            f28ffc48c04bda65e127fb98b52750df39770ec475113491591674756e7064a3

            SHA512

            93fb6f020424592a0117451e521fe31eae69a6d28c4fca88a57f7260bcaef48f9b814641e580a4078d30196fb7f1948cf5c71786c015d313db4ed9279e6acaa3

          • /data/data/com.coco2dx.org/databases/dataeye_database.db-wal

            Filesize

            8KB

            MD5

            3e56abde677c6fcbf23611402385887a

            SHA1

            64dd57c245f3b4e77069811b8deb2d579d8e6f3d

            SHA256

            ca5b604d5a94e0a90a05952b8d709fd6bd3e73170eeb4ec7a7d3646e2f8cd994

            SHA512

            6af4944f34488fda3950050294bac4b5b45538e6f93668d5d214abb07420aeb4baebea4ee99bd4f2220513132aa8205ee50513c5cc565ab48ce19654d7cd5a70

          • /data/data/com.coco2dx.org/databases/dataeye_database.db-wal

            Filesize

            8KB

            MD5

            31dfab2c76bb98a49ba043ac918be084

            SHA1

            0da307c13643fae7dd26a7783161e2d27fecd94c

            SHA256

            79b47a42a3986c01cb1e543c266916f677934aa70ea92d6a61e0b62c185b7d4c

            SHA512

            91e7b294b07cbfa585b297be46b29591d938717e33ac580664331ce405b66f120cec5d7dae5189b8f58c66b7e241356c1610f48f2f4ff86580b5657c55ca1bd7

          • /storage/emulated/0/.SystemService/DEID/com.coco2dx.org/oid

            Filesize

            32B

            MD5

            85b0dfa4c2ca0ba08c5355367fed8642

            SHA1

            22843598ac8a2b3c8e2ab00186a5693a14d4e5e1

            SHA256

            11191fd2fe0e0a636771c72f4f7a529e1b0bc89a032d3d9bded766ef503692ef

            SHA512

            42a7d903f62b8535a8202849f94473b0980aaed4730041b73710cabfb4a8498e6bdb57ff76efbd1183df1e36cee2e1d8c9aa08d47d997507a5e1dd0edd2c07ce

          • /storage/emulated/0/.SystemService/com.coco2dx.org/uid

            Filesize

            34B

            MD5

            9271895893dbdadd1f054640b625ae37

            SHA1

            f0263a846f1f17cdb8efa6fe1e43c43a6c90c539

            SHA256

            95985bf9f84e7e59f7fa0ada1b6e53f87cbd42349f2a2ff8aa1f6f294bd83eab

            SHA512

            d10e039d9089dad3a4f5a694584b677ef8d84dfe6898597cf3e24b32b6e62c9f99dab18a1f4b5fab59f7ba8e8ee03be3bbcb2c0d642ae6d8e3c67e74e7388975