Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    31/10/2024, 14:50

General

  • Target

    8357b3235ec10e92cacff374a392adb6_JaffaCakes118.apk

  • Size

    24.6MB

  • MD5

    8357b3235ec10e92cacff374a392adb6

  • SHA1

    ef17111b273fd59dfe3e3bbaaa81e4b8cc14f03d

  • SHA256

    2541f86feb55742d5c41a76ce903e77a9906a6be38926cabb5abd487504dbe2d

  • SHA512

    76b08e335156fdce4b9431cbfa902622932d18cf14eabbc83c1eb3707941b159c3935b00dda56986dc32483ff9d9e37824cecede4f331a0667a896669bf52702

  • SSDEEP

    786432:h+lqgp6kCs8xkAwD+amaA2ujKtkUoxsxayd/:A8gp6VVtkTxujwkUoxsxaW

Malware Config

Signatures

Processes

  • vn.adflex.process
    1⤵
    • Queries account information for other applications stored on the device
    • Queries information about active data network
    PID:4327
  • com.redantz.game.zombie
    1⤵
    • Checks if the Android device is rooted.
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4366

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.redantz.game.zombie/cache/1582435991586.jar

          Filesize

          9KB

          MD5

          e8e0527a01aefdb89afd2c508f131da1

          SHA1

          f1103e6b260c657ceb3d95f1b023af3fda8b133a

          SHA256

          f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

          SHA512

          fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

        • /data/data/com.redantz.game.zombie/cache/oat/1582435991586.jar.cur.prof

          Filesize

          148B

          MD5

          a3b78d197d786c13687c3f0f89703bd8

          SHA1

          9967f0726b6b1ed3f198904547b81920f8329621

          SHA256

          c5e6754556dbe01b055066f23c28ddaaf5fe67cee4baed00d59dc993335b3d97

          SHA512

          9a47c9bb977edec9d29d22f280e0078ca931a722eaecc2b085c6b5aaf6246d17a6ad07c9faca45070bb5b89a3ee6cf896f5e2c7e73fb033e3ac57471df70a8b1

        • /data/data/com.redantz.game.zombie/databases/vungle

          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        • /data/data/com.redantz.game.zombie/databases/vungle-journal

          Filesize

          512B

          MD5

          c8e7c56d93bc9adc6e8aebbd8b8952a4

          SHA1

          099af0fd3ccbd2e37b56b043a496c90866c28317

          SHA256

          3ce3b7a07bddaf6194350b43efef55e30a7dd75be4bf4669c6f28bed1c55ddf7

          SHA512

          07ad78e522f4f6404ccc363dcf2f58b82e7ed1f0c72a5e417347a4902555d6311acae8517440853343b664c071331aaefd73868ed1d2e21e408cde01365ab3d3

        • /data/data/com.redantz.game.zombie/databases/vungle-shm

          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

        • /data/data/com.redantz.game.zombie/databases/vungle-wal

          Filesize

          76KB

          MD5

          5c481331f207124ac17cbe806bebbea9

          SHA1

          5e02cb7fcf8ecddd9fca2b6fe46d98f8f85e8d05

          SHA256

          e1eeba41abcc470f0c9184ebaca7f0cd6253f2851366e9536692f5f4a34ccdc2

          SHA512

          1198244f02ab6dd0cfdc49c675310b7c56e16feeeb22ae0148f23724e0fb349bda953011b97e2ff649c4aefc00c2b6caf3a5f4393cda179506b3568fdf4c7483

        • /data/data/com.redantz.game.zombie/files/.FlurrySenderIndex.info.AnalyticsData_7JNSTN36BF7HV9CN8RHK_157

          Filesize

          42B

          MD5

          921642af305df1327991e291fbc05a71

          SHA1

          72a3cbb6601c28c33e0d2d7ce3f37e65915a3dcd

          SHA256

          ab46c833e022fcc7b8d681571e01cbcd2cfd1f20e62984b5c97fbeb4af2b5591

          SHA512

          b34d84dcd4fb71b03c6dbc835cf7ac54ee7b6b7b77f6bd2b2eed4b9afe9e80f19a68e470f1fe99337ffe9ca3c48ccbcbee3ac3a0c864303a58575ee2faefb115

        • /data/data/com.redantz.game.zombie/files/.FlurrySenderIndex.info.AnalyticsMain

          Filesize

          44B

          MD5

          7b39e9517c6212e7e3f4acdbce1bb43b

          SHA1

          b9203abc6c73d684825d492620ae3d90cd76fb99

          SHA256

          d8dfbfa8c3ddc521c37295fd1bf8e0937a42df50b84e07dc0d7db58ee3926645

          SHA512

          ed0679f654976b3201e4720aabab67cb2f7ba97745156e2453e519b2f4af1bfeb85375928bd7e52e606f3baeda40ff2e757cd510e5a30670ed709550028aab46

        • /data/data/com.redantz.game.zombie/files/.flurryagent.-4ec3f0b

          Filesize

          58B

          MD5

          a5f0c02f29811ed6fd9e10fd32271b6d

          SHA1

          261d0146953f9ce9f2050fdfc1ca96b56878f520

          SHA256

          dc3fe84aaca2fa32fb143391724b0c7914de29dfe80cd23d0e4d6c2057243d00

          SHA512

          3952e39b8cb9aee44f1743551367ceebf78959c4d0fd208958a39c71910dadb0a34f920fedb5b6005ab125c278abba53ec1a833e000bbad1120133e322d0c2c7

        • /data/data/com.redantz.game.zombie/files/.flurrydatasenderblock.45185f7d-ff83-4552-aa56-c303e709afa9

          Filesize

          277B

          MD5

          903e44d200f63062f1fd5ae16318cfb1

          SHA1

          75ef3cbd74005112a494c6d28e45febd4d7e7534

          SHA256

          3f982749f7c8ae492f5b92af08ac3ed5b870b776e7a89a06619edb3660938f0b

          SHA512

          fdcb0a7ebebb29bf5a5c9813648037fd17311d7793bb321efe90276f6febaf8936e734d307498dc3d1edb063664d573b34fa101a80a72a3c6edbd2ac6262d9b8

        • /data/data/com.redantz.game.zombie/files/INSTALLATION

          Filesize

          36B

          MD5

          902ffc542297d530f56a00769eb14369

          SHA1

          08af5dc5df4e81ee152caf3f11829d2428848321

          SHA256

          e95798bf7c351d229a40994f8056ccffd15425bc4730d7c03b6135adaa43c1c5

          SHA512

          56b5af3f51fa1ac81d0fab40cef17ebcc1f93a5e3c743b35739739ec223f6cf2e21af5c87e3018c1c269cea4b5fbcb658b302b5c196f743ec8840f79f281442b

        • /data/data/com.redantz.game.zombie/files/adc/data/session_info.txt

          Filesize

          116B

          MD5

          2113711cd47f22fe7e028c735790e795

          SHA1

          a45086abf2943f9f863bd5c1c10d2b70d00a2016

          SHA256

          87c12606cac8ee4235f9294db43028a2d3ab4f1f0b8347566f096458b9dba5f7

          SHA512

          6e242eb8e7a798ea971b839c9606913591c1026ea19c2818ca30efe19878a72516164958f818032b819cb2f64cee2da2fbd82b2cb4fa11632b15ab8ccce7e744

        • /data/data/com.redantz.game.zombie/files/adc/data/zone_state.txt

          Filesize

          95B

          MD5

          862f2fca94d0cac7356b1111356d61ce

          SHA1

          d3fd3194d78c7e4280abd4eebf3ba5ea6c752081

          SHA256

          8a41b7e5c3f4f2cc9205e28a86bee4bb143dffc65a4eba92d97a6b57db56ad41

          SHA512

          5bcb345ab8b7d3f691bf8d5b801bf4221bae20af34e308d96c6552ae81f022d1640107e7c7b4eb1adc0da2125db43dd9529bcf47c329cc8ae333ad20154ab17b

        • /data/user/0/com.redantz.game.zombie/cache/1582435991586.jar

          Filesize

          20KB

          MD5

          fde2ee00cbd121cfab5290b078aa3ceb

          SHA1

          e2b77d5320e155e413d040a8c20020962065b2f8

          SHA256

          2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

          SHA512

          a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56