723cd3eb202c5f6ee70cda2ea84464d124216949f3d4bafa25e7a52bbafdeb94

Analysis

max time kernel
92s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
29-11-2024 12:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b15b11f438c8db93327bb679bc09a89c_JaffaCakes118.apk
Size

27.1MB
MD5

b15b11f438c8db93327bb679bc09a89c
SHA1

5a4f289422430a8bc68941e311bc50190f570ebe
SHA256

723cd3eb202c5f6ee70cda2ea84464d124216949f3d4bafa25e7a52bbafdeb94
SHA512

39c84eff8e1e689c05e6a7ad9f88a68d13030ab40c1430c8387be2b28e91832043a0c49a778defd93307b12132f89bfedd065dae4c6774924a366e4da42cb187
SSDEEP

786432:s9g5ZdpzPhkV1RArCY6hCeS7T+jaZLjkv8jyjZ:s27zJCva6hWHhjkv82F

Score

8^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

Processes:

com.redantz.game.za2p

ioc	Process
/system/app/Superuser.apk	com.redantz.game.za2p

Loads dropped Dex/Jar 1 TTPs 3 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

com.redantz.game.za2p

ioc	pid	Process
/data/user/0/com.redantz.game.za2p/cache/1582435991586.jar	4494	com.redantz.game.za2p
/data/user/0/com.redantz.game.za2p/files/audience_network.dex	4494	com.redantz.game.za2p
/data/user/0/com.redantz.game.za2p/files/audience_network.dex	4494	com.redantz.game.za2p

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

com.redantz.game.za2p

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.redantz.game.za2p

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

com.redantz.game.za2p

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.redantz.game.za2p

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.redantz.game.za2p

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.redantz.game.za2p

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

Processes:

com.redantz.game.za2p

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.redantz.game.za2p

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

com.redantz.game.za2p

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.redantz.game.za2p

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

Processes:

com.redantz.game.za2p

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.redantz.game.za2p

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.redantz.game.za2p

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.redantz.game.za2p

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.redantz.game.za2p

description	ioc	Process
File opened for read	/proc/cpuinfo	com.redantz.game.za2p

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.redantz.game.za2p

description	ioc	Process
File opened for read	/proc/meminfo	com.redantz.game.za2p

com.redantz.game.za2p
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4494

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.redantz.game.za2p/app_fiverocks/events2

Filesize
16KB

MD5
18663a859d870b4183d5d10f1cb55f3d

SHA1
fe17b39c50cb4e3702ff5573f1d3cd530e1f013d

SHA256
622d159a168d41fb1dbc8a613961e689c30b20d8ad901ad057ae51b6848afb6f

SHA512
5a80d55e56e2794ade6583a2e1f406590e0bf1aa68649d340cee46d644579d1c3ae1732ab7d3a742f63b05d12235a09ae0df819ce9fa6b55dd477e3e39d1b687

Download Submit
/data/user/0/com.redantz.game.za2p/app_fiverocks/events2-journal

Filesize
8KB

MD5
d8e26417d45989ce81894ac40948d237

SHA1
be1776dd4b22afa365d8054e8480a3a7aebc490f

SHA256
32e5b1bffd5629eecb356f68dda68bf072ee3284eb572145c6c4b72db7a8a93c

SHA512
181cea280a385a848d00ce8780417079934a7ec5c9cbbf06fa30325281369116d52c4dc0220cd4c0797a2e4c372d93c9e25ad59c1bdf22450c9e383165323b06

Download Submit
/data/user/0/com.redantz.game.za2p/app_fiverocks/events2-journal

Filesize
512B

MD5
a224ca9c4a2473425198ab9ff6675d04

SHA1
a8ac5e004941cd5176a6103cb0a00899e9ea28c1

SHA256
5bddd2afe3761bdc08cab39d7589961e62a77c45734dbb04e4533b0af3c32335

SHA512
1761df076b47deba372a8cb740bedc244959f0cc7d2884b9d52a18969e60ca133d40a729fa4a9508b6a784b567ccdfaadd94db7d428fae2d8971b3d2a4aad7b7

Download Submit
/data/user/0/com.redantz.game.za2p/app_fiverocks/events2-journal

Filesize
8KB

MD5
a0854b0237de4e4397ab6828f16b17b8

SHA1
072149ef9f7fb5a28c6eddf33f02aeea1c30b066

SHA256
01b9a3457bdd0f84f1b67460cc1b39e2dea309a05df6606fafcbf67e5cfa8552

SHA512
01ca84f7822f6bf305e936b89e5c09017214792d4eb0329db85269f89f4f8066e1e86bf1f1bd1c444e829b0652dfbfe17ee86140ee6d820a3975ead2ec73d66e

Download Submit
/data/user/0/com.redantz.game.za2p/app_fiverocks/events2-journal

Filesize
8KB

MD5
7e8e1b634754da69168d460588f588e9

SHA1
e47d3f24e17cabe7aadb084bc8cf2825e3646be5

SHA256
cfc8f9a4cea905ca87bd7c4dbb6a0bae9922e9c9b4018cf1b5832eba68c78a58

SHA512
7134fece389078685a382fc4a66cf3bb0586212bd056dcff509be4afbfd630fa9622c8dc8559f7249f01761539b813c41be8acdf49c73f686f003e57b007a7ff

Download Submit
/data/user/0/com.redantz.game.za2p/app_fiverocks/events2-journal

Filesize
8KB

MD5
e6ed2ebced5bdab313daae56c76dee31

SHA1
985b1435b0ff4a8ad8129f2727a7f8b9ea98e492

SHA256
fdf597d4a7c9243c59760d05d26c618c5e7e92e0aac112428d949f9d82e0138e

SHA512
cca70f30e8220edbf436f65817de2db209286894863fdbc1601ede571412e8d68c71a7ea52ecc301221fdaefcc6b872adcb13702c9e5d44af99807f7e43da4f8

Download Submit
/data/user/0/com.redantz.game.za2p/app_fiverocks/install

Filesize
36B

MD5
182576a49dabef87efeab6181b1229c3

SHA1
c0b8c6349f6bd961c72f5f9524547deb4888d957

SHA256
87ad80fff98acdd6d0c9afd5cafed9fa49b06607fe8e7f8ca4287e676c488bb9

SHA512
c0862263bd5ddbc72fa2e451418612ba7386cb6c5cadb643f1ca89dd921b6b77d6eea199fc19c6a8ec684149e499ab4123bad3998862be865ce4fdcce8efe974

Download Submit
/data/user/0/com.redantz.game.za2p/cache/1582435991586.jar

Filesize
9KB

MD5
e8e0527a01aefdb89afd2c508f131da1

SHA1
f1103e6b260c657ceb3d95f1b023af3fda8b133a

SHA256
f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

SHA512
fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

Download Submit
/data/user/0/com.redantz.game.za2p/cache/1582435991586.jar

Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit
/data/user/0/com.redantz.game.za2p/cache/oat/1582435991586.jar.cur.prof

Filesize
153B

MD5
f9431a0cde5766b6a47fe517f0dbe91f

SHA1
41ebffb9e03db4e211961286e6c233726d1c704f

SHA256
48409024aacda3669e2112419ca8742dedca12f5310521730db60c8387710616

SHA512
3102a350b8cdbfe686564eb79892a609f3cccd74d4b420f831156b1c57b736853f1cba0988d4dea7bf728f341e3ed2b997274684726afa2d97d31115e5213382

Download Submit
/data/user/0/com.redantz.game.za2p/files/Tapjoy/Cache/3b0f3ee69b0f76885e26cdc07afa59a55f1706fde24d75d263566ab3b2c7a890

Filesize
294KB

MD5
4daea8150568d4766dcd91e72e9eec15

SHA1
96ba652d91b2b30b7a9fd3bf27f317b4fb1945e2

SHA256
71810c3c9bc65213181c0bda711396c51464da2f25b9487ab27ce2e3cca329be

SHA512
b24ada5f7c7a9960de6cfe5630850e145698a05227b95fde942a72dbed8e00f6c1662a14eec04662734f580090ef17f84af2104011f22963192d30bf784d0604

Download Submit
/data/user/0/com.redantz.game.za2p/files/Tapjoy/Cache/4a7390e307a14e18ab14dd2b754610aebb838202f1e3d32a55285380f26c8243

Filesize
1.8MB

MD5
42493ee45356fb2fccbfc3356e528aa9

SHA1
3ed7ab64745501da3a5bbdde0505a536ceb4c8a2

SHA256
0c244885a1ff062d8c717b27579484000547d87f6ed6a5c7f35f7a4efd8fd4dd

SHA512
12c85464b3627b5d1f3f6eb2b7b28fd70b4a997cbcbd42e969b4b413b970aece7533fdb117f0540c9fd6804b478f7a1053bc2e37c6c9e5296b6aab2e6ab9bbc4

Download Submit
/data/user/0/com.redantz.game.za2p/files/Tapjoy/Cache/564ea35e7f51ab731df2ab28074545f68fd17539129c2bc78da4e92a16b302c0

Filesize
33KB

MD5
91c4a59ee49721a794ffedcef327f9f8

SHA1
899390ec3f9a8cddf46e0e16b5094de7b07466b7

SHA256
8a29d284324d14ec68ce7625d9bd2aca4b8f8151318e4ed49c04793078fc0e67

SHA512
33e94e25afbcb7913df880dc279766a4f105a7271f82bb523f92a1e1f418537bd18d3df7e4e25b7a50c9e1632fb712b14d461612d5342cb6caa84749e4d057c8

Download Submit
/data/user/0/com.redantz.game.za2p/files/Tapjoy/Cache/652acd631963ce665f2572d116cd55aea2377bc402983617d411bb6dfcb820ef

Filesize
6KB

MD5
90cd1eef95f6a13167c8e7a1a63c433a

SHA1
4a45f949347167326f29c78f445d3cf45e01c8f0

SHA256
b069180b9e3524acaaf737a640cf42df6e25a982d88a79b039d06fa235278e0c

SHA512
9a8e147368e893212dc66334bcfcc987194bbfd774ee823f6f75b3d69b3a493af5f437c540b68a544ccbeb9e6f5777ead4ed80dec8b30458f3af81715598ee29

Download Submit
/data/user/0/com.redantz.game.za2p/files/Tapjoy/Cache/94661e310b4bd9b380db50321c3276a78866642e07cfeb380188026e19b366f4

Filesize
849KB

MD5
cd39ebfef90eacdd64eb76b5e5fdc51d

SHA1
97993a6bd597e0f83cd8ea90e35b35c2b2e79c75

SHA256
3dcb84b9adaac88f1283e8da0a7848769ce96724efaee23392cb1620f5d27b27

SHA512
48a4742334d3b49967449dd2cfaa79c9751c68eaf5c5c61a3c96f3db3b58d220c62fe047e7cdf3ad7c17b7a30e7caa5b81a327fd7eb3834d167b0d39c8d1c46c

Download Submit
/data/user/0/com.redantz.game.za2p/files/Tapjoy/Cache/9dfc636d3db7595fefb2f2c5add0b1d98851ac879e62011fdd4fb94f22e03655

Filesize
38KB

MD5
423e4e0c410646ea31677c54b64156b6

SHA1
67b53560d5531fd0b854a018a5bf6b9aa680eece

SHA256
baca4c376fbfd235f28c629ec67ca59b0f96d72d40cb851a91d09712b9460937

SHA512
ec3d703c8e3d14149828b151f050a25d487dc2ebeb2cf27777fd4afd469f2a1e11bff99aaf41f6346ddd11cb8af07c85329d9aca2be9d68adb9c6c8e78d876d7

Download Submit
/data/user/0/com.redantz.game.za2p/files/Tapjoy/Cache/b88472c9f9d61f102075e689512fb6f509c4468b2ef88838186dfd5deb6c2c19

Filesize
105KB

MD5
7395d5aed853676551ada33de073ab7f

SHA1
bf7fc45e83a981bc9514df725145ac1245cc4ed2

SHA256
4fb565c9d0bb9379c355f356a907ddddb352b953a35fd345d7e7996d00d2c141

SHA512
b49d528472e4d9b16dfe5458e99128a2544714c77c0badd232e981da05d7825914b2ac92b5d9b360ba8191c4e0e1ade0af2a0d2f0346ee9828a18c29967cac6f

Download Submit
/data/user/0/com.redantz.game.za2p/files/Tapjoy/Cache/eb240d42920b2d6c394f0cdc982cb2c6e505c8ef27f52ac702f7928cc7c1c651

Filesize
4KB

MD5
a5cb3d5e5ff689f75974c36301ec211a

SHA1
47150bb3814c9fa728c5cf038e4ec76b9a4eccfe

SHA256
8389099ebe6dc67dacd482b20ffc150a15ddc34c4d99711c41dba00c888bbc2a

SHA512
ac954de81a820edf5e1a19fb56cfc494756bfcbd1226bf15189a26af445bdb533fc350ff83b7a46f3a38bd72a9b5a0acd09de252179000f266c1a9e54633ee30

Download Submit
/data/user/0/com.redantz.game.za2p/files/UnityAdsStorage-public-data.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/user/0/com.redantz.game.za2p/files/audience_network.dex

Filesize
1.5MB

MD5
37982159fc58abe0c52fa11f5500f2ce

SHA1
0b93b94af7bf3a112e18f56bc43387d943c5043a

SHA256
04c39dfc7f8613151eda03eea3f25a4c986dd07075fe2dcfcb71ae69b6162132

SHA512
72ad23185f963336bfdbbd6415c9638f90fc0da848ea6f94f45b3d4f5c99abcc068a377ce8fbe0964f2c447256d8a389ddc16f6ba91fb376564696b72f00ed91

Download Submit
/storage/emulated/0/Android/data/com.redantz.game.za2p/cache/UnityAdsCache/UnityAdsTest.txt (deleted)

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/storage/emulated/0/Android/data/com.redantz.game.za2p/cache/UnityAdsCache/UnityAdsWebApp.html (deleted)

Filesize
1.9MB

MD5
8a96664d5012df7b6a06c69ab4d16ff3

SHA1
956168588a58ba328ea969ef3dba8f49ae8b6b90

SHA256
cad36823da18e2a0c119b647b2c49afe9240aa6612e8ccc77e614c5c68877bfc

SHA512
5b682542d2742ac9f12b94d974dccdbd5af24abdd6a459c20ea5fc6ce5a98eb4d6a96b3dcc513b97fd923e69448eaf8c1150002be90bfa276d3f46bc109c1bf1

Download Submit