15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4

Analysis

max time kernel
44s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
07-12-2024 19:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d350cc8222792097317608ea95b283a8_JaffaCakes118.apk
Size

58.2MB
MD5

d350cc8222792097317608ea95b283a8
SHA1

561ae708f234f46dbdca1d7f2a38d854d9bb60df
SHA256

15db22fd7d961f4d4bd96052024d353b3ff4bd135835d2644d94d74c925af3c4
SHA512

6731b7ac67db94825a0659c288baa601fa7e21b585ad23bfa1314bfbc859eb8f2ab0db984f31e34921d9de5911077b55b29e48b32fbe77e0ffc1751b0f7e46e2
SSDEEP

1572864:nR1mSZ+yT7t73Q9+/aoavq8djBWdtsUK1W:TmSZL3t7U+/NQVcdEW

Score

4^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.nianticlabs.pokemongo

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.nianticlabs.pokemongo

com.nianticlabs.pokemongo
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
PID:4266

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/data/com.nianticlabs.pokemongo/files/il2cpp/Metadata/global-metadata.dat

Filesize
6.4MB

MD5
e8580e42717d2f40b61fe3577d5fc9d4

SHA1
933ba56ff6139c739fa60f637e1b0a1dc4d8b5c9

SHA256
0633fddffd583671e60ae53be643c063f4d446c176e66bc2de3c3bdb582d67ae

SHA512
6632b6fad6c74e806cda8cd0fcf1f5c5c70567bcf8ce686e5b7d9d8eaa18a1ed9b7690cb3c5927d2cab0e066396b0d066e6196c8a3235080ac82825f1a4449a1

Download Submit
/storage/emulated/0/Android/data/com.nianticlabs.pokemongo/files/il2cpp/Resources/mscorlib.dll-resources.dat

Filesize
329KB

MD5
21d06dbc8af6432b2b49536ed30609af

SHA1
11a1c0e2ab2f8c06fe4507535ed47e0dd279a60d

SHA256
c5baa176a5b72cd545266340e42102d393a5e43d38c95796bc828918bb95277f

SHA512
2971f54eaa14c3ce6e2352e5a1aea5b044f0894bf4eac92de8cd92515b6473b5ca56ebfcad4369a9d4935cbefea2540a83f332fd4d832c37768310e8776ceb5e

Download Submit