81d22a908f7989dbafa747a6cc3ce42a1068d5bed9f34cc69fa86672b4d57e19

Analysis

max time kernel
131s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
11/01/2025, 08:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_fc0f20db5f8098e42d845492fcf3fca4.apk
Size

4.9MB
MD5

fc0f20db5f8098e42d845492fcf3fca4
SHA1

380e9f9d17c1f13e66d367f4f8726200e2dee07c
SHA256

81d22a908f7989dbafa747a6cc3ce42a1068d5bed9f34cc69fa86672b4d57e19
SHA512

d4fee4bd9bdaa012b57346c407a5e46eeb8908727686bd7022faf704a3baba81b6b6380b260e2f672fd8967b39a4d6f2008b6bf5e629efd163f01a30663d14a1
SSDEEP

98304:UxQ993O4ZwUzMnKTI5qkVe6/7Tr/njx/3lIM1bfzyck/IISqf+HW6sR:KQ993zwU6+I5DE07TrPV/3lImKj7g26y

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	com.kongregate.mobile.bitheroes.google.hack
/sbin/su	com.kongregate.mobile.bitheroes.google.hack:Metrica
/system/app/Superuser.apk	com.kongregate.mobile.bitheroes.google.hack:Metrica

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.kongregate.mobile.bitheroes.google.hack
Framework service call	android.os.IPowerManager.acquireWakeLock	com.kongregate.mobile.bitheroes.google.hack:Metrica

Queries information about active data network 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.kongregate.mobile.bitheroes.google.hack
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.kongregate.mobile.bitheroes.google.hack:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.kongregate.mobile.bitheroes.google.hack:Metrica

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.kongregate.mobile.bitheroes.google.hack
Framework service call	android.app.IActivityManager.registerReceiver	com.kongregate.mobile.bitheroes.google.hack:Metrica

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.kongregate.mobile.bitheroes.google.hack:Metrica
Framework service call	android.app.job.IJobScheduler.schedule	com.kongregate.mobile.bitheroes.google.hack

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.kongregate.mobile.bitheroes.google.hack
Framework API call	javax.crypto.Cipher.doFinal	com.kongregate.mobile.bitheroes.google.hack:Metrica

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.kongregate.mobile.bitheroes.google.hack

com.kongregate.mobile.bitheroes.google.hack
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4238

com.kongregate.mobile.bitheroes.google.hack:Metrica
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4277

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db-journal

Filesize
512B

MD5
88e62ec4b2f59a0032c01e9b550438d6

SHA1
dde49a247d6bbd83fda08410a9d8d78ed89c4da0

SHA256
99e611613c2c4fb6ef2eb358c56bdf93a53cc58659743f01e50c1c42bbfacd68

SHA512
c68843bd887d4e8f7abf51873a59ad472b19ef4c078f56b70963f803ddac1df0ba2472ca5e16865fde308f846f751d923ca5d853e67f085fa48648f7daabb409

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db-shm

Filesize
32KB

MD5
7d88c811f8ab0e73a4c394881f0d2a7b

SHA1
0bacdeb77e64ba114b793b2d02b8f59ff408550d

SHA256
af4192a42d9cf2e9fb6c655469540a1e8f9eec3a3dedfb7bc4e7e6b6cf93e892

SHA512
8f02705b31266c404559a58b7f20ad9cb468dbf2f6b6fb7fe51960463b1ead4c5d3057f394ece232421b2e7c3ec2d69394e754c2802c3763c5e11d3b6b3bad83

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/databases/OneSignal.db-wal

Filesize
64KB

MD5
a146a9ead2b20335721d9f6abe63ee56

SHA1
ea8082a7ae4398943dca4955fde68961bf76ecf9

SHA256
80ef548b4168d601cc3632827627909d4d80d925ab9e80aada798739206d4cbe

SHA512
6087bff3e87b57ea1559a8ef7432627d74ed14d2f8c178f878c520059049bae5f906de452ee3b8e1a4c2f957ac4ac8b9a999b6f016bbdc4f00c5481f42399928

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/files/Mint-lastsavedfile

Filesize
32KB

MD5
32819d28f53b1cba4fb77ebf0f4eb64e

SHA1
fcfd3f13459923102ae9936c898020bd8b976db1

SHA256
99a357c6ec5adc9c5024b2fc4e5adfbea281cd60a3901d1a4e484c431ecc0a07

SHA512
f29c087d89dab3d29ea3070ba609bff5ced4416352d6b886d2541896190f8b6a5ef5bd53252914eaf147bb339cd38153ac22e643de04d0476cb40191b6fb7927

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/files/Mint-lastsavedfile

Filesize
34B

MD5
49303dfe68bec0b6dafb39cfca248d54

SHA1
565347df219da4f6c530d281f82704d427421193

SHA256
4b502a5cce9798dde5d9ddfe92e78e5d68ee8174bef0910688babcbf4f227025

SHA512
9d7c5b3ffb4c47fb7c460fc957de6ff5e3708e48a74f6ec253bcbd074cfef30288ece0a7a61043451e2a0a86b9958670dedd39052611cf7a074c284278c264f4

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/files/MintSavedData-1-1736583932679.json

Filesize
685B

MD5
af4ce5a4f7728048a130080a775d29f7

SHA1
b87febc458cbdc7655e62aec09c34e099d45f4e7

SHA256
0a71adade1146d626813aa3e0ced3a0fcb5fcd3dfce1f13e255119a09734f05e

SHA512
e86ed6d9ccf924ecc15b4cb561b0e836670b1e7815fe89ea8cc5ba1bda9a07d9d9204bdb576f6014b00da155773985b2a2b5811c28228bfcd218b5c9525a38d6

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/files/MintSavedData-1-1736583932679.json

Filesize
3KB

MD5
a8ab99e7536cdc94492900ef4faf4547

SHA1
a6db23e5eb3d3ac2afbea556f932b677c0953480

SHA256
af0e2af847b461cfc8c45b3c6c557e04d67fbd7e436bfbcafd4d32fd597a593f

SHA512
ea4efb98094601e8ac31127a8ab5990f4564c6c2268301dceafe2c40f7daa2277fb8d069b3915e01ab6df72606a9aeab0537818532ac7df8d0bb00f0aa7eec43

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/files/crashCounter

Filesize
293KB

MD5
46111a8f2f80579a33cbbe503a4a73a1

SHA1
e9a64d34f65b86a82e27d02170bbf2bdfbc4cecb

SHA256
f1d82df5824d9c2a3dd2b5c9f75218973867ba78180c20db0e117009dc17f4c6

SHA512
f0afc297db95d45195bf33569d60c6b237dcbf308f056eaae0264c11d945473b24b64277e172d419f352f95d19bd051b9b4aeda8c7044a3a0ae3ddc1c70d42fb

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/files/lastCrashID

Filesize
226B

MD5
a7c258c4d17e42c29250b7a3f7c0701f

SHA1
8c1df91462b30428f30c1cafd299f943c3179f72

SHA256
3c88b1c1a963bdebde3ece119ba411dd1437a6d5c6c23539e5963edc4b46fa91

SHA512
1f33efe43ab4330ed5b587fb6d74b3ddadff0570834d4d6c2f3c6ae80d634e2a835ce436ad260ac0f1f550cfc5c3195762f79bc7a16158e57df18df155449007

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb

Filesize
4KB

MD5
8de2ef1d2cf8ae67becba2021ad12ce4

SHA1
2624f665fe6fef6d9143d4f5972a1a43d3e654cc

SHA256
dec833918adf939e87aca817c3f797e7dddefd9a956e59503a897fa6ba9d78a1

SHA512
f0777042ce8d2411523335a1ed0c7de3c018ebbe7727a36ef9a01cb673589e7d1287d7853e3d48bc6ebb41fd7cf6cf411dcdc508dde26fb8bd1a757c072df220

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-journal

Filesize
406KB

MD5
7da70365998540fc4c9dfdba80a16189

SHA1
4956fd70c59efd958cac12397efb1277ba8254bf

SHA256
6d0af8517fac52b5497f1e28478c2e8bc956afa875e04a8dd847d9542b452efa

SHA512
188d62f256861c27db4067f55d0ea2246815398a82223a4f0da1873d0cdf7c6c34b4e1712689c581a4a1cc0149d716679d414d0b337be1261458955747c3cbe9

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-shm

Filesize
76KB

MD5
67d780ea7b6bb62be959eeff99171dcf

SHA1
bd723b131456a02da968bd77b9f841ba00305487

SHA256
e933b2c26306951f9e080f63860fb1a86e5b846f313edb141f6684ba0995b192

SHA512
9735502664e6bbf590afac8eebb0b74109fb5c643f811b21c0650b2830c5a51708d2d3bb11298ba46639dfbeb58549fcdfd9fd5ad4e6be801b9c53fac72187e6

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal

Filesize
32KB

MD5
19defe77964a13dd8584ccd6f3b0e8cb

SHA1
8702837eb16c3fa9f43bb8cc0e29669f82e8a8b2

SHA256
4b3866dd6fe530dc4ec6f777018f732ade96fdaa9b6090961e6034ffb033799b

SHA512
170d833b95f8f822b3a1827ed54ad16e34425fecfb211737b3fd32494ed09df7aaf8b582317c07c8d8e1772a4fa98c1d195b5ea07668ac3b1f2248e997827989

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
8aa0e25c95e315e457a9e43778942f12

SHA1
75e17554295ae7904ebca751158e2ed8cd224f18

SHA256
492d97f551dde368dba876718160b8a99bb167a17d3e6431db722c2847b448fe

SHA512
c3551c8c41d4c5bbfb787edffe9bc4825ce2700041e355cda53a539c9d916f3cfd9fe65203ae505ff097ee610018b6e2dc62c08be9b7bbe62873b7af884a3739

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/androidx.work.workdb-wal

Filesize
205KB

MD5
1962fdd28e0046340744e8c5ea0bb6c1

SHA1
1f24a44f78709b6e233c041d84f1d10603ddc5b4

SHA256
75868ad93af4d9e1aa48f31cb4e145924f9692de597de206bc13fb95fad3dfe6

SHA512
28d81e51aee3173eccfe0f85ffaeee43c02f439cd31001f68dd9cfb49ca06ddea7cbafca71e93937a7f457775383ae79674bb95dbb900e495095434432065064

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/com.google.InstanceId.properties

Filesize
116KB

MD5
be88ecafc9e3c4bebb98da5ddaf4dd8e

SHA1
608376af4c17932dd211c462c41db2eaaf9c6b22

SHA256
f86f8b91e502319de8b30a444e7faa5fc1bf6e1c16b5d7a68534a95c493f8f53

SHA512
96bbcd804a4fa757f086e2e55b56a21e3435b66fbe2f240faee9efdd7791b3681a7350f2e8ea05982f9c5aa076c1c42344b214aedad3484803ee62a879713d8f

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/db_metrica_com.kongregate.mobile.bitheroes.google.hack-journal

Filesize
512B

MD5
5690248b1bea106da2decb974f1ae4ba

SHA1
fbe6513c96b5b34a5a772671f2de376d6349c168

SHA256
733456e2f18ab0617d0fe923b9ee7fded312f5e57533bcceb885fd2454f64c8e

SHA512
010f5f010c5d956063772a058d834989fc57a58bb418f7ac7c051ec09d49af97fbb43006bcb764ebe89a6139a83a098cedd3844771aab1c0a62dd4ded9e594c2

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/db_metrica_com.kongregate.mobile.bitheroes.google.hack-wal

Filesize
402KB

MD5
935909eccf6a31b18ca223f6f9909ec3

SHA1
1e82d7f3275bc2b0ceda7f0cd96ac0fd2c063276

SHA256
33a720c01aeddbc456b1081fb9975e5cb2c4944a69ce2142f79adfa37a6538a1

SHA512
e6dd8b814767860827883b2bf5a0a553d548c9f7eaf2102fedb78996424f924a29c86d6b82691eadfc01ecb1028c43d80b80f00be74bdec0f9e0ec2ea26d680f

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/db_metrica_com.kongregate.mobile.bitheroes.google.hack_20799a27-fa80-4b36-b2db-0f8141f24180-wal

Filesize
245KB

MD5
6ca97c55adb159d7d7f8d8c99acfe9a5

SHA1
6b4a4b6043bd96ebc734f4717424a783d0a3f765

SHA256
6f40315d8e7ae25d0eb06d5b3f8228b90205f39ebfb42a28be851c124ca852aa

SHA512
237ebfb99a5a6232e5fefd294068f799f9ac2061a3185c0c0f001503fb1810bb1635a14094c15fc6090065412b5d95c28e90381c1783dcaf72ede7b7b6de7eeb

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
5ae1dae9eb36649faeb07a94ca96e7f8

SHA1
9056cb35b999726d6576ef6ced55ca9228cb97c3

SHA256
62eafa0fe191047857cbfdbd6909930487f2216d260b4be27fd52e3cff6086d3

SHA512
e33d2cec8122673da3c8ffc788bf2984eac878f7dada265485d960a886ebfb00e17b12a30b546c959bc04c62a31d5646fda748df693e0bdafbb974abbbe77c1a

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db

Filesize
44KB

MD5
fa49ef3dfa88ec2d24d70e8eea61b45e

SHA1
6e94c86b5a003d64827652199cd8862e9ba179f7

SHA256
a9f6419def0fce3426c3062a1498ddbecde3140c71b10660364775cab1faf4d9

SHA512
fb6863a79091460bdc8872e1c601f55423d2cec712dcb9e51dee4f82191249dbb368aee9ef887d80b4eb0c9e9f7848ffa8fe62abe39881103b8caf7d759f737a

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
ac26a375d5d673c2a7b39bbe42efacaa

SHA1
a7384db83f153cce2cdd67a97a20df068f6ecd67

SHA256
001ea8b38280af72e70a8168524cfb2b07a711040948397d36fcace03b593716

SHA512
45e1842b55ebab067e53fb3c6ab880c0a652a951f26c1cae5363f429207db5f1aa56c821e89973612b73f9c0d186561221b6129db22e447ccd421b40342dd6bf

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
97ef793ce0bcbe2db3311cd853862ad3

SHA1
cc36d4d6a68d3ba1697526f59d4effdd3bfa4e98

SHA256
8952a28df4a9c1a73d71305134b91efd384724f850bcbe8242096dc06cc2b087

SHA512
58b7d24dc8449a9fa91079041a19f0476e37ecafa94a66bc16e3964072624cb0cb2b3f006a13c8a58a1650795110fcd004ce523eea6ae46f408e39e14ce0c11c

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-journal

Filesize
512B

MD5
75bad5b7f203988521d885ab92c4a926

SHA1
2e35b3d8b21b9612174cfd63fe9be7f815f7ca06

SHA256
0c5a6b64fb573765665d6b209e019e56962e7e893ac25f0e695264e116ee913b

SHA512
3035c781226e8586cd67c091f64eae1e76721c229a6108fb1a29b2bd2c6e271d84683024788191a4d8c8a4158c1d33d986f6ab42d66a95bb11df50fb67af5520

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
e030287ced78d022a84bdca0ae6f083b

SHA1
7589b746131996049add2f999852317ad87a8011

SHA256
46e552e8ad9050a0b57b89ff2bd1f9aec7acf21e1ee30568064bece14eca75ee

SHA512
14bcdcbf8a85200c85115bfcb46ca00a362f638467f9db82b56ec7af35a046f512bd3c6e1444a7d92b710121c51976e9baab035a426818aea28ebf5add15e30c

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
ab852f9358cab1339a0dbceff7bd8719

SHA1
e19f51d2cb462cd321ca81a6f46611e9af248bbd

SHA256
a8f4408ae405d1fb6115de3b98166f96a334178055a8ae786db07cb72fe1d128

SHA512
21770b36679e05a20fd984a91dd626d364f2460dfc94dee786add8fbc27d7fa11ccf80192c491d8a746752f44ff9b465f1a39d17ea9b067d8db6ab62e305fb75

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
125280abdaf9e380d77b790c93c9fdbb

SHA1
2248f803b97b59a32c32a2657c6a7970cb7793f4

SHA256
90851e98f00408b7af7647c6d1ed36e32c14295026cf82e55106d18d40e587ca

SHA512
2882275c3de039418ddfb9118245d0d734e60a1983328819c9e8f450fa6957d9e2c5d5416b2c0652a24d3f19d45f98ba898a176ae86bcc0e4c0930f65c6b1a25

Download Submit
/data/data/com.kongregate.mobile.bitheroes.google.hack/no_backup/metrica_client_data.db-wal

Filesize
32KB

MD5
95f463eb3d5bf29479d2d4f6e8d9f5b9

SHA1
02abefb22c4ca3b7579a0cd14b0004d4fa330c3d

SHA256
0a6e2e2801d0b6a58c1e349c24c3b48e24c0f8e9321a36d6fa3c7312c1023a5b

SHA512
427913c67daa21caba57b09abc5cfc12b634e4966708dffcd0c3028640dfd2b76ee487abc383cdaf9dc1c6fdb15c80a239500187e5090ce9be1f492dda9dc76a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads