fdb31f0e679d6a14cf430e5340eec5c3a165cde34baaf4ddab64600ea76463e0

Analysis

max time kernel
149s
max time network
155s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
20/01/2025, 05:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

com-fastemulator-gbafree-1400051.apk
Size

4.3MB
MD5

d0d2be57be1fe3682bab1460376f7633
SHA1

b1d1b8812c49cfe75559f0a3efcd43506a4a5c1f
SHA256

fdb31f0e679d6a14cf430e5340eec5c3a165cde34baaf4ddab64600ea76463e0
SHA512

bb1712ebcd1381139bfd9730b5f276f4d1f9fee7026628ae7bb8f803ba02a49e866e24c663fe6ed67b538e69d7429797352b1fb5fffc81839d69f5540b926016
SSDEEP

98304:dDO+PvIZmlXKWZurPucpFqkElQAq60BNy6DPUS/ALNN:dDOXZmFKWe1qkgQAq60P8S/c

Score

8^/10

collection credential_access discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 9 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/bin/failsafe/su	com.fastemulator.gbafree
/data/local/bin/su	com.fastemulator.gbafree
/data/local/xbin/su	com.fastemulator.gbafree
/sbin/su	com.fastemulator.gbafree
/system/bin/su	com.fastemulator.gbafree
/system/sd/xbin/su	com.fastemulator.gbafree
/system/xbin/su	com.fastemulator.gbafree
/system/app/Superuser.apk	com.fastemulator.gbafree
/data/local/su	com.fastemulator.gbafree

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	com.fastemulator.gbafree
/dev/qemu_pipe	com.fastemulator.gbafree

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.fastemulator.gbafree/cache/1582435991586.jar	5157	com.fastemulator.gbafree

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.fastemulator.gbafree

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.fastemulator.gbafree

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.fastemulator.gbafree

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.fastemulator.gbafree

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests cell location 1 TTPs 1 IoCs

Uses Android APIs to to get current cell information.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.fastemulator.gbafree

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.fastemulator.gbafree

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.fastemulator.gbafree

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.fastemulator.gbafree

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.fastemulator.gbafree

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.fastemulator.gbafree

com.fastemulator.gbafree
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Queries the mobile country code (MCC)
- Requests cell location
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:5157

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Location Tracking

T1430

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fastemulator.gbafree/cache/1582435991586.jar

Filesize
9KB

MD5
e8e0527a01aefdb89afd2c508f131da1

SHA1
f1103e6b260c657ceb3d95f1b023af3fda8b133a

SHA256
f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

SHA512
fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

Download Submit
/data/data/com.fastemulator.gbafree/cache/oat/1582435991586.jar.cur.prof

Filesize
148B

MD5
a3b78d197d786c13687c3f0f89703bd8

SHA1
9967f0726b6b1ed3f198904547b81920f8329621

SHA256
c5e6754556dbe01b055066f23c28ddaaf5fe67cee4baed00d59dc993335b3d97

SHA512
9a47c9bb977edec9d29d22f280e0078ca931a722eaecc2b085c6b5aaf6246d17a6ad07c9faca45070bb5b89a3ee6cf896f5e2c7e73fb033e3ac57471df70a8b1

Download Submit
/data/data/com.fastemulator.gbafree/files/Mint-lastsavedfile

Filesize
34B

MD5
8d8255fe22989535ec7401621eec2110

SHA1
922854b215bf9b1c1c7b21c1a6596b9396c4a2fe

SHA256
f96786ce37afed204df0b6330ee3d2ad240191ed515f92f64fa725be84032c0f

SHA512
0eff5e216d4c3012d17f16cf22b51dd080e57795f3fc8bfdffdc1bc7306992f4db96b9239fbbd35088e6e50f576db5828368d4c1199ed780bac7157bbc6c798e

Download Submit
/data/data/com.fastemulator.gbafree/files/MintSavedData-1-1737352743772.json

Filesize
677B

MD5
fec12e994cc676cd0ed0ca2328232af8

SHA1
341e6679057838a0b412b606fa54067f4cbaca87

SHA256
3e8cffa8d28183fd63b60ef67bdab0040ffd17615a2f9659fb80e067bac76e80

SHA512
1f36bd0468438fb63e2ddc31edbec9b811709f4272cf0d88e75107e21c113a767803dc8947c30f740cd502fbfb3e4c105e572d2233d400e20a4bab1c75dad444

Download Submit
/data/data/com.fastemulator.gbafree/files/StartappAdInfoMetadata

Filesize
1KB

MD5
ca72e73c09d051989a8e05f559e849bc

SHA1
07d541119564e7e9c048f278f83c9e899aa6b86a

SHA256
a7e8553b8bdad883cdcd334dcd4e78074e1b0b6b540cc793a28390fae20ed008

SHA512
669932c78b367f7e63eb2744e855260365df142f69f7bad401e0e5e684aca311c944ea97a5861a4b7d13b20837a887b0cfb1c9fcc58cbb7c3a4e9fd0280b6646

Download Submit
/data/data/com.fastemulator.gbafree/files/StartappAdsMetadata

Filesize
2KB

MD5
c3f8004a4a0023ec8f1546b416062807

SHA1
0e71e74476e3667e34f9e9fe3aace09236ef5ab0

SHA256
a7cf8a2efbd4f70d9dfe1722262446058987d9e5888a001f1888a3d9d3cc4b9f

SHA512
172f3e8ea3987c18055e5cf78867f4f49b0b77450a68badd12203287a4bd3ecce962ea98ef5d0502617bff1493b898051abcd1178af2b23b040c7e610a72285d

Download Submit
/data/data/com.fastemulator.gbafree/files/StartappBannerMetadata

Filesize
719B

MD5
5c543c4503b1230d48c705560386d85c

SHA1
e17904bf26fc18e9fcc4a39ab64d83314e89ec30

SHA256
9d720ddd263d1f76891cc9869c9cc09f27b3e589a933692751b95c851c4fa4d3

SHA512
169675ddc47012a487c44a47113ba350e5f047a94ddfa47feab15cd5fecb2acb62ce1cdb66343d8d2bda868fb9bdae21234cc979ce329ab330705d4cf1755cb2

Download Submit
/data/data/com.fastemulator.gbafree/files/StartappCacheMetadata

Filesize
785B

MD5
902942fd094485d369944cbc11306857

SHA1
8bd8bcf9529165f0f6d76757899ff1f7b71f7d61

SHA256
9b7a899838f3ce060a9bef0c33345152c0b7fc5e88dd5ad74cebc136d09494eb

SHA512
67890b89a884416f77a5fd804a65c748dd48dfb1f7c188e61bc6392ec5e5f87d50923b031371fb44d89c68421b2585d7d2a34effdf85b4faf25ddb8b099d778a

Download Submit
/data/data/com.fastemulator.gbafree/files/StartappMetadata

Filesize
6KB

MD5
781de1f78342b0861c8b62f601de101a

SHA1
f8adc73df1589d07591b08051b4fb7f8fbfa8622

SHA256
bf0e192472de72218dbac62a1e07c1b5512aeb5ce884a413cf8b881800e701ca

SHA512
cdc02a9e43d74636b35d92a496fafec827ee50d0dbf9b3b1f4b002846f72e4da8c5eddd69da39f685b16ed1611b11f01414122aa91e33702b158524187ca84e7

Download Submit
/data/data/com.fastemulator.gbafree/files/StartappSplashMetadata

Filesize
1KB

MD5
596cffab94613728f929792f7361d1d9

SHA1
84612cd8141268a0a9083ff5d08f91b4d73bcd5a

SHA256
1cbb3ce5a8c661f14ad184e29b10a7dde9ab158d422f1c129731de5e140c34cb

SHA512
117eda28c1adc370e9937d209ea8432959f3d01016900a8a695e3fc7748bfbe70c3478dca4da49d4628936f8c38d06e7ebedf4093ecd8bc742e98163dee2fb38

Download Submit
/data/data/com.fastemulator.gbafree/files/adc3/026ae9c9824b3e483fa6c71fa88f57ae27816141

Filesize
41B

MD5
aae50af13168d5cea81cdadf4354d410

SHA1
34a3274bc423670e1cf1df2a027a7ec5614d6710

SHA256
d967012c9b8e3573fa1c1271bf5337a2fe21699d2eccbb8b735a1aa1b37efba9

SHA512
faf3898c6de51052ceddc436e4e8b0f08f96cf41bd9add0f519fae0abc2d6e0da0911e31997865593d2a0c0788e2164f65534f6453c140088f18745e0219d487

Download Submit
/data/data/com.fastemulator.gbafree/files/adc3/AppInfo

Filesize
91B

MD5
fa184e9b9ae57a83b0d73ce1de864d88

SHA1
3a48288a1b2799daf079c6658dfd413a5d552f8c

SHA256
0061abd2ab8475ac6da11dd286299bc9cb7229e034939be0cb4278a1063948c0

SHA512
007e0fe8c2a0eba6dd070b6435c1d22abe41ba6ee86f85c9a1027a311863462645c884200e91244476597dc3c5225b28d54afeeeb06ff2d88b1b58156f4a2af4

Download Submit
/data/data/com.fastemulator.gbafree/files/adc3/AppVersion

Filesize
26B

MD5
dbcd8a805f914b8df2dff3df3e285d01

SHA1
f9e1c0b25d2f42233fe98bfb495d4017909004d0

SHA256
1da0d1d0187eb9b70543f5f096386d6b19789867b011bdbb62dd866e39abdf13

SHA512
fbf0247c24e0e57a255ad9d497d2b8ec53c1fd54f0662c317d80e4023e372a8734e16d40e2e703ecb18438712f6f796d80a2b282426c92ca15c81e73c663a7aa

Download Submit
/data/data/com.fastemulator.gbafree/files/back_.png

Filesize
1KB

MD5
ebc06fd3d86c27a426932a83325eeffb

SHA1
461c990e677114de3baba2a33f0a60c0a10bb9d2

SHA256
ada010f03b82133ccddb4ac69a7c81a1d507121ef1d276c7c191bb55401c2230

SHA512
3b3c682dc3876f7c813bff1a38e53e0c20f6c776eeb8362a8a750b81d0a3132a207b01740a493c61a03261748399e020aec5fcb7354c723e4f5703efe5418b2b

Download Submit
/data/data/com.fastemulator.gbafree/files/back_dark.png

Filesize
1KB

MD5
355eb0af21063fefca005d93d6afa9c9

SHA1
f854e3d2f0c0470a54e55f31017f9c499bd3671d

SHA256
b50339f939827a8e5a918ee4ed1d8213e27f6d546a98313f90449b27a1ebc00d

SHA512
ffff59e303636383dccc1282dea4c13b8c46d9aea1d646d745f7d26607cfabc25aea8001af873942749129291abef5dc5a858e7360cbfc145f870b80689b34e9

Download Submit
/data/data/com.fastemulator.gbafree/files/browser_icon_dark.png

Filesize
1KB

MD5
cac9a26c27728066be7a285defc0df6c

SHA1
9931d42eea7663aaec4eb901bcf279b246c19e34

SHA256
9347cbd8e6e2af4d09759e55b7595474648619da07992d6485b9756ab4d8170d

SHA512
11a3abfc4558e6c887f1f809a3837ffe6f4c1702407db945319acacaa5e677f6b117c07ca676cda6438639a1ebc447a2993e0ff31be8ef797bd219700f508ba5

Download Submit
/data/data/com.fastemulator.gbafree/files/close_button.png

Filesize
2KB

MD5
2d858e8af5d9426fe061df5c82ffa6ff

SHA1
bc1b2eab876aa221b6449d11e482de24b777d58f

SHA256
73d875bdb982c50c666e30ba2b8ae2dceecc63cd0d5f8a35158edfe5f3303835

SHA512
aabaa75856cfc07bf65f3f2dae118e357cba83a45f0a900aa625f576de47c2753b0a00fb1913e45c1d743acc0f6e0100a4a6a326f402b0f4664ba181ad670c0c

Download Submit
/data/data/com.fastemulator.gbafree/files/empty_star.png

Filesize
895B

MD5
76ce13c6312eb334fd351e3b5cff4bf4

SHA1
203bd863b812c071ab3ae25bf4ab2f9c4d42942b

SHA256
f0a8e8d6b8bcb84e466f921dfb20a91fdd4e4b1777d9b0be6ad4d03d4a253af8

SHA512
d06ba34786090e3b027670a17910d2e35f48eb7bc639e6da1d08214534215797dadd1a56be44422b176801e5d1a1345cd2bf29e73acb6a49bc9a2f7670710783

Download Submit
/data/data/com.fastemulator.gbafree/files/filled_star.png

Filesize
753B

MD5
317f802aacfab6282b8f74f280e841c1

SHA1
3b746a76f6322e97fd6c09a43d03ac14631d93e1

SHA256
f37f9a17c20ca3068f4f9db08c262c62b7b86544532f612a78421bdee92f4196

SHA512
a714f902ede615507cef840dcc03a5eca183c21c82cc419a924587f38b6974f5aa45fcfcc2bac4d6cf82b81d1b6ad452540e0581751bfcad72e524c83757a301

Download Submit
/data/data/com.fastemulator.gbafree/files/forward_.png

Filesize
1KB

MD5
9ee047a6801bec9459a9dd5ec7068078

SHA1
1aaaffc208e2d86e53fc031e8413169850e65746

SHA256
9f63f6c9ed9d33f235c30508df34c3358b55cac8bfb4967fc3e15afc61a6fd12

SHA512
8245818df5ffe06c8f369c8d77479f9f2163d10dac36b0e37c834018b713dc8b063ec1de1862fe16a8c1a769b496652be880ddd48d6fcd24ad766a395bc3ff24

Download Submit
/data/data/com.fastemulator.gbafree/files/forward_dark.png

Filesize
1KB

MD5
12bfe20382337a84c0fc004a52b9ba9b

SHA1
ead15f7ef372c16f78060b8f8c5fc6e0ca6a96f9

SHA256
621fbcd864a7dceacffddb00a682148042732aeb675e22cd42b1a0937c6717a5

SHA512
7a346febc49154dd348be77f88c6e7ed5c7a531c2fed981f12c40e22a19e4e1a5c51fa766b3122898d97f05e1546a6f2a29b598b0ff441cc7de5e3c505aa33c4

Download Submit
/data/data/com.fastemulator.gbafree/files/half_star.png

Filesize
895B

MD5
a40e6a567b7aef329bda0ac200f7a23d

SHA1
2fa463649c7ba586b28670675a15e0d7a630c7e0

SHA256
ee0933e12dd4e302b1e18572d22f48861e8125e5d0201603e024d18ef5e38556

SHA512
5e77ca21445a09aa903ca08c10c1bcaf769d8273368b7981aacf1bbab08cefb7a521687e78d280828f46b625c99fde02050f5c914dd4d07fd742723f7713ee4f

Download Submit
/data/data/com.fastemulator.gbafree/files/logo.png

Filesize
2KB

MD5
45c24a8686a0978086c99f7039accc17

SHA1
c63ae2601322045390c7a4f230602b74ae18d2d8

SHA256
bc9c4aa36a0dd7efe16a8b3bca9172d970fd13d70d3e718aad17a78269079912

SHA512
d5861c64b9dc9139904c3bfc7da26fa6f3d9676a5b4203ad617c661d54d3716508fb02f282f5c204bf9d6a0c7162bbb565a44f2ceb96d825177065818b797727

Download Submit
/data/data/com.fastemulator.gbafree/files/shared_prefs_sdk_ad_prefs

Filesize
153B

MD5
65026ee778e1372d9f4aed742772e893

SHA1
5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc

SHA256
15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c

SHA512
589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616

Download Submit
/data/data/com.fastemulator.gbafree/files/x_dark.png

Filesize
676B

MD5
1b759349f0bf3e55c51e2a2c2802b3cf

SHA1
5a608a093fa5f513d1ba52e8a9e01f693c47da98

SHA256
59d83bb6ebc5394c048273ea9e1516a2bc7a6f80212d53f81ee44cb1f9b65443

SHA512
3b39d22d0f8368dac2e36884b0316c5aba24180f51cb3a993fdefcdcfd5a36823d6c02c75863cd5a3bc0808223dcadf9934d548c433332bb9528f0eb8cecc0a6

Download Submit
/data/user/0/com.fastemulator.gbafree/cache/1582435991586.jar

Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads