1a43930b938939c6e646fc9e690e150338192987e0d71387174f6662f3324143

Resubmissions

28/03/2025, 02:08

250328-ck1aka1sd1 8

28/03/2025, 02:05

250328-ch39faspz9 8

Analysis

max time kernel
15s
max time network
35s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
28/03/2025, 02:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft_v1.21.70.03.apk
Size

730.4MB
MD5

7bac768c12f3a4d471ea2222677d4081
SHA1

e80c25de7e863da2a675362dca8bcdca8b52841b
SHA256

1a43930b938939c6e646fc9e690e150338192987e0d71387174f6662f3324143
SHA512

9b7ca169fbbbdf8892a56a0a3405feaa31f9740a0369a770dc12fa48344af6362a425b96b9844b3279a395dd88214dee387fa13a4bd0ea040b681cba6d86c30d
SSDEEP

12582912:ExkXOmC0aWz8i/rIBiCWaKDvEq7lrnIkDyF9xaLtHPA6aY2bWL:kkXOm9aWz8i/r+iCWLDsqukeF9xap2bU

Score

8^/10

collection defense_evasion discovery execution persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	com.mojang.minecraftpe
/system/bin/su	com.mojang.minecraftpe

Queries account information for other applications stored on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect account information stored on the device.

collection

Stored Application Data

T1409

description	ioc	Process
Framework service call	android.accounts.IAccountManager.getAccountsAsUser	com.mojang.minecraftpe

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mojang.minecraftpe

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mojang.minecraftpe

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.mojang.minecraftpe

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mojang.minecraftpe

com.mojang.minecraftpe
1⤵
- Checks if the Android device is rooted.
- Queries account information for other applications stored on the device
- Acquires the wake lock
- Queries information about active data network
- Schedules tasks to execute at a specified time
- Checks CPU information
PID:4650

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Stored Application Data

T1409

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mojang.minecraftpe/cache/appboy.imageloader.lru.cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
05263dbd50367255bcf0296db8cd4bd9

SHA1
c0a7f9e4d419995dd80fffd52c3be41a7d4cce4b

SHA256
bccf1565ca94dc15cedacd825b9889e7c215a374581125a3bf94ee19e555acfd

SHA512
bb3c4b62b7e3aa6575f405f72f6af6bc6cbaab86675a56d6e90903d8c1eb7d41b0ea18c3adda31a5e608b445d4252ee3c23e4fd28183587e91b82f3fa0da40e4

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
24KB

MD5
101802864f687910cda32427496aafe3

SHA1
05a12b833d7313e689ab5c2752e3f354be99cbe9

SHA256
e8419c6741a468dfe9be105c604232e67c94fb0ce8bf087b729a736fb9f15e09

SHA512
6f2bfc3bf955a037c65ef720eb10ad5fa6546bd16e9f65aac7ec4a20f1c50c52a671c85406a8f51b71ac0937e7a8760984a4c52ade6e72c3d8a862f742847744

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
ecf8c7d84646687cdbbe63132db7a9a6

SHA1
c5c2b4fe51b71341e544f7e92716c07fba800b6d

SHA256
ff289732428ea6153dcf1310e9f85b349d83b9d4ceb63345489dfe1813221d11

SHA512
a12a965e5f1567cff14715d35dc08756fdf715f4d42d7d0664cb8411010752c1a7404e8edcc90bc2e701b2bcaac921bf7d55ab248bc95d4dc3694fe759a35272

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
af3b4e2e096eab1fb260b5a142201f38

SHA1
ce91fd974548772f75c4aca30e9efbe2e449f734

SHA256
0104078d3ccf21e599559c13007df4aaf1ab5acc0779e69b3238119db3a1f07b

SHA512
73b0f04a0a693c6f629f11e756475056458ae703c2ca79375e3c550b460c7bff7d85fc963b503d84325e313986a89ee272f41ecf18ac8fa270755fd9a3a51e02

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
79d9e525ee349e5be8c5fe146f12d28c

SHA1
13330dd37395818e4161eb318746d71d8a0b36eb

SHA256
472402b2b5a6cd0a45d98a2b610f123d4903d979a4d399cb4f1d56adfc4f4417

SHA512
a19c4014bde3c1bfe75c0fbd441f814b226d3ef4685793d82aea4831a806c5d475fbfdf1fb4ec5bfdae522518f68b965d642c750e3197de66077838f5cd13e08

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation2853278966981704015tmp

Filesize
90B

MD5
4aebd31c2c84c509081400170b508c74

SHA1
bc3d3b20c97c37c3faf9a6df40bdb573ed61e0ce

SHA256
61d3b0d5e04f4f2ba82df568079fa3a2bbe39f50b1ddbf804427790660ad3452

SHA512
d4739c1feaf5fa92ca96269473dabfb24db176075d3964544b954ad19bf8d89b85fa5f2a32876fc2e1a516ec9ea65ccb8e43bb39a4e1e52ea3592eeae424494f

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation4177947488340196906tmp

Filesize
570B

MD5
753b7e55daa3dcef24882880e88b3784

SHA1
d7728b7875f95aceccb387015a786dd1a52d49d9

SHA256
8e0bcb2abae4405ceac81f233f8f196ea1ab7c3158abea18b49f492e2a834d63

SHA512
4e1c7533e8f8af27522e374c7eac68edecbb55a8fcc8aa93c0408b498ead9fa716a745ad8c1104c9bc8deacfb633a7c1a78b9108627f5049615e616f195e8ac6

Download Submit
/data/data/com.mojang.minecraftpe/shared_prefs/com.mojang.minecraftpe_preferences.xml

Filesize
140B

MD5
234801a3bcb355a654bc5b5e5e86f50d

SHA1
66f61cf91e3ba3b0f73ebe9ad09a081ba636e67e

SHA256
3b991929e0ce72e13b33d546a4f760fe5600ba0e63bd64b3432db560cb7668b9

SHA512
4d8d1e044c60c8240370d88a5b538d97b45d32721423be22419184294011566b3acc9e2334cf62e6b90f2a14ef3aeab9dcab5ce1f2c7dbce0ca3ebe9a24aca05

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/manifest.json (deleted)

Filesize
680B

MD5
6a75b9f5370443e09039e46d742331b0

SHA1
6f35b4b3b2eba094a5217171ee37bedd2153521e

SHA256
ddbb4438f5269d3c8f5ed7244a69df72528ff6d838faa10b65a046ea7aec0e55

SHA512
d2fd5f2cc39f2681f2788298f6ff665f031e28e0f491d37d5bd58cf5b253493377d5690221306a534d7f0f55337ae4639a0aa8879f2cd4ba3b779497977e3831

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/pack_icon.png (deleted)

Filesize
2KB

MD5
d56f51c4204b944d2e3c52d24a5a31ce

SHA1
800260cc8f013dffd47549516076c198922793e3

SHA256
90463377f2d3d4e309bd8b7e8d09f1088491c4ba6c396cce48dc2181c6e07a57

SHA512
1f5fc1560463afa1f88b0f0f9cfa21fecb6037eac31da9d24f48972ae157ce16d856f64800ee5b52a1c6213b4d797a21ce5323a6e151b6f5027d97080a720209

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/texts/language_names.json (deleted)

Filesize
58B

MD5
fba6d05dc80a16852e5601eeb2b8bff0

SHA1
e14ac0b7fd06ca9e7a76c5b4f93c81310e0f22ab

SHA256
6bfc38547ce3374c6e2d6c43ae6aadfac596373201ccb61511f322cd915e15a7

SHA512
72e0808668dc8f88b5a96b1bac48738e49f150ffc7607d381e8711c5511d94e4065bbd06b9422875dbeccd70618084d1aa228d84ff2d9e00dd72ca4cd7318c30

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/texts/languages.json (deleted)

Filesize
13B

MD5
77f6a5602eb7db7e01a17cf49c3f7012

SHA1
f92f69a87002af54db54adc3ec5fa098704c5352

SHA256
861111c3dc893aba71f7ac0a3585464ab78755f3e5c59f12cb08713cfbbac134

SHA512
40de043526f4f180322682efc87d4e68259c284c4a45c3616001489666bdd4a2c3c75f267159dcbf23ffa4b2f88606f571a0882dc01a957859afa1c96c2c6731

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/texts/vi_VN.lang (deleted)

Filesize
314KB

MD5
796c722801febe436299506647069ac2

SHA1
77a38822a6d5e7a622bb4b6132411c2452e8f041

SHA256
a37650ac99046a65bdc578706d8833712dfe85402dcb00107934d033191950db

SHA512
f7c87bc7a0b34fb824f9f2a948b7f25a2f014c4662eeb6371eea589fe351a7c29a7983c68798cff074bdf12700bf2775a5685b038a8c24de14215de51aa06004

Download Submit
anon_inode:[eventfd]

Filesize
8B

MD5
33cdeccccebe80329f1fdbee7f5874cb

SHA1
3da89ee273be13437e7ecf760f3fbd4dc0e8d1fe

SHA256
7c9fa136d4413fa6173637e883b6998d32e1d675f88cddff9dcbcf331820f4b8

SHA512
991294f43425a5b80f8a5907ca7cdbb611401282585a58bb415077005428e3b4c0f661fc07ba5c45f627bd8bdcb172389ce2fda461c029b837abc70f0abbea20

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads