1a43930b938939c6e646fc9e690e150338192987e0d71387174f6662f3324143

Resubmissions

28/03/2025, 02:08

250328-ck1aka1sd1 8

28/03/2025, 02:05

250328-ch39faspz9 8

Analysis

max time kernel
15s
max time network
58s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
28/03/2025, 02:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft_v1.21.70.03.apk
Size

730.4MB
MD5

7bac768c12f3a4d471ea2222677d4081
SHA1

e80c25de7e863da2a675362dca8bcdca8b52841b
SHA256

1a43930b938939c6e646fc9e690e150338192987e0d71387174f6662f3324143
SHA512

9b7ca169fbbbdf8892a56a0a3405feaa31f9740a0369a770dc12fa48344af6362a425b96b9844b3279a395dd88214dee387fa13a4bd0ea040b681cba6d86c30d
SSDEEP

12582912:ExkXOmC0aWz8i/rIBiCWaKDvEq7lrnIkDyF9xaLtHPA6aY2bWL:kkXOm9aWz8i/r+iCWLDsqukeF9xap2bU

Score

8^/10

collection defense_evasion discovery execution persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	com.mojang.minecraftpe
/system/bin/su	com.mojang.minecraftpe

Queries account information for other applications stored on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect account information stored on the device.

collection

Stored Application Data

T1409

description	ioc	Process
Framework service call	android.accounts.IAccountManager.getAccountsAsUser	com.mojang.minecraftpe

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mojang.minecraftpe

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mojang.minecraftpe

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.mojang.minecraftpe

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mojang.minecraftpe

com.mojang.minecraftpe
1⤵
- Checks if the Android device is rooted.
- Queries account information for other applications stored on the device
- Acquires the wake lock
- Queries information about active data network
- Schedules tasks to execute at a specified time
- Checks CPU information
PID:4728

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Stored Application Data

T1409

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mojang.minecraftpe/cache/appboy.imageloader.lru.cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
bf8492f106a8478e1c777c3fe5cc83dd

SHA1
dcb70267189658669b6e91684cdf2ef21ac2757f

SHA256
3eb33b8bfab6ac8200e3e0551df8c0f74b5ea319abf6098c1c26a6126ee18687

SHA512
b61bc5795fe90ca5b1aa27a38378734158ed4e0d9948274a36394dbfd1e54318a87ab7a6f17a673584ce789a7ec932a76d7c5b2f5800a551efd290c0a24ff1eb

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
24KB

MD5
2467aff5178c3f97e1a70be6f6529ca5

SHA1
2543cc54d4338d23b188b01e68ca05edf9114996

SHA256
28752d2258c5ba95d8491da715aade3dd96fa3501a8e94f932a2f11989780120

SHA512
ffccf8d889444fc91772082194b2bd5d1931b33859e69665be4aab15e16de141c906b1bd8a74dcb21f37e577ad9bc928bc8ecce185b4597b8fae568f3f48ba2c

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
35bad3563c390f2a178c9edca1f8d721

SHA1
6dad54767d218a91ccf3a9113af0dc24aa5e21bb

SHA256
8ca29095577deccf79ed40f4e1ef1e922ad38c127e7ab7e24152a9b52006da25

SHA512
c9e8011c21516c364336f61dfca33b6ae0f1b7747f4241672a8e106b6731bf4cd63d34c3987782945fa2b58e73af9399aa44083900f200d83465a36667842069

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
41c18ccebfa18dbbbf674fc3b7277c55

SHA1
727cce2a3c92ec900a57f199cd5f0876ac3ad6a7

SHA256
023dbd2f787d3099ef21c253fd0625bd009854af0ebcb7de117b0a4e4c861fa1

SHA512
60ef738524b5bfbd237750d9c6689d91fa63c49adac6c37fcc4530faa7560da924ef7687827b318f6ac731f569767d2c02dface17b91a2955c1599cdf53e218f

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
cd1b6f9da0a1dd2d6df711dea0d0b32e

SHA1
ddf6d238b061bc8c4389cacf6d9cda4b472bb791

SHA256
0acbf45531c45723b6af61bfe082cdc25f9039f7782661384a2fe3127032586b

SHA512
f47772c99fe3b09a55bd62a33dac68fc217427563be463874a2506b37521ad102f7e19d10bfc299310484d2de5e99f5e9d6468193d42c848eb3ca827151c763a

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation3116411748549617597tmp

Filesize
90B

MD5
4c6796c2712857b29ac0f548fb321611

SHA1
a33f014093d740cdfabb169b888f8fb33e08bdc0

SHA256
dba8961af84cea3a2198ceca366b11d7424aaac1d09613422dba2b24f5c8d15e

SHA512
008d04111dd6a808959b6b323fd2c86eb66b6bd6d37d046974b53562a1959334a4a13ee7c619b49caf9b5a7f2dae7c7dace18eaebc139ba81cbbfee2450ef194

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation3957981960903168843tmp

Filesize
569B

MD5
4bd58737b1a179ad693c897cc071d461

SHA1
c5346268e9c9e551034ebfd66054edca077c1cf3

SHA256
d6b729f6d4583190d96541540132a51b482ef61cc7d4d2b45fe4b058ac6573e1

SHA512
657406d9792dbba9f5bb6250ff65f799ccda070d0f6cffadc359fc81fc963108a2e0faa28534909e89e26e8a6dfc8de6761eb8b6bd51f99e9c2932121e000e4e

Download Submit
/data/data/com.mojang.minecraftpe/shared_prefs/com.mojang.minecraftpe_preferences.xml

Filesize
140B

MD5
8819aac5e14e66aac3710c104a680bba

SHA1
4f25e0f25cb6e06980a5aa00d2d31d210de1ab53

SHA256
a9754bdef12bd8d8e69ad7cf46db59fb15b9d2a6c253624af69869f81032176a

SHA512
2df835cbf980604c37f7f7041ac967dd7e7623f325ddbf5496116150fc6eca9ce51499f3238d8ff2dad75e2bc7c77e5d3eb59ce828737983e28797156f9d0974

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/manifest.json (deleted)

Filesize
680B

MD5
6a75b9f5370443e09039e46d742331b0

SHA1
6f35b4b3b2eba094a5217171ee37bedd2153521e

SHA256
ddbb4438f5269d3c8f5ed7244a69df72528ff6d838faa10b65a046ea7aec0e55

SHA512
d2fd5f2cc39f2681f2788298f6ff665f031e28e0f491d37d5bd58cf5b253493377d5690221306a534d7f0f55337ae4639a0aa8879f2cd4ba3b779497977e3831

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/pack_icon.png (deleted)

Filesize
2KB

MD5
d56f51c4204b944d2e3c52d24a5a31ce

SHA1
800260cc8f013dffd47549516076c198922793e3

SHA256
90463377f2d3d4e309bd8b7e8d09f1088491c4ba6c396cce48dc2181c6e07a57

SHA512
1f5fc1560463afa1f88b0f0f9cfa21fecb6037eac31da9d24f48972ae157ce16d856f64800ee5b52a1c6213b4d797a21ce5323a6e151b6f5027d97080a720209

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/texts/language_names.json (deleted)

Filesize
58B

MD5
fba6d05dc80a16852e5601eeb2b8bff0

SHA1
e14ac0b7fd06ca9e7a76c5b4f93c81310e0f22ab

SHA256
6bfc38547ce3374c6e2d6c43ae6aadfac596373201ccb61511f322cd915e15a7

SHA512
72e0808668dc8f88b5a96b1bac48738e49f150ffc7607d381e8711c5511d94e4065bbd06b9422875dbeccd70618084d1aa228d84ff2d9e00dd72ca4cd7318c30

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/texts/languages.json (deleted)

Filesize
13B

MD5
77f6a5602eb7db7e01a17cf49c3f7012

SHA1
f92f69a87002af54db54adc3ec5fa098704c5352

SHA256
861111c3dc893aba71f7ac0a3585464ab78755f3e5c59f12cb08713cfbbac134

SHA512
40de043526f4f180322682efc87d4e68259c284c4a45c3616001489666bdd4a2c3c75f267159dcbf23ffa4b2f88606f571a0882dc01a957859afa1c96c2c6731

Download Submit
/storage/emulated/0/Android/data/com.mojang.minecraftpe/files/games/com.mojang/resource_packs/VietnameseLanguage/texts/vi_VN.lang (deleted)

Filesize
314KB

MD5
796c722801febe436299506647069ac2

SHA1
77a38822a6d5e7a622bb4b6132411c2452e8f041

SHA256
a37650ac99046a65bdc578706d8833712dfe85402dcb00107934d033191950db

SHA512
f7c87bc7a0b34fb824f9f2a948b7f25a2f014c4662eeb6371eea589fe351a7c29a7983c68798cff074bdf12700bf2775a5685b038a8c24de14215de51aa06004

Download Submit
anon_inode:[eventfd]

Filesize
8B

MD5
33cdeccccebe80329f1fdbee7f5874cb

SHA1
3da89ee273be13437e7ecf760f3fbd4dc0e8d1fe

SHA256
7c9fa136d4413fa6173637e883b6998d32e1d675f88cddff9dcbcf331820f4b8

SHA512
991294f43425a5b80f8a5907ca7cdbb611401282585a58bb415077005428e3b4c0f661fc07ba5c45f627bd8bdcb172389ce2fda461c029b837abc70f0abbea20

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads