7558b5461646bde963f43b446476fc80098cc77dccca5ee097765af794297083

Analysis

max time kernel
146s
max time network
216s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
30-06-2024 23:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1.21.1.03 Oficial + Xbox Live + Sin Musica.apk
Size

246.5MB
MD5

9b4f55dc23a8cacdfb02e8325a8c166b
SHA1

fbec1dd5acb1965376838fc89b2370bddfb9897e
SHA256

7558b5461646bde963f43b446476fc80098cc77dccca5ee097765af794297083
SHA512

7daa31dcb35b483d0bbb456c8a311e13e24a259947bc98dd860f18b0ad07c7ed5420203c9ea82a332c2027aeece5fe07d1b99418a754cdc934caed8b42e90ece
SSDEEP

6291456:8m9NqNaO5HISEr7/t+rZcRGivYaIB6hDep1f6m5/qe0Wzw:HNqNaO5o9rZ+GGiQQY1f6Aqerzw

Score

8^/10

collection discovery evasion execution persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.mojang.minecraftpe

ioc process

/sbin/su com.mojang.minecraftpe
/system/bin/su com.mojang.minecraftpe
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
collection

T1409

Processes:

com.mojang.minecraftpe

description ioc process

Framework service call android.accounts.IAccountManager.getAccountsAsUser com.mojang.minecraftpe
Acquires the wake lock 1 IoCs

Processes:

com.mojang.minecraftpe

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.mojang.minecraftpe
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.mojang.minecraftpe

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.mojang.minecraftpe
Reads information about phone network operator. 1 TTPs
discovery

T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

com.mojang.minecraftpe

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.mojang.minecraftpe
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.mojang.minecraftpe

description ioc process

File opened for read /proc/cpuinfo com.mojang.minecraftpe

ioc	process
/sbin/su	com.mojang.minecraftpe
/system/bin/su	com.mojang.minecraftpe

description	ioc	process
Framework service call	android.accounts.IAccountManager.getAccountsAsUser	com.mojang.minecraftpe

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mojang.minecraftpe

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mojang.minecraftpe

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.mojang.minecraftpe

description	ioc	process
File opened for read	/proc/cpuinfo	com.mojang.minecraftpe

com.mojang.minecraftpe
1⤵
- Checks if the Android device is rooted.
- Queries account information for other applications stored on the device
- Acquires the wake lock
- Queries information about active data network
- Schedules tasks to execute at a specified time
- Checks CPU information
PID:4521

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mojang.minecraftpe/cache/appboy.imageloader.lru.cache/journal.tmp
Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events
Filesize
56KB

MD5
f5f795b34f84227ca314f405e5652b84

SHA1
496334dc03952b16b1d5619d191e467640ec8a2d

SHA256
bf606a40492251a638951dd31ea02776167dbe3c32c2d5cf30e1254e20a30747

SHA512
6dbb1e98e2b268b81dcb149b81a13731d309d4bebc2739d8b4f99c4229b57389002f58e6817c036ce3af424c5199e3d3d51cbbf2b2ae0abb8f22be480ed7ad4f

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal
Filesize
24KB

MD5
7c30a41711ffae31118782b0f9725bfe

SHA1
3bbdb8675cc4a1cea19da0566bf240bba4497345

SHA256
1efdfce361cb30d7e87f7aa2cf4ac66ad34b36fe39a190b10fd3cba0761001b9

SHA512
48134625f5b9f27aff7b077efe4d67966231522d5ce9f1c78b5c9ed4453003ff79d8c3544fe18b992c9f51254ee0e1aaf30ce9f8a66d894d22a6c035ae043d9c

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal
Filesize
16KB

MD5
f7638e18620c2f7a52566d8420a72960

SHA1
14820dec372dbe6f377cf46ec76d97cc3f05fc4f

SHA256
07ee71a496785f470168c875a8817dc7f85b0731aa044fdc61131fdd4fdef3d4

SHA512
cd9d7f6698fd2332631de4c3ca6497d7c8b8c9bd1927344cd184a2de16dc12ca31d6f9849c942fa02b8cddd065b894dde39cd138783b902473f8c55a0f425809

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal
Filesize
20KB

MD5
71f0a6bf89e3692d9364e6096310a935

SHA1
337d5b09bff6127e1d66e712b492e819c10c4f4e

SHA256
dfe59908c0619c45cb66446205396267e27fa019b6c8594aa389b99e32af24d7

SHA512
bf9178f108c3b3c84fb2f5398391beb48e5104dce8922deb5023dc1d8586f40740616c6157858c6b757a1abea07eb5626b54cc40ed05eb158743f70eda4aede2

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
74b5bd5d49f93abd8d053f4987f5bdac

SHA1
ef1de83e4138c04d8911f6838e841219eb392892

SHA256
ca56dd54253c0dc5683d1cd21b9fdf7acc4d1bade6ae20b04ce9010c75867626

SHA512
5aa4f2195110b028dcb2aa45a6c87b1d604a5b647c64c85518d5cbf942855f2adbde1946a1c1e2aacb20af225bc21cec289b445b36f8b1e27943528d174fa6f2

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal
Filesize
8KB

MD5
d4e1610890468555070f993b07932909

SHA1
052093b7f8c4cf0b2916add488c8f648647dfe45

SHA256
2b60fbfd1946575ca63dc3ecd20b965841dfa834f84f0a50601995d27bf384fc

SHA512
03f00c3dff4a60387b5d1556b7003aa802a3a39281d03501a6a60bbe0d437704166fad60d23814953d8e31e0810206e26a64d844c342f1269e5d17663578d0c0

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal
Filesize
8KB

MD5
4fe2f332544e833d277274dae48f2d55

SHA1
7d4329f199d60bdef614f4499d9ddafbe7821af4

SHA256
d96a0540c281687e03eaa0ffa4fc1ca60c092f5f6f5dda3fb478c3ddf1a323e3

SHA512
347ad6fce51c1b1bbc9680aaa0ba0bc5783474c44b56ca73c61abfa12cfe15ffcf72baa8b066da104192bd6e83549459ecd780467aa83e6933957ce7114948e9

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation2652295859689900984tmp
Filesize
568B

MD5
974b5df76fe3227923c4f10b81a18475

SHA1
12bf82ca061c05054f9ed0ca3eb457fcca118f08

SHA256
3682db99451946fb793d33178fc2f8f5abf9cccfcd2a27ee10512d92388be837

SHA512
24e67e9145049c2b242399c806dfaf7900267a98ebac1092b8404ed6545d12954a4c6d9d1c7c0f64b6fdfeca81e991cddb749762e729e7d104881ca2c2f4f83f

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation5504549872351868518tmp
Filesize
90B

MD5
5dede8d89a1260e092069fc55e52feaa

SHA1
974de77c31394dc80d3d7f9f98a3641a81395dc4

SHA256
4480d185a4ba546f7c3e0fe1ac588cda16a78b6e41216a409495419d960402e4

SHA512
1a2389f72381b22f5967da4f395bef8eb8a14313ab5bd60351cf1007e774ee16b44bd3a7401e927464cdac134809772eb3de8b59911e8ec39a0edd7842a474d4

Download Submit
/data/data/com.mojang.minecraftpe/games/com.mojang/minecraftpe/external_servers.txt
Filesize
108B

MD5
856ffa6d400316dbbc68e89e61daa485

SHA1
c4bb37570072c7657fbb7fe8f94f2df60b3a7ebc

SHA256
67f0c3c782289991c5ba82394f77d4cb112f58bcccbc9cc2c0ddd1d3cc373e69

SHA512
ee0f8483a7f0990f1ef462e1dd4b373ef80033a4551bd70e6cd1a5a03c4d72fe62b6c6979c8812dede35093bb82e78f02a961d3af7d948794d89d26e2fcf5b01

Download Submit
/data/data/com.mojang.minecraftpe/shared_prefs/com.mojang.minecraftpe_preferences.xml
Filesize
140B

MD5
fdd13506ec2048ccfaa9708db32fa1c9

SHA1
1e0aa95af84870bacba0ff3f84f30ec63971128d

SHA256
f9a7232aefbbf5f406eb3d5170b164f01d7cb075220a469b97358d627271571c

SHA512
39749d792cd2f9f87bf50dc542964f710636c12bc0d1dff971dfbe6d0e9b5c5dd68b4db25d36cefc8d6a13770034d1d0db51f3e1a6ee695509ab5dff06a7abb2

Download Submit
socket:[73115]
Filesize
50B

MD5
84ef3396aacf384b755d3ef582974fd4

SHA1
f2a362fdf29d83ac7b7c58f67bdbdf7671979729

SHA256
3dbc1649049db4d3a34a6b61125f976994b9ec65a25f2a3a2625d03f196c326a

SHA512
1f84ceb51c08e350639d409d614d08aacd04856d52fa148f5b23696ae76fb3fd130ff0fba603892e01a81422c92774c5b686383a8a4ce91c4276bfbaf8bd3f6e

Download Submit
socket:[74215]
Filesize
56B

MD5
12f160ca6067f0f084735deb52545406

SHA1
42134aeff7d2a333baa406d8d71850de0310f5af

SHA256
77a72c7154b9325f184b7f48daafed9560ab89cf76d9755e32c438676a15e89c

SHA512
d196d794630d6601cbcb217a38dbcd790294cb0e2ee63ac907ffa244bce6197fd0fa2c55cea2b9aa8c805413037146d20ecb26cf5d07b72d1301635c2e750b92

Download Submit
socket:[79116]
Filesize
46B

MD5
cc0332d5969853395b3616cd9369a325

SHA1
1415d315ab3846bd7a795f057097d32dad9f5804

SHA256
401010eaf7b06a38a54584a19f4affd651a324f780f78a365299e3346d499a27

SHA512
f1ec2ce9c7cbbff017920b845a5ec5cd4fd783590414e27fc47c70aaa8a724de85a21bf077ea1a658ab97cdacd1643e491d4984c348d758e21ec9c79bf21faf7

Download Submit
socket:[79159]
Filesize
56B

MD5
5e929c36cf1f7be5774a6c63e341c0aa

SHA1
d8a43e2164d68d02548f5d438c2e2ec57abf78a4

SHA256
f6cb9d0704a7b99dddcb01be13573257ad06195cb8a64153668f7b5eca6ea499

SHA512
9f0c3c88406de2121a61f6c16bc71827e24cadf260cd22765cc008edb1d56b2fc8cd08e7da0b6f346af379c1e641daf446ad62448efd22ea2e95a821b04446ce

Download Submit
socket:[80638]
Filesize
81B

MD5
749095b8343b9e8507fbe44d18c7303f

SHA1
77efb12f4ba8995b42ff5fea747bc3122a253ac1

SHA256
74f268f10a00cf318219b5c762ef6b7f414ada646aa6953315da7226d7342e33

SHA512
4f0961d4595327f3f51f9bcca8280254be46bfa492fba4aba311efef1755a97df069649b8c159eb0b983a97c4091f90a846781e6d88b7d8d224255ee63f58219

Download Submit
socket:[80693]
Filesize
69B

MD5
829a0671e095b4399a64acb652284ad2

SHA1
81711183fd6321a1777c624e5146ce2efad540e9

SHA256
2f80e2a8b50c441ceb2b16316f9c5553c14bc80cabbcc39ef6fd63c447569f5d

SHA512
5889b170e6f6e27520c2ca51e5aedc77e6f08fc3f21d89ced58cd06000a405b86aa19e0feda6db985ffc1a62beec4624dd7379700a4f0f7b37e95edbd8de0038

Download Submit
socket:[95262]
Filesize
48B

MD5
2b5c438bf1b672ca09960d5a082f1711

SHA1
e9ec5db181d3330db4d48a27090ad0a1acad01fe

SHA256
4023e17fdcec5658306e289bd07988de7dfb0b94c0d9dcce98ea1280706d1671

SHA512
9779fca5094483fab29a8263da7826d532ccf3e735fa24f94b87543cd098881153967662ae6b8a915401e9eec4c597f1d4db8bf438d8b9eae25e268e1e105ba6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads