smsfactory | de032609bda6ab2da5ccf34923eccf0024f2342795a220f5e7ce8c14ebc87e34

Analysis

max time kernel
160s
max time network
171s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
01/04/2024, 12:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7185ff85ec43f1a42fe89725720975fb_JaffaCakes118.apk
Size

5.0MB
MD5

7185ff85ec43f1a42fe89725720975fb
SHA1

3f916ea5c07abb2308bb4e2f5391ac979998b4be
SHA256

de032609bda6ab2da5ccf34923eccf0024f2342795a220f5e7ce8c14ebc87e34
SHA512

fd184eedb6778943924b09f1f3e44fe8fd04ec15d9170144a0ae58066afbc8a075f0ff91c13e1bed1eb31aea407b20afa27cc1e543c0301b520f0cec88db34d1
SSDEEP

98304:9cOAB+dOZB9G1MDBBmWqMQhNgWavgu33hiUlnpxF1BonsAOAZBoeSNUSqf8SbZfz:ypB+dOZB9BDBBmWXcQ933hiq3TonsAO0

Score

10^/10

smsfactory discovery infostealer trojan

Malware Config

Signatures

SMSFactory
SMSFactory is an Android SMS trojan malware first seen in Jun 2022.
trojan infostealer smsfactory

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.halfbrick.fruitninjafree.hack:Metrica
Framework service call	android.os.IPowerManager.acquireWakeLock	com.halfbrick.fruitninjafree.hack

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.halfbrick.fruitninjafree.hack:Metrica
Framework API call	javax.crypto.Cipher.doFinal	com.halfbrick.fruitninjafree.hack

com.halfbrick.fruitninjafree.hack
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4440

com.halfbrick.fruitninjafree.hack:Metrica
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4489

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.halfbrick.fruitninjafree.hack/databases/OneSignal.db

Filesize
52KB

MD5
212a337771ab5b18e82e4d1b7acdea35

SHA1
092a996b96b0dc7006669f4a3dadc94357b25013

SHA256
802cb04095337d676e9516d13b9653adf3764637006c37162ac8df6f06f22417

SHA512
988f85500157d0359ae7f442dd42eaf0c7e991069cdc20f4783a0b208938f84e1c8b5cb8680df3dca525661b518bcde4626239a3a2bb8e41ec72ebc62ae88915

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/databases/OneSignal.db-journal

Filesize
8KB

MD5
6203393fbd11c781c94c9bf1363853cf

SHA1
7418bf4171b52655f9cf3e3a0369ba33ef3bf764

SHA256
d734ce2ea85ace303ac116ccea3e01071f3b57568ab75ab9648a3be7eb2be5a7

SHA512
0686af4d48e5a0098205aa1564b61099c9c6798234402889856fcc6c8122f6d049ccc52c51d86a3d4226d4ce62c0e698304dfeba83c03c8c0d3e70336d8d9abc

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/databases/OneSignal.db-journal

Filesize
512B

MD5
289f9eb0e4ffb23606cbe33e564f2e99

SHA1
d5d1450b93427f6c519cad02d9a29f9a88726be5

SHA256
7f4c94cc52caad2e83b28288ef47ed8c127a57cfaaacc6f25f2068c633686327

SHA512
bddb2380f63fd637262dc4001fe0cf90771e92466351790dfd83717335a47c3618aee5f90af93973983d1313eaca6af5c069156a1e91dc1b007bfa2d0e889203

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/databases/OneSignal.db-journal

Filesize
8KB

MD5
e7a3adedfd6e9b19d77a0a6f9c4fcec7

SHA1
49c4e8973310307def3341fa06854e45bc5cbc57

SHA256
0f7961e4b627069deaea0d5a391db7e3fa23eed963dfdf02046487527f634654

SHA512
4d79002bd5d7e02a419e8bfc5e75dbf8f07e8139f396eab69c20f74f26be8eff043d131f33c8a86622a6ab694353264dc6fae415f6ac51f5b3665d927a975703

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb

Filesize
12KB

MD5
40814c782a2ed4da3c620bd17a03eb41

SHA1
6810e0b441637e5498d0a114ded7a724a5eab7cf

SHA256
78dad1ab20b3a80aa6a0684a686d1e74c93c7fe0c4672458ad6fc7bddf34724d

SHA512
40d8afd19151e4010216fbe21efc8c0622c41ce4f88e720c9187a1f14b87d058aa197e088f98912271559e66f56691c392dab72082ac56d4d6ca53387daf1e24

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-journal

Filesize
12KB

MD5
26169b6dfa96fd2c818832da459c5fbd

SHA1
762ed914dce391d79259510b5fabe2bcff84c97b

SHA256
0e7f5dd166d7afcdf4e5837edb500a45f6b5ff11454f453ea373b25e9c4881d1

SHA512
da29e46767266f95e30804b61492e7e135e27481a77577ba261daad823c9e48bd113efba199d3bb8f8ae30bf254d8d8422e10e4d7dd20cfc15098b8941a235e2

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
78993fbf7daef9f2f8a3a978b15df744

SHA1
46b92b0390130a8ac50310771a8265a268c32aec

SHA256
6cd80be5e28d438c89f2c8a7a2477a1dc868f8c8e9f2e4991dadc5ce44fe937b

SHA512
43dab58ccbcf24b32fa8a7b99eed22b286f51c8c7f594e05fc783c2a9b2ad9170d994ecdc10db843eae36e6cffafcf995491ce32fe4c6e7d7cdfeee6ec769495

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-wal

Filesize
48KB

MD5
b26543be6c9aa3fad6bf1dc5a6ad2f6d

SHA1
2f841a101980f014505c6bf8a3d75d3649c2ed25

SHA256
51fe356b98c52ef56a183671547bbdca4220ebbeb08d84859fa20cdba8c49e29

SHA512
11843f9dccfef21c4ea82717d0ac8fe3dc993809b8517a908aa6f2e3dc813252c2b0235d608b850761290456d25a8a2f4862989d9235ec70f38471de57ef8f6a

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
f019b497646ca81cfe71f48160d24dc9

SHA1
84bc63d90d6935745a2242f10d28ff35497a6dcb

SHA256
9fcf8a5495cb5fd4b61cf0ab6d1864c664c4255ee337165b73369ee42c81e103

SHA512
ff3327f4c7fb5f2142d42a4794e520cde8c2bda37747ef8ddf2481ba725e83be97dd7f1ae39ae01b1a7e2f64d7611eeae87c2cc47ee69cd28950decccd30757a

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
d5f4b742c70a5e03b5c036005d1302a4

SHA1
b18e6de2a90438bccaa82c40dedb585569839ae2

SHA256
ef3934cf4f6b3a529d96de2af887b3b0b06416120ff65382735e3f73f77baece

SHA512
5206efae281f13aeee52813ffda7c3caf9e20b50ba5ace290fcfaeffa71e1362e3f352d3280bd9c2dde726e76e2a46bf1acb98912382f3b232d163452bfac179

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/androidx.work.workdb-wal

Filesize
253KB

MD5
a528059a662917e61937d939efcddbc6

SHA1
d6e443ed14c40cc1ace79cf4f77cf2383498e79a

SHA256
65c8cf0dbece9f9e9c1bbde2cfc6bdd7fc6c13000748ae68a20af9d2d717bde2

SHA512
382c53aff3418595a4872def774183c60c316e66acf1dd7946f94c84ef51c1ea9ad99f4daddb7ff528555b7a64527b0d0137c89384a7287ddf5549df08e2ad62

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
8fbb5f0dbda8f78a47d8dddbacf41ebb

SHA1
1b8ecda41f8cda3e92422fd533e8b34b8b304e59

SHA256
0e7ef9e8b92a5ba552fc2ccc98c45042e334d431606a7ae74a46b78de1f075f5

SHA512
e62014eb73540edde0db7fd034510b41ce546acadaf1407603050943b212519ed9e554a2b78d537d8aa39d44d6391ef50bffb13695e7cfe26b0c9a4ad8f6d838

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/credentials.dat

Filesize
227B

MD5
8f1bf6acbb8973b0d155d6ced921ecf8

SHA1
203ad7fecb186e17d106ec194a3cb515f1c2074c

SHA256
abd62eff42d6e1c4dacaabe86a5bcdf0910c856c5490bfeb8db2efa033b72aa3

SHA512
25e2d93b6ea02b8d3f45359def539c91291e34733e932357586dcd0b8244d1ba2caac6ec4d68f36f5bbe422abb518867a9d3ff418420453e5385267af6c0f29f

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack-journal

Filesize
301KB

MD5
685f40d2e8a558650fbe26a5972383ef

SHA1
8c171150f409f2d9466bbd65cac690921c19d9b6

SHA256
8c385a784511a2494056848bf1df4f831f649a751c0baca679074f97e5abf71a

SHA512
0163a6eda16de083843aebde86b580064c971475e4889ec12c1b3a74b06a6f1d5f611241c27d666dd41dbea1660ca82a2cff16d02a38e297eca2d84d3908b190

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack-journal

Filesize
12KB

MD5
02392ef9f4b09494c0ea871bc9527cda

SHA1
4d55f994432d541c6c3c124db117b22b93cf22e6

SHA256
8ff569b2933e7254dc0b0f9e5b88f4a9c23e5143fd7995c4235f7ca841f1f7a9

SHA512
dfa505d3587ed54c879d2e0ee68abe6498a2868e161dc4c205d9b310df13cef5881e1c2a9177db1161f6a1d37b8ddee36b71ec1ce6adf152162702b8abcac90d

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack-journal

Filesize
8KB

MD5
89b18c94ccb7848c959d9e165b9eaed4

SHA1
af8c091ebdf45bd096e0f02f7a5eede57000c365

SHA256
7212a77cf92889ba6b7d043775950c64ee56e11ec1b7b6569362808dc8066cff

SHA512
335bee1785561b0466d1c65f76d10ff9afcb94caeeda486a37c2d5af9a6d27f5f2338d54bda356fccf1fdad33cb1f8f9b72e0b7bdf5d6ee5fa4658f347af5e88

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack-journal

Filesize
24KB

MD5
1a587c3146a0900d20771a49f66d7353

SHA1
13fc84fa8ff965efd74e357fd804924d19f64e20

SHA256
8cf0855af3351ec5926b74af9a33cfe474938598c6ce9c901d3a1bba745ccc82

SHA512
f24955366b7520946f29efcb9758a553e9cc01074ecb0ace0db3be6c9c9e89547d664f2d03748f6425b6ad53cd89baa6bf5d224cc5f4960688898c5deca4f662

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
6ed488e44136886b28039c6702d193e7

SHA1
1c59b6c06a2dcbfcfb92072a66e7a8bbe7a8b5fd

SHA256
b33c147cb55e51d2e970652bedd9567c421aac060356aef782f955feac20e37c

SHA512
81db8bf7a28da190eb5fb298565a85053f0dfc09406ae16f6d4a55361f8aff90465471af35daf7330ad9162dbb2f042e72a3848e0fb9c0db12335fdaec8bd44c

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
20KB

MD5
233385bdb54d6db5f8b45bad848b99d4

SHA1
0d7a4b4db5ea25c748826ca62f1ddb702c9f4fa8

SHA256
66f8f6c5381218ef305db53d664c3134b9b74f38daf16e85d3d3bb487dbdbbb1

SHA512
5678d955655bb1840f561d00cf85477ab8dd2c6a6ac56946284f67ac8349bbd6fabc035ca9671807f37eb2939bcaab860d21a0b92002603ded0aafcfbd690e0c

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
20KB

MD5
0b4672fd4dad39e26d05cdaf69f10de8

SHA1
fb795b5e75abe9f85fcba8e1ab5ac3eaa6bf1dbc

SHA256
c42631c41411c3f49db59e0a3b84884b77ab6c75e011a692209255efd49c9047

SHA512
7cf955a52a7e1c67fe76a642f37c8b7d8131631eb5d24a815c0067fef59bf31e07d9d26df1b0588bea9de5b0955278aabc27624e4db4d1aabe54938542a5e569

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
8a0d7064a745ec50f35c66a67deff088

SHA1
0d324bfa063c29f1c9c9dd0561fd7edc3d02e2cf

SHA256
d98dc165ffbe91546d765afb56b5ed40a99e64765850eca8080d7be9b4fbf7e1

SHA512
a70af3e93f445f2441a385394b127f696e4bee29010348a465e0d335d4d691a63654161b2362ba8f39bf5ebb20b173a861758bb81a056bdd5f8cdeff6a688805

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
b86312161ae0e8a2f9b47a5503d33e68

SHA1
96eeee3537c4eb8fcf2682eaf68f1a356b31dcec

SHA256
6738c90eba3098007b3d7f994e99ce1e061f5dd1b24c802c686bb904193f518c

SHA512
3a4d2af7c32d041f2626c6aa5465fea32f5cafba51a9c516c194355ff4a55b2f5b4a7daf7e562f3612f1da9330c240936b93f8aec3ae351bbebe8da6af2e8f60

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
b6015080b59714d158e3b66853867a36

SHA1
c34b8f612fbf17425794ca9e24a6b4c9b0969b46

SHA256
69f6c3d09838af63f5cfa89cadd921bf22b9c1d2bb2f0f132f4933280b7e7db7

SHA512
42e0313d9aedcd34e433546aa3a59584bb0ecbb0c554aee8e36403289f5b089400da8735b0537efd65ea693a2c625ef4ea16efa1bf92d0bf2f540076a0e9950a

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/db_metrica_com.halfbrick.fruitninjafree.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
123909ac2ea7a8dfa3faa09e5a1abb44

SHA1
80c2381b8d62b3fd01ff062a7d05e941596f2181

SHA256
5c5c0f9e0d943bab594be7f3682f32b282adb85cbcd10ff18630d09a26618930

SHA512
8b2254df4d40551dff225ddea8eb7208b0fd22eff6cc934f23687acfa80aaf2e56935f705c9c79123cedde2d81b501e5d46a2b573c43224f92605310cb9c5c90

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
d4a1f8a08e9cda2813145a25e1c74012

SHA1
97a4b8660bcde5fc8776361f06bcfc86a3ca2675

SHA256
f28df9d0ec22e67e894c0cba5b23caf8065a626ff6404d3656d3e105d6fc7d13

SHA512
ee31243b839a69698c08b5ede4f2bce5ed440a43d9789629bcc0034b132927af0fee95d92c495ed9a16a8446f05b23c00439aeba5e71177cb005621aee34961a

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
2fa1d01abd4f058a231b55f648182b45

SHA1
ac2be5efb04652024f77d5d7b2d0c25e8ca07c6d

SHA256
8b57f71d3b0397a2513c121fba6eb7fed196208851fd8dd5fb4d050a11036d52

SHA512
c5290a47b397331ecf8cb8241d29c2829df463f42babe7ca51236d71a0980e1f08f9c1e0a302b22891570aeb6ae60635a251871929b2ae088d1de3d3e7df00b2

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
fc318483a677c71a725dbbe6e9516df9

SHA1
8ac3af9cbfb464e53b709028d1f64a4d019bb2f4

SHA256
d6d65421dac425ed42a96af8b94a1d708f6e23b556f0bc80011eb4970304b7f9

SHA512
0e3a0d7629cbfdcaa59e415c4ba982355f249b9595d234c0de6fda993c65c121435c442945766017cd78533fbd059d7edfe2eda0185ec6e4d076499536a63140

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
69bf306038266e5364e74ce6dd22181f

SHA1
2524483eae082e4a84742f929fb7599a7e9c3334

SHA256
259da667967f4a4341b62bc3fde53b94cb18f404c4335b19e8e8f179fe352f42

SHA512
c4cf7c72ec655d7f63911cb3f7924cabd405cf8190d1aad591a0b4a70f95984d9f9be84ded37d253608b5ea5ae9e19776205da6a2d00a90440578cd654bd42ed

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-journal

Filesize
512B

MD5
fa70cb0cc7afb3d5090e32f11f9d43b5

SHA1
73a7bffd3b95a473ad00a8ca6fafbf3785c977d3

SHA256
9b16c7a14a8a123b71a19c8774a78b8dadea52128367c60e006cc998e1ef184b

SHA512
ac3b28e58f1affe6e58ee47fedc3933c1f6162aed342f75f78dbe6998c52a87e21f803b3defb1d6d1ebb2bc1a68bae838f495ce9643551dbd9a352e8c312457c

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
f1e1cb55e53f697d7bf50194bdb8cc8e

SHA1
1a4dfbbe90d53f2430f65ca91030a080f1d12cbb

SHA256
6a1ae4f5f33dbaa9643906342cc6b76e40064e10e5052253424d8748c32941f8

SHA512
5176a3b59cdd8b01ba5cc7028ee1190b2dd7b5d5c3845e3d57fe5eed5cf6fe392069203ab0687b5d7443272b2e7167d50776c30a87afba638c5c56d21f18a806

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-journal

Filesize
20KB

MD5
090e573c682675e52e0c43de15d1d44c

SHA1
73c6986534c56f8e2e29d53820c31307be0187e9

SHA256
173ae000170c44d904ed19018b77a957534454686298ad97c2e0257fe2ccb202

SHA512
2b9184f2e7cf5f79778b8874145d835d1ab5e6c61b08ba417c00d7e371530230e6f4c183743493a8a36e7848038bd11b5e88e8d1dae4feeaa5e97aa23bb6b5b2

Download Submit
/data/user/0/com.halfbrick.fruitninjafree.hack/no_backup/metrica_client_data.db-journal

Filesize
44KB

MD5
72457e4eab5b6a19cb115072bb16a194

SHA1
809272f6bffbae75666a116462006981ede1ab52

SHA256
8175a455504925ee904a6530f0106fd2ad76ba7d072e1a446eb94149c7be64ed

SHA512
cbfc49b2481485f73e8a4db3ff12ef9d89745a5f29a4c311c84972006cd5e8f5c9ec74ce2247d1d52cef702765d7b89b7374576c66b8eca85ebb96b629463ede

Download Submit