06d5386ed44bd77c850acd5a9ad2334a706cb91bd23af95d94177f36ff1a4ab6

Analysis

max time kernel
62s
max time network
154s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
28-04-2024 15:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

05885556125e088105e7f1f923014c05_JaffaCakes118.apk
Size

15.9MB
MD5

05885556125e088105e7f1f923014c05
SHA1

629c7296ed521dc949f0d58091186a1e2b8cc4c8
SHA256

06d5386ed44bd77c850acd5a9ad2334a706cb91bd23af95d94177f36ff1a4ab6
SHA512

c46fe0009855e32cccd00d2b2d0daa27209d099f2260581c51ea5c449ac4effbdd3a658e68dbcca98feddb6c5059ac921361c64ade915b34bb18d3040528ea06
SSDEEP

393216:WO8rlGKI3UV8D3r13bxsrXIJoJl/AqaIv+4SC3InQOGgkMeVvHqt9J7:WJlGKI3UV8jr1rxWYyboqHHn3IQOGgx5

Score

8^/10

collection discovery impact persistence

Malware Config

Signatures

Requests cell location 1 TTPs 2 IoCs

Uses Android APIs to to get current cell location.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	ir.cook.without.chicken.d
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	ir.cook.without.chicken.d

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	ir.cook.without.chicken.d

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ir.cook.without.chicken.d

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	ir.cook.without.chicken.d

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.cook.without.chicken.d

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	ir.cook.without.chicken.d

ir.cook.without.chicken.d
1⤵
- Requests cell location
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4191

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Location Tracking

T1430

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.cook.without.chicken.d/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/1bf65ac2-1dca-4b99-a74a-293ac05cbc86.jobs

Filesize
1KB

MD5
45ffc2018598c0fb272dd2bd8c6d24f7

SHA1
481134ca4a6c7869e8bcb7747179ac0d4a4894a9

SHA256
17cef06a653856b59c07570990124d3f49e327e5f6c5b17da4973a2acb22585f

SHA512
130e634c5500255dae227727839254e88c56e8e537d45bd4d35967f6a19dded1453ad3e31ecfb389b5a35a5c7acec665ff86f0699b5e95d7809f5f95cadc4d3f

Download Submit
/data/data/ir.cook.without.chicken.d/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/7ac939b5-b6ac-4859-b7f7-7bc54d514775.jobs

Filesize
836B

MD5
252224bbdde14ec5e454ad590bb1e0da

SHA1
f2012e631f66f1aaeea3ec1dc01bdc1e8df9a7c7

SHA256
41009a07cc2dabbe514d76a8bc79f4d7af26b41c7a15177372abc7401d277025

SHA512
23021abad2827d6b33b0872fcba04f4bb7103c1c39a82f79f1ec8bc166b350d92bd950919f3a71ceaec2436fe81ca05bd384d4845f5fa4bebc0362457baf781a

Download Submit
/data/data/ir.cook.without.chicken.d/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/bd0e2a1b-80d8-49b4-8082-57459a45689f.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/data/ir.cook.without.chicken.d/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/d83bfa33-c198-4550-adc3-15adadb7e970.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/data/ir.cook.without.chicken.d/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/f8dd1468-5ba3-4ab7-b813-6bef72010391.jobs

Filesize
278B

MD5
3d2c5050dc4fcdaae63cabfdf78541c3

SHA1
142b838b4ec00d4a17ef3df582510fb520f2db6d

SHA256
08a6d2566a899916eb9f73883f04663ef8360f3c4e1c3bf803bf434879fcdb4e

SHA512
bb347feb583b61e5f7c2c9a657a31d619698cd0dfa1508434b4ea3e53f24d383cf1e4346746a6af3b659eb9ab758a6e3f0c8f77904807e7df5a1abaa2160e479

Download Submit
/data/data/ir.cook.without.chicken.d/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
ef71dac0733234729bb24963c5eee798

SHA1
b126f51eb79ef9669c763c1e91cdc8c55be52327

SHA256
7afaa1a6c8ebf806346a0e44d8d705a931b1f6767bc57a81d84c244b04c89f00

SHA512
a4f167c8392516679697384c4a9231c668b52191c03e30d4c7cb8fcc5821654111361c3045e82ccea8847ac014c73bb8b464686106b570b7fa8b5fc26e29f49e

Download Submit
/data/data/ir.cook.without.chicken.d/databases/__pushe_base_lib_db-wal

Filesize
160KB

MD5
167519845760a35606372157da4a21af

SHA1
6c794a44bb3b44b62872ce3e923f1ef5e5d49b11

SHA256
595116538e94c13a845e013490f32c94a22a320ef729121d4c4ce20f0227fcad

SHA512
ae4ae20057d51fe6b2fc645fe28723e572a7b42872f19282c10230a5859043b0ea8a942e9269c8c83d2bae04ee2b70615067d9995256a8e39c167581c88bc265

Download Submit
/data/data/ir.cook.without.chicken.d/databases/cheshdb

Filesize
20KB

MD5
ec444c07f630afc0eab78ff766e0574f

SHA1
0fd0d96569aa549deb48f5f29eab58d5aa44415b

SHA256
8717a20ab4fcc221a5092e339e444e6607ce245d49186d019a5337ba52360201

SHA512
2dbbeda063562ec81120d1aca33237e91ad51ddf21317eb9750a29c394432bd8fbee8c02ffe5df46ed6cda1a01547c4edc368ec6481afcf3dbf79727be9a07da

Download Submit
/data/data/ir.cook.without.chicken.d/databases/cheshdb

Filesize
20KB

MD5
2546ef175692989db720348fcac80663

SHA1
45d0e83d16b3d3a643662353f6d1f8e1cafb8bba

SHA256
76108fc850895fb87c003f19c748834c43b6f816ba17d5fe453d6e808b14db77

SHA512
1d91f4e9b95930032b62762b6f7ad02defdec1d87be5b43172d699bcbe02c1567b41ea057e2ea6ca4684cd38ac3096f1ea6c240e3ec00a5ef1b878ed70439efc

Download Submit
/data/data/ir.cook.without.chicken.d/databases/cheshdb

Filesize
24KB

MD5
1f347cea6a53594be878e35079bdabc4

SHA1
ae24631f83d3c875dd678040baafb5e64fc6ba6e

SHA256
46cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5

SHA512
6f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9

Download Submit
/data/data/ir.cook.without.chicken.d/databases/cheshdb-journal

Filesize
512B

MD5
d80e2cb7333fa4faef38247a1f5d0bff

SHA1
24437904f4a2cf9293ed40d022360d78a162c7cb

SHA256
1a1baeac89b684639f73cb9180fd16af27630dfe96e9d3dd02246f349eb27e37

SHA512
4a74208f6fe38ff08732956a96d911ba88550894e99c3750acfd5eeceb2044418bd12fc302f9923c4b6eb6e753ac4b93af7a5ecbd596a4298549977a23b5e459

Download Submit
/data/data/ir.cook.without.chicken.d/databases/cheshdb-wal

Filesize
8KB

MD5
25e8b1220e4007d5ceb8eed159be072c

SHA1
ed1f07882fd3641c7e68d2a9bcc00cc01870b931

SHA256
d45dda9ab5498aacdfde28a425c9e5e14921936a37c7d265766b5623a47a23a5

SHA512
feacc7d36ffd5b8fc01ef8c16c69df0544655daae3810d72035f6180faf67146bc976cdb0543e335aece5c522078e7ae1cce9d73160c0cd038a8b294964116f7

Download Submit
/data/data/ir.cook.without.chicken.d/databases/cheshdb-wal

Filesize
8KB

MD5
516f820a9cbca20079f2d4940ec7e5ef

SHA1
f555e50b2c212cf6a840a04f44310ad1bc7c9c6e

SHA256
7259a1fbb6830e22afbce85eb04e01f1fa404de93866b5cea0d0e9e98a864cbc

SHA512
e292446455cf4a9486849cab3c0e9e28ada5df56a13ff0effc433d55e32d1f81b404eabeffcf451a99123a0f417365d62cbba989655396492dba6f50582a67ac

Download Submit
/data/data/ir.cook.without.chicken.d/databases/cheshdb-wal

Filesize
40KB

MD5
6e363092689cfaacfb3ff2abb110ac7c

SHA1
9f78083e2011232bc8b0dc4e49fd8feae70bb047

SHA256
545a71ae0a449d2f466e8797b184d5f5f29b9a1f111ad0747292490abf0ca642

SHA512
bf5579c5aabd78c43887e3a0d5318482280eda6b00fa4283c4ac735b6d2bf143a910d6a4e5531fb819c0523dbd13f5d394ef1a15a5bb5568c8c4b164cd920a13

Download Submit
/data/data/ir.cook.without.chicken.d/databases/db_default_job_manager

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/ir.cook.without.chicken.d/databases/db_default_job_manager-journal

Filesize
512B

MD5
b071d7956d31a421b2735d680d160f58

SHA1
b4306e1f131af3e140838ae50cb2ee3ac0a58c0e

SHA256
3cfc6cacd2e4157761522c08ab1664aea17d65ef0dbc565349320ff43f230f92

SHA512
adf8a8caca91e0465c58354d5538e440fd6d5dd023baaa2f2dc0e4366b49e221b868b72fecfb6cb7b6c3f8d6cb3628be9d4fd16893fd7eaa5e06f197c03eadd4

Download Submit
/data/data/ir.cook.without.chicken.d/databases/db_default_job_manager-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/ir.cook.without.chicken.d/databases/db_default_job_manager-wal

Filesize
217KB

MD5
a68b686baee54d44a298f9233ae9fe6c

SHA1
2d6a92be81c928d52299b9cb872cb54b5fed9112

SHA256
2c5b298c13780e3f5fd859d7c0bb254dba0fd5f22eebcf7be4043c652a945360

SHA512
d224dc624b377d1072520d29e73145b45cef12219ec4d5c3d497b2e668273b1d3cdcbabb4276c8305a95d59871029fef8d3cf7d7c8c78c520c4a520973edee32

Download Submit
/data/data/ir.cook.without.chicken.d/databases/evernote_jobs.db-journal

Filesize
512B

MD5
4cadb463fda82a56c5f44d6247a28dc2

SHA1
3fe4ad46712563d8786bb1ce522b028a3f6a063a

SHA256
2f22def0576dbb1f5bbea809348ee4348335dd7dbf214fb39b884d46da5088b3

SHA512
799faa61e81152fd213bfb3f574329394b2f21753a3a11628720637d0f3d8b3237a9dbcce69a519c0f5cbf5ae0fa7d9d5868f404c5617cb05e999ef0a0ddaf51

Download Submit
/data/data/ir.cook.without.chicken.d/databases/evernote_jobs.db-wal

Filesize
213KB

MD5
03e89d7b93a139dbb8fccc89a1fff295

SHA1
08dfc2ac2212bc4a4629ca6c2d395922902d57ac

SHA256
53b902657b85116ce7bb878391112345029080e2490e9ca2ed885145c5577d30

SHA512
af123015a77b38b98c34756e15c285d9810e60fc6e2742115ffeb2625df8d746c9eb1cb8d34899759348e1541bb84f6a8fd490d6fd20fea0cb6e102b8de1b7b3

Download Submit
/data/data/ir.cook.without.chicken.d/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
0cff5799e9365e905efc423965b4298c

SHA1
16436d4db0f93d7dc21621d46cf7a82eec958684

SHA256
e7ae350813411c7fbfdb91a7e2235bb5a42a73783c148763995d0a29331070bd

SHA512
2f627a042f257d7589c3e23df9aab9cfc0a2aed73ceef8a54f062dcfea1303bcd661c5b8e3eeada5cd7a545c03bd88df70b18620c32be8bb323f6a874c6022f1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads