Overview

overview

10

Static

static

10

2777b5945a...18.apk

android-9-x86

8

2777b5945a...18.apk

android-10-x64

8

2777b5945a...18.apk

android-11-x64

8

Analysis

  • max time kernel
    123s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240506-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
  • submitted
    09-05-2024 00:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2777b5945af6abf74f1168caf41d0ee6_JaffaCakes118.apk

  • Size

    10.7MB

  • MD5

    2777b5945af6abf74f1168caf41d0ee6

  • SHA1

    a56b903d9725f377c8dbfc019307f468483b822b

  • SHA256

    adb5a810346d31dbe7d239b790448ab07e219d4cf364bf4aa65612c7c60dc9d0

  • SHA512

    6dcd9a790135c0302d754fd64198b33eab029d8554dc14dfba67fafdb0d598dec5658ebdfe81bbdeb63db6d2dbeba4c4b19cc2997350881cc030a503f90b6723

  • SSDEEP

    196608:Hfa6cOHBsyQe/6IAIo/nkeISIWP1QwNdczpbSxv3kENAbIg4R7B1:HphsyQDIoPkeNQwMzpuv32bI5T1

Score
8/10
bankercollectiondiscoveryevasionexecutionpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Requests cell location 2 TTPs 2 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscoveryevasion
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • ir.fateh.football
    1⤵
    • Requests cell location
    • Queries information about the current nearby Wi-Fi networks
    • Queries the mobile country code (MCC)
    • Acquires the wake lock
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    PID:4284

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.fateh.football/databases/__pushe_base_lib_db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/ir.fateh.football/databases/__pushe_base_lib_db-journal
    Filesize

    512B

    MD5

    d42fb69d3100f6ba8405f4341a6a08f9

    SHA1

    e3d8a308004992f7803d2d0305c553ee75925fcc

    SHA256

    001141b509c60cff46c8181ea50f4872fd5d63a602ebdbe9750d6fc90daad1e1

    SHA512

    405c7bc60b460c4153d25a6be9c02ac6d52a4d630d06814360170ac4cfa373b2fb7785b928c095b6473a0122d80661f1828cfa44d106579be72044a7dfcb7cad

    Download Submit

  • /data/data/ir.fateh.football/databases/__pushe_base_lib_db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/ir.fateh.football/databases/__pushe_base_lib_db-wal
    Filesize

    144KB

    MD5

    a52528a5968df1ec7e58a98191ee3cd9

    SHA1

    711a2ab515fc042a98fc10202ead519d59a09f1f

    SHA256

    6aa938b12eb72de360ca966bc4835aeea572c8ac6ab7fb6bdf02f798854b4be9

    SHA512

    2b724266bec4eb7b76b82a60709c164bc73d60b840faa06167bd909f6fccd9ff77bdc3d98ead79d7e735457e56c0af3f496d17aeac899dfbf6125d8a865bdf74

    Download Submit

  • /data/data/ir.fateh.football/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    aeeae4c3e79cf4dec7fd0e81df3fdd2b

    SHA1

    3d69aae1ab8f1ce8cde00a455d0500514a0916d9

    SHA256

    f9a32a8f1f6bb207e4b9cf082229e5b1f6a901f0a7a4e647d5e4a8e8399c56bc

    SHA512

    82858fd1986254dc8f260fe15440bd27df351fce09a48ac4d6345348e4f94cbc7695feb4af883ae242be33f591d441d955abe647558f2171d283adf0930d8701

    Download Submit

  • /data/data/ir.fateh.football/databases/evernote_jobs.db-wal
    Filesize

    189KB

    MD5

    a5362e7d48bf6968d001fbf1222ed074

    SHA1

    ca6da73eae12271a59128685d329f43f431d5afe

    SHA256

    1db5f539201e5a648dbab5d71e05bc2745b059e5713f7f802788913ab077e888

    SHA512

    fe215d66b481d3c88f6a450aa88180141d3688790ff1c92d1ee21659df9a3a444a047f4d3cd2926d61dd47d856d845cc0e87bb0401338c409b8e603a421b21c2

    Download Submit

  • /data/data/ir.fateh.football/files/fonts/bkoodb.ttf
    Filesize

    58KB

    MD5

    2be5d53bd9404008e505c403b2af6d9c

    SHA1

    ee393eeb3e8cc8338126367a6dca01fe1a2569d3

    SHA256

    5fd93a626bda3e75f0ee6ce429f15acbd32cc5278b1d1d6fcf25a64ec693efc4

    SHA512

    df7da6e9bb2d10e421930ef70b7d943d2f983134cf9436723d203e79d4141ae283e032df2e6b4cb808d62f3ceaa3885b53a3e8e1e4bbe7f49833fff6ab493e73

    Download Submit

  • /data/data/ir.fateh.football/files/kalamat.db
    Filesize

    25KB

    MD5

    c32496c248e431de9bb60af0e9a8657f

    SHA1

    e342b95a0b685646c3587dd47d972e8ff6ad1b86

    SHA256

    8cfef21c3f5ffc2dd6649d5218cc12b3c7543a4bd9f5f0555b49960a9bc5847d

    SHA512

    44d6969518be2b6a56f4edb536cd36d56a6eadc4a4eb5b895d19afbc676272b0a1e4b04e356e1404ff1208944060ccf835146f8d1958121f98794928822e4197

    Download Submit

  • /data/data/ir.fateh.football/files/kalamat.db
    Filesize

    1024B

    MD5

    45dbe4bacad134de6b42e658e481879c

    SHA1

    04f816b9e07617278c3dd02d5a1e28cd281c55fd

    SHA256

    41f05966e2c8f180e6a56941f4bc9dba320ca50159d047245c71d63fc2d396bb

    SHA512

    9db518118a6b6d721e30be38c496c6d12674503abd663f9465d115399c2412acf0ab27bde249284ed8b89f3ad6ce6899ce8e2b70b95bbdf806cc55adf730c92e

    Download Submit

  • /data/data/ir.fateh.football/files/kalamat.db-journal
    Filesize

    1KB

    MD5

    4ee2c091818a037556a324692c833453

    SHA1

    88a7ac91ecae4e672252efa61b3ceaa3d9bc588d

    SHA256

    36aa19d8cd8a8cfcec9852283c25740cbf5034b463c1b1afee86dc6224c3fc01

    SHA512

    98fb477ec3d942a764cbab1629b5a7b35d15011f33dac9ad670d1de90b8002541f70b85dfc072060ba943ce063afec37992295080bbb749b3b5eef54871181e1

    Download Submit

  • /data/data/ir.fateh.football/no_backup/com.google.InstanceId.properties
    Filesize

    2KB

    MD5

    cb649392ccb5a748d3a5c20013d9e0a5

    SHA1

    486fe1de8448c38a82311377b0af6b9690931f88

    SHA256

    197bacbbf94936231484f58014a8771f7209b1e64558c77c9511c7d1a61e0384

    SHA512

    9fe859e9e73659752f244eaea438a38694e4ade6c49fd17a49124f66377a16f700ab3275b59912df6c13591008d187014de380c980eac2f970fab21102bc45cc

    Download Submit

  • /storage/emulated/0/Android/data/ir.fateh.football/files/Magnet/magnetLogo
    Filesize

    2B

    MD5

    e0aa021e21dddbd6d8cecec71e9cf564

    SHA1

    9ce3bd4224c8c1780db56b4125ecf3f24bf748b7

    SHA256

    565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

    SHA512

    900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874

    Download Submit