4ba057e7cef1e49089e4ce6eb7e6774452195e8b18e19776d4bf0c840e21e877

Analysis

max time kernel
154s
max time network
168s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
09/05/2024, 07:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

28e52e897d16e1dfa670232cb42669e9_JaffaCakes118.apk
Size

5.9MB
MD5

28e52e897d16e1dfa670232cb42669e9
SHA1

a96a1db3cf72652a8c2a3e4f16e6fe97f83b2e59
SHA256

4ba057e7cef1e49089e4ce6eb7e6774452195e8b18e19776d4bf0c840e21e877
SHA512

87e9535014c86f73ee73cf069a6fc8c7057a5e994dca5bff9b38d7d9b661ce54e5fccc2fd1147bec03eda85594865783dd56fe0effe34440ba2004444908a6df
SSDEEP

98304:nzkK40Bn5rKfSO3RdZwhUyTCHPndYaaSQinFZ6/qncPNArfiyJh86JImS62XF:AK40Bn5m6O3vyhUye2vUn6/jg1o66xj

Score

7^/10

discovery execution impact persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	br.com.oneside.deli.acai
Framework service call	android.app.IActivityManager.getRunningAppProcesses	br.com.oneside.deli.acai:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	br.com.oneside.deli.acai:Metrica
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	br.com.oneside.deli.acai

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	br.com.oneside.deli.acai

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	br.com.oneside.deli.acai

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	br.com.oneside.deli.acai
Framework service call	android.app.job.IJobScheduler.schedule	br.com.oneside.deli.acai:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	br.com.oneside.deli.acai:Metrica
Framework API call	javax.crypto.Cipher.doFinal	br.com.oneside.deli.acai

br.com.oneside.deli.acai
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5114

br.com.oneside.deli.acai:Metrica
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5172

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/br.com.oneside.deli.acai/files/ZPkFS.log

Filesize
20KB

MD5
ea9c2dc01d788f2ed7ad6a455e32335a

SHA1
3da6ee06226734e9a402c3ef2b542af3b509b6af

SHA256
ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7

SHA512
5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/credentials.dat

Filesize
234B

MD5
08c9aaa468d077e6ec67bd4c70eb18a5

SHA1
2182000a3b6aef24e51692c4322c285ac8aa1e37

SHA256
5f910ee8f476805a6c3f24985de965971b3d66e3ad7c1d393257ce73c2f6960b

SHA512
fce398c40acdaee5ab998bdff8eaeedb2a54cf2bf267f0011a1a7f4926fc25d96a07696046d4fe0276eddac6f98e8be4af1789c69a189c6c58dc7cb29d466277

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai

Filesize
36KB

MD5
5ee7708cb1c61c4d6c4761a3541088d9

SHA1
77e056ef76881136c7db9e1262b9c258832701ff

SHA256
e5543f0d98155123c42a569df0e7cfc3f032a080860361ac31420f2dc3679bdc

SHA512
20821bed3a6994f66b79cdb777acce04361a9f430288c63f143629c055e747417b2e0776dc100c0b5ed5279168be957bd8b0023c9a25d2dbe04e9178871c39fa

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai-journal

Filesize
20KB

MD5
e67213e62ca7605d0e7a4cf1bdba8eaa

SHA1
6dc2d70abfb4255bcf9a0b324263cf9350f46b4a

SHA256
db6f08c0d883e9630e13d48854381b24a3b6dc6b172c9b33956c4971a4d00b2e

SHA512
58bbf53646a4a6d5d63f7d180544bd0222175ddbac3693920e4767ecb13a3b4172564992516472824139a712178cfc5d6e0c9c8a31533b1a47ad2d98f73e9918

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai-journal

Filesize
8KB

MD5
7a4229f3066ac28ae5fd424c81ccf183

SHA1
ac70bcce46d740474fea05eb594fbf0a90b48491

SHA256
c1786e411448cde0257a63eef3396e88e133f35c4593d5b877aa221d6002f253

SHA512
027825d457a9d6f554a9d15f1e08a6de34aa278a85fcac209f8976c11b53c05e9e1cd9dd73ef6d234561d322dda050755d1f3a0cad9718139351e6bdb3a03df6

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai-journal

Filesize
8KB

MD5
4a3f63a064e8becba161f34e065c1e6f

SHA1
daa88df8cb11c278b7b4af26255f790d9dabb17e

SHA256
7638ba3e220132114a2166e4e048bf551fa3e3c43a057b8ce05f6b1f283742fd

SHA512
f637237f0e727a32e5cdd724c87f801a7883782e7b7a80df6380c9b700f77f96bd19e4a74e6a90584fae403e766a782f0366f0e1d9802dce1baef502f6a5b192

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai-journal

Filesize
12KB

MD5
2740af8714b9c557ece2cd7fa16d70c5

SHA1
b8824d93ab98ad20637c053ae7ecfe02daee3260

SHA256
4daea0d88e3054e3aba52a22448475d4cb7a4dbd18155155ff871a8802b2a532

SHA512
7731894131cca0c3c5de4ffddc6a1ab7a5a63bf23f004a0f005328dab26290bad037d33dc38b6199a3b639f725e620baf4be6fb5d40a8f2215f3d0ce1ccce762

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai-journal

Filesize
8KB

MD5
6cc4c65986e01e37b8f81b51d1121a1a

SHA1
1cce3422bbf79b17e20949c163e66d7b67c63904

SHA256
5335884e6a5eeb0ba9acba8bf95fb872fb07c20e6b81d59193a0e8fe8c89a944

SHA512
aa36a92b9fa3a5fe4e0172b7eb21ea38ccaa107c1c4b3fcb3c2bce3be898c8ad6b73e63c991bfd04ff7caa451311d1f77f84df15cd34f39812f9305a21b4f3b2

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai-journal

Filesize
12KB

MD5
2797f872eae3e49726ef50bace321e0c

SHA1
e905f77914292a51972063885872932548819d32

SHA256
261327bd520774b3557788a0345cc2798dc3538200464fb48bccbd29ed0f53e3

SHA512
51d3336358abcd6457b2ad0bdb75b317fedcd650a6e788dd5a4c12aa81c477c679a2d47c79286402ba02ed882c4c23c3e4386d450d56e11c1e7e13ffefa13b7c

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
d662fcc366623e074c3b9bf3ea07873d

SHA1
6664257468a9b16ad0d764fbd69ba7d4524c1877

SHA256
2a4989d961c19bc8adee305ff21cd90b2582415d72cd099ffdcbca5919c77e6b

SHA512
99e860280e2d411f1456cc025a7b2350a4c10432179cb68711e29f9259491ef83b0938e141613432d94e9ad8289ebf6547c977272f25c0ac34b3c56283d65a56

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
b1a71600e5d293ccd19e6c990bdeb724

SHA1
ef6f778220b47566cd47a568a443c647475a696f

SHA256
dc3e9c21bc6b90a44134305502e6d2a3e604949fb97d321d1ee4ce4c05753083

SHA512
2354b065ebc27ba82c3c9706d523e648caee1c67fb13a4bdac863278cf498b8cd5664e7eff9e10a4205e17e695a251c1b4dd5a7607f0818b18c81feb07c5ffb4

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
a591e7c023165759e9064769dc7015c3

SHA1
de4c2293b1d135b48d0049d1f8d6969ba404a25c

SHA256
ad6ac65e163638da5faf95dfde5c25bab24b20131822e9816fb15d185d3f21b3

SHA512
b8c8d0813549bb32d04d59d4737d087199b95836dd86af7a39022f90d2728e29220a00b8ee3b8637bfc86856eba0c2438e2c65b0b3d2b6c96cd2c88b1a5c61db

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
e45547001be68fe151f098b2f779b559

SHA1
55362cdf6a0a4f07d82ee14d9c0df5440349813c

SHA256
1be8ed45601d8e807e07f0c6e2021f934814f7a99a7160798d29511350e7c436

SHA512
1477520ddc502d53ec7a0d2653d9fd5b64fe199d73422d6bf1a5447122a788a7f2d45456abc412297c71a79d50d214536c32716a1d7b8579efd8fd4abde77c00

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
6fdadf7766e8fc7ce8e689f655c8336c

SHA1
35d454a70545512747dcf5d9022008b537185d68

SHA256
ea9abef8acfbbc9b1c17a80f00dac4849090e763cbf4a1e84d9fb421898984e1

SHA512
ce94dd807243e83aa09803d47c509f2420a6bb6dc523b18896351b0d4271d19a93cb363f5b4826e7d28f81bcb7f4973511b9fac061df92a06143009c1753c3fb

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
9a101b5d263df64bbdaba4d51feafb8c

SHA1
b7ff40bc755e85146d5d451d27ece0a837713b86

SHA256
f68e3259b4d9f3cf4777f5899ba4972b7771286672d2a68c1cf204edd10d7fa7

SHA512
aa926ac74d870b01661a0a7f664ad0b1991f1b87d2c7e65b5e9336949d7b1bca60bf5b2b059f5949f17db762f9e8512adbe38f0dcb6982ddeba91d7dd8300e34

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/db_metrica_br.com.oneside.deli.acai_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
6cd226162176d930a6d4cfb84a993319

SHA1
19a6f821f52160beba97d60a4cdd6c9166f9fed7

SHA256
dad6c45d03a1905fbaefdcce1465125766a46858ceef842057a8cae5f5d766f2

SHA512
1252258ceae14029e1ddbc0207b18ff528ec3464347e4745ab5cf547680ea5b8727fe003978a196742de123ef95ffa2a49b082eda9fc3bca7b5d37c1645d9516

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_client_data.db

Filesize
20KB

MD5
802027e791401cbadd1a68870bd0fdef

SHA1
aea2566583c2938a0aae803bd0c0e86f0409afc2

SHA256
856392425ed9bdb205435f09c314ac92f31091513cc229b9ca914646458152a6

SHA512
1d2333a7ce6821a3e8c4b695978733640c09c2379f646f2a0dcb5cdee46fff9c39fa7efbc0fdc8ff7b0d8b734da66ec7cc5fc1a3873220823d57c8620669cca9

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_client_data.db

Filesize
20KB

MD5
484df068dc370197c0e37af4f433f772

SHA1
5d071329bf5182e60b2d268adca542901d492001

SHA256
3ebaaa9fc7a9245b413f62f91d9e689d468456dd4b6ce2408bcd2003cbdbfbd0

SHA512
587e7b68f2c167d39dd50744f2892a461a67cb073e8cf9f6eb2ab752e07841440dbe212af32958248d15af5d4001e7fa12f86cad62578ef31999355a86c3b0b5

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_client_data.db

Filesize
20KB

MD5
1514978113c1c82a41c8d02ed58bc527

SHA1
97f89c5e503485347dfae60902001fc6ee588a81

SHA256
eae2925e0b69d67733e8fd7a89b4f028765be9b2d456e2ec0a2de8e3c51464a1

SHA512
0f19dd46764d8d0ffb86e91ac8a645bd10e5b04c23af8b31163bb3fd15ef6d064b4d6f443e94e4e5732d7bf86e8ad4b353df48107a1f34438007c321c9f1c011

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
4e89cea18857cc84a8480cf90deb4418

SHA1
33d24a3cab7920f6792f4e985bbfe45feefb67e9

SHA256
4f2c18abf4089f4185f0dd747530f74dc544b2b952a3524990c2b7e3757efae8

SHA512
8d5f97afe20bbe2f62d7ccacb5a8e1939331ec90fdccddc158792d563f300ff7f051ff6e4e00f2fc9c35c723005caef5e1031cab0548df5c3d88b4ea3d8ff745

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
62ad3927d28e80fcac2d614ff2cceb0f

SHA1
4f534d78f0facf1eedcc2b725ad3e5ff6c7228b0

SHA256
ef751879491e18192fa1ca68c66f24ea28791c1ea19eda87caedd2f5994e3eeb

SHA512
6a85181bea7846ebf926277e051d734cde14aef8257ce2a8adad70a51af56e8dc7e2874f377b6c5a84eb718d590fb3dd79f40647153d52ced05d56c23c6b23f7

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
8adeb375cd39cb0c7874673205606d5e

SHA1
b2a881797314c682b2d6d608101ebd2bad0c46bd

SHA256
519ef0f67fa2270bd53da11f3f634c50110de6cee2e9c1ba0d746217f07021b2

SHA512
18627785b12045e6667a8d9d7f3ede5d38d2a0b6658a45d4f237f239a8c8d5098eb5d47a49c5a129bbecb12f7064b818097abc63bdcfedb737f3d2f162d56dc7

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
b3477fcd5a4c3d48f4a4d6e2721ecea1

SHA1
2557da132faa2631ff9cf6cfb0e660d7b10688cd

SHA256
369dd93a104280ded8e9face90c3fc778ad9889c69b3e1f1d571fbefc9e9c5b4

SHA512
8728a6784e418241167d78ec5e85d73bf8628cf777206e702063eea05031770d4e22f3348917acc588c16b581916fd6159ef5f2778a50233fe0b0de6d4ab3723

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
0b8e1c2ff5820652a686b5cf328c6349

SHA1
88fb1a562911a212812e9e7461647efb69c24380

SHA256
4f15abaad8458daef9f4ae033fb688ee50563d0102535fc56228e46aa4eedfd2

SHA512
62491f57c442c17014f4c2b8ded0e4c89c5b9f7ad82f40216f22be5343be415c51afa3f5acc5d006ccb7fcb36167a5a1ce236ee80690bd8b208f998b053784a7

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_data.db

Filesize
44KB

MD5
a8ba4d7122944bf111fbb8d8a2bd3740

SHA1
32d3c6a9c61d4c33384c909efd07a4c9bcfa1217

SHA256
e0fd7b7315f8ddd7be5c539dc8867eb8c9b835b853c466ebb8b191818a871394

SHA512
be2c3eaf847f8a95c744cd1c857501df3e6b1b01791abd89642d15a79963810d6e8845d2f27565fe038596a84f3e11364c78566e769f9afea663058471896a56

Download Submit
/data/data/br.com.oneside.deli.acai/no_backup/metrica_data.db-journal

Filesize
12KB

MD5
94a0765d8b07eee382796e627fa2e9da

SHA1
24a946005e8fdecd534523769e8677fe17d20a85

SHA256
dc588aff5ae98abfa79e724176fe8c0d202fd430c906c74fe11af05efc6ab310

SHA512
b87045a1f7a064cc820d19ddb039bdfd9482dc53ea2160150cac8d41be0294ef7a9a491be35774ca7bfabeba1802d6be8f3b08e931e7eb9aa00741e85982da6f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads