66b44dcc97c31b72a28722a4fb8b15c5b0557d576d16a6819a1f024aaa7d62c5

Analysis

max time kernel
148s
max time network
158s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
11-05-2024 08:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

33c9725d28c44915277b2756097e81b9_JaffaCakes118.apk
Size

3.3MB
MD5

33c9725d28c44915277b2756097e81b9
SHA1

211ab35aee2078fcd8fdbbecbe6dfdfbbbbbeda9
SHA256

66b44dcc97c31b72a28722a4fb8b15c5b0557d576d16a6819a1f024aaa7d62c5
SHA512

36b9f6856c05df485977f83fc2841e2fb381c7d95a815c78a27589ba102bab87936530e1fb51d6f7deafd838b09c9d616a56cc15169e8602b66275c339fd0480
SSDEEP

98304:CJy7KPSx9r0FNL5D+g64j7BVMHDgXHT/epxOtywXN3P0ZKPS8:CRI9r9QdaAr7

Score

7^/10

discovery execution impact persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

sistemavitto.viplanchessistemavitto.viplanches:Metrica

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	sistemavitto.viplanches
Framework service call	android.app.IActivityManager.getRunningAppProcesses	sistemavitto.viplanches:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

sistemavitto.viplanchessistemavitto.viplanches:Metrica

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	sistemavitto.viplanches
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	sistemavitto.viplanches:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

sistemavitto.viplanches

description ioc process

Framework service call android.app.IActivityManager.registerReceiver sistemavitto.viplanches
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

sistemavitto.viplanches

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo sistemavitto.viplanches
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	sistemavitto.viplanches

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	sistemavitto.viplanches

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

T1603

Processes:

sistemavitto.viplanchessistemavitto.viplanches:Metrica

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	sistemavitto.viplanches
Framework service call	android.app.job.IJobScheduler.schedule	sistemavitto.viplanches:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

sistemavitto.viplanches:Metricasistemavitto.viplanches

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	sistemavitto.viplanches:Metrica
Framework API call	javax.crypto.Cipher.doFinal	sistemavitto.viplanches

sistemavitto.viplanches
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4266

sistemavitto.viplanches:Metrica
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4301

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/sistemavitto.viplanches/no_backup/credentials.dat
Filesize
233B

MD5
c9a1c173e0482a2a9ffb8482296e9398

SHA1
a53e149ea9dd2088b26b89bd0cb80c451aa8440c

SHA256
1987fc13a206dd0ef76da4d74ae4c21a2606b596c988fb2dd753ad579d123c29

SHA512
0182ec83b8a7d9b281faf1aa4ed4cd1c16e307c21975d34d7010a7c08625821a60ea90bdd0c66a9302d84b708914de8e0e54edf7616c0966d3771cc3f872e894

Download Submit
/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches
Filesize
36KB

MD5
60943f09c0e0dd0be1c1541bef2b29cd

SHA1
14bca49574f11de30f9e6f1effaa18d81bc74dc1

SHA256
a96da6c43f93309f409a6b2e1ebb30122875241a1f5b3a02785060390dd5df11

SHA512
e6177f7c4bcda0aa177cb3aeb8206aa3800349ddd8c5b5af87685ff2bed36f575b73756dec4fef74a44d579782adfda6e2cf07da7f37e9ca00bc4b08b2e2fdf9

Download Submit
/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journal
Filesize
8KB

MD5
27f646374a6f95147d8bcb72a960b4c9

SHA1
5df54150e422dfbc87fae77f1a5b90104f5fe6f4

SHA256
8ccff33289838fb12e1b00b2c130b336748797adbe4117617f32c491fa2051d5

SHA512
4129adf3877d4387f5e61eea8fc8b8737440b6b56301885b72caa6bbce6625505a602444b8c1ee21a3b009dac41354336152ff9e80f1b781b629d3387f727ca3

Download Submit
/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-shm
Filesize
32KB

MD5
9ae1bd8ff621c6d81eef7f1fa293f358

SHA1
34060907af5025da4fc2c7c27eafc15d68646b38

SHA256
60a51a24f9db54b6df2c8de48c0877f4294143382ef10efed05a4c55f9f384c1

SHA512
8c7d63ddca83187bfe4da8433870b4866672a121d983600eb09a2a8f5d82fbf0fc2340eb6fea9c2e686676c6bd02cf316f20c9dd7467fc2dfdc0caa27a921f01

Download Submit
/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-wal
Filesize
406KB

MD5
268ded7f61c1e1182929aadc871edbf9

SHA1
8e9f909b8516aa9e023b126defda123b38fffd05

SHA256
7e3ce374e1a4d1f4464fff726e2e1bfa1c593a8c166f49de2f74bc34fe4f8968

SHA512
41a29b4ae4b9ecc53e9e9f3031522aef2c03b63a1923d035b367a2d0ceea8632f8a52f1c213b7d92bf8e934847089880747728c1861c29d6dca6ad81fa09f3b5

Download Submit
/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize
20KB

MD5
695596df5ca4c25ab92feafe38b3ef67

SHA1
027e8f45c5729d0bee9b79d0849a3e349e86df5f

SHA256
87a6ffadfc9bc35a915684377e7eef19375165977f5827b4c4b6738f80576bf4

SHA512
6e177f0e28ebc647ad69f54c3537364cc51f1d7ba81c45a32550a40348a2b4af657856e9af6a2f190038433bb90ca6df97cb5f7629bbf618a15966b3b0da8d7d

Download Submit
/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
512B

MD5
b25b1fd38f00a5cd8a894887020c0a0a

SHA1
9caf7e09f957794e14df02241386bc2101ea8e5e

SHA256
eac20d7a7d7e7f8ca41633b0ae987330245a6dff9bd80ec15309ef164ff396e6

SHA512
d1603048bae5f932507f9fb77926acbcde5b118a0485369700aa47f8e7ebc410ea85d9b7f90f4e2a38e01ecdb3c172c31763011c9de36d9af03501a22f7012c7

Download Submit
/data/data/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-wal
Filesize
164KB

MD5
35e4a1c181ed56847d4b38b2b3dc99f6

SHA1
73f53913c625fce77652f85a33f99742bf6ceaa4

SHA256
f6d4d97fc87a5d003c3195ab9c58778d5d5e6b22fcc9c5bf6894748a009c1af0

SHA512
53ce810ffaae04958d461c8863e612f4c0698c6681441dbe769868d0655a507515762e9428c11fbe76339f2e9e3cc4545757c7ad7976656b16012d5d43b371a0

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db
Filesize
20KB

MD5
316add3a9967c31ded9c80db2f629042

SHA1
9dae88165ed6e5195980779437eaf772df377963

SHA256
d9c1751b75bc6baafc50f13d4dc01870edac530a0b2bcdb87c3e7d5c50e43b27

SHA512
8b826fb1dc8b742723aaf9fac9f92c453ea77c707f141fb6579f49b736dcf89eba9aa373ed064bd6296eb7bdc528b68fb39904a972b04b730ef7ffdc0b9ae33c

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db
Filesize
20KB

MD5
2ebab01cd7a5c96a779d99b117566cc7

SHA1
70ea3bd7ecc840de5ab2aaa758f029730e80c4a2

SHA256
2c58c9283b590893c9981f127fcb8196c20b1c3abedfae5716d87bc4bafe02d9

SHA512
df0831ed15c18782d978ec5c96f70c010d492c353147012c00a474be4f9a2fce65c382280dbda89a0ee554d84fc56778479f1f1622acf9eb9a94f833f7ebcfa8

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db
Filesize
20KB

MD5
06956fcd61dde81412cb470eaaf15574

SHA1
d2c4ce7f735d5f7d834928e5e1b1e635d1edeed0

SHA256
3dbf28ea5983f0dc2d1f012b666219bf75e7e13ed73de897a9b68cf6bae2a20f

SHA512
8116faef3c3ddf6433dedc38420fe569e29a884cdbd7dec8bf454a22db41f9f5fd80b14a5c36a2357f9bc448024c77f619ab6f1a0b71fd2a195334b7d4726ba9

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db
Filesize
20KB

MD5
415309223922191ead803bd5a473ceb2

SHA1
0a2753025863660f2ff5767900ad14cd5f7400dc

SHA256
8dad0156b1a76091462a0b5806f833c59ca8061c3f8a455792f012bf6561ee43

SHA512
7b9590b78cdcd04f80172e8b681e2b4828d89f799699674e8dea9674db6dd488744d5a799852d04e32340a0cd7b561bc6a8517c021842ef3332776de393ee770

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-journal
Filesize
406KB

MD5
c2fcae33a18daf4bece0d435180792c9

SHA1
026a31cc490cb6f50194163b3704903529ab1d6b

SHA256
b1167e067ecc0d0d8d4e14f848201ea2bac566276cae7ce74cc5002b0e1faf0f

SHA512
0f1843f42719f28c841b1fd18548dda3e66b27b3be2135d9f4fb8990d94edf8a8270f0eee5aadda5bc076eab5628f515a7fe6417f000f1c8e1e21fc2f809a015

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-wal
Filesize
32KB

MD5
e13fe45c4af45869865b1e75a752b762

SHA1
78097303583124f0a5c4c24761dea24a9aa5cb4f

SHA256
b7f0e1464e23d6562785f86ed2429d570667a9a384711389b4f5ac96f931b946

SHA512
c8396439e74e6a83e541de81a49535ce612afc10ed4eabc61e45ff7e9dc5ff18099dd6ce303b48dbc920f25f2072ea6d9eb07d844b80db99c310fcf0ada968be

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-wal
Filesize
8KB

MD5
96d9b8ed018f1976fa318d8295cc7457

SHA1
70e2bf0642fc2600372316cb73d73d85b0e7c834

SHA256
a3eb31d0e7ff3221bf53dc2b9af154e0ad4ab1fac5d82023af6d6c636f870c6d

SHA512
e8d634738cc1c0d462fb0ad338ca640e0c33fff4424c9a51e026ff35c7815dca0d407d6a8f5344a476d965e92ca54d53b1ca5a40081a4ca0a6bf3df0652054cf

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_client_data.db-wal
Filesize
32KB

MD5
8f7099539cf5107ac915ef8e13ae92ee

SHA1
c70fecc976eebb09fded3d48c52d6314733b29a9

SHA256
87c87406dd999aba050fafaa2fd2eb3add700a9a7b4f71dbb7a2d8e224650b27

SHA512
96704169fe2dc5d41466d910ee69267a2cf270d56a883eff4f778fbb3d16777ccd4259def034dea898e2e190c078daad5090a0fb6a6af921e62eb0f18868a3af

Download Submit
/data/data/sistemavitto.viplanches/no_backup/metrica_data.db
Filesize
44KB

MD5
72ab374a11994abbd8efaa0187d44c40

SHA1
7d05846855daf38dec7e76416681a4e9babccfe0

SHA256
065a46bfb083e5b795d479371a121d283eceb79d39db86dff8f3dac580ebfcce

SHA512
529ad4c906b0c41bb80caa19bbd0305b61333a66cd4048aa1ec5f594728e5480847c2f982529394bb44aa4a782e5aa7638a7bd1d0a99eb13778ef50d953eef13

Download Submit