9d1f13408554f3a089d8f06ed771aeff801ad0477fda01b20ddb54c70412b8eb

Analysis

max time kernel
159s
max time network
170s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
11-05-2024 11:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

345b2d355fba9d16114c823e71b61ff8_JaffaCakes118.apk
Size

5.9MB
MD5

345b2d355fba9d16114c823e71b61ff8
SHA1

6654c3e0a5e79144801e688afe04a37f283ec8cd
SHA256

9d1f13408554f3a089d8f06ed771aeff801ad0477fda01b20ddb54c70412b8eb
SHA512

4da86068d13f0ca5833c5ce2b04fbf2e209e523b80c2236e33c7bd2338726bf7343be435110c2b08b562ff0eebff962793cc44b37538290f0b83c3c2191bd257
SSDEEP

98304:OemGwKfKK+7BNygvtLMsTOf4uXJvUfjetu3vnLC6IsabUn1Arfaur1Y6dsm+2dLL:rbfodNyAmsTOZX14jes3fLjV/gZm621W

Score

7^/10

discovery execution impact persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.gentongsehat.fudzappcom.gentongsehat.fudzapp:Metrica

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.gentongsehat.fudzapp
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.gentongsehat.fudzapp:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

com.gentongsehat.fudzappcom.gentongsehat.fudzapp:Metrica

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.gentongsehat.fudzapp
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.gentongsehat.fudzapp:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.gentongsehat.fudzapp

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.gentongsehat.fudzapp
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.gentongsehat.fudzapp

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.gentongsehat.fudzapp
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.gentongsehat.fudzapp

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.gentongsehat.fudzapp

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

T1603

Processes:

com.gentongsehat.fudzappcom.gentongsehat.fudzapp:Metrica

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.gentongsehat.fudzapp
Framework service call	android.app.job.IJobScheduler.schedule	com.gentongsehat.fudzapp:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.gentongsehat.fudzappcom.gentongsehat.fudzapp:Metrica

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.gentongsehat.fudzapp
Framework API call	javax.crypto.Cipher.doFinal	com.gentongsehat.fudzapp:Metrica

com.gentongsehat.fudzapp
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5171

com.gentongsehat.fudzapp:Metrica
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5233

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gentongsehat.fudzapp/files/ZPkFS.log
Filesize
12KB

MD5
b10d232ccb73fb6daf6fdb5826d251f3

SHA1
57f36da26cbdb5dd3f1c82a7df82aa9a534da8cd

SHA256
61d2ad9bc640434d5b4b63bc6d9222fc7144bb5d83bf9cbdccab8b219690d282

SHA512
d9e069002dbd238742e5069ade1e55c42bdbe298f5955a8efcdb80077a954233039b621c521feeee92bc7596b933deba68e3e93eccc88dd5be00641b3c1abba1

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/credentials.dat
Filesize
234B

MD5
29191b1676446deaef40d2f3c831ed0e

SHA1
bbcc784f112a746c6edbe5ea6ce87c7b13a7a11b

SHA256
bee8e8333744f9c33581b634b5c34d2e730e8337c4f8a6e78ce57a6bd43b21a9

SHA512
77c29a410a84b2e3c1c8b3f32d76cb379b86613d4de6064d61120889c9f78b6377a9f898e855d2287451bf88cd0df34151da53b1f7f352703752a9ee56508916

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp
Filesize
36KB

MD5
c9519dfba1249b01182a7141c83aa719

SHA1
d529b83dca213322a67bbe74fa08299639eabd75

SHA256
baaf5c5e1778816bd396cf85fc2efbe745f1430b0adfffad21ffcb22ea553218

SHA512
9ae643de9aab3426deeae251576df1ebfcdbe2a8f1817d4bfa8c614e4fb8f138cc16a4d811b1e5a924e585fceb5231103e563b56f6db79be85af88468d3ca79f

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal
Filesize
20KB

MD5
6f4dc2996bc6d1f09964bed2020c2646

SHA1
dfd45df5e2bb0e809c41b797c51cf5b8d806bb0d

SHA256
37f555b6d5a4d00ab699cc5c14bde91a20ff99e29ea7d7cab7201d340480a61d

SHA512
a8f67ce7ed57740251b7d5631c47a20cdb0a34e1ebd829a6acb6a292e506ef108cf18ee53eb5cac0055c61d81b0e2418dca183aa0049613209e92c889e117b74

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal
Filesize
20KB

MD5
78848c76d3c48c1839ac6983023e8920

SHA1
d0abf5edc4b482102dbf85143639237e194a546a

SHA256
e054168f758e1d7b2cadd6310f5bc39a18de3f3cbbbd85f956439c3b61d96ebc

SHA512
90e5c13cfdad37720c91cb4d898a935508e4869e154dee6eb59278e110d0eba88bf81f8a076a7fbe0c4fb97de1b39c745a8c8058c15b88a54cb3c47fc8840dd3

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal
Filesize
8KB

MD5
fc265090ddc71cd5548a961ec08d1c75

SHA1
98462c22a10b48e908e7a5c6e58ccaf370d7151d

SHA256
22d89857056df3d206bae5e64de01a4d9beefc8c0e4cf57b8a48119a8cc118fc

SHA512
9ff39a90e6df122536b0d5c8325e911f36e614258944c3d2cb5fa6f203755c69db9852f01e645ad0bd82c6b84ea61ab7a04ca2ab7444adb0a169333ac26881b8

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal
Filesize
12KB

MD5
99d4feefc74ab9e3bd1a130aa759e56f

SHA1
35c9f919ead9569be739d6806eee178f05ae6fa3

SHA256
4724562c7b28d260d6d63a524825410560f0bb1c9fe857ecf1e8a385ae87d6d6

SHA512
3f1aa2e87a6939adb6b4078d8d47d56835bb94488454f58db51e5cf7f7f7edc17e000f37bb1c0c8c88ebdabb7861267fe9846c1c758df7c0488a8f2454770624

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal
Filesize
8KB

MD5
3170b6e37f4f0644786588d9b3242dc7

SHA1
c971b9e1bfac1641c4219e04e767be554ea405f2

SHA256
27ce4ac81c8e349e11ca87031e2734a068f3f8187f480d3bf902336e088908d1

SHA512
541649a05f90839860d7cd4323909ce0050a577ac16e60ef1375b6cff471721c483eebbf0f1f68df3678445cb38fd499c45d634ff776a03782e1a136191d4377

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp-journal
Filesize
12KB

MD5
ea64adeb3e5e866929a8b9c7529fc09f

SHA1
050a2357318424fb3a328f1b62648dc2d055b1f6

SHA256
53078bb438078db8625a90b5dd4641a11e288ac5ba065509bc2466fa60712e43

SHA512
6150bd338c8e0404e30d81a7989ba5d972cc74d187cad2bb1bd27ec162601df91eec403532db55babf076455aab247839814e8ae72cd59968c12b65d29f5ad5d

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize
36KB

MD5
bccbb42416879445e7e24dfee93c329f

SHA1
9a8476a67a7923912db7462c1b71d4aa9fe4eb95

SHA256
4a98ab11eb02e50aaee93bc3765386cdb7a59506b17302077b4b16364b372f55

SHA512
7697d89054f24f1588730e8c59ad30c0a5fd9d5f793c7c59976a70c61e8a2252a0e2de1dced8c425232d979de2ead6d88617753506dc20993a2cb5cca9b210ff

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
512B

MD5
9b8230f1c6492f5eecf16296ed5f0a92

SHA1
7424c7cacb1b91327de3dfcf4df64de1f3617621

SHA256
7785961e30aa752a4afe490181652bdf770f60b63043e9e3b7cf88569e7d4045

SHA512
a955698a489b059c3d7a272b7b94caf29f1e63ad374dc1ebfffca7f84a106bb379c85505f0c989493f02d52183d29c7fb682b6db605c05907f5643ec03b3f714

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
0bb9ee7e24903d7bc934e50c77489402

SHA1
ca071929550ccc09e2e22124589752d8926a0fc9

SHA256
2af02d6dd8228b11b1de53a6b7f456a9e6924db1b253d644a6aec7d5fc431943

SHA512
966f54b15a575678ec1f9a8be74d28cebcc3dc414bcc814750743681e13b843acac6e9d6ab0721f8535d1fc067e849a93e80047cbf34b7fb81b4773fb31a9540

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
1e8641f7db9b0796d871ee0b925c58ec

SHA1
ca64de0865b991eba2fcea8fc2398a9315685de9

SHA256
852b570b71a26293ecbe43e5ea4d453c2bcec281e1b618f7fe7f794b980e53d7

SHA512
4684a9b5bf522e6b8c10d455635e78f7b01b9a8f20fe7ddad32f9d100375536325563c26f135ed97b25a7d3c07745f93a25786944ca9b3b9ca47daaec2f2f36f

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
8761bbd89a9d72f41aa240a602f7e6ac

SHA1
a665ece413da0ea0ee356c08c5e93088fd2306f5

SHA256
c1a4a876630329bd447350333b0131b1741e8d9827fe5305f029c408dad0a72f

SHA512
dd22a5f6b38c8d70b89310c7d0b4c984602c931ba52deee088c141257a4726430773057ab68d8db69387e4fb381c859d83fd8bcc0c3ede779773b4e240b9eac5

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
60947407af38038b203bed2a71d3c48b

SHA1
d6a7ef68b166eaef707aa2c4441ae31a577b5946

SHA256
3c1a41665172d84c21acd94ea45d00244fadfff5666f48060c15980edaa05caa

SHA512
2a610d0be746ce695a37e23670649a7799421a53211558de4e160414f073a5f82927534b1da7e2b389c61aa7664269d70f741254480983d1b4520b9091cd297d

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/db_metrica_com.gentongsehat.fudzapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
07dd96adb847a7520649ec06b95b3ba9

SHA1
21091cf08cc07b5bab87ac492d44b24c97ad1df2

SHA256
dcf9e166c914157be45f59b502b6ea1450dd5fb0f17e813b8775324ee228e611

SHA512
334cb062bb504f6d9b4db29732c0dd9a00fb3e81a32ddd6ef202bf6476784772420c1308fb7ed65fd716049a8fd2c693bf30a58ad1710980c28006ed9408d848

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db
Filesize
20KB

MD5
70d5384c4c60f0fcaf23ea984216efc5

SHA1
e7af21b30b9dbe2e095774b6e63af63cd5f3909f

SHA256
b1e4cb3ff532c4c0d72a45c6d0415111090ccd685d822bb85d4267d5bf8b964a

SHA512
e149498cbc98c8da5e02ec8e89f273485ef08cddfdeae4e5b9226498b4393a29072fac7dd82978cb6051bbfad1f6881d37c6060d75cf6ccabe65d8bf78558c38

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db
Filesize
20KB

MD5
89037a00eb158e168cbce9b871b007d1

SHA1
a441d16044acbf98d96d6c89c179fe25ba4606e5

SHA256
31788d10182d77e1b72cac1498426b52678e82d47c700362e7f346b8361f2dd2

SHA512
8ea0d0f8af19a56a7bcc18972f87b4c0c612f1a9252a5499079efd2047ff0994b6b2baa4b4cc2fa4f244e894e605af897afae3d76b5e6d6630e98fb52112d02f

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db
Filesize
20KB

MD5
3154c132f6c0ef6d23151580444221d5

SHA1
c88a96c689ddfa9cdd9509fa2de51d8dc36176a9

SHA256
fee3ada2a4a8c0bb873a0e29dd3b701d234400935bec0af332dec79b140140af

SHA512
c1887f7a6cdee9c17752ae58c2dee57d272187d609b9b6760f352eafc9ea0f441ae0560a83f9d94cf3c230e27da1c5b68906e958b866a3b61afe2f493c7a308d

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
683311dbdbbbd60450b87f3400cd285e

SHA1
63601762cc69c4c9af65006e98411cec659203b0

SHA256
4900f501bfafef2b42918b2fb4dd69b1cf91288840597d02257ed745e109697d

SHA512
b6b8c2b819bd0ef778f2ecdfb5418a1495360302b55800c92dff1387780159ba0cd0cfc2cb2d3792620eda4299066230dcfc8c0ed7f36a5fd969cd153409c659

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
c8c6e0920fc5cceb5d251b785423f178

SHA1
412d0d7db949d2d6cb6fb455f46f3d56bcbcb727

SHA256
443cae9ac41bd39cffa1364150c15bf9692abb21c1665dab14c3aee50abbdb91

SHA512
a299ae267a2b6c7b6ad5c0b5e7097118cfe87c4211c7a12d7bd3c470efc8d54408d60124353d7cb166b2173711f404850abde0d5474b07781e9788c4e019d0ab

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
db7346f5808d1fc969e4dc34d4dd6827

SHA1
758855f7cb95fcf9b997d7ffcb82806102059801

SHA256
3be44e7770ab7253d3f629092b00bdea9c9368109055e3ff07ddaa058df59cb4

SHA512
fa51f7a2a9e9330ef429043e4209f1ab90f169e671dda615c74f12400e6ebef5d31c48cc28c8dd593da51cea04e19295fb734cbc63f269fe27abca9366069105

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
0aa6af5addf4b1d72f9ca15201bbb25d

SHA1
be9e15ad97c4c755b377175321eeff5aa8d488a0

SHA256
0a579c86159c3c4a002cc12d64526cfe1be5e9b18722cc90e2fe5003d32851a7

SHA512
0bcf76bc57561a0d933df1315ce4d12673f9ca1a4ba8c06a9219f729e88bc17559fa395ea923ba3ed62061a6bfe27955a05237d8cf9bdf3b0f4f6fc040fb1d0e

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
9279113f30eb973181d66ae91f8b41e9

SHA1
22e6be259c651f9077f2f0653cf0273823bca9c5

SHA256
cc7294174b5b3ee1e459bb3e4a1dc96a5721119be2c2914e21a4ed2ad7b11228

SHA512
a8a904d9c3451c7f8af85227aae4680a9218bf1f3e42094b457d365b64af4ad08b55e6c98c1cdb1e091cd1f1d4830d7f7a5a939c9789ecd766996adcf7e271a9

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_data.db
Filesize
44KB

MD5
a6e0b922b99a2b38e94199b534733b76

SHA1
7c76f1844f95306a7f171aedc362bbc71541384b

SHA256
89479f0f9e9dcdcc22110e3b586b8d31793deee9b58851ba52ff0d31fa7b9086

SHA512
f4fe75da29dc9d2a53c7ead707cf4ff47a5cffa6e57dd003fa4072ac8ab22856f1e89ec6d8ad02fd78ac64662b2a16dbf6e31475a177b97ed383360b9cdbbabb

Download Submit
/data/data/com.gentongsehat.fudzapp/no_backup/metrica_data.db-journal
Filesize
12KB

MD5
9586069a5a9d1cab793fe9abacdd3f98

SHA1
14d70e15a5c3aff08743df66bd0c46f7b8602aa7

SHA256
1dff1b90ced0a8b2950fda0dee3a89bb8171cab5fb93b83c07263b2886f9db5b

SHA512
5d92d38a62d8766f21eb5094d0705bb9df25dd8ba324eaaebe28bd5142c11002772e84eab50038ae968f463157dfcd9e11e686bb62a3d00bfa0ae258e245108a

Download Submit