553ea44ff64a90aa5c984b3268f7cec10919bf7871ae675f5047b72360cc5b5b

Analysis

max time kernel
155s
max time network
170s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
11-05-2024 12:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3488a2138163a58fe381bb6a575fa43e_JaffaCakes118.apk
Size

3.9MB
MD5

3488a2138163a58fe381bb6a575fa43e
SHA1

6d951afcf0529ac251d057334000079e96489fd1
SHA256

553ea44ff64a90aa5c984b3268f7cec10919bf7871ae675f5047b72360cc5b5b
SHA512

524fc460db30eff6800bd2da8e9eec8bc8defc2fa77c5c71675b94c945453b541383c8ee3fc9ec9e57ccd3cef7d3a9a981f76894738cfb0140565a39a17d656e
SSDEEP

98304:pZnuJaIxkySoUpIB2IsiKGEIpCCOeVSJReccU0YYpNt5gKES:pYDzeU/XEJCXSknUZK5r

Score

7^/10

discovery execution impact persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

com.wRoyalGrocery_8098929com.wRoyalGrocery_8098929:Metrica

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.wRoyalGrocery_8098929
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.wRoyalGrocery_8098929:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

Processes:

com.wRoyalGrocery_8098929com.wRoyalGrocery_8098929:Metrica

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.wRoyalGrocery_8098929
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.wRoyalGrocery_8098929:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.wRoyalGrocery_8098929

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.wRoyalGrocery_8098929
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.wRoyalGrocery_8098929

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.wRoyalGrocery_8098929
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.wRoyalGrocery_8098929

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.wRoyalGrocery_8098929

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

Processes:

com.wRoyalGrocery_8098929com.wRoyalGrocery_8098929:Metrica

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.wRoyalGrocery_8098929
Framework service call	android.app.job.IJobScheduler.schedule	com.wRoyalGrocery_8098929:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.wRoyalGrocery_8098929:Metricacom.wRoyalGrocery_8098929

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.wRoyalGrocery_8098929:Metrica
Framework API call	javax.crypto.Cipher.doFinal	com.wRoyalGrocery_8098929

com.wRoyalGrocery_8098929
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5164

com.wRoyalGrocery_8098929:Metrica
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5224

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.wRoyalGrocery_8098929/files/ZPkFS.log
Filesize
12KB

MD5
8407201a297ce881dfc59f97eb6bb3f2

SHA1
be26a6673b74532771dfd79c25fe3da27a641ac2

SHA256
9f5a6e6a4ae3ada75971e275b079d7f9181f92f21195a5c8333072dfcd2d2fe7

SHA512
1732423b85bd90950e3e6b67a765630bef5af4c7bbbc9f67592659891962ca55b2e96c05ce45008df87d7146778f39493a62697568d6161670b09237342f7d10

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/credentials.dat
Filesize
234B

MD5
b80b496721d1d01ee94d1f6fbb3c5e97

SHA1
68e926c2a33225be322b2171de3b3d4742f0d4d3

SHA256
f7d208fb3bcdcb676a0ad8a7f050a7c9019a4c025ed8406d9957886a6fee5bab

SHA512
fb894ed0afef8a7cc8e6a6c946ac0c03c1748a09ac51f1f02a9b67b4f9de4a5b8e5da8c7d767bb87d856ee052f15727f326b48bb08276248c2e583e14dfb5cf0

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929
Filesize
36KB

MD5
bbefdc47b405d751edcc8bd6c7f0d0f0

SHA1
caf18502d9cf89a055303e11b76af1e9c270216c

SHA256
99a99700d5cf59c760ccd135e39fa4e1ba363bec380262278c1f33c2ee6ee934

SHA512
91e98cabb62ed6e2dd672f06ab9f339f460f315545c55c0da202fd56600d23b9fca6b4e9f46d977e7a19298fad2b9363424e0b5d8f0f326ee1cdf62c7f20e515

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929-journal
Filesize
20KB

MD5
febfdabbaf91faf069e2845d124c042d

SHA1
88037fe83c0e32d50c07d9fbd231ad523613042e

SHA256
70159ca5e0966c5f00077be378219950c7a84283f73a63096afdc3ba316f0d25

SHA512
2e8bf1c6b55bdb46fff8b8e4d4bf5dd1f2afe5b1dd80776b5c1a1dc8bb24057def749cb31698851c6281c929ae0e883f6126e803f8775709a5d8751c4a1d380d

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929-journal
Filesize
20KB

MD5
e688992cbd0eee5fc1d5ccf1e2e52655

SHA1
f0e27f6cbb539a8a7e17097202e75843b3900002

SHA256
4b3641e8728a31975f1fb2c5a7ce2bda312b1eb9722414e64c76a1a5649419e3

SHA512
530edd35bf27517841cb071fa8a579c4a2d9e62835d7c9752252952f794bdb8b57ac25a44126ce19ddd1dc7c4a6da3a88f56c61f9753be625c9ee4db8f4500d4

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929-journal
Filesize
8KB

MD5
2047e2b4559f5f0f8d2796fb7a02a0d2

SHA1
14f6df8c95efb4251fb69fca4fde1bae7887c092

SHA256
0e8bff5829dafdbba50cad68ac223e81399c3a293684de51b13508daf4d13320

SHA512
4c49c49b55bb2831f030bf8188bc816f709aad139513d1aa1fd810d24985f7b22e88b9bc21049c581aa7c729f9a9c8755d2ce79d3569ae2076883f06e05aff70

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929-journal
Filesize
12KB

MD5
875938f4e3f0257b3db703ff02584365

SHA1
e79f94dcdfc8bb6ed538985b941593e527d87eae

SHA256
5eeb866ac82136137e2bfb8f68055443ca38904d46337e176dc7dcbc969dc524

SHA512
d54497d822eeb0025eda16a411b712ce12aba8c843aad95020034377e0159d16a2db661244cdbe4f2ef575dffe6c4eeae5a9962635a8ad76de4145817e28d713

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929-journal
Filesize
8KB

MD5
f4567b5bb66d60bf7c4d0d23ed9724ff

SHA1
cf8d06ab68c0776e1f1bd37380728b7cfec9e747

SHA256
1c978685e7ab1a1bf3e133f886545920f5bb7a9113e0734516fec9edff85ff3b

SHA512
1c7be56787ce45d5067bc28fe6ff8eab5dbd9e61a04d418d5df3b335d4ae390a085ab984e97e5b31ea5a95b0cb8fca28c12c563a1285815cea5adf6ea88855d1

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929-journal
Filesize
12KB

MD5
bf10327eb12de399144dd32a4c1406ff

SHA1
f072a0f9a9888a03b982687cba420bc3951a4db8

SHA256
855e4aad8785e62b3d55918f343f7413dd4174a2bd545778542196d69c7f0226

SHA512
0dcb9235905f86124349f53f4f6eef92927bb7c3f14dc60a75eb21591a3ef3e6f342a2e842679639cc861c07b88064b5f6cbb8374b3aa1d001a346325f983130

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize
36KB

MD5
a01d5af8fa4801b98aaa692e62b92d5f

SHA1
caf1d6b19ee47cc25c17dca68273c4346fac9337

SHA256
f3188f84cd3743dd4b3fb88724e86f262c75b7b7d8d8b65e5239780ad4f76c30

SHA512
bd2c3ed382364cee685d36b7f254fec9e41903893305cc0a96bfe7ac7f28c864978a4a33a61c2ea08fab7a48d3aadf54eb0ac23267410c8cb017628e97e8a0a0

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
512B

MD5
ac18d2defff977167d6f7b735874f6b9

SHA1
4da20d3552d515777e8b6feb03ad142fdb6de916

SHA256
53c43dff6d28268308101316ec7dc313c5ea999ad4e59af123a90242f582fe09

SHA512
892ded7bcebc999c4d16dc62790ad57927c2173fd5c8eddaf8073f4f62986f3d08d534b71070144cb737b0150655e49966e74f0a965033e264d28479bf66b9f4

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
2c77e152eff7bfc4c79a88831b07903a

SHA1
4cf7c4b5f2a5dd94d0813b467a9f30ed0c7c97d7

SHA256
46ebd2c8a01cec28fb4dfadddcbc917d00946c230ace989e4c79c15838fe9809

SHA512
7546c1eb24339e5b72fa82bb51aeb5d5d2272cea16b01a36edf7d43292146ef1442e937359c17d28ac6c938868fa5b04ca6234aad274b4fdf81b8029169dc91b

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
4bb6d78c753aa90a6f1bd1aec8b3d1d9

SHA1
189e3f698971d882bde02e0bc48ce2acbb636fc1

SHA256
298b73cdaaa4983a5c2a58e91b89696a85cb4d2036271f9d9ccd235151194809

SHA512
c023eb78d7d307654a08c6f2b1c49d08188723b878d2889860a4c54fc39a1dc2e35446d8536fd56b792dbdceb5d18a798ead32c7a0e56f4ece3fbe5253bd05d0

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
7d943ab5511b79fea75ef7305d45a186

SHA1
49a9de109b683ac22c96f7544bb98d9a9fce7c24

SHA256
005b723e7c6a415742cf303cb95e2aba4e84d1eb7a0b76f2cdef1f9c569ee26b

SHA512
3024d635f27b5b2a261a7141438d1ea15f32c52e3fd29158931680aaf87202f2462ea159b53cc41ad088613b75eccba4b970da7f005ee5199e7ea7d327a782f9

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
72db0714d71f2c1dc50835d61a7d1d27

SHA1
bafd315dbcf4ac2912192a0a8a2d44c15e7f5a4b

SHA256
32829407809bb3c7b7c5055cd97b366e05e3e7a0bad25d9fe7b25fab9e7f265c

SHA512
34fee56dfbcd4e6fc3fad0abc609577edbcbe97b655e6c7f794e5924cd7a412e507c44f63d8df8f6bbeac2b6703c508c5ec1c367a514f6ea79a11b245a30c8e4

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/db_metrica_com.wRoyalGrocery_8098929_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
b36bd7c4b3c3ac4b48ddbd6eca9af319

SHA1
98baab2c1b922e09298d19a4d622e1f62e510af2

SHA256
973eb3749a709d39de78bd2e506dccf11c64c47289a28f286a1676c47fe9427e

SHA512
70f0597600edbc9118624b7f9ae32432345e7f61bb9b5e912a8fbf3fffc44da3a7d0a9fbf9deaad248bf47c8d3a64bdcc7facea5551d9107f915fc0726042ec2

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_client_data.db
Filesize
20KB

MD5
3a35407f0d3ea38ca5eff35965e40858

SHA1
f4cf08b79baad6287b51e8f570cfa5cc2f6312ae

SHA256
7debab2d7be94cee654ccacbcf01a6e54f9ac260d7b08fe3d5853559d538d5aa

SHA512
58e35300f7d20a4aed87202820e647441ed6cc21b185b74fc170e40a89dcf5f74a940c0b92eaf8d25ece3556bb1e4aa2890e12de404d7784363fd8216af8701d

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_client_data.db
Filesize
20KB

MD5
484df068dc370197c0e37af4f433f772

SHA1
5d071329bf5182e60b2d268adca542901d492001

SHA256
3ebaaa9fc7a9245b413f62f91d9e689d468456dd4b6ce2408bcd2003cbdbfbd0

SHA512
587e7b68f2c167d39dd50744f2892a461a67cb073e8cf9f6eb2ab752e07841440dbe212af32958248d15af5d4001e7fa12f86cad62578ef31999355a86c3b0b5

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_client_data.db
Filesize
20KB

MD5
ea9c2dc01d788f2ed7ad6a455e32335a

SHA1
3da6ee06226734e9a402c3ef2b542af3b509b6af

SHA256
ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7

SHA512
5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
f3a0e2d6ba4caac9c3b4813425e3be36

SHA1
b643086139af52910d908ced9629a711cfc1b09d

SHA256
6806e6159e6334914d51ffa4275c75f4bbd1487f9903e057dc2e7f1fd50c4297

SHA512
4e866b5450ac121d1daafff920ea39724855e73d723d10ac5179441bf015cdf57db2632d007265a325919cdff3e5447e0cd3b6796c1c6c0794ca78218cc04c33

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
dc50b78da024924017a37d030ec4a597

SHA1
3fa39236161d67bd871f3b3c4af60526bd4daabb

SHA256
84345fbfe7d0d03071f26798ba121ac3a223a86ee27afcc1017d169aba6f3ed3

SHA512
a462636a830b05e356c7a9441926d69b12e4c38d374c5d471ab2777f891a1a922b2a63f2c9c033e4120d64799860433f5427d28577a22ba38f13e2416ad10c7d

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
f228af3547e5f5bfe70f35ad9866c8c6

SHA1
02d945532e3517d4217c4d0067b2878d361427b1

SHA256
4ce69a0f22c43bf416a796e7da56e03d16cea56e4b103b350a546d65495a4185

SHA512
cfef8aee73e58c758ffbe92f3599a0cca6a8be830a7c07bb9c83cb5e3d21d4524e3143ec13e03b3004756986f8b7b4dccb994c7a84b488fa3a62e188a068331a

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
21f3723f88d90eb78c7b96b150f62e95

SHA1
da004a2e9b48d6daab1e92ef0f6a314ccd41df96

SHA256
536919cfafb4b8e333635743dc70dad3485b0cb619843d0aafb8db3d63958125

SHA512
3cebb1a92a4119eeb04fdd00d821474fd7314fde173dfcada49dea896aeb992b2f128aee4c974f35bd14522b1f49b31208506a95b06f0f592e04276b2897d7f9

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
3d8452e16e3b5c1030c17dd94212a97d

SHA1
fb094c40a6b212a20326de31863be80027e4c7f8

SHA256
f0ec9693a48a566a26ff62aa50056b27b72d9aec5a26de30d14b3d8a3d8e4d10

SHA512
e88f9a1101479ce4b5b407fefaefbff78781da0ece0e59f273cc1e2672d6391d5782a1c72f8243153899d3acb38ebe4cfc4bf4aeae6402a62a04a1c7ccd5c868

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_data.db
Filesize
44KB

MD5
83bc1c646671067a5c6f441f07ac5e45

SHA1
20ea3764914854e442e3fed6c1da552a68841e23

SHA256
4bd22f9b864b376f386b043a3c714c5f765e2b6e1dbd6a446e4c6e4d9ac01ee2

SHA512
5dae850d180ba9f3af82d040aeb4152cb2ad583a9a5774afea6b3969c5db4cb938759f754fb2743d6fd87424623cf08a43739f19897302e41d198092296268fe

Download Submit
/data/data/com.wRoyalGrocery_8098929/no_backup/metrica_data.db-journal
Filesize
12KB

MD5
4e1d3068d3f8e99307cf1337fa8d4bfd

SHA1
cbeff02a05dcb0a76b50e0b5901834166bcf4e7f

SHA256
2fd699cea8e4f97fce2b50960d42b67b29b000b072428d2c55e3210c712d3be6

SHA512
9afd607031f69a24d5c986d634306278e67f0f529eda40db42ac3e677b76f045a1918578ba5a7798ab682232059dfe367a1f6f2d9dd6a902ca30548e21aa65e5

Download Submit