06ea9f882c6deaef4044a39655a87ae928c6a601ffef6147420e756ec7b55fdf

Analysis

max time kernel
178s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
15/05/2024, 12:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4642ac44aa8c0d72dffc8d82bcce75b3_JaffaCakes118.apk
Size

3.3MB
MD5

4642ac44aa8c0d72dffc8d82bcce75b3
SHA1

69d0abf2a5b6921eaa16b125d16c63dd85b19ae0
SHA256

06ea9f882c6deaef4044a39655a87ae928c6a601ffef6147420e756ec7b55fdf
SHA512

78faf9928edaafce151e33f72d6a2a294a9480324e50acba42abac757151845d1f407adafd967296caf3fbc9e027736fd6aa35434810a90a5e765472a31ff2a9
SSDEEP

98304:xugfuWWFkFL7EBasOqFRl8Fr24J73DwpwOtywXN3XWiBj3N:xvLWOLpEcJpXA

Score

7^/10

discovery execution impact persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	goldenburger.creapp.com
Framework service call	android.app.IActivityManager.getRunningAppProcesses	goldenburger.creapp.com:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	goldenburger.creapp.com
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	goldenburger.creapp.com:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	goldenburger.creapp.com

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	goldenburger.creapp.com

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	goldenburger.creapp.com
Framework service call	android.app.job.IJobScheduler.schedule	goldenburger.creapp.com:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	goldenburger.creapp.com:Metrica
Framework API call	javax.crypto.Cipher.doFinal	goldenburger.creapp.com

goldenburger.creapp.com
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4280

goldenburger.creapp.com:Metrica
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4315

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/goldenburger.creapp.com/no_backup/credentials.dat

Filesize
233B

MD5
1298561c9e8071eef3d0d20581e81b75

SHA1
493db6c9c3135fabc80990e18aed454ba2cd6654

SHA256
dff5a4d98e11f713b56a706811fcbeb49a37d9ee6f7b28af88fdf474aa7cfe20

SHA512
328f11a9d5b6219aa9d22966d54e573688ee3a33cda23555a1f7183c3c0fe74b3cee360deeac6b679e853fcc277335f8c44d50425ce17d6fb414159401aab8f8

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com

Filesize
36KB

MD5
a777ca68908be0031702bfeb52f841ef

SHA1
edfb6c333c78a91db28a474a926779cf8c909c9b

SHA256
57b9c8656213a2b271264b56556aea6acab895476f0416a9bb32ec757229b660

SHA512
c6ff69279eb775c2c1c6c06813fe274b54fd50818fc3bc86ec8d1951660ddac233a70fca867156cbde71500c4465ae253868fb58031cab60b9f565c56499636a

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

Filesize
8KB

MD5
0cc41071754648674df16c1b1086cbb0

SHA1
8c2ba04609d23935dfde3c6a276f3ee708850751

SHA256
7c0135d1fa4899cafa13976a81622466b7deadc9217d90ed32091b8c2eb9e3ff

SHA512
60d4185ef3784d1704dfd39888327f89108b8b104b3491e441db2a44e641b1b16bfdc31e32c86e4318311b0bd8a08271a0cc3c4f57530a879bd766a7b06332ce

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-shm

Filesize
32KB

MD5
fa18d640c483507536005174903791b0

SHA1
052b5b4cd8d6b4e794c3862dd55c7acbefa618d4

SHA256
a69818042439ee8da0f481449056a2014c28fcf045505205572640cf4960c3b1

SHA512
8ef9145a22f8ec89e6726192cfcb495c773a8704d2437d599ea9985c7713f36d4c2b8a2bccf2e5c50a8285812b49cc344d92db6ca189c78f524a7838e23fe7d5

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-wal

Filesize
406KB

MD5
6504bc3ca6c7538d94c9c7dc49cc5791

SHA1
53a772a5ac5183018d1b62f2919597df13ee3bd7

SHA256
fc5dc16f74fc633b891cacf605ff8652ad66a17d93d4dcee764372ae62012850

SHA512
db7555114c3c88742f2723a7532c97f4542cdc9aa655c35787fa7d89e15ab53ce5d756caf251ce92f6fb29821257599e0b526bdcfd50e3aff6e02b17a72882e5

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
20KB

MD5
87c1ccb2af5e743719e0682b21afefbe

SHA1
7d1ccf806be3c0ff4be6b080d1ab65f65bfd2477

SHA256
f4f644af475690ffc2c790c43fc837d7e793ec965ae58b07522bcd752e932c06

SHA512
5eb04d9d83beef644f1e86dacef30de185b2a52930c9c1f411b8b6c410a3bc2cf296a60e98d766ebb67a30b5c0fae823eed22bec26c6c9e43bb13eae9352eef0

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
f027eecc57554344d8e19c1c8b6b42ba

SHA1
e60f6b5daaf4b48b21c27f5024338f06e01c5010

SHA256
8036d8dcb2e5f35b5e2b5c6263167f19b1bb603415d18d6f3f7d272899d00d70

SHA512
dc8a8828c93c80ca65bf28031f96a66fbb5dba15af4adad07294639fcda613c5703bdc47f5e9387ecf002bf2cc89a73b33660be22a2d130182022c5b57d8ad5d

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-wal

Filesize
156KB

MD5
9f80ecc4240674cf5033905e605bfdb2

SHA1
94865653d2da5d5a018a56c5c19de9f880e3849c

SHA256
62b5a250b9f49865999d659f51c75aa8b262abcd3dec762a01d515511c8f1673

SHA512
3d06ed636564aa124b9986cc4e0f33d1c163c7cb66ac06fd42178b9a17ebb07db5b293dbf9c6e74393c018305f94ae05364cae610ad05b807baf76324f350386

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

Filesize
20KB

MD5
455cfa0456a079faac332531547631bc

SHA1
e86c1020517980f03b46fa9d256325406720b3c8

SHA256
093b4edd557233b198f262a1609d8bcdcf9799398f1b7f25a30f20aca901d876

SHA512
ce11223d6b8aef10593a40f4edeca7185cee59f805e817cdb7b51e20bdb26fae51a57da7e610247d7f881a6b3c69bf625d475b6044fff3feb3a329d4ce31df1d

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

Filesize
20KB

MD5
d31f96a7eade953047ae56a000ab1ffb

SHA1
b5d711783e0bed6f48d02612cb4f1087f0fc5148

SHA256
51c4b9d67d3f5b5fba8dbb37add64818c6c6bfc5ae3958d0f42413ba7c8276a9

SHA512
53ce2a61844909e00c16eb7bdab04da9f89710f5b19aa75a9aaf98ae7df7eb9974e6d6292362937b20ed635473f977cae0b9c183b69dae6a192bb549548a8c33

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

Filesize
20KB

MD5
44def4f6e42c3ec63f229d23af8c804a

SHA1
f5956d9295778b539bced03215343fd3cf7a9dd8

SHA256
882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a

SHA512
a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

Filesize
20KB

MD5
46845f99d5e05af9b5e590e633b0885c

SHA1
619a8a4f8e61a8496ba0a5e11c6908c6349fe3f2

SHA256
aeccd5038c567830f45556f23689c894511f21dddfd4002e18ad4b7c46220ccb

SHA512
46fb50db2a78d9907feccbb3d2dabca92e5ebd4eaea9796b04cfbdef5c560b97d90d384771d64ad75679a6affdcd89ba08e27e378300fdd271885ea19d64aa64

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

Filesize
406KB

MD5
10a0b674b11a6b2350d8b9b57534c463

SHA1
3763c347137fe301933963aa2be30c9abcba4254

SHA256
51b41225bfd8930d6098ca76729c8fe3fc16cea88ea0dd09608bea7602d9c1b4

SHA512
0532e93519ceb1650f73f9918520d9448cdaff50c3a41312aa18f37e4ea431655271d361169125788b7748131e8675182555896ec2e66fe5d470b60e2f305c4b

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-wal

Filesize
32KB

MD5
46f279d44bec01fc0cbf072d3be1e776

SHA1
be946388501449567360258c8c4f7a5dbe483b0d

SHA256
613bb4e5975f58b0f1f9c0bc1f49845f83d9c665104fa2753d19011aea854f53

SHA512
285fe3d2998092c0c9b3bbba5e07a21b9b1c053e1c9f6670c1e0f574762bc5ce7a1d4516f7f2d25b262d61e4e3ae1e6fd93f0faa427af68a7c7dd04430160802

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
1506eba00af7e0abd83792c3d92da4a3

SHA1
2adff0ff85291fce3e458b43acbbd78c05c2f2a3

SHA256
477ac301cf68731662be8ce45cbc6ceceb7541a72934ba448823b5648d5231b7

SHA512
3a8456ca1bec8823983f4feac8f8ae08281bca839fa21ce55191e6de1b961095b1d4a3aec0d8eb59f83c2fa817fde1a2e84726047e1808825a12349f2a2ce906

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-wal

Filesize
32KB

MD5
b4ae67ae4d19e07e903564b7cecaeafd

SHA1
c73f3a85e2205012402a4cbb4dacb748fef3e00b

SHA256
aed297a13b9b41e43dc1a9ddf2c56f9a3442ca9e614db7fb4775eb3c4181b2d3

SHA512
6c83da0185e33e18c90e117d044807694b576e6bc5cced93baa005f9862ff2326cf0806697e62f05cf778b4295eb82d2fbc6ff0a9d1bcfc138597f129ecf012b

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_data.db

Filesize
44KB

MD5
6b22717f596629aea33957f60f45a40d

SHA1
ae50c2eb4d8e68ee52f6ab11597fe904f36072a3

SHA256
d5866b28e5e30f598828a24ebd62955b1938f47bcd4cc00e8e085bc3cba15818

SHA512
eefec4e10f04c8b5781f97813d1e5b6e1bb2efbe2615aa7029a2c83d5d74f3626e722b5e98a405b99ea9c81b77346c0f5de7b084f2219f75c2d84d2992d41394

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads