06ea9f882c6deaef4044a39655a87ae928c6a601ffef6147420e756ec7b55fdf

Analysis

max time kernel
179s
max time network
155s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
15/05/2024, 12:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4642ac44aa8c0d72dffc8d82bcce75b3_JaffaCakes118.apk
Size

3.3MB
MD5

4642ac44aa8c0d72dffc8d82bcce75b3
SHA1

69d0abf2a5b6921eaa16b125d16c63dd85b19ae0
SHA256

06ea9f882c6deaef4044a39655a87ae928c6a601ffef6147420e756ec7b55fdf
SHA512

78faf9928edaafce151e33f72d6a2a294a9480324e50acba42abac757151845d1f407adafd967296caf3fbc9e027736fd6aa35434810a90a5e765472a31ff2a9
SSDEEP

98304:xugfuWWFkFL7EBasOqFRl8Fr24J73DwpwOtywXN3XWiBj3N:xvLWOLpEcJpXA

Score

7^/10

discovery execution impact persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	goldenburger.creapp.com
Framework service call	android.app.IActivityManager.getRunningAppProcesses	goldenburger.creapp.com:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	goldenburger.creapp.com
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	goldenburger.creapp.com:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	goldenburger.creapp.com

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	goldenburger.creapp.com

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	goldenburger.creapp.com
Framework service call	android.app.job.IJobScheduler.schedule	goldenburger.creapp.com:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	goldenburger.creapp.com:Metrica
Framework API call	javax.crypto.Cipher.doFinal	goldenburger.creapp.com

goldenburger.creapp.com
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5110

goldenburger.creapp.com:Metrica
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5180

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/goldenburger.creapp.com/files/ZPkFS.log

Filesize
90B

MD5
f8b37ad4e412ef81d0b8105f2c0822c3

SHA1
0ace27c47a8d8d50e82d62b663a95e81dd2f0553

SHA256
d7d396e80908adf16b59f94f4d7ca1015a7be6baf6e7f8d21f0010850283a184

SHA512
671c2075cd56f1cc8f5b1ae188ceadf21f49cfcf3f2b4fff64ba9f15197e21503da3369742b2bdddaac676acdeabe7c82695fcbfb516dccb068e641c9e275d7d

Download Submit
/data/data/goldenburger.creapp.com/no_backup/credentials.dat

Filesize
233B

MD5
ef2579ac008689fbb3c7505be7fade83

SHA1
d4404c1cb22d55cdafbe1e78c24011a41b1e0fe3

SHA256
06dfdbd3f613007c5ccf92b7e225a1d7a200b2e0c61f75b2821987065a21f504

SHA512
2d8258a89348cee5a482bbb091d297996a08231977d63b6f40a89993df8c9feee8c0cfa866ed82dc005f3594bb93b93223c4fd78e4027a978a785d9fbeed6795

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com

Filesize
36KB

MD5
e24bc736a015dab4a13f28bc8b22e777

SHA1
f5f807db9778742c36d3ac974875a38611d9ee3f

SHA256
4cc1fa11eab556456dc894c96f1ff970c419bb8f81148e14a552855b7d9a04d2

SHA512
8fc4c6be70080f47609de958d62a8095ead91beed9d1fae4a10b2d2bb69f1f33216b30887b4c476164fc57f6e876cb5550f78b920ae27d33c970476457e8fa09

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

Filesize
20KB

MD5
c2149c9ec33468709d2046a56044072a

SHA1
93b64a1f8f0965b5168cd78b1793e59d0910520d

SHA256
b7031b5b39a55ead3477fe75839ea0a8b4e9bcfca986e893142c1db036f26609

SHA512
1c62269a536be7110476672bf8addb581b89e73e3ba5cb19cd65cd73f1af4083a5ecd832d9e35a7a7dd3d57dd47990f405667f70fb39487300611c733e70505e

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

Filesize
8KB

MD5
e992eb378b19da562cc45f1d65d7acb3

SHA1
65b70e6dfa046d319cd4d315626b58670325ac92

SHA256
621f7e314099a5876e80d03bc3781e224d11dc4bf5f1cacf06383b730bd33b82

SHA512
188dc0340bb3d0f6a9e6a8d9c88742e19faacaa22a5bb70a058a837fb523c599d918262b51ccc02a6f7af05feb92b187d9fcace036a9182d45647dfe12f94550

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

Filesize
8KB

MD5
7dd9b385a1bc90f2eb1fc34c88f7d29c

SHA1
726859e18f81c26dea97707a0133499389d58726

SHA256
23b4b19398804ce9c60b2a252de2ac386141f181d0ab1a34a77be0680c4c7d50

SHA512
1b7410c8d7f6692f78358617b83c5afe13e2519adf5579d4305407bdd078f14def775c4a8d9cd15bda66e2773b1b6eaf2b2b81a478a633654a19bf0b5270625c

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

Filesize
12KB

MD5
56e0b30029487be8c64755cb47dc4ff2

SHA1
e49c63a5f3545be8ede66f4929a8f61d5ccf3618

SHA256
fd505bbfe4e9dd00359307ff4ae5cb392fd406a8ebd58575dbd05fe0f9d5537b

SHA512
ebd3645c3c5165d9356a19333bf4b549e97e4f9cdb27287e9848c59ea23629bfc9a3e7f5fb991afd0d07f67e4f83cd82d972cd721bc4f9bf1d31cde75cd32a1b

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

Filesize
12KB

MD5
85be0581837d06e3347a2c3aeb4cb236

SHA1
2a23f0c2580a5da32c32cde05f17c980b50b3908

SHA256
39657331a25fc0d6204811cdb208124aead043438cbbc0cd26a1c464620ff36d

SHA512
cdf3075382393311f0bda703e232989c4af927f3325d7d2604431e2ccb38e143ad203fb9f384a4b089ef0475273bb5d978a5ea66abe3b8963d25081844535981

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com-journal

Filesize
12KB

MD5
dd7b03c15a63fb34f6e11688ec070d7c

SHA1
da58328c9823c166f6e9e36609f3b49fe8e3446b

SHA256
d7fd9db4a4926e844b7d5706b713e83f4732a9ac4c1a5a4839be241658e19775

SHA512
81ae2ea9a65edf676c3de4c563987f2069cba0d13e11bc70cfb423845ae97bb63ba8c0c96a2fbb81d9b3b2e6ff95b883e4b0fa0835aa7945d1b12073e77ed459

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
8e451b6bc6ba92fa3794a56bd3418bc9

SHA1
3db89acafa134334c315388deb4c610b875582f3

SHA256
1f92e4ba842b1406d7bda2a23bc85d88c277a6aa341b569125cb7dbc8bb3e918

SHA512
33662ba1a9d2ed60d402df9d4c5fc5626e0cb99f86c7241246eed35d6e54bef9df27f7bd497d362960d8605ba93e8b498766c76d03b27f889b18d041e7bad2c2

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
4b8d23a485cc33e7be70520c473fa315

SHA1
76fc2a29025c27fa4cfddf007244fa209bbe731a

SHA256
60ec2f258519c0681c2489169f842c7b1e7479082edac62a1300d99254653d8d

SHA512
cb0b18b6b93b7ae4782e33f2b9b5badaab58744eed0fd3ed3de5dbd97f72f0479c31f993c03cc2b6008894bcdfaa2fb2a0ce9fd6182c0b92f98b1971225f0f51

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
03b9f058dfedf899d6b96a851c9a5897

SHA1
870a91727b891afefb43c282ce367a0d5b6e75ed

SHA256
8516632d6b40d4d288039774e88c19197a216d71e551f89ada2789a04d9ebd77

SHA512
e67b5701ac521f86bce7ca548441780355cfc3669edde26528381d49f68e32c5a5dc21c3531c919359659109fb6a1f662667520ce532c3938907336de673482c

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
515f51e5e1f3d3d73290f35d69910e54

SHA1
4fa6fe26bbffe6abb87e484990538b03b349320e

SHA256
5dee83310ef56cbea571cc96b8eb26c029201d3a528ad70f829e628292f9b7fa

SHA512
7715b8492b6fb028c6f6b3ee5c76857f9d2abe852f758a55b7ac803407b9130af01adeb6d010fbd6e24decdf8e3a27df1d3c4956a64c18dc6ac022567bf74dc8

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
eafba8098ef8f531c29df7a9c8dc0128

SHA1
2077a56315dae6c43666d66a785c1c77a19f2adc

SHA256
4539895a73818e0d02ce1efb189bc5ca17722994419a9061d7a35e51abe2e203

SHA512
281f3a59149e699fa24479ba730dcf1d6c3b10901fd0edc272d6004a2d56123893c4cf0ab3f5b5791a7fe5b501062e5ebfdc9d611d89bf461fab5ea0770f28dd

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
27eadf2dcd4cfda45e752440c2e3c3d1

SHA1
89295b84c354dd49842dd181919f22a89ae4b1a8

SHA256
e9d047c6a1d1089406cc3913c616170fcb0a003fdaf154217411a50e21e39db0

SHA512
16ee541450e6d1362a584e7a8088e63dc497935e3ea8e44aa10bb86e67fd1e9770ac65b504d3b2fe13925e211e84163a014cce04b0efe6fa0ad0fd3632b68e94

Download Submit
/data/data/goldenburger.creapp.com/no_backup/db_metrica_goldenburger.creapp.com_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
5219e9fa8051f1b7192dda99071af704

SHA1
277048d786a0b0a6e251fb0865c30b0add9abd45

SHA256
1a14ad06388a43fbe7fe78105a85d65651e9e8455a57d7f3c9dd62eeda690a0b

SHA512
4db5220200c5930b0332f5d457fbf7abde625341642e3e6d63735f22fc46fd47c30e165abe2cfba0e6418b92174597d4fbfd839d47d42119bc6b90474ff8d0f8

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

Filesize
20KB

MD5
ea9c2dc01d788f2ed7ad6a455e32335a

SHA1
3da6ee06226734e9a402c3ef2b542af3b509b6af

SHA256
ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7

SHA512
5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

Filesize
20KB

MD5
9f9e89e72cb837f27f98cd53b3175b2b

SHA1
e697793254ecff0a212b0237efb1a2f9da69400e

SHA256
58448008bf87d3f8e2662aa296e53c7f6fb34032926ca5bcff553b270bcf3142

SHA512
ceb01b0f447e111ef4023b829e70ae51e060b0c9d4d68f907df4069a1e223e7e7c9f730144cf511882a89090b49929696420a0534db844c62ee5ed9c33eba9b3

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db

Filesize
20KB

MD5
207cebe389bd4b412725ca60917a3fe2

SHA1
171ec1b598e3ab6ee7e412171d9b28860100525c

SHA256
3b20f8910986dc050223b36a67e23be4b62c29e03192069c754ea95390653ad3

SHA512
7c4cc6a498da4ed1347d38f07e9b6dfd422bbcd2bd97d0973ddf4060d9a340adbebc8af0c736b0fdfa3e5233bb4fce5eab0b341e2f5f50d9b910321e52693328

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
8796cf5dda867f6e38db888618963926

SHA1
cec2ff2468f0430847fc8cf3ff3aa643821341d1

SHA256
a7c4017849e489f47ae1d3a5ca54c06785b3a9c1d872db8cfd1185922a1fbb88

SHA512
f015d34e3ae3b1e3aceb7edd7478c354052b7e2ad566b981bcfac29f71cab5313eb6eb046d0f7300d1ccb51a3a86db569aa1dfd7058468223362bfb18c7a496c

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
f8f9220616356ed634c9b6396751a8e4

SHA1
0a51ea7214d6f385404e9623b0ff6e4f431301d0

SHA256
51d1c216d9a5322a87df08bf702ff6f615617dcd2cad87b4f3f2a2ffb9191504

SHA512
4dd722380843ba904ac06fb1b3dfc9138c138f08edf3796cb4011d6aae8f986eb7eb7b328e12f8c43ad2226eceec73c77207458734a72a580d2edc723b41d717

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
2d04cb1aa9503b06abf7b1fc0dc72561

SHA1
40f1b132ffe589ec8a381501b599ffb57fbef8d4

SHA256
1cb4aa8d9a1722adea35d3a503c79e0c46c32cbd0426bebfaf12a6d7e78c49d5

SHA512
d16f4c632e2c787b4139bedc923f6178ff0cee88990425e4d5a1e930715e92c7b3737c5ce425b8bb842b0b4e17a1f12acc31e817b05e7a5b537bbb82708f45b1

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
3850dad038bb8036bc97f4870347aa94

SHA1
4aa4a326e510a6eda4d433cea33eb5ecf097b539

SHA256
b3c88067f8c4e5838b62dc9bd7fa9b8e6c0b6b35b1cf755d48acaa51a948a809

SHA512
ea90c98052d10ec29692de6bcddb5ab84f9f72bd0ad2935f3af97211a05515edc9cc3d5272c2829f7f15f31593220854566096e7560a18cd069ddea11b682635

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
5a293ec11c5d1cb3c428cd1a102d7bf8

SHA1
baec0eaf70a70688154cf0ff0947b1c3dbb44356

SHA256
4dc153dac37793a4a52018872c72893009c2ee3554a178e3e0721825104c2ee3

SHA512
07c4e7e4a16eba112ff45d9edafac688f951a111adad99fa4d4dad25a60dd9306f185c3b7ccc3bd43928200525ff8ac0003afd339a678896f512f4414b22c4c1

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_data.db

Filesize
44KB

MD5
50856f77886ebd48ae567182460f8c31

SHA1
fd93a1249e1a24a206e446f7d99a7e102bcd22bc

SHA256
5ace0e35cff4f189ea2d73e2d34d64a714f7905ff5f8cb7cec27a1d4bd3ac9f1

SHA512
9b0c957679cc73b80e0a1285a92adef3ac6e4f7eb34941bbd9d265c6bf43144e0f8994df1e9c17e959bbf4fc576435272ed47530e8742108d662b68c59ff8d27

Download Submit
/data/data/goldenburger.creapp.com/no_backup/metrica_data.db-journal

Filesize
12KB

MD5
85641eab96ed413ce6bd55ce13c4b7a7

SHA1
b536b7863b7481c89a6fc24bda87b3f19383e8f4

SHA256
c19dcb7f55ded0f6becbd4765ffa9b738baa5ea2d3e87f05c5e80d27fb228d08

SHA512
2e323f3a94212e8fa6596712c6461885e2139319093407fc14f1cf12abc369f124b157f58436736edd88dc43584d6b7d79ba165e3737100ebcdc2e8f3f9b2564

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads