4f8bd1b9d7cc172e5d48a9a021e8df50ad5bca5f937e3ed631296fdf33a478b7

Analysis

max time kernel
179s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
17/05/2024, 20:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5141b301d99ebca907913e2f19eb02f3_JaffaCakes118.apk
Size

5.9MB
MD5

5141b301d99ebca907913e2f19eb02f3
SHA1

0be00f8bef2d9541baeca25207492c83ff255870
SHA256

4f8bd1b9d7cc172e5d48a9a021e8df50ad5bca5f937e3ed631296fdf33a478b7
SHA512

3031f19de984484fee6eb57a7320365eb88e40d4f92d24a7b27f1a1a403c4bdff9c5fcc746e09a3e91a14109251152d4894b9624d34e39f9b74544da3d83c48a
SSDEEP

98304:5fsadOybik4gpS8U90VUJyr53bgOE25JAOPArfT6+F95UHmZkgC:MLaS8U9qUJyVgORbPgT6qKp

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.br.pizzamaker:Metrica
/sbin/su	com.br.pizzamaker:Metrica
/system/bin/su	com.br.pizzamaker:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.br.pizzamaker

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.br.pizzamaker

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.br.pizzamaker:Metrica
Framework API call	javax.crypto.Cipher.doFinal	com.br.pizzamaker

com.br.pizzamaker
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4613

com.br.pizzamaker:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4675

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.br.pizzamaker/files/ZPkFS.log

Filesize
12KB

MD5
19229132c2836b55c54315043d18b898

SHA1
f98ce6a08b96d28419251896073fba5c9f419160

SHA256
899579d25dd3c6ad307959ec794f3bb7b53abaa84409048e8818f1085a3c1f37

SHA512
39d5210d6ecc404181094ece881b092a9b25dff248d30a027046b6de2cd0735eae42a28a381ee742ab25d3e13450a1d763ba8e481e79703c5f49449e393b40a4

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/credentials.dat

Filesize
234B

MD5
a3968a7e7805dee5b3f0cee0dc2df398

SHA1
9e08756b63678c5f8def4fdd1bb609b89b689a51

SHA256
e15d99e0fddf6df3ddaed54e4fed1969e18aa3bd4d6b9734036f16337e768212

SHA512
da9fd7ac20d9f4c7fae3dccaf357bf335b335b70e84fd721017ac23bc8388d91382597d1cc2cdd10c90a4b985351a52d99cf4e3706b0ff7d02043ca6f33f0486

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker

Filesize
36KB

MD5
57cef838c9bfe6e1f896878433c54ce7

SHA1
a62a1f2ec04c459d69446e2f9b9360c01536b1d0

SHA256
5c3b6b331de46c620f71043b3a5e65e23cd1d6da9328a96475a613fd833a55ed

SHA512
3111180e6804c4e13c1fecd9a97d5930abb209491f43c1e2beb8febce16c0fb1fb52035cb6e2d884ecfa11b7a3732832c1df9b2df621b18f4f55b641e161bf70

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
20KB

MD5
38b70b7b9fab550fcdcedfbe83e10aa8

SHA1
56207024f162ba684b433b40392c690a477ecc16

SHA256
8e080bbd883c67e57dc204faed798f332c40969d570ecf1e33ce2ae2c2648384

SHA512
5577086888b2f550ff1d9a3f7775099b2c596b0f51cd5fb3f06f1a2f4f559b6f72225cc1f49d63f2391640fb4f18d28864e42776b819b4ebfb55cb4f1defbe16

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
20KB

MD5
2f1723c72064faf2849f640b0bd3247b

SHA1
7a5f022b8159d67900fd124e64d2db0b8891c17c

SHA256
b449ded47ab8e00320d22fd9143aad70edaa676950cf3efbf11c75568987d2ea

SHA512
1bafe89a9d228eecd3593e386a4359d4a7591e40b74121c0e79857aad34aa83c93668e692952472547186ce109c9b9ce21d971351c96991d354524fd305c46de

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
8KB

MD5
8aa94b5419e4ca931171f04012d67210

SHA1
495a9d5dda485fb60b15e806d571ac8c56c2e4a1

SHA256
5d51788caa4c9b1e29e00ac757290b843aa6462afede924f9497a784133f7f51

SHA512
94fc8c3c6610d17008809aa5b8f7742ecd3e30a3a94971f30e423156e05ae95af664efaed923560b4c9548902c33b584e270d3950cd5f75f10506b208c5cbb71

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
fb9f307516445f9faf641f0c3131d8ff

SHA1
68f5404d3de865ae45bba038d2b7f4096fa2c4b7

SHA256
c7ad40a99b120bf1f241f951d6fffb420dd180a9a6bf1868e8f44b588e542ae7

SHA512
d91c9d2ebc672e47ec42b4e386e955afce4c3a9976fbed17986046c9a3d2a727834775faea494dccf1ebf13a8ff1c71dde3d702e4823c25fa56a6bfe5853f698

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
c0b81a0450353d59bb765047fcfb3ad2

SHA1
2ad25156cfda04a167dd9f7ba63ae7ba4516ff8e

SHA256
7cb63d486fb6292cb50cc3ecb5fc9b8efda9e1534020589101d0ca06ecc069d5

SHA512
e47bd339788d6454bea6a529f6ea08bcc9516ecac70a00de847e8881cc21126888780cd6589fceccac8132f6027baa49b38c4557c49926bf877cc702814a29f8

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
e8abd2285ac24c0d7bef83c1eb655499

SHA1
3bdc23826d60e57fedf1b891eaf93959de7fb472

SHA256
e3ffe6bbc51ec29fb852a08c42ca029bfe65bc5a581c051969dd30203d27e8e0

SHA512
7f87112081a08d4d6a7267729081c0f9084a21838670e338fea85fc6efbd3852199d223102ca7b94d129b4d7b6e7bc38c4c585266bcd4de13375a6e77e9f56a6

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
03e42534f0de727f801d51d06272a529

SHA1
ae47fea5083820996372489bd924a5a7690c2241

SHA256
87d2540cce27036f804e26dfae1742f87e747adf7e441cfded82796d6559d35e

SHA512
5aa4f55016779ac510f5b998d73de3141f9cdc625a21040055299adf1f166f36ddb7b818ab83650a3e425b4213eb626b5e75523506235b05a7506a85681fe0b5

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
e087b42ba762c910cdd0b707fe79c79f

SHA1
1bfe1216713f49164aca51bbcaac63a19f0add88

SHA256
5848b9faa67b95512e2d4e9163b0731d3c68fd8bae4b697036da7402ba72fc23

SHA512
91c05b223540ded5076793f0c83899c99ea6b4d886e112f1a00d24a08ba2ea5cc9c315c1440ce33eec5eb951b62950964f86583c9efb0160a8af0670ba6e19af

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
37f3372a58144a283ee61b6734d1667e

SHA1
a73576ab302896866640ca5643f1783891b87aaa

SHA256
323444b7858f04738319198a1520c3f5a4b6d371361318c3a50538a24c4d67a2

SHA512
544019dc4346fd54b163afba395885c99ca914ff533a082968309330673f72ac1f7a08af27888580366fc2b5bca467c5e28bf299a63fc2224c6278f76122d37b

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
7fc9d5328e2ca64ffc4ba4b246b8a6fc

SHA1
c25b81d6aa7838ede70e382d446fbbcaea187e5d

SHA256
cde34b806dd4c014118ea2b5bddf5fdce0c18199204650e75f13859f04d099c2

SHA512
a35eb0b2f72b10ae42db2d97d28d6b8c97f36b7ae9b5e0cb9e12472480270c514e31a3ccd775bd5ee1304683d780271a0bf09316fd91e648704c6c85741cc80e

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
7b30308d62e5a62704a015e0b4b7f699

SHA1
057b812d34684631e645c79528cffaa6e101a7a3

SHA256
40c866d28569c053eb338718de0040038f2f66c16fa8868d85223fcc58ae8663

SHA512
0a90ab8bace1315c891c33277cacd76289ca45a84d9c2a934d66ed983102387fe9a686e79807047dfd331bd48e8f39c556e1cb26eb18ba4216f78e0f2b22c275

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
84fda5673d92e8b77388c5db045308d3

SHA1
0daed9e132134437e4d5bc1bb55fc53faa723233

SHA256
4751bdf2721abab51eeb485d1c6b668be6eb8b83020ea3cd5e7ec9058576cf37

SHA512
47679dbcc1aee5c7915d3d0c62a049839c608f2c173e0a5243868cd36a3e12f4fa9a666c5662a89885c3e8437d101ccfd30b5ec281a0ba578a9dce64e23f1657

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
5037b1b11aef3780a2b5f0e54017c646

SHA1
002ba913e6428ebd0a981ad0d1f48196a8561d3a

SHA256
3aad8982ac23c11e0199cdb321faf12ce8df486cb993231e3a26dfa818f13bef

SHA512
ba1fa454bee44f2c4f7f1dff05ee09eb5d7ea6ebe78b5e767d4bd2f978ccc2674f59d8f89c47bcbb3d9f35fe5d71bca1114de70c30775a4ec379348d1353ec29

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
d1ad47d283c3629be4f0096ae8cd2839

SHA1
e58348c3947ac54e8fa24d5ecd55d8e6ab3e2b5e

SHA256
1d38d1cfad01d26993ebd1828ffb4d1b8be32bbd74d4a6444f02b362f75f8ad6

SHA512
378888442b05e2548159dec83a35dfe440c1b20161e7a089ff87b996fb909db2d7f33ce46eb4a58b0ee2d8b0f064898ffecb0519bebdf8e76624a3d345740fa2

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
e5639b469346d3d19c79ae3bdc2f4a9a

SHA1
b4d9041b94176f65417e63e77f0f324b81e8dded

SHA256
cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf

SHA512
273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
d01115ab3b3ab6cd76adfbc07994cd9a

SHA1
2e7e72949ae2c3c9fc3faef4ff50f29153ce10de

SHA256
477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68

SHA512
bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
6034d3f0efe1e3b48cc91df36ae27499

SHA1
c4e255192db114a520869e65686a3875c21bf6a3

SHA256
625887be4b8d7e8d9ff0d30fb16feee2123ea42cc038af62bd1b0a5b38e4f0eb

SHA512
57f8acb3cd504baaab6540771a6de8d08760510e48146855e043369aa60acf633658d23ef328397b75b81a70bf41a79f8a22d53fff53cf4b020dc5f02e19d7a1

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
e6f60a884247e9f37f20c8bf46669110

SHA1
3da0b8109e404dd88730f2fe09a938485e8e2d4d

SHA256
528cd643da1fe5e9b7e437b0ff3e149d15d25814ae1b4dd027e80ac31180d580

SHA512
c3d35aeaff6fbe358d585a5892287d65ff7b6fa264ed3a3f6a81f16188a339ae3aa8e30531fb58bf795d16be9b46f1a9be5b7a05262757e1aaa5d0d51bc647df

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
35daff2695cdccc83c19799a261ec51c

SHA1
e5a872548163ff768cefda7b3c07f83930cd8210

SHA256
7eca39e74671e8c2986943ce364d65199eabbb2ddd000e54e2076b2f15d396a0

SHA512
4f6a1b095354b06de7a2d3b4044b9928a45697398bdf3b090b6024a842e9b90d4a9a447bf6da3c3b8f99088ad21e29a3ffd4f8bae2861b363d55f43dc75c3947

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
41f3f27bdb5ae21000567155cea191bb

SHA1
3ac527aa25e068f6fe0128c249f26c7367e46e13

SHA256
95a79d5b7d5ce53203dbb6842cf13ac76efa433c9d8af697d9791b7e36453fb9

SHA512
10db4dc7070883b43ff7c84231cb05f0c2155c309cb0b0a7c60422ff8a1ab6b46bb56ef8891ba596694e03f0940c8cf12a508bd3d1c1f21db5022cd17e7dd4ef

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
3f6601d2856fe3df49729d017cd49daa

SHA1
e6c1d775ddeca85e08244a04a7c5380f1ef2d0f5

SHA256
699dcded53c5dde05aede7876fa6234d45097288867e5b69307d9525e9cc04c2

SHA512
aa0ff164996d5e3817a053aabab461cf0c80c35eb2744dd83bffac9029c807b1d485779632669e2f4bbd7c6028178f45bc3fb5aeca0309d5b4677d742ebfd8fc

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_data.db

Filesize
44KB

MD5
24c91682441b74bd9a85e7f4c54800a2

SHA1
2e20002ac0f2eef37ed3f8be748bcf48a56751c8

SHA256
42e0dc6ebde4d73abed964b7cd687ea4f18a43544da999ead2f59a810ff7fc6c

SHA512
27075c19c8caf56c2780efa47cef4762e8e752d6780f6e6dc876e41efebfb720e75237a0c8727492b9ab409c84fa01134ba7b82938f050e8fdc18dc3b4587a8b

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_data.db-journal

Filesize
12KB

MD5
b536f7b890daba20c6a1e0ac4c51e0d7

SHA1
dbcd154d536d2e86d8c922a2e974fad3c9820260

SHA256
6f468d204f6582d883f8b04c76480df21dc3e30cf4f2aeec18d4a9d11dacf417

SHA512
58c2aa2118b1e38926d2d7195637f6af9d5dec5ecf68d2ed21ff13410bbb6599d0c5832eb3667723db2734199a4ae380f21142fd37e0efc85075cbbea8ba4efe

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads