Analysis
-
max time kernel
179s -
max time network
149s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
18/05/2024, 06:52
Static task
static1
Behavioral task
behavioral1
Sample
53757efbebf07aa0dafda582b87b3d8b_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
53757efbebf07aa0dafda582b87b3d8b_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
53757efbebf07aa0dafda582b87b3d8b_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
53757efbebf07aa0dafda582b87b3d8b_JaffaCakes118.apk
-
Size
3.3MB
-
MD5
53757efbebf07aa0dafda582b87b3d8b
-
SHA1
7c5c65fa25fd088783cc44ff08447cc945aea82a
-
SHA256
fb7aa2aa45ebc2128392a0ec6b060b0c0b0cafe146cedc364e6e0ffa95280db3
-
SHA512
af88c2858387e61357284b5bfd53c9d817ececbb329314df677e0d51626ebc67872c4d5e405a1762fb5d2dc33f8af7b9b4e60182ab9f602987ccc8681baa5997
-
SSDEEP
98304:hEWx5GCpsg4yaDwlrNQkeh6cUwlRiDOtywXR3ofq5OQ5PTXWowyR5XNuM:hsCKXDwlrN7ehPrCzujWoN
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
ioc Process /system/app/Superuser.apk br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica /sbin/su br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e Framework service call android.app.IActivityManager.getRunningAppProcesses br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e Framework service call android.net.wifi.IWifiManager.getConnectionInfo br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 2 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e Framework service call android.app.job.IJobScheduler.schedule br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica Framework API call javax.crypto.Cipher.doFinal br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e
Processes
-
br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5127
-
br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e:Metrica1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5249
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12KB
MD5284a1568b412e621c1568c59164db44a
SHA12297c491f98728ba832ab2b14c43b93da3fafc50
SHA256ebda6badef0b2ca84773bb4fbc32cf3c40ec5073e845b06fe0e69501ef6a41dd
SHA512329c5aecb76c79c526925e01f1b221b23f29ca0fc41269168d3d6c27026312b256683bd3e717c9271a8f08972d3145fc14ed3e1ec0e5b6e4132bdb366164f03a
-
Filesize
233B
MD531e2a78bad3d5ed9f928b5af6fb1ff55
SHA114aa4480c7cb3722574cbdcf789a9891917fe6c9
SHA2562545f7f28ebfa511c494a1d70d890481c125502163f48eb65a9224ce1e2f7cbe
SHA5123e7ea9d24c85c1e628b06a5b383b3bb0f17d70fb0f4a85708931da5c9dd4918914d8417451c787854987d5fb431ce5ac174a42147c8642b855b85b162c168178
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e
Filesize36KB
MD50de897310970d40fc79a465b85e2b341
SHA147e524d6885c96158da4771104e3136ce50129ac
SHA256bd6aeb3888d0ea637ba6b8a53434bcf0d81f0c39f24fc88b9fdd632055df099d
SHA51200558f99ed3e67beea648306d90295c9e706a7252055454ce00e7c2cafc3b0f56579b335d293a52a9e7b9c7641c1b9301b5a5c8c971c6cd974eea27060994f47
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal
Filesize20KB
MD534f8ac6e90b6d7f5504fb492d71ca5d5
SHA1f4cb7670b2e64a14cceea5145e668714d567d4d8
SHA256e94d03fcbabf4fcc80d859760fc55e087ef9ae53e4c67b7fde722fb15537a2b6
SHA512d73cf8e12151e13f8ee629100eae8f66eb9c3347e1c4fa6371467ba1cdf9ec46533b2fc416c858efe00c46d2487e7661b174ae46c7a7d454b65b867549773d12
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal
Filesize20KB
MD57f1dba0bcb3aceecd2ff00b4957c66c0
SHA14c1105099d4cd038f801f6482814c6e67dd0062e
SHA2569a1a09e85458b155d3076cd5ad51f97a6750ec376e74c176e218119f5cfb23bf
SHA512e7c5f4498c2798b988bbc1a27babc9e80c4d8879cff4892be62e2a4b60bde3b2daefbb23bdb3796273fa548709c0d21f8a179e9806583775ce46b43b635a4f9d
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal
Filesize8KB
MD59ecd9b14266004a11e70fbe4ee631156
SHA1eb58bdfd7e070a528b81bb0d44e2729b922c4dd4
SHA2566471666e78fcfc46cb703d305e6ca24c25c2bb690224411c2ad083a96e9697b6
SHA512fb038bb7fc609a23479aa82d980bb23232ba0e50b6d2e386f3b54be161c22af6c4f4125126f2476d4509775c7047df54bedf25c0c6a7094d63baf60f1b6358d3
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal
Filesize12KB
MD582363c860ca6ded817028dbdb7a81644
SHA100163dfa0dad3cc6edccfc70f2adfa202d430a59
SHA2562af7e61a5f1971c96282249d846831d9861f1c565a2f08d15c2f57426cb11b6b
SHA5126fcf0654bb36207ad0857cca2d6581e91d3a798707d276f94562c2e21d2d0c30659407212ae63283fad06992461c0f15c286c53ecf9a00d24ce056090ba36839
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal
Filesize12KB
MD57b39b6e76b48e2399baa81638d14d6cf
SHA151b443317cc09831597c497da5c40cf6a1fb483b
SHA256f8b11d462208ac00a517c4e0569be20fd8d9122c5302364eda7cb8a6a74a43de
SHA51252d6b53cffe195fb8d9297185d28957c536052c40e21dc35184df81777498d539cc254fa76d3d90ac812d0b722048303ea1c4a2e6e4a926277cec35ed4eaa852
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e-journal
Filesize12KB
MD5ccb059427cfe8d10aa133013d6a9cb37
SHA18dc4a2818d0f660166a93e711780835d4b234c8a
SHA256eacb5387e65953f93bf5b67f8c5a62f7c9d0e5ad3a62008bea4ccc1090433e14
SHA512c28674e19202a5ba76ef2b5e9b4e26393f2cbbf49a499151d573935273f5772f9a66e79513b9238ac49894f60175855791a8a207f97d8d95d8b4e6725dee2698
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize36KB
MD5f7b52de081d7c334901d73d828e979ff
SHA1f93aa6cf91bcd57462e3f026ab3065fec12a896b
SHA2565f9fbfd1b5918e4fbeb6475f226d451e77a64a50b2332f954bc36a505562ba8f
SHA512c0f3a5dfb1ef73a0ac5307c68704a321c96a9bec14169172d8adcc0b53cc9ed56f96f09000a97c31bb52dd4a467e771d6454220df64522019dfb284f4b08fa38
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize512B
MD5de8b719e2733fdeeb1f5bb2c14c10de6
SHA198c4935f69abe5edfadf7bef64acc12d1f247dad
SHA2560c4d6475fcf6723069adf6650a5190202089c47d50bea7c236b29138611d6542
SHA512feb100d17dd39315773ada3216c0258b9791410a5edee09cc4c02dad91bba1e7a418e8798fef2c072582b6d0ea693c325055354bb400fd5eebb25b880824d19e
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD5a58404717354e2b91c3fb90a9d6892d4
SHA108708d10974561d3d55ca7b9d6fa99b8f693891a
SHA2561e1fc6046546bc21db5272967440d333f4ba0bca10a995edb2c04cf26df37cbf
SHA512ea286d917ffff30eb700fbb8ae4748c1430de6028d19994d83eece61322da09de5053ea6662e10d0693b496a758c3c3fed6aa5da14f30552ed302d233d3fcd9d
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD5ae4253b229870ae253618a723bfa356f
SHA1f80ee25a2e7b8cfaf64002089b1bb90d0091f058
SHA256d0adfe5181b81ce6412a4211fc2b1b5c292939743205b6feb45001deb223a5d7
SHA512885e29a3184aebc392bd300654bf9a548530e1714f4ea21ede7026cdd275715814e0a26083800f842d788a78231c19b0e9a31f515e6a305ecfe09d75ce1a3b87
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD51d89fdac9aa2deca5374ac6dc3383374
SHA13b535d55098ae58c3a2d3b66ec9a27cd24326546
SHA256e8f0b0aad9b2097c558f36f9869c9b4b90ed0eabe1cb3d48fbd2d3e4b8d2b017
SHA5123c175576a5b7d272de91a7b26ea5821df056f5c872adbd53d740846ee7e868317874468e947b0a0be0e5c75af5031dcaaf03c2de511bf0ef32f6f82c10043f5b
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD51d4ff046854ccf31d4aaa28897e47cfb
SHA103fe67c9a378ee8e4064a699041f7bd7268722b4
SHA25669ffc4e0053fed31ea4167a35423ed02899594a5c0a6b642c72f6d3ec37dfc79
SHA512233b4e112a0d9c477ec78e703f601d331ffa9619c65a7b042278167a17c7ce756da3a848da4d41f06ff3ad3596e95326326b44bef494e762afd5d134e0e17d48
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/db_metrica_br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD5e2fa66ffffaeb82d45bda9dd33528a88
SHA1816e38d69538efe6721a6d45ae607d738f03a088
SHA256bc91a0adf5a47ee2a269fab5a3db69cb6bf90b5a3c16c8f3480b31348ecbe567
SHA512c5c1813fa55cf7b340f5b01ed74ecb044ad1da2bea37db7a23200e180f91ddb4d4495b3bfa38ca33a7e31a179445b0734033296da90a22bb25f095c3f1d8008a
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db
Filesize20KB
MD5a397e03f19ff76ae9e76eaed83c31382
SHA1e13d27ecef301914a3077d488028bb98cb5485a6
SHA256373f680e8681651a424e724d76d563664d2ac85aab4dfecda445a85af6176699
SHA5123d2dfb3d1715d14362e1165eac232ae957a386f73eda7ce34113b24b25e815f5166ab3b09ec6a50f58c9667e5349e6d32edb77b5e2fb326c128f5cd54b38234a
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db
Filesize20KB
MD53d0fbaa526255c4f6ca5150a78a1e431
SHA1151812571f00e034e070bc410c1811a06f1054c4
SHA256b28fed914e22977d19ccce0b14d60c943b30b5dabd79fc615ddf25228f4f527d
SHA5129e8c0f29cef1e4ea0562aeba83f60066e49ad0c7890d958bc7475cb03e5853a5ba442b76b1314f7cd8ad3e1c17a9fd1e1610dff02f9a8c3ebddf3958da9429c3
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db
Filesize20KB
MD5dcd5d5762cd9b1a4c03e3f00b87eec5a
SHA15720824b12740b93aa2ea7d209e41e68a102cfaa
SHA256fa7825cf750de26d8bb5f5a91bd529e80ade14d01781c4d48527b7d54d15ba55
SHA5126bbae8144662490fe3c22c301e8d22f9f538503fb3a85a7299f9cf154825ae419311b49f3f0338d3c360da58fcaf09d876c283d466c8fa3f788db093812d3ef1
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal
Filesize8KB
MD560209c4258728d23c871280764c42655
SHA1661b126c277e75371293a355e41e6986a002ca8b
SHA256b296c1353940a28a72b546c8c74fdf1c7e7230c1fffa042672108039bcd18cb1
SHA512525a5bb7b1734b95c01d218b9eaaa656b181e26eee601508db8eba91ae19fc721e9687a5350238aeb1c16a1e955f014807f745a25e2c0e0951f8b0a944b2cb8f
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal
Filesize8KB
MD50a4f809b8a66db16ff2d12d15e576821
SHA1c32e7240f7416c7a5c9401acdeb4793ffe83c5eb
SHA256b0540ff9ec266c7039d9819daf8993d3a8a56775cd3dc6e0ba7d75304b3e5856
SHA51208b45ab405f8726e617cdd7446a272915772778b2afa7c8c10be43706012f8008613966e6192637201a5de8b5666121c74524652a867dd151c2416ca903cd0eb
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal
Filesize12KB
MD5caadfdafe99df90155b7ddf4b3116fa0
SHA1d11e70494db87034c5c7b93c31771406a274ede2
SHA25686494a8081335f3a3f5a0a800b63bc91deccbe7999f1f1c7c43754ac2d82b91e
SHA512b5c3c48f5db637fecbf416c1f3f4fcaf737588c6151463e6ab56c0bd6041418f8315946c3b701fe5d72a5a7aff2736a1b55d66f4db201016107dc8a60b363882
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_client_data.db-journal
Filesize12KB
MD520c15cdaf64dfd2dce75227cea214bb1
SHA11b2f24715d79ea32cb43fcd6ffd6a9e5ce08bc4c
SHA256c48062ab648798956b219162e1acffc6c6c8f24336a1663a6bdfb6a9933ba41e
SHA51254566000bc29df9ea070ee23d9aa0f3b902c4e818d370b7d80b8f9ae00dab731a593e57a315065f269b6811eb95df2717add6fe6d041c9d32e67136a77d50dd2
-
Filesize
44KB
MD5875ce6412ae2f8a2903e74fce263385a
SHA1031163128d086c288c174f45d304f30535befd4a
SHA25605dbf43d5dc8bed14da1cc582a015e9460f809e67ac25976224caa9bc8ea3d9c
SHA512a4fd7b9fbb570122ded233e732a4b34d9bea1764ae0d267880c4c4c8feddcdeb45894440528a1a93995484c022ce8cb1404c90b8a9661419e744982f9887611b
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_data.db-journal
Filesize20KB
MD5516707266b7cdca78a5f11ad8f8d26b2
SHA15531b8941526dd2e5d9b4f3d7ccdbc2988ee7878
SHA2565649c832122334ceea18fcae95bfdedab4d920adfae705324b48757288bf16ce
SHA5121439419e32a27fa62fde9a5ee69c5905aec8a6757c4b8f48790dd5856801d664cffee69514a9110e81c59a715d8f654b03de6585c2e14a368be5d490e4538b16
-
/data/data/br.com.app.gpu2106988.gpu79a7d22621e70fca54183d905532514e/no_backup/metrica_data.db-journal
Filesize12KB
MD5c214789fce3d6bbfa37196e9387075f4
SHA15354b94350efc9effe909d09924e8e8a7a55fcb3
SHA25645cd804c3b3e36b93638bf17a1c6e1288522814e999d5f51dbdb8b5f7b516c08
SHA5124dec1efa8c5de754812192e3e76e3ab269d7b79fcd538329456feadaa26833a456030e0196212df05ea702a7435a482bf48c6122ef398971f7a322c97baf0b87