Overview

overview

8

Static

static

6

63df8a1b60...18.apk

android-9-x86

8

63df8a1b60...18.apk

android-10-x64

1

63df8a1b60...18.apk

android-11-x64

8

Analysis

  • max time kernel
    179s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    21-05-2024 15:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    63df8a1b60d13264c0dbb3a7bb7dd33c_JaffaCakes118.apk

  • Size

    2.4MB

  • MD5

    63df8a1b60d13264c0dbb3a7bb7dd33c

  • SHA1

    1c525971e2e66731a9402b4aa1252ca52be041b1

  • SHA256

    64c0a43eb56ef1293944aecc21da3fc94e12d78f5560ac3cc069b2849da1e80c

  • SHA512

    7ac64cd5f1ec38055d51cb3a537fcaeb24bcbf2945dd753096d951199eb39f6d261adefaac880f44929c85c56e307ac7b0d153401d6fbd35bf6970d6babb3a7a

  • SSDEEP

    49152:Ud2ZpfP/+6plv5L7MuUWL/IF+g6Rf8+cHqyi1tqmx1sahZkLDGZYrYWo+:Jb3/rplxCWx5bcd8t5xWIZkLD2Wo+

Score
8/10
discoveryevasionexecutionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • com.ar.pedidosfree.restaurant.hornitopa
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4254
  • com.ar.pedidosfree.restaurant.hornitopa:Metrica
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4289

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/credentials.dat
    Filesize

    233B

    MD5

    33dea0f6bc32507ca53c5056418aadec

    SHA1

    7d75518a1c92dd4d64687e0e248d6faef4b2952e

    SHA256

    c439430dbf1205291ab355be27dd487f5b51fa03c1a34d43c0acf3bf13147bed

    SHA512

    005ab4ccbabfb2b4f37141d8ac5deaeccec0f414112c8c06677d508208b79f047489df880456e158904ab12445bec4937826b963133cfecc0be7803a806d5e57

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa
    Filesize

    36KB

    MD5

    bbeb317b1cdadc3044b1e625e6b70303

    SHA1

    928b4ad8932f231d512e0284361686e7a1281b79

    SHA256

    0cfbf6708cc8d4ff0935e601abbb845509851e28e09aa6882ef898a0b70c64e2

    SHA512

    d1f4932695bf08b79bd30418a1799269446bf26c5dc657f4a22e0b781b8540a3965a481a7e9a99a753a9881bdf4417260313f45958cb80a987112e873f606d39

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-journal
    Filesize

    8KB

    MD5

    06402fbec5f863c8dd320d9122a71828

    SHA1

    8e416699299cb31067ec87e0ce4abadc03869072

    SHA256

    781b7b6cf104e0086e87ca2b9b06301df39be1f568ab88f1a0841d1a46429d6c

    SHA512

    6c280b9de95d61ae05c0d3f58f38049520e2dd0a6a0a4a5931cf0b3eb5dc45fc156f90e255f2564baa86f001d8ce5ba6d4eaf50c5a0cbb215adeff74371151aa

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-shm
    Filesize

    32KB

    MD5

    92ab7eb1372275829d24cd1bcfbb87a8

    SHA1

    2b82c1a6c55a8a283def734303ca06ec2b53746e

    SHA256

    8d632de4e192aa0cc9d788d15a101c74864c5217bd1b533f66b35222d4709225

    SHA512

    40ff16f0d566830074f1c04fa4e9adc513a1e285f8da96e3e777d338628cf2b95edab732a2175a170cc9aff6419d65632920f9b3264efddd72c1af21c93d90cb

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-wal
    Filesize

    406KB

    MD5

    3492d4746e5cc6bc9dfc608affa16378

    SHA1

    845c262fa9afaa41c7b682fc436586266b533373

    SHA256

    ae43814a6e6ca340dd52aa5bb8cd5788bfb5e723c6c8658a8e3b2f1ccd07982b

    SHA512

    5c827e57a8f081d50a0e7881ae49b4aa20fdd67b4f93daadf04e47ebaf1d864df74c02730d0e0bdb0bef83c9ae5f145fdc0d7fd600dcd882c634b006e735f1dd

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180
    Filesize

    4KB

    MD5

    9773252df405a1d4c608e2e287d355df

    SHA1

    d95b383558f402aa4ad82cf978d6bd5c0298cd8e

    SHA256

    96fc1dbc4fc4ee52f403cee37efc688a780886c0a6465ed9e0ac7372f6e62a30

    SHA512

    661855c33890204746727a773f00f618e3fc2ef1170c1b58bd6ce9d441d01e01d7b3169532095ed3f12dd5e1baeac58b612d8dda173797bf6a7a7705740f5bf6

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-journal
    Filesize

    512B

    MD5

    e2f016893acea4205657b6b33ad20ed2

    SHA1

    01dfa31706cd463f04b35bc2d77a2e98496ef6ba

    SHA256

    d5464b91d12f7614eee2881029f6d092b46e782644d98c66b73c2143f452958e

    SHA512

    5cdb18da1b85654aeb4dc13cb84440c2ab82014f0887c5881624eaaa6d0573fd51136ac90b8ceb5a628b098a72850f1c483fef3e43d1b3f66607a5db26e7da9c

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-wal
    Filesize

    156KB

    MD5

    29bf406103d2fa0e60bf2c57b49fa028

    SHA1

    49e2eb0692912ca91af241ae17f00b615ad043d9

    SHA256

    7c87464cfefd29e02e511e89c4ae64157a14ad5fc0870f7fde5e377df8f3a728

    SHA512

    140c01f8f4d1818bab2cfe3bc13192b0cc4218287fa980b348daebf8659638ec7ff1ba63a588dca6a62c59839165a50ac5273023a281f3cf72c7fca01bed5127

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    f6c85ffb6bdca3aa537fe8a3f7d42440

    SHA1

    49737731c8d06e85fb1dddb9c370d3c9929dceb6

    SHA256

    96d83e96c6e02fe07025d4dd3f252fda7ae2151aaf5b2d42256511341405aa28

    SHA512

    250ff4d4e17bbe2f39be25a11ab8ad465325ea89b8d8175664ea2417d2e78a9d37e5aaf4abad9304771eb3db9d3ccd36643e1056e1c82d80588d22d48819e228

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    552b5ae289874060880c127d4c0ccba4

    SHA1

    25a61ec55f3c518fdd122f0797df2d80fcb5c728

    SHA256

    fdc001ef67b992461080a194b721b2c095ba11341f93c992008a18aebd52a1b2

    SHA512

    1606937f1a0f467b29d17135834fcd6ad52881b4dc9431268d1bec0cd809bbd9850d6f785acac083b3b564948505673210bc303e723c2bc69ef07337835c2347

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    44def4f6e42c3ec63f229d23af8c804a

    SHA1

    f5956d9295778b539bced03215343fd3cf7a9dd8

    SHA256

    882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a

    SHA512

    a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    fe86195f361a140245fed1b9605a74ed

    SHA1

    98d6015a2008c263edf2b568cc8856ff5181b1ce

    SHA256

    9091afa0d9a314909f988f4b65fce08e470fb7d8d4a83a100b2c60be35f5ae07

    SHA512

    c9fabf1161dd3f12441c1aa529d7a1dc35a1f89d03cb65d843178fad3cd596c499087bf1d86847fe6f758c7ea382db66a8ad48b36229cccb6741fca7caa58d71

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-journal
    Filesize

    406KB

    MD5

    7f09c97f3eb24b22f8d20e1cc105d1ff

    SHA1

    babcf2c03159ebf5024d90473d21587a29d17a67

    SHA256

    11d0889403cb0ad445994b591cab0a1ef45f674b211ddf56cec08337e08e5efb

    SHA512

    a9d2da3f2e43fd82a8b8eaed3b29e7841e44ffd1bf5274ba50fae2d2842a131405137efc05662284d201a77a1cde6e8b937174670b452e416c4dc5d34303bf5a

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-wal
    Filesize

    32KB

    MD5

    2bf3e67482c7a731a62d330076ae5cc7

    SHA1

    a3a6f24160182ad620453674deafd7f6dee6a697

    SHA256

    debc98b586d15966e389541ae969ad38b1276eab9ac076b2146c8a8c2f476474

    SHA512

    e2568de11147a2e8f481c6a05f887e84ddd8c0258a3e870396d2740820a7942243129694a7a67f49bde81db9c16ffa13d4828f1cf6c27c675231b9f793e10372

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-wal
    Filesize

    8KB

    MD5

    adee3561171e4151d4e37bd803e7d104

    SHA1

    773a4f19e65a4e35e5ce4d5d1691678ab150ec23

    SHA256

    75a0c1bdf11363e31cefe265039660eb42fe1b8a17b1e31da2c4acd85c459a16

    SHA512

    63892c1d6f6d66aee84fbf6ad1bd73017fce126bda6ebf9b04ad54ce51036a4810f1e9ff4e59a3ff78320d413a06036de4af32bcb369510781737e964f27da5e

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-wal
    Filesize

    32KB

    MD5

    31c1d76ffd2bf81e668fdb5991e84177

    SHA1

    c1c4a0486a59639fac21593cf11a4317aef6c512

    SHA256

    1318a168685c8ad521d8016e823dd9b609ed55fc3fe55840d264b18dadfeb244

    SHA512

    3c45d7c2c1c9923ba048e997b4ba1b86439ceb3b7bf643b574a82bd41dba3f5dad8c8a9534ba7edb10479b105065e2f5cc4cffb83dc1d8f48c83a1055bdb6a19

    Download Submit

  • /data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_data.db
    Filesize

    44KB

    MD5

    b6f87bc69d3a212af7189794ca06f07d

    SHA1

    3b679970f30b3241e27c61884f8e85a4880fc5c6

    SHA256

    6b6bad1d2d1ee5f7972504e8043c32818346ba2c1299e4150ca243328241aa73

    SHA512

    2174763853c15fa88278ae327a756792d0d60cb570949386e06af072c0a2ed99cafb6249600b63f7fda5a40aca01b4f7006101fa4ba30bf83edae0a1a50d6c54

    Download Submit