181c481d413988035e16c14a89376367a10be98d320167a2658a2db66056ed7a

Analysis

max time kernel
179s
max time network
160s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
22-05-2024 01:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

65865d3149fd4df49359fcac49dfde5f_JaffaCakes118.apk
Size

2.4MB
MD5

65865d3149fd4df49359fcac49dfde5f
SHA1

eedef61f6bc1cb48771e80d4f962b8ad4469567b
SHA256

181c481d413988035e16c14a89376367a10be98d320167a2658a2db66056ed7a
SHA512

3d507b88363bd4bac9eb8314231630afa0115b84d8eb6a76fecb7b75a03889dff2659876a2b462beee0265ab5de7007a540eacc710b734a9587601bcf43e48b1
SSDEEP

49152:Ud2ZpfP/+6plv5L7MuUWL/IF+g6Rf8+cHqyi1tqmx1sahZkLDGZYrYWom:Jb3/rplxCWx5bcd8t5xWIZkLD2Wom

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.ar.pedidosfree.restaurant.hornitopa:Metrica

ioc process

/system/app/Superuser.apk com.ar.pedidosfree.restaurant.hornitopa:Metrica
/sbin/su com.ar.pedidosfree.restaurant.hornitopa:Metrica

ioc	process
/system/app/Superuser.apk	com.ar.pedidosfree.restaurant.hornitopa:Metrica
/sbin/su	com.ar.pedidosfree.restaurant.hornitopa:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

com.ar.pedidosfree.restaurant.hornitopacom.ar.pedidosfree.restaurant.hornitopa:Metrica

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ar.pedidosfree.restaurant.hornitopa
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ar.pedidosfree.restaurant.hornitopa:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

Processes:

com.ar.pedidosfree.restaurant.hornitopacom.ar.pedidosfree.restaurant.hornitopa:Metrica

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ar.pedidosfree.restaurant.hornitopa
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ar.pedidosfree.restaurant.hornitopa:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.ar.pedidosfree.restaurant.hornitopa

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.ar.pedidosfree.restaurant.hornitopa
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.ar.pedidosfree.restaurant.hornitopa

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.ar.pedidosfree.restaurant.hornitopa
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.ar.pedidosfree.restaurant.hornitopa

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ar.pedidosfree.restaurant.hornitopa

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

Processes:

com.ar.pedidosfree.restaurant.hornitopacom.ar.pedidosfree.restaurant.hornitopa:Metrica

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.ar.pedidosfree.restaurant.hornitopa
Framework service call	android.app.job.IJobScheduler.schedule	com.ar.pedidosfree.restaurant.hornitopa:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.ar.pedidosfree.restaurant.hornitopa:Metricacom.ar.pedidosfree.restaurant.hornitopa

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.ar.pedidosfree.restaurant.hornitopa:Metrica
Framework API call	javax.crypto.Cipher.doFinal	com.ar.pedidosfree.restaurant.hornitopa

com.ar.pedidosfree.restaurant.hornitopa
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5200

com.ar.pedidosfree.restaurant.hornitopa:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5295

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ar.pedidosfree.restaurant.hornitopa/files/ZPkFS.log

Filesize
12KB

MD5
38e00ec9ca9199e675fd4fc6bf79307a

SHA1
e71ae73f65b0e42ca24f7d14b5247e50b385f259

SHA256
13e2c549c0313b442ab35a414f4ae2dc209787823c0630939efc6ed4e07f19b7

SHA512
fde8a7f8dc7f451fbe6cefb25afa05ac82e16f24149148dea39e0a9b8a3d41f7c619d2946acefe9801d3a48103e21b9507184f2a2264bc991eb8715e007ed1a6

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/credentials.dat

Filesize
233B

MD5
d240262c477cf6fdfae1b414b61a8852

SHA1
249b83c0eabf3e97757ea59db0bcd8042745cec4

SHA256
1ffa971dd5cb2e2fa7b5ece0fed780940457d06ce3a9531d75d1abbe89e21a17

SHA512
7a45dd8c8c53f029ae64bb7912d2b7eaf7994d7cd1a90d3b0c22a46546d1c99fd608498556b18979b7b6525fb5a350c05df62cf20b9c9c35ad7d8ca058620831

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa

Filesize
36KB

MD5
8b384fe52e41c20b4f728c68041989fe

SHA1
22e4880cc91ad7f323099c9b638a9a19dc28fa76

SHA256
e40710198ce8c349cf8975b555bf149a097f7ef82414b16a694213bea2ac5b55

SHA512
e8fab0c35c4adc52e7500f00189eccd36692d7b925e0be4296d5ee69f2169ecaf9053e8d8dfdbc8578c9e546b876c28b303b6054903bd346b74a310a7186e874

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-journal

Filesize
20KB

MD5
5b45cd90182cb3ae5fa1dd5847cdfdc9

SHA1
9fcc82d7bfbd79083d4a9179f83ac1efa2d1664c

SHA256
b61ac3abef952427dbbb9074a00157eb25e2e801fa92ffabb39518b891ef045b

SHA512
5063f9376cf0933c778a45f1d7d3a2a3f20c2fad32855612edbf63b962759a220f077b98e2f4467cb81c97e3ad40fcc5771a013c0cc87e83b283d4b25cda0c5d

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-journal

Filesize
8KB

MD5
99f05432cdc550ea2d94769bd5b78e79

SHA1
374529237c487b9a57f3d0054372126637456c77

SHA256
ec9ac07c4affdbcee4f2e5f1b256c8656581ef2670203e52bd166cf949139b86

SHA512
f167b9bcc98e3dcbc6cc7037c1f77ed7b849563f3e777a5801403f08fd349fc113fc33e1dfc86e14f9562765c141d456efbe2357cb893625aebef05cb1937960

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-journal

Filesize
8KB

MD5
520475e37fc794794d9ba3340037b808

SHA1
8adab32686329803a7b2a0a72b62b43749e58dbb

SHA256
a154cd6d24c4ab51b630d024fd02152942839ebbc3d88146dff657cdae48e02d

SHA512
ecd3af007f471718b283371130f2c659192d4dbb1c3ee456a8acfdfa8f12b608f285717a44c39067b36d36db3cbaf1b455e72fed1e17b7c55f0024c27d64e2f3

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-journal

Filesize
12KB

MD5
607a788fb7eefdad00b64f5354548ff3

SHA1
19cfa55f9e9f6ca653e3cd263036615a195261f1

SHA256
588279464e5b35bb9f32ae8716d556af1347a68192e73cfaba9607eeb32d9525

SHA512
c593d9ea2432e7cd60f88a2c098708b5d032a2d6a6b83fdb69ab44244f359a70c0f3bf0a6c096941574e3b5ca640c5671bb12ae70f738eff52c23b5083d0a016

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-journal

Filesize
12KB

MD5
26bff9873f6d516263fb9ba49152b32a

SHA1
949f910d3c26550f754246491ad200ddc130d8e9

SHA256
e191d081de9e8349286a2fb5ecc03bc1cba85f08d4268b93dcec45bf8b8b5dab

SHA512
be0c918c9724cec3056521c3935f1d86d8a04959c93fe1d0be590901107d0ce9ab8e0c81c74a6e2e46eddcbe2564655eaebf25887b96f12df30deebfcf389ece

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-journal

Filesize
12KB

MD5
dbb156cdcb6dca5ba10fe0b3637abf7c

SHA1
d70e4b8ddd396ba7318d2557896a03870d872695

SHA256
368bed84677032f6ce4fe21a0a7a3906b0f53ef8c4939f262cee1f691dbfc47b

SHA512
872d2c8646c9c99f63bf4076202d7863719f63e83a9f1eee976b2e1e96b25f5e3f5b7ee2fa74148ec8027e24acba9038a36d95fcbe5814255422a6afe091518c

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
5189f012df4a9e7fcb85c79a0ff9f378

SHA1
a6bbc597093ac9cde547a3830c81cb18b7ff20f0

SHA256
bc316e858d1ed174fcc8e3a0ad61ace8972c56be3167fa17395c6fa1dfee60e3

SHA512
f2d41a3cb50a5c1762eba806a3e07b56157650d2ebe49c060e401aaa00555ef98fb6f1a15b7ce295d91bd50494d0950195a657e7eed7e92c00ceebcc928f17da

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
1baf991205dfe2eb759418cdaa857553

SHA1
aa8676c7bcdc95136b1fdb989e341b6d155cc347

SHA256
1ce2472a2f4adb949424491dc500eb17a9743589374933fd69c15253f386c821

SHA512
8f33106344fe505c6e99eb1980b5035a2c8d96c866eeb405c1cc27d319492cea32e64e5ed2106647ca8cd0c7b29f8f06b345ae4aa9ca4dbf038fe53317c246f3

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
44fdc085898b02e5186eeed2a0cbd697

SHA1
478bdb11b594d82c3937ec0578052654ad04666d

SHA256
18ea916f07a399993c941662cc9755de3531e0b0a366f0fb99f70805414cbe2c

SHA512
10e5e131924217b1e5ac26e687a518e29a8a096230e38953b13960711ee2c5de6413b9c55adb4328a36bb3ec47a46c04645913c8629c7937823f0afe682f242c

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
8cb2b0f23b5232b4a98f02c32500921b

SHA1
c44259f39e1842a9dc50344b083818d9121cafd6

SHA256
68b6e9a7341f5e3070ce8234589cd58a4d92b4b0c4c9f796c8212d5dd5ac0f70

SHA512
3164c745b1faaf6d06c87f0d522be23b5b2e6696764e39e4d359c94e9150db69407d3ac96d1d1871d3837253b83e4df4cf924550ff1b9706eb0186868a4332e1

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
7a26c4059bbbb96d07a28dc1beff293c

SHA1
be7a1a2641ecfd00cec7635f064fe81a1b6534d9

SHA256
3cb4c908d05533294a80091d58f6aba54b894c3e9e0d7a9167129885161987a5

SHA512
6c79533f204abd97ffdc356adcd6e33218370f255ec6ece5d8497d7c007a5a68126fcd857861ed54c25cc689b0fe412ec461055565f973f4c02accc78102f53e

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
264bf557961acd5e81b0eb1730457a45

SHA1
8b7887452e55b8b4b229cdf603a5f389ff69b734

SHA256
1881e8fa23ace922f2bb04b168ab0dffccf4a3c276476f092ebe23b67def2b6f

SHA512
9071b3ce6d49da309ca3a8cd5753e2341cc291a50a3dee090037e3f2bafc1c30a65b984447ade455afb85ee966aa2cc9ed9d856d392a64d77d890a444a13a869

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
718beda5ec2c67c024367c7bead62c40

SHA1
eece995b59f6de6622f7cf41ae5f6578949f5caa

SHA256
06d402a4f1fc4fb4a75cc8dedaedc16e5949b6582ea54d52821ca57eab392b38

SHA512
4ca18acc035f9fdccdc27de6311479a26b552262d655f37a0d3fe35454f89f3bfbaafe329a5581d6b94623095f6c9e8ffefa007341cd0559c6acb960f627be8f

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db

Filesize
20KB

MD5
f4abb3d804c6facf0ed8515d2ccbfdd7

SHA1
bb53cc7165fcce0f47b3eda0836236c5798d2a7b

SHA256
316aa4db1605411bf5bf475fd9ce0925b79a12783c243dd9cd57c5e082077f6a

SHA512
6b0b62d38e10760be2a0f17d8eb9ff1f514887349d4513b8f83bd30fd166be95d84fc5d9a235b690d65ad312316c3b613893e217f6727af29b328d446805ce9d

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db

Filesize
20KB

MD5
484df068dc370197c0e37af4f433f772

SHA1
5d071329bf5182e60b2d268adca542901d492001

SHA256
3ebaaa9fc7a9245b413f62f91d9e689d468456dd4b6ce2408bcd2003cbdbfbd0

SHA512
587e7b68f2c167d39dd50744f2892a461a67cb073e8cf9f6eb2ab752e07841440dbe212af32958248d15af5d4001e7fa12f86cad62578ef31999355a86c3b0b5

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db

Filesize
20KB

MD5
ea9c2dc01d788f2ed7ad6a455e32335a

SHA1
3da6ee06226734e9a402c3ef2b542af3b509b6af

SHA256
ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7

SHA512
5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
9f25c2039a59bdf65fe80780e43844dc

SHA1
d4a8d96444523bfe96f7e8a3fca3877d142e67b8

SHA256
9a8575d855db63e3f7857eca1b5d1592301402a6f09e4239e46f63376a7cd63c

SHA512
e7a030f080dbe6eb80770a4511dd319863b86c7035cd7a469e020687ab1374f3b03d1c15dfdc6d9171362ccc50da164aeb4ca8855cd685d4843f333340518769

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
9107a90d8791b4d99208856d3347327e

SHA1
b803ba87f6b7cb407434d7294b7bf3b6dbb96590

SHA256
472262fff4638510fd441e369b4e9b8bb046cf39fb5799f12de88d3a593d2040

SHA512
47517daa43826c0eb7cf99174663e810e5c7970e3f0e3129aa3c8d9bd974cbb7a1feba808a65a63a219c5b30e110eda0d73b0aa7e75e5577d499ec5b4156614d

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
3a4892693e1293a742a4a9dfb7477442

SHA1
d41addb90fca194ea12e7ba0f8034507ee1cd6f6

SHA256
a8e427436f04c6518c9e32f5b4d8f25b8f717f33a16d8ce1fadbb45276f9ca65

SHA512
0dcd784b71b77999683b7d8f9a0428a011759352a8aa7f41250b1adf0905457c703fb53f94bfe46605ca1d600c1712904201f04e19a752fe7fa8159096eed510

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
b5716bdb38cad42a7c54736c43fc5ef3

SHA1
b40e33d83d99b434b4d655dfb36de3cde34872d3

SHA256
eaaf616f2e3ecb19015ba62b47c55c963d65c36a42f5d1c6b1566d20b3651c95

SHA512
eca0c9608d0b553fda88c4cc9a464bb7f435dd224c4717c53b8cae0a33001dacb59f56ce17fedfa5b75b92bfd02091580191471ef2403dd7cdab226e589be8d7

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
c5dfd172cca9ab06d2283a9ad7da426d

SHA1
628bd5c648bbf1ef6254cb2f3186ea1f5710be5c

SHA256
a9163ebc15ff297cd909ad001d74f2001f9b8b0722b7c11adae083d2bd4ceba4

SHA512
069b9e3480e4c50afac6ead98a30ac0fca91842de2f6de0a87b72c9280fd0be5e377f875979a81081aa9a0abf983a00e643dc08bc0f34f6daa481e9ea1273902

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_data.db

Filesize
44KB

MD5
5a2f276972129387f48bd4fc44d1b057

SHA1
fbedbffbbe1874887dd8b8de9d7b603beb332db3

SHA256
4f6fc3c4d09dde7e857294ebd479a8823118de3a0dabca5e133a468ba5a28985

SHA512
d8e585fe419db03fdbb8fff7fa6e320d39f86b208911e24743acf7632a790cd9ef48e5d3c9d47820a8108b8453f9ae04227a557f7e57058149e957c7e222641e

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_data.db-journal

Filesize
12KB

MD5
bd999c9739d5b682da70a34dd8469115

SHA1
289ae2db669320ef521cc5f3d82693e4924f7312

SHA256
a8c08ea7a57a648b1a9d58d2715ac0e1824a080d0c6308832d18ecf87f0c365d

SHA512
808d8a0fad4f7b3f3e78d3369e0969677d3dda6525b157fa2ca6c8c8c35b33bcc363cb079228e1f9c11961d24ecff9f0a71ad7a252a586fbb1e060c1e8fc5a97

Download Submit