Overview

overview

8

Static

static

6

67b3d01b5e...18.apk

android-9-x86

8

67b3d01b5e...18.apk

android-10-x64

8

Analysis

  • max time kernel
    179s
  • max time network
    158s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    22-05-2024 15:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    67b3d01b5e7c2a3c59b704722b7cf59a_JaffaCakes118.apk

  • Size

    3.9MB

  • MD5

    67b3d01b5e7c2a3c59b704722b7cf59a

  • SHA1

    fc28f8e5e4ad060ae3536ec2f47b8a03a73f21b5

  • SHA256

    d4cfda3c6e48d9395ab6b28a1235b878f1f294a9d7f5ec8a0ee6ae80096919de

  • SHA512

    4fb55e0fc13db8c82dad9ed8fa0379415fc0f72b9a156b056e4a28918823af62353120fe0bfea55f65c95ed290bf56dcc56149f2e9f28dbbab5f5d67397af8e8

  • SSDEEP

    98304:Nz4y3gNNt+/NeJkPj+XhyTNshojq6w0YcpNt5gK4V:NngNPOeJkPSXwNsyjXwZm5O

Score
8/10
discoveryevasionexecutionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • com.feastle.aus.takeaway.app.tfm
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4319
  • com.feastle.aus.takeaway.app.tfm:Metrica
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4363

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/credentials.dat
    Filesize

    233B

    MD5

    7ed3212225b461f0a6de664130e6c9df

    SHA1

    0115de715a2510b03c041053aae820ff895b657f

    SHA256

    6ac637268f1297b5dfec17cf7cdd38d7ba402f373ee6ccf04ba9a2f6c1c5a0fd

    SHA512

    aa2d5cf1c84816c1d9d45f1bf50b109304e23260923ca9d2ba80aaa3024c74dd885ecd0069709b4c1de42956b0ac9bcb61269f3d924da4d58e7d21c49c218edd

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm
    Filesize

    36KB

    MD5

    a93ea84974c8a6a1a1a4bd276c9e0e1a

    SHA1

    7dcb3c34808554189d493d04a159c67444153b53

    SHA256

    27eb37b90334c09bd9ce701c5fed566b03a1f1c1fa829720a069e8696fcb94ca

    SHA512

    22de49cc54b6776f3c8f12d9fa686487751ce068f4a4404a9e1853861ac0e46507a9edc28f933b07f800d4f706cdc7cb270fdaba9197faf4ddb934063badc885

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm-journal
    Filesize

    8KB

    MD5

    576794861eae37d45e58246b9fec768b

    SHA1

    1bee1a84bf6a7ca6cc937a5a92ddbb21bfcf34e6

    SHA256

    0ed4c9b07e66f47deed5197d9806ce6b4121541a5407462342b47c3c4c064942

    SHA512

    4707b205c48658a77d3772a06c5bcee6ed14c5a7badd439f6a8870bc96b9550a96762283e68c5eed92a5ad073ca2ab50697c221c1484311b3d4549f4b8557989

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm-shm
    Filesize

    32KB

    MD5

    799deb6f47bfb59e65b13d7790878291

    SHA1

    18e087ff0ed4b97e02a2daadf29f868f7b75698b

    SHA256

    a2f0a77941cc34157e39268c7d69ec862e6fd8929c7596212839acb3e4ca477b

    SHA512

    57631fe1d8137ea17a1d584170974b70242fe7c3ce9ab996c1df0358899f5c3f9934eae972ebf1b766826fc7542c597783ef3d46f1ec2caf3ae76219d75502ee

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm-wal
    Filesize

    406KB

    MD5

    ed1d3e587f1f704ae9c70067379f31ef

    SHA1

    820cf78a863597e33dfb5c4ac249fcff5cc4acd1

    SHA256

    420f427a2fbcb26573d013f40f469d590a036422f40cd9fc233e014106de1120

    SHA512

    cf84ca403f014f9b30d5f592525283a155d61962532a57c87337e3ae9458abf6a25f90fc7c4e154789f9398423fa5414333723d7cb5873ac78a2b4d8679e7459

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180
    Filesize

    20KB

    MD5

    b73f9b24798712294835156d19ace30c

    SHA1

    79b35495204a42ca5170e37fc3b66577fd647a9a

    SHA256

    e6ec012f472d58f342380f88a8e5107d6d35942a464d6b7764ec5170db9a7096

    SHA512

    c0cd7f3210f83a6b7d723043ec753e414cf746506817274f1ab7aff5d2aaf428176f813a58ccca580a2061ec23e0087fb08ff4344fc4bcba427e916bf7fb753b

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180-journal
    Filesize

    512B

    MD5

    fcae3b1be487026ad02b05c1f5b9af0a

    SHA1

    28ac8d08892984fec9607701b3ccb8bd68f0d544

    SHA256

    ecf2fb1648935a7f01930c1d1be7bf793b41b8b3caee3d72fd4f52afa2e972fb

    SHA512

    7f8f89e8bcd474fb90b54a044385d3034b2ccde032bfd654b45c631aefd1a7aca894eb0f9300d3ebba713cf1c763918df8789d6b1a95d44443eae59538a39227

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180-wal
    Filesize

    156KB

    MD5

    f02a21515a42d322bb94e9db981171d1

    SHA1

    d73131d4f1c60770e8323d29bdb025c7f1155036

    SHA256

    76c879e385d3d64970f4cf715a2ddd7a73b0576d6b3b33c3e0ddf5e019361fde

    SHA512

    c077bde1ead236dbae1059a15b7e7a8041a218d0398abc21a114436f3fbc9400c33eed5238dbcf3c06306b926ed02ff6a55e8c66d134a16985705bd5514eb110

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    848b139e1186d82f4f00243fb643df17

    SHA1

    7f4696c951ed98cdc134c66a3c24b83adc44fca9

    SHA256

    b463e7f36bdc8e7ea32d9604b49b7fcdc114105aaa2f9ee062ede730a5e42492

    SHA512

    c14cd357109da79770c2d534822d2aa9ce7447bc00c68f3109d8d68024e0b0b5774725d28fd8a35190611f5d522009adfd49900ddf0d5f464ef1432ed58d20dd

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    68fa60bcb9d3f828ee31db4360c5e4bf

    SHA1

    457634e5b2c2391dbe6a0c8ed62492664c33fd6e

    SHA256

    23da3712676a59408d40f6fab75c96923f235b1f9f39fea8573a7a81ab8ea248

    SHA512

    b96b5809c840a48be23e7b0cab5581f8547de33fb87f35307dfe9d1efd0193c9766e6aed7c957fc2376cfd331d985bc0e78aeab8abe50a637ee17791ead28b05

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    44def4f6e42c3ec63f229d23af8c804a

    SHA1

    f5956d9295778b539bced03215343fd3cf7a9dd8

    SHA256

    882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a

    SHA512

    a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db
    Filesize

    20KB

    MD5

    6fd2dbfc4521680a79d20d3f1a60d06c

    SHA1

    8705090bdeec989a92818b21bdb4597e3b89e13a

    SHA256

    77e455788d248d07e2da761633aa17e2e6e30deb10f87ed68841e65b5c16261a

    SHA512

    76f7dc8288e4ee7411219b7b6422df2f23d5df7b3fb8027ca151d35ab0257e3904adad52f13828973b1d68a8a12135f7702faddee77cacb1345fa6c0faa38dca

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-journal
    Filesize

    406KB

    MD5

    b209a4f694fda0843a0f05fa3462e4a5

    SHA1

    dec568b95c53d8c1b82fbe233b1cf58f93c7ab06

    SHA256

    15c1b5065df031ecac6863e760ca105c2bce913caaf9e751b137a98e87ca458b

    SHA512

    c602077f082e70044bba7d2c35b32bf160f88df92d9029a772971c6206a28c735908ea71b61cd960e8f268ab1685934bc3bd3d6b514ab346b1182db9654a765b

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-wal
    Filesize

    32KB

    MD5

    c958dc68d22b35f5168bb1b6a87aa748

    SHA1

    043b9d7e299433a0615da6478b7064094479d4a1

    SHA256

    b9b38fd183c99dbf93d0f94fca7586ae5eaf950a6b642a64d822da88cfc39c64

    SHA512

    ca6c5f543d338dcf7733e8a6d35fbf72447fd748bec62e9f689eb72070aea5fcf1165e3eaaf87372b916a3ca4df001a95ca434c28997abd6bbc3e3ebfbca149c

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-wal
    Filesize

    8KB

    MD5

    0c1346747edbd00fd5253b6f40cc71b4

    SHA1

    75f6962e1f13da0c51580d7af1ad9f84a3142d68

    SHA256

    993518d3202863eff97a6e93a116d0555a2da3a1e8681cffc00abf797ad0a99c

    SHA512

    dc17e37a746e1125bd93789557960e9dad47127de939c53de242739436a78e0575e142f9ce52b4e5915845140cd610d73d5af2a9ed285284e8eab1fbc96b01c5

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-wal
    Filesize

    32KB

    MD5

    719893bd247c51e26874e85b53251560

    SHA1

    029cfb63dedf1bb1c1bbb896ca2bb2f02507b33b

    SHA256

    d581500e2b69f9678c13d8cd954ecf08d5e791d4ce42767d861e2cc7e73a7ed4

    SHA512

    d579fbe2256c82fd7beda4807beb22aab86e58a3f5f203874aaeccfc6c70c53bda921d2b4ce2851cfbcab5bbda63428a60259418a751b9c8c1e1b17b3b97f129

    Download Submit
  • /data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_data.db
    Filesize

    44KB

    MD5

    70bf5de759efeee0465600f1ae657e39

    SHA1

    1f5365b9fa47f92ac702504cfe146a22c74046c0

    SHA256

    946991399b609a310a96054e25e1e590befff884c2242bb81ba0b051cddabe8e

    SHA512

    2bae1123aae1c83d0962850dbf57eada9f31edb1ac2cfeba9e29ce6aba66967e8fbf7211c957b2eb4c4f8f0e954b1e84b0dbcfa62e993f7395a8134d7b9ab13c

    Download Submit