d4cfda3c6e48d9395ab6b28a1235b878f1f294a9d7f5ec8a0ee6ae80096919de

Analysis

max time kernel
178s
max time network
156s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
22-05-2024 15:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

67b3d01b5e7c2a3c59b704722b7cf59a_JaffaCakes118.apk
Size

3.9MB
MD5

67b3d01b5e7c2a3c59b704722b7cf59a
SHA1

fc28f8e5e4ad060ae3536ec2f47b8a03a73f21b5
SHA256

d4cfda3c6e48d9395ab6b28a1235b878f1f294a9d7f5ec8a0ee6ae80096919de
SHA512

4fb55e0fc13db8c82dad9ed8fa0379415fc0f72b9a156b056e4a28918823af62353120fe0bfea55f65c95ed290bf56dcc56149f2e9f28dbbab5f5d67397af8e8
SSDEEP

98304:Nz4y3gNNt+/NeJkPj+XhyTNshojq6w0YcpNt5gK4V:NngNPOeJkPSXwNsyjXwZm5O

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.feastle.aus.takeaway.app.tfm:Metrica

ioc process

/system/app/Superuser.apk com.feastle.aus.takeaway.app.tfm:Metrica
/sbin/su com.feastle.aus.takeaway.app.tfm:Metrica

ioc	process
/system/app/Superuser.apk	com.feastle.aus.takeaway.app.tfm:Metrica
/sbin/su	com.feastle.aus.takeaway.app.tfm:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.feastle.aus.takeaway.app.tfmcom.feastle.aus.takeaway.app.tfm:Metrica

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.feastle.aus.takeaway.app.tfm
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.feastle.aus.takeaway.app.tfm:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

com.feastle.aus.takeaway.app.tfmcom.feastle.aus.takeaway.app.tfm:Metrica

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.feastle.aus.takeaway.app.tfm
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.feastle.aus.takeaway.app.tfm:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.feastle.aus.takeaway.app.tfm

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.feastle.aus.takeaway.app.tfm
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.feastle.aus.takeaway.app.tfm

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.feastle.aus.takeaway.app.tfm
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.feastle.aus.takeaway.app.tfm

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.feastle.aus.takeaway.app.tfm

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

T1603

Processes:

com.feastle.aus.takeaway.app.tfmcom.feastle.aus.takeaway.app.tfm:Metrica

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.feastle.aus.takeaway.app.tfm
Framework service call	android.app.job.IJobScheduler.schedule	com.feastle.aus.takeaway.app.tfm:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.feastle.aus.takeaway.app.tfmcom.feastle.aus.takeaway.app.tfm:Metrica

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.feastle.aus.takeaway.app.tfm
Framework API call	javax.crypto.Cipher.doFinal	com.feastle.aus.takeaway.app.tfm:Metrica

com.feastle.aus.takeaway.app.tfm
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5114

com.feastle.aus.takeaway.app.tfm:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5217

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.feastle.aus.takeaway.app.tfm/files/ZPkFS.log
Filesize
12KB

MD5
a2c55861127f49eadd2d78edf8b76264

SHA1
3cdbe1aafc8e19a1b5e28fcb5e284b4e170e2f12

SHA256
3236bbe09f1a610bbe697ed9f669fedc84d9e1203a230434b3ee806ec63f8d09

SHA512
ab99cfe66a681de17078b388f59a01280dca71c2b1bd8b6d4a786bba74b4f71cd3f7dfab4744a8ea85fda7a395cb2a5b30e02fdba5ce451112317a7c608f6072

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/credentials.dat
Filesize
233B

MD5
79915524eb2e2c1b1fadea90efafbadc

SHA1
14562b473adf086c4e635eb0a27abcfbb626a2af

SHA256
8d83825a2178914c6649f3d98cf4f72fd41c4a014558bf428944566c3efebbf1

SHA512
98a8e07cd968a0bd73e15b205328cd22bb023e618e9416c6abb29a795dd10ee30180519a86ab54998b9781120a46e4ba987bf6cea026cc6bb8366f58cf574811

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm
Filesize
36KB

MD5
772c4172565a4ab833da3f03dbc000e6

SHA1
631125c8a4b65a60aa7397149bbe356730ea13f9

SHA256
23552dfe5bb6efd0c0ff61e4ed8a6cd0f1121f4aa7627c42f2f66cd08478088d

SHA512
83019df88cfdc3c1b5e419cd8ccafb73325fe120f4b2843015c7e83431411ab6b89f941b4f58de4a34e481f9777c934e80fa590578ae9ef7b4ebfc5c2ce721ea

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm-journal
Filesize
512B

MD5
ab5c78f29fb1eb3e3052e6ec2b9f3e49

SHA1
331c5fa64dcfd73719930f49b6f60d964b070061

SHA256
7a8cb02d3b780da560fc45cc4fc945114d2a766f6eeb37930236c2f32a0ccccb

SHA512
88a60de3e780167fd1866d3b1d03fc2deb0ef1d03b25b13fabfb5ff5c80692479060a6ab7d20e0591c03452588d0d6e589715557ecef4bcbb143ebf4353916ab

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm-journal
Filesize
8KB

MD5
0ea82f393a18a6e4d70d039be42de5dd

SHA1
c908a98662e2a27587e905b5ed7d3bc1070b6084

SHA256
bd7adb6bbe7fdd3cfe917514e3aa1c7b2ac2cd7b0e3b94ee3439380c28ad617a

SHA512
dc0a78bf8bfb0a7e8d85e1d4d904e4dd91dd8421a945557b2c27035c637d65036ae1b9de778b50f57e213c1f8d8f7d73fe2d9fc20790d83d49d4ed35ba8fd7e2

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm-journal
Filesize
20KB

MD5
4d22bcd6ad7c56afe331a11c619cbc87

SHA1
5116f50c253459ca1d7ddc3772fde00d571eeb2a

SHA256
6fd8c0ecb60db4413619d10122ad361333514b2aa498a187bf6357b10fd70958

SHA512
e7b27780b496e910ad13e2df9e72edf22bef4476c9551dc551bdb25f72b7cc6fd766a62e3a527e2eeec41e6dcdefc6cbfdb847ff8d25d41082b9d5d45f721caf

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm-journal
Filesize
20KB

MD5
5f253f77163db34af66a9ee7640e0f12

SHA1
267e3ae4251c240149a61a4885f54808e48f5137

SHA256
cc86f125d891bceff38e35809881db83859a9fcda7e354fc1df1e2118a4bcd81

SHA512
da28ab61891c351be29917c97d18bd42f9142e2b9fa41ba19531978c77e708e68602d7da3143abdf07ff3c4f9d8a2e22b80ef57a63fed7b4dec29cff0678bd4b

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm-journal
Filesize
8KB

MD5
fdb1598205b388892f475ee488214640

SHA1
e1cce5f9d54a4308ecf861783b5e36b739a1fa0c

SHA256
7846632ac7016dd989a903d3486a2c1f61245d2de7e8da7cc4e7a55c541f2b00

SHA512
1b65a43bb4f96f0a06a3455cbfb900f5f2cc5701982d0fc587e8a6eda889c714c2f24cc533977d2f8ce1997cf7b73172d25e96a5c87ca9a377a915a70c0be136

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm-journal
Filesize
12KB

MD5
51b76e3bba4dd9f9fd0abad3922651ac

SHA1
4aa4220896559c45f68235602e6248677f8673e4

SHA256
b897ac98b2fbf2b58f0613807bc4d786054d919d9e94c8e9c8674d17e8d08be0

SHA512
5e56d1a2730ce012f6dbe69ddcd057347329a219ac505dd575eac9efc62c1d5f559b0454963a0b98034774095e4c862df2860c8515c6b8525e54e99ff6ed07e9

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize
36KB

MD5
7fc5bd2a4daa9d6c9c8231b4f14f29cc

SHA1
4a589fe1fa40f06ef58ed1dacde0c59ce1530250

SHA256
75b9d15b0416260d2a3935633186b1c6b25100894914672ab11dae9f7d4e11a8

SHA512
9d215fdf32fa28de96447fb506e1ae33ffcf5bd70eab155a3d3b916f9ca1edab583779a691f455601061fef39b01f1dd6d46926cf60716313b0b5b116469fb18

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
512B

MD5
93440c361cc3242a96de849a39b3d72f

SHA1
0d5da47ce4c5035adb93eefee2bdd2244e210fc2

SHA256
7b93c947a956e8c85b52da4a93b53aa88fc00df47c9ef875973415d40aca888c

SHA512
b4cc13db7b4e64e32a3f9d9f08079953323dc33dc62c0bf3f4f651bba719446c2bde61eea5115657fd56b0421bd72fd52e01c132996609a1ece9205151f9dd24

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
b5414594cd74c242c03c20f5a610fccd

SHA1
fc99b4d269832ab85615537a087fef80edbe43bc

SHA256
8b735ca367c9c971f7631d74a2f2181dbd2d64092f45cdc52cd51c9cde9ad24a

SHA512
3baa60711eaa18bda44587ab7c4d5a8dcf965b519ea9336db474769316a3a7aaf9bc4a08c151b15569a503dfafe87cfba028a559d329b0a96821bb560bc7b8ee

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
f3e361211834b5377f1740db2c73adc3

SHA1
c61918eef56db876a53554b0728a4cc6cb6a241d

SHA256
684c5f7a091d5c9980fb39b2fe4b81b63d7e36d9f8fb34640e003e6fe93097cb

SHA512
55cdc91516a551fbf44535d75abf2027ca8f5f02fc0504b4509dfd630cc02117ee39e41220fbb692c11276c6c47a49409b66e6b2e30c42f7f24235130f95b2be

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
d0935c06c259449b4f58c1e701f27b34

SHA1
2c7da0ca9f77f037963f8709fc4b6890831f013a

SHA256
23e2da3246c90d56d7aee349163c18fa68fbbb778eee0a510c01e1c461e0a59c

SHA512
a54c296dba83c11070c180fb632e8c2d828edbc42780c2af30dd840d4764c8cc2dbc9bbd58d8479755e90ecb3b7e7b1e208d89d0f61f12a20dbd3897e7401609

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
04a98b536c4610d56e848079244e20f1

SHA1
a477ddc2dd6ceeade1f0d906bcc707a770b96305

SHA256
38830fbd5c7d7017fa603aea39aa96fb8328995092ab27df70f3aa90a73d2af8

SHA512
1380b79483a40ef1437a67eb07b759dc63dcaf38dd805cca930edee8555c14f1ae74a1b8c56c3e25522619aeef9d6aeb13a599956d5adfe592f292ba537bef2c

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/db_metrica_com.feastle.aus.takeaway.app.tfm_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
b778fca52646d6c5e38f4c6b76870bbb

SHA1
4c447019fe11c63cb6a2f46589fde690aee669c2

SHA256
01d23a89ee5666944be18c8f4f30e28c32c3f336818b57267915d355e1d6c51c

SHA512
6a2fb59d2b3b433332aaf11a4942c61a5429f7846b428754b09821bbb5533f8fa871ef7ad19a2dc3ee4c6f5703b005163a21cddab525764f280877106750f91a

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db
Filesize
20KB

MD5
1afbe014dd5aa13fd91449eab16e3cd2

SHA1
98a14bb9f9e13e5bf4f2045caa79e8dcbfadedce

SHA256
9e61231b676d36eab436f80787cd25681b67e411174ca2e0670d7bea83c323ea

SHA512
f209c6a401e5989289055ff1b02aaa2fe566f3f163350a8337afcef7884692137bba325d3e120e9abcf1ecfb7a0423e42ced24f7c6763f02f066414b180c6f47

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db
Filesize
20KB

MD5
484df068dc370197c0e37af4f433f772

SHA1
5d071329bf5182e60b2d268adca542901d492001

SHA256
3ebaaa9fc7a9245b413f62f91d9e689d468456dd4b6ce2408bcd2003cbdbfbd0

SHA512
587e7b68f2c167d39dd50744f2892a461a67cb073e8cf9f6eb2ab752e07841440dbe212af32958248d15af5d4001e7fa12f86cad62578ef31999355a86c3b0b5

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db
Filesize
20KB

MD5
ea9c2dc01d788f2ed7ad6a455e32335a

SHA1
3da6ee06226734e9a402c3ef2b542af3b509b6af

SHA256
ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7

SHA512
5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
439912934981c4f9167d88a59965cab5

SHA1
19de153f3aa8f1f9d2710cbe6e705071b17bed93

SHA256
5cac92d801525b1243ad40c8ffbb554e813c3e3cd1e888bcc4e08bc86adde980

SHA512
ee919165f02673519ab5e6e4d5385627b950a640b6de99d2d6679b397998e7611a486ac7b1b62b7305f0f4830006ebf633b7fd7bfccbbfe570859ca40a016f82

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
45133f7ad143a717ef86f4b54323e282

SHA1
3e2f087750e92c4fd986969d8fdd332ffc41c320

SHA256
8a5989743b054476abaf35e7333ee85c07f8ec35d3baa3a820b514868a1a284c

SHA512
aa04c0f7eb4338d78e9d90aebc108bb072423df1838d1393ad3126d48f43fc7e3951df44c85e615915880bdd2ce5cc501fc9e77e37773dfa22ef49083c7fb53e

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
744a4da3eb976aad655a430590c093a3

SHA1
02105b3761119083caed5538a5db85936308706f

SHA256
f5f9cdbae436f2bbdbd9539d58739e45804494bdb00e9545a5c025fa817b454a

SHA512
0e71c6c45a04cf6cd36a49f620b0bdd3c9fd0dd5b2cd74734d298d38318ce58e71e9f368ffed0e3c99c8cc8b469f54de5e6107f9336cb440780df4bdd434245e

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
7b42ca7a87f85038f913b7d480ca5ec2

SHA1
5386337a005a87ae2d55399d0c138a4c55bf8088

SHA256
585d755479bff759f097de7cadc05995fee5a656af0b83856c118f0a303b3dd5

SHA512
d05ff530e555c12c70966032bb767ba9d693894929e4f483602b4ae4dafa4bd500af611723863956df98fe5b9e05406e65c8d26eaafbc880e0ff40c690e2c015

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
6a40ad16c8f14f3dc58303f93b139d1f

SHA1
f27146b12d8ac044b0df5a8f2d0a1c7e7e850a66

SHA256
05f0929feb6437dfef92ada61c1ae0fef67646d50f601e52524d5bdba6225d29

SHA512
a2c2f1b353add4be7285ce15e953aa31c3a6fcda83019c538f79e2ca5d66c951a361b97167cc28a0ee70db79bf06f5163345f2de5c36c63029416fedb63b2e70

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_data.db
Filesize
44KB

MD5
111debd8168231d7a80cd40c6892b174

SHA1
c5a886e1712597a64fe825f4130ec5e2dd854776

SHA256
bf78a9e980a7a6cba0135078436334467f07c2dedd9368015e6a2090d5d0d2c5

SHA512
03b6d648cf00ccef8a8ce464dd8e0a8e3bff74febd3764d48348e4ff71ef24b38480497d20f6dbe58917c86a8956f30e3a447d11dfb8188d0986a4450d57af26

Download Submit
/data/data/com.feastle.aus.takeaway.app.tfm/no_backup/metrica_data.db-journal
Filesize
20KB

MD5
14584b9da65c82466e743da9e41314e4

SHA1
bdb380f3daf75a790a0ac6862bd625e6eee40c58

SHA256
b578748ec680f8fed5c26a1e8fd7e0f1385e6cbbe0f1b8ed9daa70295832c17d

SHA512
dd2db658768df37ba4855abb697369b1867a5a0332a32a08d34e6d48b69dd9fc69428d2fae947d5ef93552b633e81768ee0ca860e95920e348a9b79be730ca98

Download Submit