3a4bb1dcd8196db41d3feaa5103646ad14aa1dbcb7866071f16da900592cfa2b

Analysis

max time kernel
178s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 20:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68763244a32aede477dfbcbb3812b922_JaffaCakes118.apk
Size

4.1MB
MD5

68763244a32aede477dfbcbb3812b922
SHA1

3e0b582650f74b9ddfc62a9fd5e898a68120b985
SHA256

3a4bb1dcd8196db41d3feaa5103646ad14aa1dbcb7866071f16da900592cfa2b
SHA512

35c323fc90c77a947b60e3a2a53164676efc292f5494099b4b6c65d3ba5db9b369284e56c60ef2fd6641057a8637decd4b698b344202a8b09756d480df42bc5d
SSDEEP

98304:qPpUoXAdX6FgJJtCWFCcfLbreCftu6ueF5cAD05HUKEwtb+Zil:O9XAdPJJtdwcfLbS8Ln+9tb++

Score

7^/10

discovery impact persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

ir.diamondapps.televpn

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses ir.diamondapps.televpn
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

ir.diamondapps.televpn

description ioc process

Framework service call android.app.IActivityManager.registerReceiver ir.diamondapps.televpn
Acquires the wake lock 1 IoCs

Processes:

ir.diamondapps.televpn

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock ir.diamondapps.televpn
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

ir.diamondapps.televpn

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ir.diamondapps.televpn
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

ir.diamondapps.televpn

description ioc process

Framework API call javax.crypto.Cipher.doFinal ir.diamondapps.televpn

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	ir.diamondapps.televpn

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	ir.diamondapps.televpn

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	ir.diamondapps.televpn

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.diamondapps.televpn

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	ir.diamondapps.televpn

ir.diamondapps.televpn
1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4250

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.diamondapps.televpn/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/203147fd-83e5-43e7-95bf-fa75104360b4.jobs
Filesize
236B

MD5
85d088e896eb6ed04ebff262a7242827

SHA1
7e355f45458d8b7d128ced06e1de626988ac45b3

SHA256
37f0bbed9632c07f27ee3cb589a3ce52d6f0e4edf5ee567b85e461c7632f3186

SHA512
cf1626b295780363977af4e805ee085e936191e52cfb1c50c96d7566edf14830ae9c3df38edf041272f5c0dbc6f8f96e7868921336c24464278470ff016b1cca

Download Submit
/data/data/ir.diamondapps.televpn/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/42005012-5d7b-4a16-9161-72bbbd284a51.jobs
Filesize
752B

MD5
2d4953e05e37ddaa6d14457208b23575

SHA1
3ccca660e992064ddb1641da54afaab7a85181db

SHA256
b1f4cb2eb898e4092586d283539780c71543a643f3fa6bbf689045b1b2cb8a4c

SHA512
22fff6275949d489766fcc2c24f47623e637242b25723f926ac3bc349a5dac9fc3ead988f8d7b3a8d073044011eaa3555e9223e5e021d84cbb36a37516783c8b

Download Submit
/data/data/ir.diamondapps.televpn/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/7682559e-5008-4c16-ae94-cb596e983475.jobs
Filesize
134B

MD5
3e33a098f93065ec65683a6f7f25c920

SHA1
03cac349372df3ae5b4b2f28baa641281b679774

SHA256
082eb2e89693217129d4595f83c6664a293b8bf8a4e2e41cdba8380b5691ab22

SHA512
c7a93242e897a2b0b297893a9c660205e55a9c2588fc792c2a0fe72cfe4b37637cbcc4528e687c1b350b0cdbf2e1c2124986167033ba18863ca537d691a57897

Download Submit
/data/data/ir.diamondapps.televpn/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/a92d75fa-e6d8-435c-aabc-9605c0318c80.jobs
Filesize
134B

MD5
5117e461bae628b12cc51a5258fadd8b

SHA1
c1e7fad09729f35432390e2883780b40bfb7cfcc

SHA256
74371df998cea23266af659b4dfa16004216ca7c92b6100372eedafffb13b4bd

SHA512
afd157b112d3d67b2392f903e3472792f9e0d134b4e8a8f952f843090b25eb9e9ee185071d997107aee762f3fcf680c3197b3672d0a31973876a1e8ec7bae542

Download Submit
/data/data/ir.diamondapps.televpn/databases/cheshdb
Filesize
24KB

MD5
1f347cea6a53594be878e35079bdabc4

SHA1
ae24631f83d3c875dd678040baafb5e64fc6ba6e

SHA256
46cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5

SHA512
6f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9

Download Submit
/data/data/ir.diamondapps.televpn/databases/cheshdb
Filesize
12KB

MD5
fed14fa1f25c0c40c5b266e830bea1e1

SHA1
28d703ad6b74551fe7f4c374dfb15db7e5b44314

SHA256
5ee1ee6c7ae5f579b203db4f0e39fa285ee43bf037818b576a2e4f58a9f6b2f3

SHA512
710053f978b7e31ed5c24956b1510c51918d8ceb8a44c2cc40e29763263d1012b9a9504d96bb8abdbf078c8c7233ded6688785387ee6beb7ff595f25cee50bb6

Download Submit
/data/data/ir.diamondapps.televpn/databases/cheshdb
Filesize
20KB

MD5
20a05d6276a0141b6297fa6be1ce6da3

SHA1
e46850bfa924ab0f664e132f919ea5d62c95b44e

SHA256
a09286f7b38183ba299cc57e02f3a29a430998bce9bc9dacd96055edafb4a858

SHA512
ed33ac5c043491a071a9c09c337689f2e22d217c3b21726c1ffe7a2b6ee189547942bf3bd03f2b4c67eb016085cb26444053f635bccea431757e9877ccc7cf66

Download Submit
/data/data/ir.diamondapps.televpn/databases/cheshdb-journal
Filesize
512B

MD5
838fcbe9573fa3f4589056efe938d2a3

SHA1
941ac732e82d6eca47bf1432f74aa3c3867c4e11

SHA256
e031ca770e40e6eb80ff27f8bbca7e56dd6c924af4b196279fb2800df93a8a66

SHA512
bdb802324aeb3adc4d0c6c56b909e9b4ea1f4a17aad02c9f1eef7c654aacb19e99c7b0a66358a1d7ce32097d14b60b7a20005a9fc4efef89bb76f1d0088e66e2

Download Submit
/data/data/ir.diamondapps.televpn/databases/cheshdb-wal
Filesize
40KB

MD5
58bbff37026c0b2345bb0b44c823b0dd

SHA1
41eaa71f01d18f8cd43c1497821b207a24f62149

SHA256
fcb1de1dd30ec27dffc4af78e7cec8df031aea081dd894a9ffd28779c7dfc859

SHA512
f40c67f2245be08eddce806fbe4af773a43fdc8547e5c4cad51569ef62eb5e4b0030f5a5d410bd496d37aa0a3d5ce9219138b287c111317a807b7a42d4acc8be

Download Submit
/data/data/ir.diamondapps.televpn/databases/cheshdb-wal
Filesize
4KB

MD5
0425a512c53c11fb31cf8a5acb78e395

SHA1
34affaf311e0030f55d0750f704b57db0e231a34

SHA256
09eb4e901dfade64924d2fc05e7dc9df72e08dc2827ce714016fc2a609755f97

SHA512
b5308ed35cf9710e8590b96edeb39928b04c17023963f7851b56fa1617b7eeefe240306dc0aa624cf9c22fa9e33958269d5969365672bb2a68028002cbb6f47f

Download Submit
/data/data/ir.diamondapps.televpn/databases/cheshdb-wal
Filesize
8KB

MD5
2d9c919407783bd410b255f119b5a431

SHA1
daa5ee1b77544a7698b7d55adf87b7b1c56d5b9f

SHA256
617eafc957153b92fa96bca957f7f55b6d3e2ddce76e34b2d84504b75b9a3076

SHA512
09fa5e155500d744c42f6db34fa77ba90231320c928cae5a60b7bb518788ff97f46e80c6588a5c0d94cdf88b6db1d6cd14cc1dcc1d0942b2415a09937a61da69

Download Submit
/data/data/ir.diamondapps.televpn/databases/com.google.android.datatransport.events
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/ir.diamondapps.televpn/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
3d0e17ef75d07fdce7da2c01f29cae77

SHA1
217fa8e1309fd4f2848106fa111e03dd34303f3b

SHA256
ac7011bb5ab55ce9070e35c617e788ea89e77a2381c2d7bf56e0ec4a485ee9f2

SHA512
937b89111ba64a0f5655f84aad34d598d010c81bd573df42489ce60054db30d455011bca25b35cddbd9df366183db8e9f345aa6ea909323bc5fe7fc025579b2f

Download Submit
/data/data/ir.diamondapps.televpn/databases/com.google.android.datatransport.events-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/ir.diamondapps.televpn/databases/com.google.android.datatransport.events-wal
Filesize
44KB

MD5
b4e33279b39fa4c2cd7d3184806e4133

SHA1
04aa487ba3595da335339c0bd059458e526c1bee

SHA256
e3b629b5c9c0cf962b8624dc80d591b8d8633e86b1eb33e39c5b2312d2ebaf3f

SHA512
345132a54033a86e2f706260a6a41566fe03a781047ad45a73cd8f98be9df8b92984b6b5f805db9bf89ee1f4456f2b58f1490634705149351f0f377e9a42d31f

Download Submit
/data/data/ir.diamondapps.televpn/databases/db_default_job_manager-journal
Filesize
512B

MD5
44021f7d34b1d5b3d0a8c16184b55e0e

SHA1
e2c6dcb9616f6a6c4f004a665327a6342ba93903

SHA256
e01789259e6e540d5674f304f5fd826968efa8faa4e2517d3cc96e6183370e94

SHA512
85585105fcb6cf8ff003f3a4c069d0c4f208882591524c3796e0c76528953c4cd5121372264d942d27781e895eec207af71788d1fb0ee11cd5dc02cfde96ac5f

Download Submit
/data/data/ir.diamondapps.televpn/databases/db_default_job_manager-wal
Filesize
156KB

MD5
7f50181ecfed296df09510db210cf85f

SHA1
01ecc3838b4f2ddc121b272ba6498886c3b63ddb

SHA256
de63714666f81145890cdb02290a9089b31fe93e83b4d46f6ccb12a8d1a732a3

SHA512
cdab64a8115e576267075a9602cc0d08de60f436058ead92eb2dd52a552990b0a46f59d6daec1ac50fd9bcb6dccabba58bb48aa261050e6884aea768d6dff614

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db
Filesize
16KB

MD5
a6e98b05c5778ad3a07aa9ac792bafcf

SHA1
c6c2c2da2e0572e4c261c492d94046620e5bdd23

SHA256
8944de6bd225d3fbc64da1c964d28d318974902549c4b6d4267a914e1ce3d33e

SHA512
cf2e01ce472cd17aa367b60fe471ba2dd022ea86132af463b3cf12c1c88e9d892bee8bbd90137f3d26c1338765481f5507969c58f6ad53ef1b93d979169ee0cc

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db
Filesize
16KB

MD5
d273a4a4192e42d45885cd246a97ba7d

SHA1
fb1fcfa16de315a9cb945cc2f89319c3f017a63c

SHA256
cea14db9935fb01dd52c0c6600744d01fea5c0c4453fd6932ffaae7f0c28fda4

SHA512
07ea4e64594bfc2a6ee3567bf18541fb8beea9d051ca48c26ea2291ccebc2ff232577ce175ac1d387cbd6bd228ff6811c53ea04fee6dbce052f7b8083259bb7a

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db
Filesize
16KB

MD5
4a6bd36f1da353e3a1b288adba3d8bb3

SHA1
9c89012deb95d8908b75eb35a5494b7da515dd8b

SHA256
a6a2afcb62be2b4ae5992bce943747b4a79f012d7aac1dfd2f3f308afb3bf92b

SHA512
a4e81a44371b896f0da353b685690e1fd5f0840cd264b819e66a20ad11d6a9ae9f98954e223fda8da84a5a08e5ce1834643fb123da34d712d2c3cfb183518bb7

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db
Filesize
16KB

MD5
8fd7a6c13990390841dc28c6af916b58

SHA1
8965860c49af319fb7ebbc71eccfa7c9bfc67201

SHA256
21d22576d030811a810db2d4670281c0e49cd14e84e8ba9f03d64160087b324f

SHA512
0634d50b8fdafa1af9ce0fd7712d2945dbde041f240ab028d60e394219977b3610937d57b559b506b27002f7a78279565f59359965df403dc84028a98532a1f1

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db
Filesize
16KB

MD5
49285e35243a657c84aee03b4edaa266

SHA1
ee09b091abda8347de23462d4e5322da13c7af20

SHA256
d5ee0c09e0410a8fbce13769b37b38e1fa4982cebe8ac75de592680564d73dfa

SHA512
57d79902fceb649f1984602531a6450cd6e3b07a9e3f57ca05611bda52a1d94817ca7faa7a9dd9f41c27444da102b7b2c90f945c6a13361ea6c1c893dcbf2fc2

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db
Filesize
16KB

MD5
44693692da738db6eb133cf0e4cde91b

SHA1
e6bda56494c325d8d37ad89552263ae85d9b0550

SHA256
8fe0ac9db76d4a2dcd3b3d54c0efedcd223e25aabf716506493d50e243a7a2d4

SHA512
b34ddfe1ae343b1b12f7029ae476a0ba8e1b4043ccb520afb412b3f71335ef679bf29723c9a5c00af7e922e9982d5b3af54b2ed779da8cb601f378e5b9d26be5

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
71061f4e0e5f65abe501d92569ed6161

SHA1
4ac2860ee562fdb8894d257e71d29c961580b083

SHA256
0c91f632d0cc6423eb53c4033fd53b25b2d68ab86e013dcabe54d0204b13c148

SHA512
e0f84f49c16e94b596f0197a583398fa169d99112232916acf174c670520f5ee9ed36cfed047ddd8da6e88420078dc1a0c68ec8d1043776df75be7325341d089

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db-wal
Filesize
36KB

MD5
559616afc1e70bf547f33a7aa59a109d

SHA1
049feac38b3b8dace8cf0b4959ec3bf4189fbddc

SHA256
71c716b444f1f62ee60b685cda188318e22cf157178cb358af48739336fa024c

SHA512
fd026490187ee2fee819bc535c4ea6a6ef1a525cae28902f366eca00a8280ff0edebfea139329da74d72f2c2c0015200388bdc84fbce9d48fed315688a09b130

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
c4433ed5ebccc4646cc5cca24d54ca09

SHA1
10fdf1508fda18f809abb3590ae26bc54ce5f583

SHA256
43eb9f35c65abadd1c86a87b50f82f0fe007ef54f71f4cb9509319eb37aa0050

SHA512
c3940e5a80ac5c3c1cf1cc60b70dcc098c5dd78bd8921db1b96193f08e9e7d2c13b596bb8aedc8113376de460b45a9e310887fdeb7f76de7310016103402d960

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
403f529a8c77dff1f74af9614f484162

SHA1
e5d8864fd540ada1f1e15b333d55b86b30539574

SHA256
febc8e5326e4ad48d33d0d6d07894bee04273af11bcb246c0f42eb1d3354ff07

SHA512
120eb66cc1ca76b703d9304fdc513f9806c723f9c20b6fc88eb608d4c3f10fab955e585b83d50bb360813645af36daad69b113ad54662ae94ee14eff5706262a

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
05a2528559cedea6ee74caee7aff3547

SHA1
b4adbb5d84c8fcb6b6bdb60a2ed59b4d5746aec2

SHA256
76d0cf05e7e2e006f2a283920c2ba9bf848fb9e3cdf01024b5b69cb2a6f07d28

SHA512
a31a7fdf3b6e7c74ad78274da4a3a9d4fb7e1cf9e32161cb3c8d135837bd14d59f5b57f3d1ab0277dac44f91b9a58e8dc77d42b2e08034b6be03a3e69c43f03b

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
4a34feb69558a96594a363dcff01f2bc

SHA1
2a4351ec45c808ffee2b7b76d8ae933f0d48de83

SHA256
80a488c66f6f935790e0ed9ea2d82c343f500a548bc9279bebbf844763dfe7df

SHA512
34bf997d0c5518e9ce99a1b9562da143294149b5cf2e71425ec2697d0ec6f53a047c5966a85bfc471acc05f88ea7c5dd8dcea53318272fedc6dc0a33ed1d4900

Download Submit
/data/data/ir.diamondapps.televpn/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
4d505a5dd94faa9a2ac1e069eac2035f

SHA1
9e0368ef4a55fa4e3743ff885c417df3b51331ce

SHA256
fdc2a3f6beed91b7b8b27fb057ce95d85783d974355ea01b18a943bccf91a8c8

SHA512
eed6aa88eccf62849389e079b30ee598c9c8562b315625872a40ea83e0da060dfb682e95324a4b098dbbbad0a1cfc1391e7aa888deb6bb961f5f2953e26fa727

Download Submit
/data/data/ir.diamondapps.televpn/no_backup/com.google.InstanceId.properties
Filesize
63B

MD5
f09b0021feccb731d76da1b39043830e

SHA1
ea0aee332231ac26837181ba7c7f908754854556

SHA256
a004ea54ecde0ee19ad485d6c3db2861fbf6d9b14a232060239515a881d4dfea

SHA512
631da517bbd3b2cf2fa0d68dbaf7d9eaca05c7c4b2736b54f5af87694fab4d33fabf7afcf0fc0e982003b97065351d887c7402d17c6ca047c7b5ae06dc93e0b2

Download Submit