e61a597fe75a422642686ed93d88111f972d65cf4a05d648e5d479677e58a123

Analysis

max time kernel
178s
max time network
151s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 05:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

69d8b0920e9b67aa2f6e9018552aa398_JaffaCakes118.apk
Size

2.4MB
MD5

69d8b0920e9b67aa2f6e9018552aa398
SHA1

c3585e66eff2c55c42480eade197312bc3a7c061
SHA256

e61a597fe75a422642686ed93d88111f972d65cf4a05d648e5d479677e58a123
SHA512

6d4efb150986946673dd4a7b05e38ab614fc50ccb2ce4edab81388fc9017f7ff5e05e771b18ab8633c5adb1299c40f82dae821677c51f4a150241ea0f76d1476
SSDEEP

49152:Ud2ZpfP/+6plv5L7MuUWL/IF+g6Rf8+cHqyi1tqmx1sahZkLDGZYrYWow:Jb3/rplxCWx5bcd8t5xWIZkLD2Wow

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.ar.pedidosfree.restaurant.hornitopa:Metrica

ioc process

/system/app/Superuser.apk com.ar.pedidosfree.restaurant.hornitopa:Metrica
/sbin/su com.ar.pedidosfree.restaurant.hornitopa:Metrica

ioc	process
/system/app/Superuser.apk	com.ar.pedidosfree.restaurant.hornitopa:Metrica
/sbin/su	com.ar.pedidosfree.restaurant.hornitopa:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

com.ar.pedidosfree.restaurant.hornitopacom.ar.pedidosfree.restaurant.hornitopa:Metrica

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ar.pedidosfree.restaurant.hornitopa
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ar.pedidosfree.restaurant.hornitopa:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

com.ar.pedidosfree.restaurant.hornitopacom.ar.pedidosfree.restaurant.hornitopa:Metrica

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ar.pedidosfree.restaurant.hornitopa
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ar.pedidosfree.restaurant.hornitopa:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.ar.pedidosfree.restaurant.hornitopa

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.ar.pedidosfree.restaurant.hornitopa
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.ar.pedidosfree.restaurant.hornitopa

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.ar.pedidosfree.restaurant.hornitopa
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.ar.pedidosfree.restaurant.hornitopa

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ar.pedidosfree.restaurant.hornitopa

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

T1603

Processes:

com.ar.pedidosfree.restaurant.hornitopacom.ar.pedidosfree.restaurant.hornitopa:Metrica

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.ar.pedidosfree.restaurant.hornitopa
Framework service call	android.app.job.IJobScheduler.schedule	com.ar.pedidosfree.restaurant.hornitopa:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.ar.pedidosfree.restaurant.hornitopa:Metricacom.ar.pedidosfree.restaurant.hornitopa

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.ar.pedidosfree.restaurant.hornitopa:Metrica
Framework API call	javax.crypto.Cipher.doFinal	com.ar.pedidosfree.restaurant.hornitopa

com.ar.pedidosfree.restaurant.hornitopa
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4312

com.ar.pedidosfree.restaurant.hornitopa:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4350

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/credentials.dat
Filesize
233B

MD5
4e7778547718f6c06ff0498a1b1b2945

SHA1
f246bcd92bd1f4ce95b530f44f14bc1be42d51ab

SHA256
b7c58974d18f28d7d0cc1db1f2710ca60a52d0a9fe482f96ad5f02950cf49b8b

SHA512
85ba9479030c6daf989ff5328a1737914696da7d63d0208c002156feece2480e0388f64c4c2ea21268a49a420865518bbe96f3f2546ac8d809aea11bc823a184

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa
Filesize
36KB

MD5
bb8eed5150b529885bd31a91b5e846a8

SHA1
fda7853f7a6a192574a770c4cbb6a69614f9d4be

SHA256
4149cd80cca67e4dab66c44bf3a8c6e29311a3279cd47a79cb8de7ad92cd5151

SHA512
b58894a65eba722dad358cfd11373a2f1a1729290be73a4a09e977e13fe49552fc817cdbbebdffed078739742bfca8f3342f8e785d9b073ad515701f55b0ed0b

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-journal
Filesize
8KB

MD5
0a3e120b1a5cb2859fe3befc72a81d28

SHA1
b53df5e7c080c23f889469071f9980b81882ec62

SHA256
a7206f756fbf89a376410e2abeb8043f9f6e0093b442b6609b3479e71eb8e50b

SHA512
4d0989e4d1b33422f64c0409a0576811e12412a66ede3ef0bf1467b2759eb080e95763f0e7056556e57f57513225a1c053bef1cec9c3e9878507ae219c7acc6b

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-shm
Filesize
32KB

MD5
ad43ba3a98f95d9c17012fe14aa65fb6

SHA1
81696c1c5adc03d6b04f83d7f64fd45a5f50ab55

SHA256
8decc9914f59962527a08887501a03f711dd88293634bf89df31368c442ee6cd

SHA512
2456e6f8b9277a0b4ad852b4d0fe6261bdb6da282ead9d8f93d1193920466a962a2f7af1c365c4bdb9afc1afe98373144a1da06c3a622b483ced3e0f71203c62

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa-wal
Filesize
406KB

MD5
55991bf049269fb0c582b2c191ce8cd8

SHA1
738cd107ed63fc08f14ea1fcbf5f022789b060ba

SHA256
4bec9b7108024d130e0e7e3253aa67cadfb549c57a26b28d9170955347ead8a1

SHA512
aa7d61edf4657ee61199d3c819d6ff2fc88856b521db36a01ea7e47454ae273a7230ad06087463aa7b5048e2d78be57d685f7b9bbf6d93f3dbe6384679d5e70e

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize
4KB

MD5
6ab9f6e9ba789bd53dc5852786b1d95a

SHA1
eb5b731df28219339fb7014f5bfe03ffe22f0670

SHA256
6f1344d35d8efb11512d50e2157dbe1b3f49cb7e1c9beacdecf58d06ae42f60f

SHA512
e1b1a85e78839c72c0e2a3610d518364c54162f9fbc280fe60a8640f87b724f512a2beaa4d5824744ebd39b1ef538b892c6756fd03ca00e4c5f12ea2c17f5b93

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
512B

MD5
d3f151e7369f0f2eb0773063d937020c

SHA1
581b186dccda35f1ef0b3aa869e692299b6d6092

SHA256
729781a13f94d373c403a1df60541c2fc24cf1c6eef416bd1fe2c982429dea37

SHA512
e7962559afca16a87a2d0ed670a3f24065fafc5d3537da86c7c6eacefcc8102a530c030a9680eb05ce1cace415efabff539824fb5e9d83f5f729fafc67aaf743

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/db_metrica_com.ar.pedidosfree.restaurant.hornitopa_20799a27-fa80-4b36-b2db-0f8141f24180-wal
Filesize
173KB

MD5
de15fc9ad01354156647133a6f068b16

SHA1
5f2c72836a686ddf16a74d9ab71e88b65bbd69d7

SHA256
65fcd21c3aedb403693b1a0687f479a3bbf4c804bfb1f945a9d56f27d4807fec

SHA512
877a5ad2c8ac89495bbd01315f1ad4b452cf189e8841c24a5de1d0e3a9de60ed1d861e80cd56a2154bc2f7ccffc9719d86d6d3165f7f6831c5c767811a6b3c73

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db
Filesize
20KB

MD5
fdc0a519875aab4e2dd13cb4438a9be0

SHA1
4e548798451d3b4ac9569fd5bb6e19cab2cad391

SHA256
4d3dbc02f7efdb3951608928b40701253b8f1bf4fda4fccd49c380a1d4365734

SHA512
0812ed169513539d8971cebdd77cf71473be7cf862573e0928f4137725c79b6655a6a3683d357d0a8b078189ca392147e7a0e27dad83c8ba6b47299ad2372d4a

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db
Filesize
20KB

MD5
92c93efacbdafc932fb604ca2d5c479c

SHA1
7bd82297efe818b6bf83e72c621a2a78cd373b0a

SHA256
8b1fa4021f97c0b98333a56e43d8c8184a7845673aa30be8855f52c402ea265a

SHA512
2e796efd096b73fd2e0cfb1e0e3ea141558c0104c754a210305d6eb3e6a58ae26368e4021556d7c89c062e300db2eda9dc76e0c35723328ca6f161060135b79e

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db
Filesize
20KB

MD5
44def4f6e42c3ec63f229d23af8c804a

SHA1
f5956d9295778b539bced03215343fd3cf7a9dd8

SHA256
882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a

SHA512
a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db
Filesize
20KB

MD5
a78bd2be9758eb556550a8ca13bcea26

SHA1
f1a99cb761442c4061518f3caffd22a293c2369d

SHA256
19b3c0e5a8475d31f0e6deb0ec2e6e5267a822156f9b37b112f588b37dc70e0a

SHA512
2d66de0774bdec3c1b4e467250de8e4c2b31031f232eacc1f9f4b2b88fe99787ccf249dd791ef474568181f07096f52fc19607f3df919ec143d0a83bbc4cb108

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-journal
Filesize
406KB

MD5
43d7c5322babe9033e04548c02fc35f7

SHA1
ae9d77aeaccb8a960b3cf3e6e5cd6a3ab65ce0ff

SHA256
b150400d4a8caa44e5add2a0db8795df70833e52024ece07774247f7aef253e1

SHA512
647a273468e2fd87e6c0c684472a8cd13815acd3a17e2cfcfde782918d6144840832bf2f758f3e0fa1e1ab4d89481bdefd6d7cb1f20e02d0fe1d5a4e05a0ae17

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-wal
Filesize
32KB

MD5
ca598254a2d16aff61f608973742a97c

SHA1
2b914c9b74adcbcc510ae17ebbd2d13c90adfa93

SHA256
4da9b290928d41f4b22739111afab444df8058a3fb2328dc2e649ba757524308

SHA512
639ce956ea9ea44d30f31c79d17cadf773661395a4a43499131edc136a440fdf49c8310ce14b6efda27ea81ffda3a7c9f06aaa84e73c960fa77260b900b9cbc0

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-wal
Filesize
8KB

MD5
d9000081121bc0b6d7bc5b9152bcda58

SHA1
3fc88fa37c89d611bb8fcce8e013d70ed996a7ba

SHA256
710a1077d007df6824e2db3ee139ead89075a1e8b6281287ed80d54ca427f4d9

SHA512
ecc86ae0ab3d356e0b2f3d73ce204d6af73ce38a1aab89b4e0fb87fa193d10675c60487d3c72f035e51146fbe67301dc55d85a148427380b76b334414dad5583

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_client_data.db-wal
Filesize
32KB

MD5
275f6ff21bbb580c6cfa6995f9a064a0

SHA1
9329ccc11d5a2318e8c6ceeacda32d3c3936388f

SHA256
64c23689cbe819e86fc12f7265c6b661d4e2106f09c8f74b67816771af20edc5

SHA512
d2211a4e1fd847379e4f7088710ea298556f1b953ed8040a600d4a9fc0ae2916bc3b2181ed1f9e282e4037da61abcf82cfdee3ac923cb80c0580136618889754

Download Submit
/data/data/com.ar.pedidosfree.restaurant.hornitopa/no_backup/metrica_data.db
Filesize
44KB

MD5
00ae31e5a60b8cf11378a25c22905667

SHA1
cd60de7930785594d7fc98cb0e49d7aa6546dd0d

SHA256
30fc2e15efc3c481948ea6855bd19629e4245dc88b27c320ac06c5ebd95684a1

SHA512
871ef1d93cf8d342c7c3859d0b126496e72c8b33cae0809ef88e9554080ca4fc159e23959ac0fa420d4e71defe100fea9845b128a6012956121c89960f594c83

Download Submit