b31b6b3b7fefbd42b230e3c99ebb6641046ca0d31bc7fee0fd7220d5c1990081

Analysis

max time kernel
179s
max time network
145s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
24-05-2024 02:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6d116839d465b55353095a21d305d553_JaffaCakes118.apk
Size

3.3MB
MD5

6d116839d465b55353095a21d305d553
SHA1

32e3801fe794af6bee712e825a4ed97e73f12bef
SHA256

b31b6b3b7fefbd42b230e3c99ebb6641046ca0d31bc7fee0fd7220d5c1990081
SHA512

ff8f1333ee18f54def3e286b2a9794d72e0fc8d1464c0264286fbe49b43555840f2fb13ccf4f5f84aa1a42cacacfa2ed33a03ca65264ca758023e9dc77ee0b8f
SSDEEP

98304:RohWAo3eZru6tvBsYrcnfRrxgzKnUTxWohL/BH2OtywXF3oyVAoVgIR:RogneZS6BBrcnfRrxgmnQzRT

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

ua.FoodSoul.DonetskSushiTaun:Metrica

ioc process

/system/app/Superuser.apk ua.FoodSoul.DonetskSushiTaun:Metrica
/sbin/su ua.FoodSoul.DonetskSushiTaun:Metrica

ioc	process
/system/app/Superuser.apk	ua.FoodSoul.DonetskSushiTaun:Metrica
/sbin/su	ua.FoodSoul.DonetskSushiTaun:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

ua.FoodSoul.DonetskSushiTaunua.FoodSoul.DonetskSushiTaun:Metrica

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	ua.FoodSoul.DonetskSushiTaun
Framework service call	android.app.IActivityManager.getRunningAppProcesses	ua.FoodSoul.DonetskSushiTaun:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

ua.FoodSoul.DonetskSushiTaunua.FoodSoul.DonetskSushiTaun:Metrica

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	ua.FoodSoul.DonetskSushiTaun
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	ua.FoodSoul.DonetskSushiTaun:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

ua.FoodSoul.DonetskSushiTaun

description ioc process

Framework service call android.app.IActivityManager.registerReceiver ua.FoodSoul.DonetskSushiTaun
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

ua.FoodSoul.DonetskSushiTaun

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ua.FoodSoul.DonetskSushiTaun
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	ua.FoodSoul.DonetskSushiTaun

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ua.FoodSoul.DonetskSushiTaun

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

T1603

Processes:

ua.FoodSoul.DonetskSushiTaunua.FoodSoul.DonetskSushiTaun:Metrica

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	ua.FoodSoul.DonetskSushiTaun
Framework service call	android.app.job.IJobScheduler.schedule	ua.FoodSoul.DonetskSushiTaun:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

ua.FoodSoul.DonetskSushiTaun:Metricaua.FoodSoul.DonetskSushiTaun

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	ua.FoodSoul.DonetskSushiTaun:Metrica
Framework API call	javax.crypto.Cipher.doFinal	ua.FoodSoul.DonetskSushiTaun

ua.FoodSoul.DonetskSushiTaun
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5132

ua.FoodSoul.DonetskSushiTaun:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5223

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ua.FoodSoul.DonetskSushiTaun/files/ZPkFS.log
Filesize
90B

MD5
b5100f892039ca21943ddf516ea893a5

SHA1
3a46111bde65458c4cf390e2cd8a76d4da35c77d

SHA256
b3ebd1521710cc6c0878d6adc8d9fd20ecaefbcdef907e68cf58a3f3f1a4039f

SHA512
1c42b72d7df501b0ef6c74a8bd616692562f8db7c69ad711775e9db8b679c31bc7c3bd8356f74469613ccfdb19d727caf0627f19fa3e9ed692dcee4b7ca1b92c

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/credentials.dat
Filesize
233B

MD5
f78009f57034382a77ea2187cab87e06

SHA1
c2e85bf03d17999c161434a233bcbf3c948f1ef7

SHA256
ffeccfdba4f409b646fbc4d6c156257e28a1f98b5483f9d3ace770798ec83748

SHA512
7787bbc216a233c0b846de644f1ffb07c827261afdd413b7ed5ba32150f5e8fdadb008081f208f900433053b04f4c3a12dcc15125f93d6019ba1b7979e81161e

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun
Filesize
36KB

MD5
0078987bffb6da02a39939f04e774958

SHA1
a37453c5e301f275905fcc738c2a9dcd0ccb1bf7

SHA256
61356362194111be82073af2f11189d865e83eebadde3c717d62a0b61e9d66ab

SHA512
2894d34afd78751901c422278dde79b67dfb9b5f76fed87dc64a915cbea20a86d922688c94e796b3e152ab0d6be105c10cc4a074c9b8defbf86a6d4a291f76df

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
20KB

MD5
3c14fadf2ab89a1a0b9817874d8d720c

SHA1
6388e25a5995a8911500555215c119905786d668

SHA256
5140dbeb18ba04fc0ea654982891ab31ba841160c0b46352d3af85f1290acdc1

SHA512
92a4edb372019566f42c429ad9931e6dce236d230485957e8e12cf2670603aaefefa8dae0c8afe3668964327505817945cd29150350195f951341c7eeafbf566

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
20KB

MD5
2269c311c66e3c5bf0ec202c3c90cb18

SHA1
3a7cbf86fa89d696800625d652217eb422deb31e

SHA256
08582d5c5d3034cb6c4d65733ea4a39a5435ea6b0affc6bda36fa387a0a63f77

SHA512
63a382242d92111c1acf9ff9ee78850a57e273811e37ca6654a2a6d449d2611eafc435c6e32bc45aba35cac14ac589420be532dc47a7eb859be9b8cd66bd7597

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
8KB

MD5
8f81db3c642887544b7b27e843587172

SHA1
6e60198ec404633468827de39e35f299e6dc0c8b

SHA256
49b9337f7e27f30ce0ea7e996d78d00df091fa38bcd1c51282e45b3efac22bd6

SHA512
7dd85c61e003f02f1d126dfe95afee1019858e7f0580d9f17a80cbe329de0db507d7022dbf2ebe15b8cbeafdab687290940ac4b7c35ea68c7d6f452ad23ce3a8

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
12KB

MD5
7514813404d1ab9965899aec58f83e19

SHA1
1ce8b6032f188cc0f912c5e2b21c31a74d201b30

SHA256
975baba336a155ee5afd4d7b7215240be3b03f9274593caed25900c2cab9cace

SHA512
a91e0bf81de9a547357248cd9098bd3d5111f7426f4ca27adc4c03d11f410e96d7ea708a4d5db58c168046034f89e41d86fa8c68b3560ce229f88252d3b1a658

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
12KB

MD5
a34f0b0b9110cd86cd3cc41a6a66922f

SHA1
80a06c2280b98ff4a288d08dc9b06d6905923f23

SHA256
6663a36e38fe3167f4fd0d288c94d79a4290167d18f16de8767661056f5189f5

SHA512
209613e0ea9a20284e77bb1f06e88e8e1eafed8f01afc743321b331929cb958f1a9e5bfa1a6974c0b8a520ad0f7751caf96e183f2ef241e4ea8e79bfc045fa75

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
12KB

MD5
687dcbbafbbb63c83b10b3ce2d32ef3c

SHA1
90aff560c1c6040ad321dac36ab2ddc04d2c0648

SHA256
97324adbc03abd95959ff79dc3769f001d3f8cb9f8c296d9fd919c0bf77076b7

SHA512
e655cbfffb4725724e526a11ee2efb127978356be79d54b70915b2b785fb0cf59423065993248d87ffe799343653936026a2434c9b24f76c1e44ef9bfacfe5d6

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize
36KB

MD5
5688bb854f6a5ee87e8b421dabc06b98

SHA1
e93e7220d1ff985715399d2a96099b87bf2c0f03

SHA256
a3a4519bbeb686e83e9f92d92ac401e18bc8a316911711d4df7a4870ce659374

SHA512
436c05b47fea69e6a3ac274a963858e736c58fe2da8d3f3ab6f93e7014c30f59aed8dc6d6e932d43a864b3bae35867f02bc4669b8ade37130c1ca3a3d927a1c8

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
512B

MD5
d45dec1983785c21e24c6ca73bb9167d

SHA1
ea47b92d00226763e7b2de681f412f8d061e2bb8

SHA256
b6386daf3e6118aeadb5a21459ea606a7cccebd383e2792a4f5728888592adf9

SHA512
c459544ae084c0e5306ef59679db72db9b0e3eab0a9f706962016b0d30f0027b9170fcd3f853dabec5730aeaee446ffa526439302f4300fe995c86297de887ca

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
60ac7950335787359dc467b7896ea6b5

SHA1
ab01b0ece8f5f221cc3a948445d15a2bda2e1b7a

SHA256
86ca05ea985e65901c1887a74517c32ef4c8731723a51961f5d26df71b446dff

SHA512
f55e70a5088fe7cc6f44ba651caa552105c15e1a74a059165891692dbfa23356187dd116a3238101d6fa5fd5d2846d5fee4b67f4b9a883040164b90e52ff6557

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
691dcb5dd49abfcbc1457d657ec217bc

SHA1
430f5c94213eb2520bb1e67ba766469692d74930

SHA256
acdfd070bdd2114f1a2fbd00e40af36378f8a312ed71f2b879452a8a5097e1af

SHA512
3a38f72ff08b6f006d52f9626bdd79b45023c908380135ca1e55bb855c80af8af4f38c3d4ef8a8908c3aca3f4f1c0bd392d9dc3201eb961062db419253ee18de

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
7f1f80f4009af2cb8b299a9849946e3b

SHA1
06e5ba37c055b0c063515fbee82b6afb3b9bc5b3

SHA256
a9a85d26ab0aef26888516cc890288730965ed07e6cf770c638b8c5823921239

SHA512
286b985fb64c3e73704c23419261f3692af2f31ea9459bc71469ab188a1b48e5e9a4f2c6dff973e642a7cd33c1aaf41d15385e7a6c45da2ede37b65ef106e9eb

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
cefb71e06d8ed6afe1a3b49856fc2b6b

SHA1
15b7fc39a3445442bc5181b684a93e696536d912

SHA256
a6b748127cbde9da8eece33ce4289515638ea7670a05ad1b82022fb50a4c786f

SHA512
6f6c3e789f361bb1491760a1757a5b8f978321128ed9c38dd113e1c3027fe6c82f26daad42c6e8f192f85b846f29225904db069d013ce9900dee7b996254effe

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
b050e611b0f9f4a53889e38b44cbbc0c

SHA1
e06b1a23a16712184ac8a7bac3f5cbcebfece0a0

SHA256
e664451a08ab8e1a2b607f7a2a55b450f86a2d772387fc89d2061060904b6f3d

SHA512
26df630f3c542cc3d51e3daecd2ddf76566e4f3460b6ba7fb545b1bb5f1a981a042c38be365a2ecb4f4c71ca98711b86303fae4d8fa89818b1fb6dd59c0307a3

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db
Filesize
20KB

MD5
421a529bd0a1f9117f55a38bbffb23b4

SHA1
deaafc106ba365c9fa103fd6a0d3116a893f3196

SHA256
04ca9cf39313282532cbcc397296ac7a3de384479ddd2665bd342df95fda2d55

SHA512
1d94faf7816917adcf467430bccd1d75d7c6d7ffe97d4ad1aa75d6f5ebe9e2e6f57c8a3fc6e434d98cef817a3d2cc6f33d9bc6af9fb8d8556849c1d81987dcaa

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db
Filesize
20KB

MD5
5b107e8cbedfca4b3cc16f5368834f7e

SHA1
cbe7cfdc9c755e95f39f6860a20f0048c7f7905f

SHA256
19e5986c4638e75faef67e216a5ea5f0b59a24c15e848fee7deaea3021b2e600

SHA512
14cddd2e221de7442eb296b34fa41f416b8ca79975f22c1c21df647ec446aa416731b71cc463f0f54a32fc590f91fcf58246240e4bef2a1cbd36c3f436b696ad

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db
Filesize
20KB

MD5
7b6e6313d9e6e8d9528c8fded76d259b

SHA1
bfa7635d2c1763d2916a8206edffe4f0a9de3ec9

SHA256
4125e0d0418bc4c558b2841213f379893b0ecfa0f0e484be9b1ca4cc21c0164b

SHA512
660aa3cae6cdee102fcc3e9abe0cdf14b3e47f513eae391ee50fdd7c10aa877569df7ff2c22d981efa2468eeb4b5c57a352ae2576f59913fa643fe538ae73e7f

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
081a802b00b5e6185471cb989a738338

SHA1
0f23a4b44719ae00e05d7735cd7d3501a81ef2fd

SHA256
7b4c371b502b5116bc9bbd457e9bdcf1530ebac41c1785640c712fdd91fc0556

SHA512
886894d2c8cc65fe8d5f1e1ed3aed06968488ed20880c98f30603a2f5f7c6f99595f68e86a361c2b2680fa74cdc7f856655e0a444883737f5ab5e534150bad03

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
ca7d00cf2f6465a84806c5b90fdabf81

SHA1
c090b0da837990dbf3a9589d94d513905ac87650

SHA256
cefc36de7118357dc2099e2f4904b70ec12faa90da220cc69858ac91c17d6dca

SHA512
5cd92022f34856ff567339278928e11625cdd9543a7fce6c5e56ec07469f2539b741fcfe115ca10b37837f461d738f63b56bc64e0b8d6ca78b74e3da5d564c99

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
f59758c81e7584f66cc4e2b0e7bc9576

SHA1
6f8b19a154c50bbda7249c111d7931696a468851

SHA256
e6353730fe26913610b594e71ce841281fa855ded8a4ffe01e05ed86896fb739

SHA512
fdbf79c4f42d62cb19b36be1358a63626475a2c41dc447a78851f19e0fb98f2af28fec5a9432e388a1b13978801b9381341a0f4d457a6f9f2dceeec7fc1ce8cc

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
37acbe2e1f3179173b00f3a36076db3b

SHA1
79da1bdc314ee796c7250a6129335fc7ca8884d9

SHA256
9d1c465ed49f183ca3be412dcc97daf1ab227e9c2631c05dafe88afda9aed4e9

SHA512
364d774b3e61ddf54124fea5af07c7d777d74affaa888e456c23f5844361075971bcbf9dedd8994924e65499c305138fdd250b9440e853d90784db9c6c54f236

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
20KB

MD5
3363f66290a0dfc63f50731e0a7a4f5f

SHA1
0a538e1c44b4001a4ef4f7cb7173bd78fd916d40

SHA256
bbeb45acfed5d5c46800929ec794baa5ef272f80c59a4e8951a2ecafe2e37e90

SHA512
3b62c6a7f06bc45dd87f049f47f1e4421b18a80e109cc0bf47a94e07338baceea1bf1f9995c9c5059f97a3bb7f078f8d0a841857673713bf4f7773be2d1c6e40

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db
Filesize
44KB

MD5
bccb9278d77d034c07b26496fbe95fe7

SHA1
1330dba430edca6c97dabe14908fe0ee6f8fdae4

SHA256
97b5c19fe8898ae359903e5ab985d8ab9e389b848e5af40e910cdb7f96c3d673

SHA512
721a91ee9c946f569b464ca940a299382eaf58e963a1411c869effa9c2d5867fd4b62f441d9917709653294ba20fb11c36029db6d0cac29ce7666bf79e7673e9

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db-journal
Filesize
12KB

MD5
e2c3422a2b559da91490faa439868983

SHA1
20db912cd1e05770823809d31f1850c167c8277f

SHA256
03d3e9033f3a7cc172369306e7b188b4094877c38b71f7bf5722d7731eb8f7f2

SHA512
7b41082ce8ccd0cf4b462cf9446f36f3a04fef0bb251902d84c67d8c6beb2498d458be67b2fb2a72d41273c01ba3a0db20306f4302f9b6fdee5bd3d6fada15c7

Download Submit