09da8bd04ce6f2d73b1c31a0d7f86d0c9ac8ea89d3ea5cd07b67323cf1e232cf

Analysis

max time kernel
167s
max time network
136s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
28/05/2024, 09:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c8b32cae36aa2b86b834aa3b74ae6fa_JaffaCakes118.apk
Size

27.3MB
MD5

7c8b32cae36aa2b86b834aa3b74ae6fa
SHA1

f931610ae5f3c6e5bbe47c1ee4fd739fec9433c5
SHA256

09da8bd04ce6f2d73b1c31a0d7f86d0c9ac8ea89d3ea5cd07b67323cf1e232cf
SHA512

061a8b2bae9a46da12787c8a395fa0033289c6735403587695b74aa8210daa8f3483653ea81ab851cce6edc0fd25cd274d5719b24359efa35ecb0e26aabc3ebe
SSDEEP

393216:FpExDVCTNad7mTKoh5fsAwyBwJoVmcacHOK2n9p6xvCG8VmrqwF7L8Y/RDMOOH+E:gxDONUaTKqtBpmc217gJB88DMH

Score

8^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.spotify.music
/system/xbin/su	com.spotify.music

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.spotify.music

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.spotify.music

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.spotify.music

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.spotify.music

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.spotify.music

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.spotify.music

com.spotify.music
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5159

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.spotify.music/cacert.pem

Filesize
252KB

MD5
3e0e6f302bd4f5b94040b8bcee0ffe15

SHA1
ecf8b8f6b31edf0e376b7e3b3a95f2d4e7b41c2d

SHA256
6d45a0555cc3006bb5340f7d9da02e7ae22f910b4824b281042805966e703cfe

SHA512
a6f271f79e238bc494465ebc7c556b9e6aadbfe481470ad48f24ac386fb2ca4eba218ea4e5802a1f903a329ba76d0570379a8c233b9aa7d0b093f9dbb3df17fc

Download Submit
/data/data/com.spotify.music/databases/cached_logs.db

Filesize
16KB

MD5
31f4d78b5a9e589beaf476eb91d2b998

SHA1
a0efdd58c20e70f03b5d6a9822af491000038764

SHA256
061e341f9cbc48ed8a4d05311d4b0f2033ff8552ee689dc33293dff7375b0bb4

SHA512
2376aeb3ff281b62340c480fccc90200cffad73ea8ad0ed2ca80abd39951420d5b96cffba787406149649e86cd271c96d45de8a90aa8325d29319afef95cebb2

Download Submit
/data/data/com.spotify.music/databases/cached_logs.db-journal

Filesize
512B

MD5
5c1d096865857cbb931e7f2043eb52ca

SHA1
912cd618affcc7df1b8b5fd8ad8a53c1ce0c946a

SHA256
b9769426db25f821b801db5a7a7bab265292e3bea7b6082432e7224ef283f222

SHA512
a401a3eee256b070b5c21137f0665d2e5c612f366516b750ebff0dfbd08ccb5190a3ba7746feaa3ed29b5a61c8346e750589a0dca175d5e7d1fa0c6456e821fd

Download Submit
/data/data/com.spotify.music/databases/cached_logs.db-journal

Filesize
8KB

MD5
66f7d2c84efc53ab4df43550b5a2a1a0

SHA1
290420f1ca72aaa2ac0a671f9afb91bf7e06af72

SHA256
66e8f5f63e8115f4837e055977bb4bb8350de03815e1e1fdd1e30d2f114b3b9c

SHA512
15592536a84dabadc6ff1f59fe0b8f0b6151956b261dfbb7046489122fc1026b5bc8919ce780a5e6e0a1f65086cff705eb30665ad42f454e61e07744b803f5e5

Download Submit
/data/data/com.spotify.music/databases/cached_logs.db-journal

Filesize
8KB

MD5
e7ff085c36346e15f3c58ebc9cbf1ff8

SHA1
54debd8a634743ff26d768b3b857bbe2f21f878b

SHA256
c0ed0ac96a56dbebe93c4fc0628e8e2a7866ae58c6e37ca690661b2be2c13f15

SHA512
fb4687d255138c41658eefb87a68baef0b9e1409d95cc0917fc9c9ba7cd7bb7cea91c94188a095a9352803c2cb4284c53a40be8c3a74476d11097e89a50adc26

Download Submit
/data/data/com.spotify.music/databases/google_analytics_v4.db

Filesize
28KB

MD5
7c068658cf174ac606f1835ace44b231

SHA1
6625b77f031369097ba940e3b157de45af58610f

SHA256
5644cc4fed86810200e94dc4e4e07a33fa2ecdd215fda45211cb4a1497f31f15

SHA512
481cc6dbe50d19ad4a8afc8a0afea51ac374329def0a98011eb8370ac49d3c10419382cf1d0542b55d60ee23a3e594dfe9729706e59824d3510c744996541318

Download Submit
/data/data/com.spotify.music/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
a3af99640486c6f81992e5332ca8d06a

SHA1
32e5230c276270c0c558953aeb9c396af147cfc6

SHA256
a3e0b18ec7138cb453204886d12f482daaac0b62c20ba05b94cb3e7584824c49

SHA512
91288d4c405b9c5c981fe727d7435f227eac6a9e0bb41177392835093388fe2f1866d27d476bdbc75edd34eba8e349d741eb474f1a37b7837819a6fc21d5b1a2

Download Submit
/data/data/com.spotify.music/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
8474132d5b162199f6aa3200882b89a7

SHA1
a184a5878bf165c3a8a4faefbb424dbf31c55940

SHA256
7d3d80e945fa4281b84bccf231cec2a8f9f7e4bae41d42fe6c6975c6b0a9262a

SHA512
19598e33056b64051c70c7d7f5c6afd68e19f974a78e6b0f78b33555c013a96a2890120ee162b23e0e499eeafaacbd40af721483ae100f0df5e88dc848c598a7

Download Submit
/data/data/com.spotify.music/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
a37b36ab212f43bedd5a425e6d737686

SHA1
65d0179181038dd9bd01e482dd403b1469ab7893

SHA256
0581261eea855599329da99e0c4704b3033870a7d50ef7162f8304583fa83ce6

SHA512
0bad99f60e1bb2a5d70ab769ac7a9503991c766c8d3d670807381855189e9fa771335dd50a62a2b74ecb540634f5d237fd73ca42414fa96867dee1a698926ce1

Download Submit
/data/data/com.spotify.music/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
1edd49fa0eb9f330a9fdf537a7592894

SHA1
bab87f6dde49bac87e20a8c41c12d35c18751589

SHA256
873e48da5609ff4f5463cada96741a1f8168a6394c2deda4df5a9b290dfd065f

SHA512
5ab21f3cb644d472a8c04aadd12666dd7647caae05ebe34406fc72546070a666749ea5eea3c23fee1097d5286f3663978e4faf202cdf9fe65555609aa5a9d156

Download Submit
/data/data/com.spotify.music/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
f6775a439ca09257ea5ffd80a03a71ad

SHA1
4363c6846059ff604010647e945c6bf5ca47e623

SHA256
a56ec280eb8dbe3819143df72292d0a1b8678a6adb93dc9d5559e9e1d5a16eee

SHA512
6b12730b1a835bbcc3e66c4c7ccd4f32fff3461ba3e6331bdb9c7489498c97a01c1e96c42be14aead9cea0dc8ce431118c8876bf131a7d5f2016f9b210ab3cb5

Download Submit
/data/data/com.spotify.music/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
3ffd26547ae6183404703d198cff3f29

SHA1
9040f0e197302c5526ca020e0e399c507861281c

SHA256
d8ef28bd748bb980e524f41425e4c6ce88404bb71fe3b257f9466efd474ba086

SHA512
12f709fa41528d6c36eeb58dcdca885e8eac2f2f7fb175e83bc171b23f07c950cb37b00307958623ac85069dc24a7f3d79dcfacf96137cfa82a739562aaa9a27

Download Submit
/data/data/com.spotify.music/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6655AA390089-0001-1427-B8FC75A570B8BeginSession.cls_temp

Filesize
77B

MD5
08ebe32c9ac098d3adc858cf0d23ed6d

SHA1
681b46ef02b60728a7d5be596a5beb2a077f0516

SHA256
ea458eff689b7047ffe025dfd8b0b3609cdbd5542e60692ad2689af1b841b308

SHA512
afe4ea3b2c0dc59ab90a7ffab5e41f8a09efea9fe8b579a86814de52d365ac278eac4fe854fb8071d049d6675b596b1240fa9ac56636d672b8693736e7ddc48e

Download Submit
/data/data/com.spotify.music/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6655AA390089-0001-1427-B8FC75A570B8SessionApp.cls_temp

Filesize
122B

MD5
e893320d35f0ba4cb3ec0e983195dcd3

SHA1
14d16945e14a64e168def92d43fe24e6f024a59f

SHA256
291316f1372d09cad494f030e72483c0e3ef4188a9cbbed6fb064a24d4607cf3

SHA512
2023152c206403daaebbaf027636ec0a027bcbe61e2f492f0cdec04776938be4ba0260194a82c1615c055584d2535394055afee4055e3b4868ccfe59858c2ea5

Download Submit
/data/data/com.spotify.music/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6655AA390089-0001-1427-B8FC75A570B8SessionDevice.cls_temp

Filesize
88B

MD5
9fded62a549632dd89cb63687ca2f88f

SHA1
aa1168de57bfa3e8020b58c065cbadd275a5ac26

SHA256
f21cbae7d0fe3e8a838b930a8ffa6f09914f651be9440b49222d44ec68622851

SHA512
40a2bbd38fb8439e3a9bfa3c333789ac32e0c59ebf8e2bcbcd27ad2192251e24b35063640031237d401992278ce6fb1748fec5755e444d87d3cd3593e1981c13

Download Submit
/data/data/com.spotify.music/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6655AA390089-0001-1427-B8FC75A570B8SessionOS.cls_temp

Filesize
15B

MD5
2566d27ce8c28d8961f082c375d7535e

SHA1
92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf

SHA256
5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a

SHA512
1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

Download Submit
/data/data/com.spotify.music/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files/crashlytics-userlog-6655AA390089-0001-1427-B8FC75A570B8.temp

Filesize
2KB

MD5
57e6b3899ecb1cedee22c3d09ab059b1

SHA1
18f1cee7f60f71ffb4b62b3b18d84cf15cd985d4

SHA256
4379775ac69d3cc95636b59ef4715845bf822a5edb069ea1b168b05f5ca2effa

SHA512
cb1ddc1c7dc2e78728b7ea3f17b0b9e0b093216ff553bf2e715a163ab2d852bf9c28bd0424c035cb3b50ffac367b8f09f38fe8ada69332d7ae04405143af8adc

Download Submit
/data/data/com.spotify.music/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
2KB

MD5
b75cbe8913d64dc0fa125a0445d2e698

SHA1
6da3cb1d09663918cf86542e3ecf415acf1f4e1b

SHA256
69d24a737223822eef0cb007f4ae9824ba282cfcd51833041b4e1a4a2823dc64

SHA512
8f5b2165767201d79d84d46a9683b0b834220d29c5c7a0afff6657b113c17f682fec5c4d6fced8a4327271d3a2f3af4faef454e8bfaf013ff6494633c206812b

Download Submit
/data/data/com.spotify.music/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
398B

MD5
8333a0899d6b4300c278745df396ad89

SHA1
2a06cbc6510f562f9f71ab7b1278531c31aea3ae

SHA256
874d77f1984c3e6a1297f1d43a5dcf2a056e706e08f3a15a1cc7e44e05008f3b

SHA512
46a9d333068148f2746e3bc8481a947afacc58566e7ffe81f24df8ed1cdfdcbffbb34be1cf6938114a6f71d7057d16a61bc7c4a0f723ba75da49fb08a1d60bf0

Download Submit
/data/data/com.spotify.music/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.spotify.music/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_74a75d28-b597-4e23-a5d6-bdeb3aec82c7_1716890170014.tap

Filesize
322B

MD5
06cd732835b2941e72c794790c781b6c

SHA1
03da48f8e5df9bf1dbfdfa5587f059d7f7c867d4

SHA256
b7caa74f49ed4990f9013f27a6faae28f9dc251ad39ea45d06dd420bc247452d

SHA512
accebe4cd73e63b18305772edfcae9b4919b4c03bad35d63a36bcd48fe82e925052156c09f4a46f81d9b5c00d03df64b518e8b18c7027a7c4d5f68551d181ca3

Download Submit
/data/data/com.spotify.music/files/AdjustIoActivityState

Filesize
297B

MD5
4f139b8aee372a045fa76f6bea2caa9d

SHA1
0445b6e0256372ff71682f20777b6098b1504610

SHA256
45bd2d77d87361b16936195be594f164ec1e0449a041f1d3cb7120f447c49405

SHA512
da046deb898e6b577a81e8da6e67aba16ffa5ca917e0267ffb3655ddb1b5007d6ce23865d5b9542ce1379795823e338c579b9b18df48a44c79f0e4fa27d9a1fc

Download Submit
/data/data/com.spotify.music/files/AdjustIoActivityState

Filesize
297B

MD5
d6d98039dbecd95c3bac374d024e54f8

SHA1
4a35c58c72e22a62d5935af272d981c5806eeae2

SHA256
af163fc831dc03ca24ae2d4bb65decacdd97e3d90d879bca3f0f2633669a92ae

SHA512
050beea04c03e5a8657f0f034f796bc6ed5d77715bba6f934dd5438edb7221452ecd68d8d741d7f38f9c188dea48c83e3dc33bb732d1ca1cf2421ceeb9365c90

Download Submit
/data/data/com.spotify.music/files/AdjustIoActivityState

Filesize
297B

MD5
40798c4e6799d5d4c41eb93e9f6da1bd

SHA1
5f8e7aafe48e604a7aae83b3a7d9989d2dca8e98

SHA256
9a6373e5c81cd06576241ead332e7cf080682d0acb9ef86d228a64a51a8e9a08

SHA512
2a8cf851361d7a8d32a8e583a3879e79ee7bc48e3bce9d4f89da71a9cf0fc651fb4ec38f26f4a61154da66561dec938c2dcc875c8c02e2ebc78766c9e684fb2b

Download Submit
/data/data/com.spotify.music/files/AdjustIoActivityState

Filesize
297B

MD5
9f2c6dd351283875ab664a814593cfec

SHA1
13deca3706cc8c5a89de56cd0011778073d89b7c

SHA256
3daf76b3804ceea4c32574c399988f4023c7ff1bae4269032bacc7328313bb66

SHA512
b8fa0e0627291615d986c330211629172d02c85433e0fc52d35b3c764c11dc9ee329112c9b93dada3d07c89cf28b803cf615b39a601d878b9969fb28ecbfe928

Download Submit
/data/data/com.spotify.music/files/AdjustIoActivityState

Filesize
297B

MD5
cff3455e0c76c2a1f099ffae6ab89f00

SHA1
e4e1a50784a03afc66bcc0f7398bf791c9779661

SHA256
a5ec241794071251cfbb8c18bbc60220d755f5ae1702e062682463621d14ebd0

SHA512
f2f0900980b8647b26c37a80129288b0d1103c1d318ae02608c3663b1659434b4ccb8741e47f6f3d70114a39c65e04c345e5ae47e497bc6873ead674d7242bfc

Download Submit
/data/data/com.spotify.music/files/AdjustIoPackageQueue

Filesize
1KB

MD5
242e26a62a88378e7273e34cbeca9147

SHA1
2fd126c41ce7838b73ae5fd9958cde0963006ffa

SHA256
7cdf8f7b3e83543faae7cdafc7b5dfab30b2ba7b6f1f877b671e1daa9cf75b14

SHA512
878a6345b14394ae2466d6684e3976809f44b33b976d2756b5e07d245b3e72bf26f42c9e5be8f005bed787e7c45636f97014693bc12f92e74ddba4f1511a0c54

Download Submit
/data/data/com.spotify.music/files/AdjustIoPackageQueue

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.spotify.music/files/AdjustIoPackageQueue

Filesize
1KB

MD5
8f5c6d3335422c257712d3e51fc08336

SHA1
2a899cef6a5184cd58de90a5a5024de024c0f443

SHA256
dfce1d8d32d25584d88c07c65b0cd8d1d1d7368ef0b5b0b0db538b87496f4412

SHA512
c4e0ff9c7d72c23f7d8a3b939e2b1c1e540085dff08754fc08e6999adc8086fc8988176025966f1ae5f7429b80553e161686d9ea52f1841816922043edec7bf3

Download Submit
/data/data/com.spotify.music/files/AdjustIoPackageQueue

Filesize
1KB

MD5
efaa3f22d0f669b3eba4a34465a0c35a

SHA1
dab34243b9867b0227a99ef3749d031cb89cba20

SHA256
3ef19a56a087901bd0414c637fa66cb800ade10453f0fd924b27d48e97b18075

SHA512
d4c1856dc21a3b2aaf8b3e05b216f11ba905260597fcceabd4e2134942e38ebf8808b39ab0fb9590a5a99535eec3a4301236ecc7c47d9a36031f7aee0e60db32

Download Submit
/data/data/com.spotify.music/files/AdjustIoPackageQueue

Filesize
1KB

MD5
8d55299730fa1c0738012148bf430ebb

SHA1
04c2e4348512dd598fb1444f3a04f475a8a5cbc9

SHA256
81b947f6582595afd82e1b7a33613ade47f22db93cfabfcccd63cdb6c781ce80

SHA512
d73147abe4e2887e15e7bfbc1b781bd38e9c251957b2d3c7e0234c681c7a4c13e1434b4b3702e1225c45453e45b7a47d43dafebcbed696eac7822a377c5ea608

Download Submit
/data/data/com.spotify.music/files/gaClientId

Filesize
36B

MD5
164703725bf70b2eacb10f0cdc8c2caa

SHA1
5e3de0cf21163fa3bc718ee60d486b946aa8fcf6

SHA256
0d4760eb6752a8cdcc3c8565221b8c85c20900cb89e11d57f3af16e41faec1bd

SHA512
b602e64186ad0e79754f99a887300c35f4a183038118d11f0acc132c57f8929ed5d78750b1ae49b6bbf115b96fbf8378a9d4f02fc6a24964dbdd76ab4608b05e

Download Submit
/storage/emulated/0/Android/data/com.spotify.music/files/spotifycache/Storage/index.dat

Filesize
512B

MD5
cd196c895e4719b425c4528a722b638a

SHA1
25a5ea2faf7fc894292d5eb60aef939a16ed46ce

SHA256
67a6cb547cd405ba73a01536f70df424163e4d6f7a353e35792aba94b1771eb4

SHA512
d86b120ed369c181eabbac12114c7d96271542ba8faefc4ac0f6dbbe2eeacd4017488cc7f18d8f2b00382b818040316d0be81ef6ddfc9cf59e0d380eea9cf6d1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads