1f0cfe625ef96d9362427052da78e4902115d0c0c8df6e3d6946c9f65b336f51

Analysis

max time kernel
179s
max time network
149s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
31/05/2024, 00:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

857801c464917c1315cfa7b4cbab4fd9_JaffaCakes118.apk
Size

5.9MB
MD5

857801c464917c1315cfa7b4cbab4fd9
SHA1

981b4a85535f7d02debb0646a7e514943cd3d6ec
SHA256

1f0cfe625ef96d9362427052da78e4902115d0c0c8df6e3d6946c9f65b336f51
SHA512

406227d2881f6583276d91cec097242386376b2e317cb40024d2a89a22f319741c595cd21a87d5aa4f43f945e1e740f7d206ff2ae2bd8f8c994a42a4ee7dcd5c
SSDEEP

98304:5fsadOybik4gpS8U90VUJyr53bgOE25JAOPArfT6+F95UHmZkg1:MLaS8U9qUJyVgORbPgT6qKi

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.br.pizzamaker:Metrica
/sbin/su	com.br.pizzamaker:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.br.pizzamaker
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.br.pizzamaker:Metrica

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.br.pizzamaker

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.br.pizzamaker

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.br.pizzamaker
Framework API call	javax.crypto.Cipher.doFinal	com.br.pizzamaker:Metrica

com.br.pizzamaker
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5144

com.br.pizzamaker:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5211

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.br.pizzamaker/files/ZPkFS.log

Filesize
12KB

MD5
4b40062dee030700f4e525845c65918f

SHA1
a3618e95f2ea91fdb0abdff08675362ea807b8b4

SHA256
2ce769f2d032f6e2e7c288bf7ead4fc21216cdfc292ebfcc61bc946520f64dfd

SHA512
735965745b321f41c5eebb213a88a74f77b822c4bc41a3b9c6dfc23a549237da4781c9467c4727a16e0dcf3864a25150a100aeb962ab08ab880ab0ff280cbde3

Download Submit
/data/data/com.br.pizzamaker/no_backup/credentials.dat

Filesize
233B

MD5
69118964f262c7196acc9572db6781d6

SHA1
ad437749fb72d5dde35d65bd8a24120b9a3bc163

SHA256
6cdd253a5f14b282357f69c61b4a1394ceb997d3d317466c2a9bac9f876ccf2f

SHA512
fbdb3e4d9d59af098d523bb6421381403bbbaef756bc888c3090f20c85d481f6324c41bf7a9c43344a384e284a01bb5193d588d0982232eae1dab2f6cc3df1b9

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker

Filesize
36KB

MD5
de85f01e4c319e9ec22474df681c4fe7

SHA1
989b0e45d3672dd7bb05bb69e97ca1c7da7ec4c6

SHA256
9e641b0f6213afed94346482d48b377da48bb0466cc00edbdbbbcd18dd483c8b

SHA512
4117413b33a471be8828ade049bb8391fed842d4e47e7c9c76440383b9e43c246da81e63974e049bb2917467762dd9b8c1493cc5a589eea854c44d57fbbbc203

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
20KB

MD5
e35a6873cf829815d54e68b708e021d5

SHA1
3dcccc357b33fbaa792254dcb96ca1cbdf7395ab

SHA256
efcb9bfeaa7685d6517a73dc096e1bc6e8f9bebda7cc23fdb0548da33c255fa6

SHA512
9b6ec65a79b1e51cb53d53f8401d22f49f3c540cc999403bc98b15c3e984588dc1eae5ca5d057828c6bfbb42c2483070dfd6e4a4c35c82f69f7fafe94e2f3c8f

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
20KB

MD5
83144b3b20d10b4dcff3e4e5565a7f1f

SHA1
c6d9fae62880695792e74addf2bec2597af8bfc3

SHA256
183c7c5bfa4ec942dc6732322b30b962ac138f09ce863336179dc0060f44aa82

SHA512
432055df2fdd6cc8f8e6874943057df29392d3a971f913a77cf1274465be617e70b5ac0c43c8b90065680a86f62ca4426ee27d553a605175e6f8494aa18ed6e0

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
8KB

MD5
0cb3cff357ff2c23d84b2bb7c0101a6c

SHA1
8102e1a8c8b90567ee60dc339ed8e33de8917c4c

SHA256
bf65ba647348fea38cd776bfc278bb024767fe40e9a1371f61e17e696ea0089b

SHA512
e39d72a7e934809fd2fcda5ca2540fd612cd274684ed1d88b77ee29cd895321fa0f821cd29b62174e21c7a4f3166c07c9bd266a640d5ad5d2d3b99536c02d3c4

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
38655569c4632b9150c3e4bcb20dee04

SHA1
0c614b2532e6c81dff3a8cc3bbf6b058c3e527a7

SHA256
55801471b7989b5ad42493f1006cfe1a51342383a1465e2a383e804bc9203abe

SHA512
b1460eb75222dddbe9c873082f587e71a934c9956c6046afb6fbec4815c2f842f2a64df1211cf4d4e2cbc7f3b17492ad51fd9be4644a18e39609219160266d55

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
d0a5417c3bbedffb8dca6a85bab2a110

SHA1
e3e45faa92a2b3a4a0be8145a20f6de3ead915fa

SHA256
0301e4ac24adb43a6fabb5254567e5414eba485ca5df40b2c11ee39f5389016a

SHA512
b92a33364784d9574834e8404b6fb9c8afb0b31d9a6df6a31b7edb3c014666d7bfae389a2f67e3e6d4558da4b56648e4e3683974dbba98c2939444191672eaff

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
da3134adc1ae6b413b20cf6ebc7e98cd

SHA1
a1b3a8bf1178584510a9b20edfc37a86f9180a3a

SHA256
dec4f4977269729a860ece3215114659eb129b0bab6d740c056bb80a7d8aa47a

SHA512
4d4759613ba3cd372788d90f8955615ee86005e3450d0d89632c67dfd3041e04eb3d1ee23296ae7326110b45853c0bb6f60bdd1c3c225fa50498493a64b9daa0

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
7ffcf930d4392c9a0cb29b24218d8d8d

SHA1
bd9d9fe3b3fd44be50837354af434c9f74294950

SHA256
973fbd30c03162a193a115fc8864bc5055192b391be499bda4b3000ba204c536

SHA512
8ab65a49e93de77c03a0983234d9841ae1639b0603a5690b312b7abf04c7adf0b2a43cd13a67ad93727cd9184c12facc1542af0a8fd6ed08ae25dc39bcb9813a

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
bc3ee659445b62e2de50cfa60cbcc7e1

SHA1
85dd9cccac7df232f62f2808f499b020c941bec9

SHA256
f5687db11014d7671fb5aa81a7803a3b9c48ad7bbf6fed9dc76bfed12e1dfbbe

SHA512
7b3cebef4f5546f56bedbf3ece31fd45237c24d22aa9bbfb43baaaadf456eed4ad60873b59c32cfef54f8b0adb873dc554c3c08bf08b4c98033f7b0014024077

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
85b292be7511b7ef4ae48dee574a986b

SHA1
ee3ab03e912d11b002fbb8db1741becc00e78d83

SHA256
32cefdba27755b703d8cd66744d1537e8dacc5ce021bb57df38fc8810b075cf6

SHA512
2a722359a32c4a471ff1599250c397fa2d405d7f4a9e2f22864aa314173ca27fe659c12acd8abd370ed46b5068b24a97eeca2aaa85155d3e2e5cc8d540375749

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
aaa5bca31733ffc8b09248887d892a2a

SHA1
01b498ac4dcd6b0a25de42289d1bba84fee84127

SHA256
50957ae6ac3a6b8698872138bb053eec4cbd36b012add17fb55ed0005ad2b2ea

SHA512
16167cb95528fbac51fd8a39cb6cec46a2b7a71bd47ff906b07120bf468aed3c741b6cbbaf6d650a728fcd8049182bb07c2bc77a64719e96567fe915acb4ab0d

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
ac1c24a916b195d4344df37286851f44

SHA1
55fe87059a4098692862fbff783b36377a173495

SHA256
21ab8369c002d9841dbefbd5d2e6e9e7f520fb50e006e8949233811d21e1b443

SHA512
0243e44faec6ca860c6d3fadfe55aefeb0bf9fe2d89dd2c91184b00338a107ed3f4d272d6cdc647b640fc9d64a341137578902cf2254cda98bb68b6070942389

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
53f76dfa18af1d593a3d8a13dadf4aef

SHA1
fe77d09bb7e645a51b7036aff987a89b85ba91c6

SHA256
4ccee499169e4f8695629e48abdcb4ceaabd23cf641fa79f5483197d9bf17b3a

SHA512
36f934e22bfdd32dd06c3efafa1c804e8eb1a05e0870417d5649e26693277eb44f4a8343476adc65e8056500f6f8afa5c44db51bd99c0a914125c9fcce548836

Download Submit
/data/data/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
4b63f64beaab61dc000f3fb15ed89713

SHA1
6094ae41c4bcd0640cc6106a706804c791d86906

SHA256
8ed88f1b34935daf33e488b69feded12b7af3f4b31ab0c58b7a0b329cb4f93c2

SHA512
8e2025daa08cc44fc082e6d4f8dc04da8306ac42f9d340f4a20f760bf1880774dcb07b2d445f190f4b9655fb94d4b3995826a0a81f8de3ab1a0c7a931c2d85fb

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
26bf2b4699d9f58f0b626dad105ec6a3

SHA1
a192083055492915566f5fcdc4f1910b42585264

SHA256
ac6ddb40255356a78de0c5dd24215d8fd8a5645351ec3b1021b5e42ca4656206

SHA512
b22acc5d4227200c90cd98b1761e9351101cc52a35d7c9261f045de9da070f2d74b60599520e27e2235f5375b9c7b25aefcdba63e718fe888b83c1025b231d24

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
484df068dc370197c0e37af4f433f772

SHA1
5d071329bf5182e60b2d268adca542901d492001

SHA256
3ebaaa9fc7a9245b413f62f91d9e689d468456dd4b6ce2408bcd2003cbdbfbd0

SHA512
587e7b68f2c167d39dd50744f2892a461a67cb073e8cf9f6eb2ab752e07841440dbe212af32958248d15af5d4001e7fa12f86cad62578ef31999355a86c3b0b5

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
ea9c2dc01d788f2ed7ad6a455e32335a

SHA1
3da6ee06226734e9a402c3ef2b542af3b509b6af

SHA256
ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7

SHA512
5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
d79c41f4706921e5654d9f053d1d24b5

SHA1
9b055354311478fe5d1da433a315bdb4d452937f

SHA256
916381ab9ab898114c827290e696ed12d3415bface4ecafda63c2a2913e8051c

SHA512
4acb7767ac3990942b2ddd3af3686382a0c82b8e0881210e434651afc5c4a23283741782f77cd4ebcb7e44084ce742ec99c82a4a98f73de94500dc48fd23b665

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
b5308ede9bd88a866863cfa25a855c2b

SHA1
eaac09975f5ba6a2457d0351b0e13db25059a184

SHA256
807304edac737b53628fc81a79b60978920e7acc1f8bb00527c317cae434e5cd

SHA512
7ec841847fbd945b9bc8f67fca9bd059fa0fd826e2aea4eb4433c96484e724cc8415c784d1e747c630088bf8a4a3a83bc953ed5912a2b26a5770f3a989251bdd

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
f848677164363f6518cf7c069a68ed0c

SHA1
02fe5d3a60e4e300d4fe91de41b248afd1c50787

SHA256
c4b27c03d882b80b3c1d15e8f9ff94892c88fbe9a29e3c3db77b092b6674e7c4

SHA512
d7e76ed700508883fa934f4a4977eed14d87537644af1c9d305e8d827b46b246f2e9d8e8cf78372ef5ec053dc272b83a9eb2c299d30aa55534728d730a8e5fdd

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
69a3ebd4cd2b94a88eab79e37813be55

SHA1
2a62fd069339657b35d39f518308c4e64d8adc8a

SHA256
ae639e5637d9d9b9e91bca8a1af64452950c61097a27e6a13158ab0ca77495ad

SHA512
9a95b650d5e644bc3fcbd58467341a5ddfd0b84893c0ffe64d1aa4720eec292d28e9bc889b40c3e6825b5c16367db2567973863c6dbd1efc1a7758307e563c2a

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
518241c72732837391deb189589a9817

SHA1
e84e646f86262c9e360b34a71147e7c1d2b5fb4f

SHA256
00dd6c540abc3b62a65a33516b48a040de304a0329f95fc38da886300149c3f7

SHA512
97c981eecf4a0632063f40c32e436e35af0fec0d54b06310639c36ba00f4bf154a09d454d7b32180f9579839846aa52697a3d57d41ce4ae6bc90ca26972a6128

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_data.db

Filesize
44KB

MD5
1cb6e256a8bfecca8f4e79e3fba8f903

SHA1
a6a00467f87b645540e3175ebaa2679966954a3e

SHA256
dc591c04237bccdafed3c8d651446b527426ba790dc145307e27287746608eff

SHA512
d1fff63b797e6a77a2bc86bab797d5a0d3713927ef9fa180eeffe3f422f003d0329563456628f64eba9cf01b7a5dd8e4b11e4748f78cc9ad3d24b1cc68a051ab

Download Submit
/data/data/com.br.pizzamaker/no_backup/metrica_data.db-journal

Filesize
12KB

MD5
1cf29d0c1357bea3c36b537df90f5326

SHA1
e2ea0e194c5ae0b0a9893457ddd5318124274dd0

SHA256
11da107b917869ae74c4bc2fc329a04f385008aaa4757cd8364e22a453d8a7b1

SHA512
18a2f49417429f3d396c25b35b33fca1114eb84e6a9bbd44c794fad8d28a5f9abd09be704e1d4c3054786fbb3705f68c7b095ddef3b96e3f1027c910e37888e0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads