1f0cfe625ef96d9362427052da78e4902115d0c0c8df6e3d6946c9f65b336f51

Analysis

max time kernel
179s
max time network
179s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
31/05/2024, 00:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

857801c464917c1315cfa7b4cbab4fd9_JaffaCakes118.apk
Size

5.9MB
MD5

857801c464917c1315cfa7b4cbab4fd9
SHA1

981b4a85535f7d02debb0646a7e514943cd3d6ec
SHA256

1f0cfe625ef96d9362427052da78e4902115d0c0c8df6e3d6946c9f65b336f51
SHA512

406227d2881f6583276d91cec097242386376b2e317cb40024d2a89a22f319741c595cd21a87d5aa4f43f945e1e740f7d206ff2ae2bd8f8c994a42a4ee7dcd5c
SSDEEP

98304:5fsadOybik4gpS8U90VUJyr53bgOE25JAOPArfT6+F95UHmZkg1:MLaS8U9qUJyVgORbPgT6qKi

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.br.pizzamaker:Metrica
/sbin/su	com.br.pizzamaker:Metrica
/system/bin/su	com.br.pizzamaker:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.br.pizzamaker:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.br.pizzamaker

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.br.pizzamaker

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker
Framework service call	android.app.job.IJobScheduler.schedule	com.br.pizzamaker:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.br.pizzamaker:Metrica
Framework API call	javax.crypto.Cipher.doFinal	com.br.pizzamaker

com.br.pizzamaker
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4618

com.br.pizzamaker:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4679

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.br.pizzamaker/files/ZPkFS.log

Filesize
20KB

MD5
d01115ab3b3ab6cd76adfbc07994cd9a

SHA1
2e7e72949ae2c3c9fc3faef4ff50f29153ce10de

SHA256
477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68

SHA512
bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/credentials.dat

Filesize
234B

MD5
1a733261426c0717c45e6b69831c8676

SHA1
6e5a326e40599aa029c1b726bc895a3661eaea0f

SHA256
d27215d45e5ac9f902d7f344f76733535b418946028634827b618ba176510005

SHA512
7dec5519b646ff4128e749a889b28087cc8a86bba07385546b67bd9ba5c77a28e7badee6ffa9f2b82fb16ca6f87d9e34f3d39417bd34e384b68f83419466c9c6

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker

Filesize
36KB

MD5
8a96cd02245c1b77b99a97a21289b90c

SHA1
9126dccbfb4e5cd5825b1156a75b4040a4816017

SHA256
719da8c13eaa28a25c4d53ca17a9efc7958a3cc4de9fb1a44091e1d0de54e828

SHA512
24d77b5c29755052d082af0ba1dc5d8ea423ec06b9fde072a376c840076c1812c5522aec199935ac9f0ee3f304af69f67213eae98e5fd333c1e56748bae9273a

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
20KB

MD5
fb5e0ea6dd834af730313f00b41dac92

SHA1
efd00b6a197cc397f15226d177f1ddf4df9f8bbb

SHA256
9ff786c6b03bf33955a5d5260f6938aeb2f71dd12eb454b1ec7d9a2cde4e2a66

SHA512
2d3745f80fd380934049e38c974a0abb6b3ac93b96f0d633b84674f5300dd4741968c10b6aaa282d444f2db755eb5f7e0921e98c1fd650c22363b3219c496c48

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
20KB

MD5
d1d431c8594fcfda3bd5ad7819b2f889

SHA1
dca3c576154d3b44936f0b0eaecaaf80ef754cc9

SHA256
aae7d504d9d1c4902fc816e91e79f8f391479c7c0c0e7a07d16275d1750470bc

SHA512
50c8c3ba529328d8c65e104b96400236aad9abee1a97db039599f378ff173ef9c62068236a44d8093b207e6f58e38988acdeac557f6d85422452744033e6e82b

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
8KB

MD5
f88bc46c7d7253e24a685ad7e4181756

SHA1
c29a76e22459c63cbb3c9db82e1b46e177f7f543

SHA256
b2e05b2962bbad7cb7db4e0a3ae3e5e19e3ee89c55093327e4e3b24e77b89f05

SHA512
4eb2ca2393c360a474ffb8e2784855651c7e189e35ec0054cdde14c36aa3578833bb44ae938e5b246737151f1c46221b7f5b1b2e9f693b16d56a1c75c0f4218e

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
4db8e4728d9a7031ff996e7e093b0b31

SHA1
44312545d005b8de0a65e20904bc3bbfed75d8ef

SHA256
bc7d5aa87f8f70394e659cfd74e9d012d4f642a103994d02f37a866d6a7d64d0

SHA512
fab6e897df425ba66b9d6af61e6677642767576b8779e374457dbead3de119ec7672fd996d160bc5026ef23eef9367eef54533762feb6e5cca60a0767e09c0db

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
38e2843576a271c343de608462c300bb

SHA1
4d3d903080e9d133cc29f09cf1c36141aa176b08

SHA256
18f1f968ef9aa58e484ea721aab0af5b3bb65471db18635ded47d724b4a20e0b

SHA512
1c7aea827e80931c2839b4bad62fe9538782797763dc8f86d2e9594f4877eb4aec77d4b98836a5cc21018833401dff9f16352c7cfb7cbb07d410f5685cc3d63a

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker-journal

Filesize
12KB

MD5
42baf27b4b50410c3adf8bb075397580

SHA1
6aed812bfc1845f3a8492b671bd1a05070d3f656

SHA256
862a8cad3f3cbb212fac8a70285e4537aba5b8fb2a5fe5f4546299f1e3834dfa

SHA512
754658dacf57f3b22a0a33139679200ef487809038b247b4e7fb5c9851929ee955b71382f2d643da3b0accecb9aada357d2dd770eaf8d109737ee7be24ea5a96

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
d9515d9c08823e0afe3329da4326b101

SHA1
4287520d60c91a835e3e7c2e3e81956ce8153ec4

SHA256
56226f6575d3d2de759bf0e543ec512ad060d1d01854e1ee726969ee2d640e68

SHA512
b1825de84289f7107ddeca91fd78d4c303ca73a22f4db4bf6580f89173bd423b82f7146b18ef5c5d59118cd2687fab3a85ae77637384b02901560f988d0be109

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
99befbff422eb267edc0e469fd9c9f39

SHA1
36aece7e88c80386a04686086cf0469931163546

SHA256
e13ff1ba7ff4965be5acfe53b185681b9581ba9795ca8d4e3af3c7bcf5d719b5

SHA512
7059577dd73e2a62f05c668ae94b9a951b633b4c7205427d6d9868958f9e7634cc5c30bb8fa2386b2da26e3f18c73497db95dd5f6b327c7a9cbb488727625879

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
e8590acbbfc94bfdf9e5fbd57af55766

SHA1
699abfa8fcbd19d799112ba45eae4e64013e013b

SHA256
162be2d3faf97169d4ce02b775b7993444efaf6c76c60d05e13560964bc840cb

SHA512
88f85621f8c80c5374a3229282ec3ea629602b1199386ac5c424a2c0005425c5518f4caf1e2cb0351bdde2a229db6cddc9f12ea2861dcb0e08763e37c781faa1

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
65adbe4ca15ad08c04f9b4095046cfc8

SHA1
04e9ccc01b0e072734e76f6a43f1e512412e99de

SHA256
af8cd1426385c2706abecb19e304ed7128ae3c5535f2fc1843cd8a73584c9ee7

SHA512
9ea14fd270cd1e97d0bf85f01729f21316448179fba2cfedbd1d3951ba9ed6254845569ba4a301e993c3c086dc296177181e92588f2c39cb92b2bd5fea4e01cf

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
bc8a1f697add6b768e57ad9d281023b0

SHA1
cef4c0c11ce6571f04ff22003ff5d6c51be57acd

SHA256
378eb9713a814756391dc8a95363b752321ab451000b0943ce05437499a79984

SHA512
85bf82e2176073bf39131de82363b935ded9e76d1eda5b5d4ded419b06534cde3a6d7541b18b5fa9c445ad4f1a984b617d5162dcd088162115795678d56120a1

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
6c5ddd1a14195182dcea601f6a480b48

SHA1
db0ca4ee286ec14edf7c552a1031028003033533

SHA256
895e698616d29fa3e09086c4527910c6798dc72f864a18398ac8e466c5df538c

SHA512
63aad5a3cc8c4449b278e3d5adfbec29afd0479952f9f21178af2b0715b38943aa778d0ea832205bed2f673e6267045581784506ee2bf9c2908099b08d6f9787

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/db_metrica_com.br.pizzamaker_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
b0118f3f4276d77cca85ab9a02670227

SHA1
9e2ed0f7ba8b602eacaa7a5d76c808e0a8ad8fe6

SHA256
9c9a0abff0552e5c66602fbef0b38647fcfc451fccea0a5711e47a50ed86117e

SHA512
6da87dd659dfca5ef6357a90584b27db22f1ed17f7572c9ff55f8f5c7a3f861dd002ecf1436422e828fb33ee81e7fbf01a02f99508dc38e387c5e68f52337dcc

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
27f84e3d7c927c9b1c2c5170c8d001e4

SHA1
d9c10823c9b68c5f44abc5d5d959118dde0f288d

SHA256
f74d90c339c3b32724f8b61e957c04ae57e49daa20c824fbbcff0f5ff21b0027

SHA512
4a87cbc4830d542b14b50a50ef5b82c8f7bd4f57f049dcde64f87a6aa6e6e54208f9a48ea72cb72849e56eb65a3c74520f7795c20eb8dd10b108a1f3b0963678

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
a2ee6370d75ecbb8b362c516d03eddc1

SHA1
62df676e2bb36a0afdb5e5701a11154e9185246b

SHA256
d3d99414fb60fc35a8f0b8db8079380d577f7462183548a2c76e4642dd002da7

SHA512
0d9ba8a2d14d0e998a96b1da6071e964dafef0e775ababda6d19df5afcf0b3ade1511922d950133cb792012398d0bc6d04abd090760df72e8955342db38422ac

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db

Filesize
20KB

MD5
e5639b469346d3d19c79ae3bdc2f4a9a

SHA1
b4d9041b94176f65417e63e77f0f324b81e8dded

SHA256
cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf

SHA512
273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
79de547f649c975c97831d4e677f91e1

SHA1
5a851f311cb50d44ecc68a34f02b1cb6a29ee740

SHA256
d0cb7dca954bd0016046787251e46e987d66c00d04baecaef9e812f2c8238c6d

SHA512
e4f1628b889f581663d2f0789873e422e2cf83f50f00f7b31518f5091a305a6ef6690ec4cc97068ed9370c24addd570e34524e70c47ce9fc55d6df5a9c0aadc1

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
7b0d6a47fe9cec9329aadd615d0dadac

SHA1
e72fa159b6450703ca765d5944168844ba2ca209

SHA256
9ab6cf76fee9f4f4507da9305229e8a1e122625ab7c18848106b40dbb4703594

SHA512
32a1fe7b42c2022e66bb427e2af3605dcfadf9a29414b72cd9188d333e588f3fcb95ebcc98a596a0ffab8793e24f20f4cc9e4286c2ed4020bab99c97640d7c92

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
3154262523cd788d2e1b54b2adbdf982

SHA1
876fc9d526f033932ec56acf3d8d752cfbaf7fb7

SHA256
4b22d070d16680d98173943cdc6bcac982f1699cc58f69e2a1ed63bc5d15bea7

SHA512
165cb98bcca941a7a0eee916cab12039d67d45f6eb09b32c8b95dd45dad8eab8f911a517f1c453c43229ccfdf438bb05049837f17a0968f6e5d51f79f7cd4c03

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
43087afc44077a08930ef13d9690f78f

SHA1
8aeb0d27b9130b6d1f310ccd8a7cc242ada4ce44

SHA256
1f8eb6a4bd2cb09c1fc5ec4635216c90e1c65502adc052f2cb48cc317e888980

SHA512
c7afe17d73d2c86e856b7a16deadfaeabc77d3ba39de9ba83fa80c568119178dd182b237792b8a469e72d8522a040939687b39bfb16ebda0808d82a653730271

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
f5386617d3adace76e3f395473a785df

SHA1
5e160a98db41de4ce09454b49e6093d6a046efc5

SHA256
c9a0c798df02f92e9a31d988246cb5ef73d2a044932d92871e8875d79f62660c

SHA512
fb9a3ace55f0dbf0e22329c835af4160396d61f885a4504307f0b56a13c541c3a66268467daf31075972fb713b800a14d80cbb30d4c0b645fcd69b7b5a3690c4

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_data.db

Filesize
44KB

MD5
fc32bf1092c1af2df5e9ac4d66a81fa7

SHA1
5321065526ea6164bb33b605e1a2d39ef85da5db

SHA256
ec5b62bcc8fa3582e9dbf5e6f95011171ce9fb7b0139884c26d84c188cfccba3

SHA512
b6a708fea352b8f327a77f13fb1b26569149bbfd18a1e83a4baf1c24a5094afeb79d16dfb362f3053f4f1ab1fbd431407b2b6d5adee838357165ccd5fbc651bd

Download Submit
/data/user/0/com.br.pizzamaker/no_backup/metrica_data.db-journal

Filesize
12KB

MD5
4b67638e6bb23261ae2fe79dcae46482

SHA1
8294fdeb4a7addca3c95cadf39749f8e1391b662

SHA256
c6ef591c0471622d090fe9fd57e838e98fa221180bc7c5e4d9b5a13239674b76

SHA512
d282ebc35f04c875085b492ee8e673f9868404a1301dc5c47ac6e0d7e09180db3a173966a3c36a15ef2d18b04f090e3249f785e9b9ceea51ccaede2bc8659cab

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads