Analysis

  • max time kernel
    175s
  • max time network
    151s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    01-06-2024 05:43

General

  • Target

    8983ada140ff2064a5368f37280438a8_JaffaCakes118.apk

  • Size

    5.9MB

  • MD5

    8983ada140ff2064a5368f37280438a8

  • SHA1

    2c06a0ecc07c3fa922c2a10aff40c5ddefb1aa76

  • SHA256

    02bb61463e6488ff0e0d796802bbf4e6ff7a3af5e131331dcb8bbe75a07c6c6b

  • SHA512

    fe1a26b3e07aee47237aa2445331905be41d10fc20eb0bc397f999ff995e155dcf1ecf0682a9c4fe91d7addeab43cd9d2ba9daa2571d395bb65a652df8852773

  • SSDEEP

    98304:XHQljvUKULoYgMmTRavh0nsudJ6VMyq0QBa9uqArf0iLhZ601mT6PPm:XHQlDU8dcKPMU0QQgz/600b

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

Processes

  • com.appsmart.delivery.darbarmuenchen2087
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5220
  • com.appsmart.delivery.darbarmuenchen2087:Metrica
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5288

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/files/ZPkFS.log

    Filesize

    12KB

    MD5

    1089d01941a5756b3e9cc964376248d5

    SHA1

    e45d4c7b4599fa1150c4910c3dc923b233913b36

    SHA256

    b67e69d14e780e5b8683566de63cf4d3ec88a73c2e1e885fb31e31c3abda2b47

    SHA512

    599ce766836ffc80013938ec9f1ff65897860e1b2750bf4d04f43096c48e9592b0fa77983ffee677e9448a4610cf462d0be7a7357fe1d7434aeabc380ec79bf0

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/credentials.dat

    Filesize

    233B

    MD5

    0da732567413cf7cb70a370c7ae8dec3

    SHA1

    0a8c74b881f7da7ca085d87cd1f3d34ae6ae6a17

    SHA256

    44a07758f9244d1c8dec516b5c637277cb3f1f5f048e6bbfbf8da23c23c579de

    SHA512

    7a19ab2b808b6e08fdd35e5e21b6bece3f693d30739138565cf48d429f94034b7501fb297124cb854374d8e579de7c0b046f42a7e6d4f877978b84c7592bc0c6

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087

    Filesize

    36KB

    MD5

    295f07b6b8a604f504f6b5bec76c4bb4

    SHA1

    0fbc22c1f81710ddcac06b0dd77d4de1052945a6

    SHA256

    05d82823a2eb050e18b865a864361c16c826b41172da7fafcc6e01051a10572d

    SHA512

    bb02f672bffe674bac6bed9a2d7cdd9679fe53bbfaccb6b2209064f135021a7fa8016324e1d35349be05f6469b6fef41d3b1d0de6d5bc43acfb6762112424e35

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    20KB

    MD5

    f9c48db94235a8b17a6f5cdc5fccef71

    SHA1

    d2b0e30b8c00623de604775e27d0e4e1d4bf2452

    SHA256

    c0444887060448196b535797f206429c34d425bd15234c77208966967a3245b2

    SHA512

    bc28b73b0b71741c7a164ccc5020033efebf2e52064f5156943dc6efb270b19dbc84c098a8d8a4c38bef6e4cb72c21ba1d0c888c589e3afa86d1065bc2dc10e5

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    8KB

    MD5

    7d0d931948c0322fe215ca3207bc0ecc

    SHA1

    13551f0073d748d4ba1ab836771a3b7ac499de45

    SHA256

    ed25b3f25731389dbf6a7f52f6f80e6b139cf823ad2c067d5f01d153e856eae2

    SHA512

    257fe2342f9574b89b4b83636455f22397267b99959c9bbdf703f68762deda9d6aaac31259808588c3f5ca30b9cfdc20c40b2656337fcdf6a61e52d7057a6a9a

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    8KB

    MD5

    ff6367db746fc31fcce3b12225cafd18

    SHA1

    e3baf8ed27ee2197a4931568599f26b1048127a0

    SHA256

    3b6a6c473741e7b4789dbacfc6595d451b1e16dc9a7014867f9f94d20c867348

    SHA512

    32d1bc4bdfe757b1f0e55df7e9fe29ecc0fe37729b02f1213877c6f4bf1fc799789611e7157293ee9782d45ebdc4e32618e1adbb5b5352be9b79dec797275819

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    12KB

    MD5

    d30f695a8eeff1cd0395d987302a12d4

    SHA1

    8c6e31c0ff07185cdc67b2bb6fa0781e47130b1e

    SHA256

    500d8bcc8e4de641b9bce01dd6c819d94f06081749ae59d83902c7f036848269

    SHA512

    9d540d181734d7706cc92f9ea82b7ff075030e6e44aed271468451b176d5deacb299d26ccd9ba3ff5a396bae58cdb57632c1e0ba18e4ea2497afb229cf143167

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    8KB

    MD5

    566d5989cdd406b7717c0eb25dbebfff

    SHA1

    0283fd208f3c50e5dd5a89358c1a3817b3a7987f

    SHA256

    7795e2945c3d309840c9a17cb3f06041f162d73945f16acda2e9289c567da617

    SHA512

    be80bc840cc575248afb94351404f2e2a0015623ce5c96da241dde29ca240472b2ae0de57984561a629ada0f57af0e125898f8df80bb12d213571c97f286df51

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    12KB

    MD5

    d643cb250a25f62600f9550960fd10b8

    SHA1

    6fc20e95f56a8654965d39484b9f87f7a7aa0d61

    SHA256

    a42dc2dce541825b5c83317a45eec480c17e72df49fd6186e9e364438a904821

    SHA512

    453df7e8766370b9d5e43bbfc6ad122185c919163f91397d1c788a2a7802cc1fa622343d5587df960e22dabf00d70eb26444b67c5b9e65ebd169daf1dd94b6e3

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180

    Filesize

    36KB

    MD5

    16304a11394725a7e47eab3e09a05323

    SHA1

    788090da82a34952ffa79198d5a802a016193e45

    SHA256

    891a428ef4edaf4dd721ea45bafb23fc95e95b8a0d1422d2d6505bcf76bde122

    SHA512

    a758adecdbcf8f71b7406242012636f6a724fb3ceac905d8a5540d0a1981d51cf50d57602046eeaf51591c9b9d4d8578425fdde06493822ff177b8ba87b1fbea

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    512B

    MD5

    3ce5cd73f30d689b13e8702f8b123a33

    SHA1

    3a9520977e2e4cf98010caafb0c909c3b597caf3

    SHA256

    cdf692cbb179d5a8581a9c99983e903f80c053c23104a1be8c188b08ab2dbe03

    SHA512

    824b7dd1cd675d21f24282b635314033fa9fbac2e329f2287d4f1224d44ed94bddd6d974c537e19aa08f0968e69755ebca8036d0ab98847216f2568bcbcea650

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    8KB

    MD5

    19fefab550d1d5e15ed57a76e8b0312e

    SHA1

    5de7301289b903fd1e4c5325d1aa8464fd689041

    SHA256

    1ec4c851d73cd0b40bebe1ee961c02ae34b01f19a9cf6fc5231e47e5b11777cf

    SHA512

    62e952e71d377b87082d69001b9f445711374b03190e3b81b818ed68798353061cb8031e92d6eabb10c8aed5ff66e9c33983f275435651dc7722802d726db83f

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    8KB

    MD5

    3bdeebe93516f66cf494013de2d03c57

    SHA1

    974769c7a1ba956d22e8fa9a812fcacfc3dda377

    SHA256

    ddeb5c7b08137a8804b74f2b05bd1cf247f667ef95d2c98a6335ee8e24dc8983

    SHA512

    3dcc957f16ae610a695e5143c22d768564e84265a1f4639335fb10fa93b03997a65acfc23ce3753f4e712ddbccacfe60e7be550ea0bf2f553ac83ef02db7cbda

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    5cb99977ac5c422f1ef584f8769ac7c2

    SHA1

    c4fb75756d06d201197c52cb57fe41cdc278c2b1

    SHA256

    4e03c3c43581e8a0c9135db12dd67716f8d87141a3b636c2d7e3b5717e1cee3a

    SHA512

    f8786379b33052002f91b1505f4fc0661cad6168a98bf48716005d5dcb4613461fc6e14191bd76ef8f6d6229391286edf6a7863a2189ecb11946c0900a137ed4

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    8KB

    MD5

    6bdeb28ea9653d018aff6d704df96e66

    SHA1

    965722790a232d5867122db776d3e4c3d33c211a

    SHA256

    d1a53dd27aa923b570c8b6fb91187d10df5e792b71c52472bc3efa64fe0ba161

    SHA512

    81c61cf18cf82db315853b0553071c4db36c8f3aac6681924df0c917a475d3d036bc4fd722435d35d2f68778f7a628fc76608ee9ed65cf8ea2b9b4ab51fde707

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    145bd8997edf190385c9514ed7d4a830

    SHA1

    3b3130f73513bad76cb4cfb7d65bb95d8e12c25d

    SHA256

    9ebc47184d46d0d447610f5c306f796d5484c5c5fbdebed327c6d276d8c9fb8e

    SHA512

    d7bb2562adeb7842f9eaf8f869aed66f8778ef92fed49fee5b1c9c9bd937abfb3687e16a36d6fc05b1b4ae24203e14172e8689a5bbb6c035472f527985fa41fe

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    6e95273a8baecf07ed9a8455ca4ca589

    SHA1

    9d3c48fd75839aff476786ae8fbfe1a88e79204b

    SHA256

    2730851c7fe5ae074bba59dc3e1ee10d8184d3ef4d1d48c6a4073826d0c01614

    SHA512

    c1f9ec5d878091fdbe0c7508a59b2d9659bc31af60b01efbb0cc40e3db04ebfbc3d262d7743e54dec51f043c07264788cffb48122c862d13080ef2b17ae297dc

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    4a146390ed20d8732f08170adc440b09

    SHA1

    3a153e9611cf3d1fdcf07eb2d2a4e0706e9074ed

    SHA256

    2426ec0325055bcd2f98198a8846c0e1ea7de46f7787725c6ed716641d60461d

    SHA512

    3378ff1241cbd33d2611150e717b0bcd8f70d62cf339cc3296b33ea5f2406232c6f46820fb40176df228fa00ced9bc44d92da9cf5bd977a4bc82df3160984496

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    3d0fbaa526255c4f6ca5150a78a1e431

    SHA1

    151812571f00e034e070bc410c1811a06f1054c4

    SHA256

    b28fed914e22977d19ccce0b14d60c943b30b5dabd79fc615ddf25228f4f527d

    SHA512

    9e8c0f29cef1e4ea0562aeba83f60066e49ad0c7890d958bc7475cb03e5853a5ba442b76b1314f7cd8ad3e1c17a9fd1e1610dff02f9a8c3ebddf3958da9429c3

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

    Filesize

    8KB

    MD5

    9ae9491e44d09ff6567b72bf7def9884

    SHA1

    9f86da2a7982b068989ef956838a8e393cf4776f

    SHA256

    37014eab1a03276cf0d745b5fdf77383cbc622e11d59fdef740bfd2b234c7b5b

    SHA512

    8afdb964518a481725b8c5232ab593de679a535e5e81f0273019296fff09419153152f8070801da9ceee75bf783c4d538d954078c199a218ba95221759456876

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

    Filesize

    8KB

    MD5

    2d235253194b260e703d81c68045b9ed

    SHA1

    eddd0a93a161b2e27ccdcef743f2df1ca8221571

    SHA256

    f4998dd8864942e404d91ec5d032730bc1a9018dd24ca880ae683b6b42aba62c

    SHA512

    a4c4bfab556562dd5289a6571e2e5b3340e26380efed2dc5d799bb7c797e19ae8f6fc6274b8aa69800da306ccd2360dc2991131b319f671647fde07ac37a8040

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    b3a487340927b40f0e72429251f0455a

    SHA1

    fe1e5609132403a6200a7e05cae991cd1a4714a3

    SHA256

    f194782992be4aad4ffbdae666146e296db3374f291ff3cce06df53de5ccab65

    SHA512

    336fd054de7f4ea18f54040a392a59ea1983a458267c170ba1687fec9b6601ca8b051792c87918a44478a7254df7a229da3b8733842ac8bd509d507120263385

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    6855b98f676a85b8cce73a9defe124a9

    SHA1

    12a6bd9001ed7d57b7be99191ce339021c122751

    SHA256

    f1fc7c55870b639376854943126f507e3afb49e2a9e4a676e70f1af8fe5b1567

    SHA512

    5a22c9d6d02a7514412a82e5a9590bf3f995622e4a0ab94017159211268301992f14c4b96976879d1e397a50abff828f7a2daefec575ca4d527a43d5fd6a4961

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_data.db

    Filesize

    44KB

    MD5

    8cc35a645cbe3863571ef04ea7381dee

    SHA1

    c84f4393ec59c3a1ec66134f1a53ed2f236dd0f2

    SHA256

    2838c7d167a933a7fdf8bf5bd4d873b3340748f35d80d1ce9b6a5139c1bf2954

    SHA512

    338247b17fbc6ede63c6ae8725e149098056d3f3e8203ca9ec150fa779164bf917ae2ed42c3a32b17e4fe13c87e37bfbf15a2396d29ef4929705408e0e4f126f

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_data.db-journal

    Filesize

    12KB

    MD5

    1b93236fc7b6df37d9acc7f708b3e3a1

    SHA1

    b291b952a8c405820a645a1d95f5ecf7319e2b39

    SHA256

    68d86eaedc53f7a0e263db0617a4bf86c3b29e7822e860bda3ae61c2459180e1

    SHA512

    304328d11a3dbab66abd79e7ca74916ba95fc8a7147f7800f8667f9e092b844548d301945a66531d2bf3bf6c1c0c89e68e57f8aa26665faa51ecc26b149907b0

  • /data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_data.db-journal

    Filesize

    12KB

    MD5

    b0bbfb964e42465075b5798cae98aefc

    SHA1

    5a059b8192dabf56d5dba1ad2dffe5fa1e7bc82f

    SHA256

    970c03f1c7738c9495aa6dc924cdba4fff8a0c5aa120c175ef61decebf087743

    SHA512

    6aa26306c3a34779c9dcf3388354a94e31ce372329abb3bd674955092d2209512ad2aa76647c6ad97548b7a04d6d52d27726503088902a5583f79e1f0a66f508