Analysis
-
max time kernel
175s -
max time network
151s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
01-06-2024 05:43
Static task
static1
Behavioral task
behavioral1
Sample
8983ada140ff2064a5368f37280438a8_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8983ada140ff2064a5368f37280438a8_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
8983ada140ff2064a5368f37280438a8_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
8983ada140ff2064a5368f37280438a8_JaffaCakes118.apk
-
Size
5.9MB
-
MD5
8983ada140ff2064a5368f37280438a8
-
SHA1
2c06a0ecc07c3fa922c2a10aff40c5ddefb1aa76
-
SHA256
02bb61463e6488ff0e0d796802bbf4e6ff7a3af5e131331dcb8bbe75a07c6c6b
-
SHA512
fe1a26b3e07aee47237aa2445331905be41d10fc20eb0bc397f999ff995e155dcf1ecf0682a9c4fe91d7addeab43cd9d2ba9daa2571d395bb65a652df8852773
-
SSDEEP
98304:XHQljvUKULoYgMmTRavh0nsudJ6VMyq0QBa9uqArf0iLhZ601mT6PPm:XHQlDU8dcKPMU0QQgz/600b
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
ioc Process /system/app/Superuser.apk com.appsmart.delivery.darbarmuenchen2087:Metrica /sbin/su com.appsmart.delivery.darbarmuenchen2087:Metrica -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.appsmart.delivery.darbarmuenchen2087 Framework service call android.app.IActivityManager.getRunningAppProcesses com.appsmart.delivery.darbarmuenchen2087:Metrica -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.appsmart.delivery.darbarmuenchen2087 Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.appsmart.delivery.darbarmuenchen2087:Metrica -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.appsmart.delivery.darbarmuenchen2087 -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.appsmart.delivery.darbarmuenchen2087 -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 2 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule com.appsmart.delivery.darbarmuenchen2087 Framework service call android.app.job.IJobScheduler.schedule com.appsmart.delivery.darbarmuenchen2087:Metrica -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.appsmart.delivery.darbarmuenchen2087:Metrica Framework API call javax.crypto.Cipher.doFinal com.appsmart.delivery.darbarmuenchen2087
Processes
-
com.appsmart.delivery.darbarmuenchen20871⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5220
-
com.appsmart.delivery.darbarmuenchen2087:Metrica1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5288
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12KB
MD51089d01941a5756b3e9cc964376248d5
SHA1e45d4c7b4599fa1150c4910c3dc923b233913b36
SHA256b67e69d14e780e5b8683566de63cf4d3ec88a73c2e1e885fb31e31c3abda2b47
SHA512599ce766836ffc80013938ec9f1ff65897860e1b2750bf4d04f43096c48e9592b0fa77983ffee677e9448a4610cf462d0be7a7357fe1d7434aeabc380ec79bf0
-
Filesize
233B
MD50da732567413cf7cb70a370c7ae8dec3
SHA10a8c74b881f7da7ca085d87cd1f3d34ae6ae6a17
SHA25644a07758f9244d1c8dec516b5c637277cb3f1f5f048e6bbfbf8da23c23c579de
SHA5127a19ab2b808b6e08fdd35e5e21b6bece3f693d30739138565cf48d429f94034b7501fb297124cb854374d8e579de7c0b046f42a7e6d4f877978b84c7592bc0c6
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087
Filesize36KB
MD5295f07b6b8a604f504f6b5bec76c4bb4
SHA10fbc22c1f81710ddcac06b0dd77d4de1052945a6
SHA25605d82823a2eb050e18b865a864361c16c826b41172da7fafcc6e01051a10572d
SHA512bb02f672bffe674bac6bed9a2d7cdd9679fe53bbfaccb6b2209064f135021a7fa8016324e1d35349be05f6469b6fef41d3b1d0de6d5bc43acfb6762112424e35
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal
Filesize20KB
MD5f9c48db94235a8b17a6f5cdc5fccef71
SHA1d2b0e30b8c00623de604775e27d0e4e1d4bf2452
SHA256c0444887060448196b535797f206429c34d425bd15234c77208966967a3245b2
SHA512bc28b73b0b71741c7a164ccc5020033efebf2e52064f5156943dc6efb270b19dbc84c098a8d8a4c38bef6e4cb72c21ba1d0c888c589e3afa86d1065bc2dc10e5
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal
Filesize8KB
MD57d0d931948c0322fe215ca3207bc0ecc
SHA113551f0073d748d4ba1ab836771a3b7ac499de45
SHA256ed25b3f25731389dbf6a7f52f6f80e6b139cf823ad2c067d5f01d153e856eae2
SHA512257fe2342f9574b89b4b83636455f22397267b99959c9bbdf703f68762deda9d6aaac31259808588c3f5ca30b9cfdc20c40b2656337fcdf6a61e52d7057a6a9a
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal
Filesize8KB
MD5ff6367db746fc31fcce3b12225cafd18
SHA1e3baf8ed27ee2197a4931568599f26b1048127a0
SHA2563b6a6c473741e7b4789dbacfc6595d451b1e16dc9a7014867f9f94d20c867348
SHA51232d1bc4bdfe757b1f0e55df7e9fe29ecc0fe37729b02f1213877c6f4bf1fc799789611e7157293ee9782d45ebdc4e32618e1adbb5b5352be9b79dec797275819
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal
Filesize12KB
MD5d30f695a8eeff1cd0395d987302a12d4
SHA18c6e31c0ff07185cdc67b2bb6fa0781e47130b1e
SHA256500d8bcc8e4de641b9bce01dd6c819d94f06081749ae59d83902c7f036848269
SHA5129d540d181734d7706cc92f9ea82b7ff075030e6e44aed271468451b176d5deacb299d26ccd9ba3ff5a396bae58cdb57632c1e0ba18e4ea2497afb229cf143167
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal
Filesize8KB
MD5566d5989cdd406b7717c0eb25dbebfff
SHA10283fd208f3c50e5dd5a89358c1a3817b3a7987f
SHA2567795e2945c3d309840c9a17cb3f06041f162d73945f16acda2e9289c567da617
SHA512be80bc840cc575248afb94351404f2e2a0015623ce5c96da241dde29ca240472b2ae0de57984561a629ada0f57af0e125898f8df80bb12d213571c97f286df51
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal
Filesize12KB
MD5d643cb250a25f62600f9550960fd10b8
SHA16fc20e95f56a8654965d39484b9f87f7a7aa0d61
SHA256a42dc2dce541825b5c83317a45eec480c17e72df49fd6186e9e364438a904821
SHA512453df7e8766370b9d5e43bbfc6ad122185c919163f91397d1c788a2a7802cc1fa622343d5587df960e22dabf00d70eb26444b67c5b9e65ebd169daf1dd94b6e3
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize36KB
MD516304a11394725a7e47eab3e09a05323
SHA1788090da82a34952ffa79198d5a802a016193e45
SHA256891a428ef4edaf4dd721ea45bafb23fc95e95b8a0d1422d2d6505bcf76bde122
SHA512a758adecdbcf8f71b7406242012636f6a724fb3ceac905d8a5540d0a1981d51cf50d57602046eeaf51591c9b9d4d8578425fdde06493822ff177b8ba87b1fbea
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize512B
MD53ce5cd73f30d689b13e8702f8b123a33
SHA13a9520977e2e4cf98010caafb0c909c3b597caf3
SHA256cdf692cbb179d5a8581a9c99983e903f80c053c23104a1be8c188b08ab2dbe03
SHA512824b7dd1cd675d21f24282b635314033fa9fbac2e329f2287d4f1224d44ed94bddd6d974c537e19aa08f0968e69755ebca8036d0ab98847216f2568bcbcea650
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD519fefab550d1d5e15ed57a76e8b0312e
SHA15de7301289b903fd1e4c5325d1aa8464fd689041
SHA2561ec4c851d73cd0b40bebe1ee961c02ae34b01f19a9cf6fc5231e47e5b11777cf
SHA51262e952e71d377b87082d69001b9f445711374b03190e3b81b818ed68798353061cb8031e92d6eabb10c8aed5ff66e9c33983f275435651dc7722802d726db83f
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD53bdeebe93516f66cf494013de2d03c57
SHA1974769c7a1ba956d22e8fa9a812fcacfc3dda377
SHA256ddeb5c7b08137a8804b74f2b05bd1cf247f667ef95d2c98a6335ee8e24dc8983
SHA5123dcc957f16ae610a695e5143c22d768564e84265a1f4639335fb10fa93b03997a65acfc23ce3753f4e712ddbccacfe60e7be550ea0bf2f553ac83ef02db7cbda
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD55cb99977ac5c422f1ef584f8769ac7c2
SHA1c4fb75756d06d201197c52cb57fe41cdc278c2b1
SHA2564e03c3c43581e8a0c9135db12dd67716f8d87141a3b636c2d7e3b5717e1cee3a
SHA512f8786379b33052002f91b1505f4fc0661cad6168a98bf48716005d5dcb4613461fc6e14191bd76ef8f6d6229391286edf6a7863a2189ecb11946c0900a137ed4
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD56bdeb28ea9653d018aff6d704df96e66
SHA1965722790a232d5867122db776d3e4c3d33c211a
SHA256d1a53dd27aa923b570c8b6fb91187d10df5e792b71c52472bc3efa64fe0ba161
SHA51281c61cf18cf82db315853b0553071c4db36c8f3aac6681924df0c917a475d3d036bc4fd722435d35d2f68778f7a628fc76608ee9ed65cf8ea2b9b4ab51fde707
-
/data/data/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD5145bd8997edf190385c9514ed7d4a830
SHA13b3130f73513bad76cb4cfb7d65bb95d8e12c25d
SHA2569ebc47184d46d0d447610f5c306f796d5484c5c5fbdebed327c6d276d8c9fb8e
SHA512d7bb2562adeb7842f9eaf8f869aed66f8778ef92fed49fee5b1c9c9bd937abfb3687e16a36d6fc05b1b4ae24203e14172e8689a5bbb6c035472f527985fa41fe
-
Filesize
20KB
MD56e95273a8baecf07ed9a8455ca4ca589
SHA19d3c48fd75839aff476786ae8fbfe1a88e79204b
SHA2562730851c7fe5ae074bba59dc3e1ee10d8184d3ef4d1d48c6a4073826d0c01614
SHA512c1f9ec5d878091fdbe0c7508a59b2d9659bc31af60b01efbb0cc40e3db04ebfbc3d262d7743e54dec51f043c07264788cffb48122c862d13080ef2b17ae297dc
-
Filesize
20KB
MD54a146390ed20d8732f08170adc440b09
SHA13a153e9611cf3d1fdcf07eb2d2a4e0706e9074ed
SHA2562426ec0325055bcd2f98198a8846c0e1ea7de46f7787725c6ed716641d60461d
SHA5123378ff1241cbd33d2611150e717b0bcd8f70d62cf339cc3296b33ea5f2406232c6f46820fb40176df228fa00ced9bc44d92da9cf5bd977a4bc82df3160984496
-
Filesize
20KB
MD53d0fbaa526255c4f6ca5150a78a1e431
SHA1151812571f00e034e070bc410c1811a06f1054c4
SHA256b28fed914e22977d19ccce0b14d60c943b30b5dabd79fc615ddf25228f4f527d
SHA5129e8c0f29cef1e4ea0562aeba83f60066e49ad0c7890d958bc7475cb03e5853a5ba442b76b1314f7cd8ad3e1c17a9fd1e1610dff02f9a8c3ebddf3958da9429c3
-
Filesize
8KB
MD59ae9491e44d09ff6567b72bf7def9884
SHA19f86da2a7982b068989ef956838a8e393cf4776f
SHA25637014eab1a03276cf0d745b5fdf77383cbc622e11d59fdef740bfd2b234c7b5b
SHA5128afdb964518a481725b8c5232ab593de679a535e5e81f0273019296fff09419153152f8070801da9ceee75bf783c4d538d954078c199a218ba95221759456876
-
Filesize
8KB
MD52d235253194b260e703d81c68045b9ed
SHA1eddd0a93a161b2e27ccdcef743f2df1ca8221571
SHA256f4998dd8864942e404d91ec5d032730bc1a9018dd24ca880ae683b6b42aba62c
SHA512a4c4bfab556562dd5289a6571e2e5b3340e26380efed2dc5d799bb7c797e19ae8f6fc6274b8aa69800da306ccd2360dc2991131b319f671647fde07ac37a8040
-
Filesize
12KB
MD5b3a487340927b40f0e72429251f0455a
SHA1fe1e5609132403a6200a7e05cae991cd1a4714a3
SHA256f194782992be4aad4ffbdae666146e296db3374f291ff3cce06df53de5ccab65
SHA512336fd054de7f4ea18f54040a392a59ea1983a458267c170ba1687fec9b6601ca8b051792c87918a44478a7254df7a229da3b8733842ac8bd509d507120263385
-
Filesize
12KB
MD56855b98f676a85b8cce73a9defe124a9
SHA112a6bd9001ed7d57b7be99191ce339021c122751
SHA256f1fc7c55870b639376854943126f507e3afb49e2a9e4a676e70f1af8fe5b1567
SHA5125a22c9d6d02a7514412a82e5a9590bf3f995622e4a0ab94017159211268301992f14c4b96976879d1e397a50abff828f7a2daefec575ca4d527a43d5fd6a4961
-
Filesize
44KB
MD58cc35a645cbe3863571ef04ea7381dee
SHA1c84f4393ec59c3a1ec66134f1a53ed2f236dd0f2
SHA2562838c7d167a933a7fdf8bf5bd4d873b3340748f35d80d1ce9b6a5139c1bf2954
SHA512338247b17fbc6ede63c6ae8725e149098056d3f3e8203ca9ec150fa779164bf917ae2ed42c3a32b17e4fe13c87e37bfbf15a2396d29ef4929705408e0e4f126f
-
Filesize
12KB
MD51b93236fc7b6df37d9acc7f708b3e3a1
SHA1b291b952a8c405820a645a1d95f5ecf7319e2b39
SHA25668d86eaedc53f7a0e263db0617a4bf86c3b29e7822e860bda3ae61c2459180e1
SHA512304328d11a3dbab66abd79e7ca74916ba95fc8a7147f7800f8667f9e092b844548d301945a66531d2bf3bf6c1c0c89e68e57f8aa26665faa51ecc26b149907b0
-
Filesize
12KB
MD5b0bbfb964e42465075b5798cae98aefc
SHA15a059b8192dabf56d5dba1ad2dffe5fa1e7bc82f
SHA256970c03f1c7738c9495aa6dc924cdba4fff8a0c5aa120c175ef61decebf087743
SHA5126aa26306c3a34779c9dcf3388354a94e31ce372329abb3bd674955092d2209512ad2aa76647c6ad97548b7a04d6d52d27726503088902a5583f79e1f0a66f508