Analysis

  • max time kernel
    179s
  • max time network
    151s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    01-06-2024 05:43

General

  • Target

    8983ada140ff2064a5368f37280438a8_JaffaCakes118.apk

  • Size

    5.9MB

  • MD5

    8983ada140ff2064a5368f37280438a8

  • SHA1

    2c06a0ecc07c3fa922c2a10aff40c5ddefb1aa76

  • SHA256

    02bb61463e6488ff0e0d796802bbf4e6ff7a3af5e131331dcb8bbe75a07c6c6b

  • SHA512

    fe1a26b3e07aee47237aa2445331905be41d10fc20eb0bc397f999ff995e155dcf1ecf0682a9c4fe91d7addeab43cd9d2ba9daa2571d395bb65a652df8852773

  • SSDEEP

    98304:XHQljvUKULoYgMmTRavh0nsudJ6VMyq0QBa9uqArf0iLhZ601mT6PPm:XHQlDU8dcKPMU0QQgz/600b

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 3 IoCs
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

Processes

  • com.appsmart.delivery.darbarmuenchen2087
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4596
  • com.appsmart.delivery.darbarmuenchen2087:Metrica
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4654

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/files/ZPkFS.log

    Filesize

    12KB

    MD5

    40053389e9d11bbc87a9ab7b9821180e

    SHA1

    e0dd7ca1e46bb5c858442c576b587651576a109d

    SHA256

    f25684cc2a07f5a3f2d0439189828e9916a9d3d53c9564fe55fbcdee1e7a3eca

    SHA512

    42bf1577b274bf2c68e14b6176597749afdf63a5865c04677f9b5668a5c08e313ef05a73afb8f3fe62b89845dd90b55ae609f048fa8d21de6763f1ac646f0c54

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/credentials.dat

    Filesize

    234B

    MD5

    3eb3cf44dbfaec2f32c18429788217ef

    SHA1

    ab353e3e3688696535919016858c605558082b7f

    SHA256

    c374a18fd20ca7e5692b749674036ec861e49cfaf66c987a9c9fd1f10b7e9556

    SHA512

    bd9afaa9960a9acde0f064815226cc090954fa4b738a09e31afa487dadf8cfac6ba3be6f0ada267a086d238970a6e8e607f74398968e25d186fe337150d829de

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087

    Filesize

    36KB

    MD5

    0802c90dc80e7080518d0394443afd91

    SHA1

    29fde14f0f4a11e63ac1c4421a15dee98da17cca

    SHA256

    cb407c3661cdf6bed0f715c54761f92986adde7edb77447d606f823898f5b5eb

    SHA512

    78c0804bea32f275c6bbc995fd8dad6280e11e584c619aaa93ac7abdec25414febdc16df1ba077de9194f86107bc620a1d6bda8c7bfb5b15132a66f1ef74a4e6

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    512B

    MD5

    fb06fc04ba7db369bccec6c71a2b15f3

    SHA1

    d3197166fe2be5c41864dca5f3d00d4803115e8a

    SHA256

    0d072f0d0baf3d1af95e6ff61924b0f5fa2813b33f505388936b6f709a12c874

    SHA512

    6349d2e83a1038dd7c83fcfed1126ee189f226f58463967e2fa293c30f846eac8a119cf82f65f879c3d2063f99090add9c6377382c74970d2954be4fb06c0454

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    8KB

    MD5

    b6195201147a9b0f8daffa603bbffaf1

    SHA1

    1c78c85062373d578bce9bae340ce665e4d50c30

    SHA256

    79b58fbc5b1fcfb50c1e4077f0238bb0398eda093e1a182712e4ec9ce674c7d4

    SHA512

    30722b532fb9883756b92fecf5cab1e90c91455eff3406519b6f8395cad6daa6b2aa8efc8f9049a1fd0f8b3eac98311fb9fd6cfe721151afb9f391cc6dadffc4

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    8KB

    MD5

    53ed659064f8b0a684dd40670886e60c

    SHA1

    f485b3bc1483c7ffd74beb86ac1e2322ebf65aef

    SHA256

    b40bc8c60db80851a1a1719ba6dd56c253ca027adaa1a927015040df5b36850a

    SHA512

    a0e933855103b8bfd4aac99a021d876aa23ed7d607dae1bbd7c46476c6fe5702407744af3c816577d1f3a768e93079c17340687d3eb2006fffc467ffbfd45505

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    12KB

    MD5

    3e6d2f1ba3348fb973cb6d6582e45a3a

    SHA1

    4763ab87ecb94b28a5ba4212953133daa75d57bc

    SHA256

    2e9e974dee6ce4383aca8e54d5079d32fc6c957793f44ebdd692f63a86dd2b99

    SHA512

    1c4624d208a36bda42dee1ed169216d32531375ca2942fd69c51661e2fa4830516e9a88a499891f04922b187659687c5ee6ff9c6cfa1bf4942366a84a9d28d48

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    12KB

    MD5

    52936ce81d422f42db147528d688fed4

    SHA1

    c6cabbeb5216ddd2fb0b87ce38f6c41748541337

    SHA256

    6aa7ab3c9dae940ac61ce983db32564332a5e7255cf196a63a9033d6ac6a6543

    SHA512

    9dd389cd934a074ee7ddd30b0ed4f04cad30c9ac5dfae3ef92f452cf77a3225a4989dc2b02de7587d21fd7a4820f6c02b79791f94c0feb0128955691a3cbfb1b

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

    Filesize

    12KB

    MD5

    343c90561b7de5f183fc07b6c787c5cd

    SHA1

    dd716f09e3653d4a294d41481ddb7d54c11f3ba0

    SHA256

    6603cebf25d47252534e74f126de971769b3f6b007c5a6655200990e49b02d6d

    SHA512

    8cfe51fc561f08f97006201d6d54331ab34eee3e5b55bdde542c8558c7db0acb0898275b32bf69fbd8725c5ba9e1cdfd2db2fd5164d010d927e802544b3284e9

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180

    Filesize

    36KB

    MD5

    75bfd5cfe84bf031b38e42ba16cc2c2a

    SHA1

    ccb3578d3624e5c0539d3e4c418dacd3a0dd1c9f

    SHA256

    5bb2cb280304d53f629ffee1d6e9fe1e5c170efd7fceed874116f4c13d0a39be

    SHA512

    2f46a8cd6eefa567ad80616b3a2b0385b1d46f7144b2d044d448e9571300d0a1b2f615f3f8f53e710097757506e13290e6b8784e70fd66c320bbc43a430b006f

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    20KB

    MD5

    b119b05410146fe3b772ba89962cf277

    SHA1

    de558c036dbe065e515db0cd70ca9269ccd8c3ed

    SHA256

    24693f576c2bf707112c4e4e8187abe4daa26690de86bead343956dffd8281bd

    SHA512

    bc19b6a695e2da52edce5e0af8a5b83b245afba863e288b5abb8c8ddff56c44c17bcdc75ce40c5610a418b40b33736143817c99ab7e02e8069c08dd1b360d5bc

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    20KB

    MD5

    9f3f2c85ca94f89b1ec98035b199bc26

    SHA1

    ab23d86bdb6a34d9550f72b78a297425ff7fc63b

    SHA256

    89274ae81ed50b73e181e56e01bfb51d12430d4805863d37a8cc00d2406e1d84

    SHA512

    1cbf459b28c1ab8e14954a29c5c87b3e047bc6eda313e8fbcf549ea19cf50598fe4e7b4c818fc62f4aed3a260e3c6ae43e67b81b0790aeb4b226e91db59b5491

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    20KB

    MD5

    aa5a5b03d2bf524436d455e81cee1e4c

    SHA1

    ecb7a30f894678537cb1cd6e7b204ff5243ad729

    SHA256

    a444ce8d9e4ea83b36ded3e3181883e406b7ed70a3b3d558afa15f294894a39b

    SHA512

    1fab0f7214c559ad72883b2a84098da222d30342e89778d16382754b09edc9e1b1ada06a6fc800874590848070ffe5442be4ddadc21bf600901332167b35ad9a

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    a306aca242a9a83d67758c988dc8ca26

    SHA1

    a4f0086b8767eeb0399deb84974ee387baa1bce9

    SHA256

    eba6d43aacb17144c1d094eb78c587adf8597d92f23aa63ca8386c69263c0b4d

    SHA512

    ce701accfd5b071758b0040dfefb0539986b13fa1e27a2bc70db8639349b14cb9b19d2378f3d1b2c6fc70358e7afeee1648f40b6a09e9a4822aa30b6afffd926

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    ad31ed87979478e10e3255b0f87aeeaa

    SHA1

    39ad988807e10db2edbdac3a9dbb9862455bef3e

    SHA256

    f3896e13db5ab86ee2183059a572c90fba8ba9e4021cc7724fbb9ee56d7c8c74

    SHA512

    3f98b3eb29f90d08d9c060561142b3ffc8cc90e0098f75c6d8f73ff069578d118fd3c2e67bf4f73545f8b546a183976ac253f2105fe0bf88ecf83be728fa9ce6

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    bf7a5fc349b870a57338d368e8414d77

    SHA1

    f8e436c62048cbfa5c46dd561979b13e9ab7ec4f

    SHA256

    753386d5fbab143df57980dca28764b105f8cc6cea22e8ab03017831930c8030

    SHA512

    9457506e72f26695ba244bceb810f77bd4e97aa5b8e7934b36d4a0836268f78b4eff0f26c7ed3880f3aced6d907a3c82eaef881357c8b4eb9608ffcb7f663aa7

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    85321d5e4dc3022779d2d36e13eeec43

    SHA1

    3dba5988018827b91eee6af054ec7471ef31e09a

    SHA256

    3b20f3956596a4baaed4dc45e8d2c73d91a1c74ce133b41074f6f074aa7a2791

    SHA512

    31dafd106b3db7e09b7a4d0081e18fc8fd3f69b2745eba5d7c76d89e63aaa575b0ecd43d4f540ea667c42bc7a9b7f1cf66b39435187feefcaac9303f02951f83

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    e5639b469346d3d19c79ae3bdc2f4a9a

    SHA1

    b4d9041b94176f65417e63e77f0f324b81e8dded

    SHA256

    cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf

    SHA512

    273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    d01115ab3b3ab6cd76adfbc07994cd9a

    SHA1

    2e7e72949ae2c3c9fc3faef4ff50f29153ce10de

    SHA256

    477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68

    SHA512

    bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

    Filesize

    8KB

    MD5

    f8b5b65adf977b283038585a5ab44846

    SHA1

    9ab36e45803029283ebc349196e74e768aa2f70a

    SHA256

    b178c5e7a3394383ea529c498a575040fb27a5abcc400a6612215a55d3ae0e65

    SHA512

    79547115ef33947a8da17922cb78b85957e1192ae816af8907dce5d511921d470208373be46613e9f4b52df3e0fc0286a9116e5d25977a2da3f17f2ac19111d3

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

    Filesize

    8KB

    MD5

    5f509d7531cf26dd3a19ed54d1152b8a

    SHA1

    28961fee1a6435bf9569ba68a689338febb725c0

    SHA256

    ae3a8004601a854bac3c595da6c5fa28f3383e4c9f08625c952bc4e032d39304

    SHA512

    6e340586fa83d046cc8ccbcd97f8dc45c8e4bd3e139f9839d31c6a458e3e9a44db2687acadd2bdc68d93f4d6655780a6461787500ab86e2e5573438d8cd03db0

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    cfe56b44911b58e13d57d5420c4cf20c

    SHA1

    6feb67f6266b83f4a7e87b9538917916aac4a497

    SHA256

    4e7f4965136354f737fee36630bfb25ca110bb0e1959806cff738a51cb655707

    SHA512

    0380ec9323e078dde087cb7a6ed5450cf85de79311ec992470f79f2d1070b8a5ad411f5156f84261f4c0e5cdac02848175f65c439c43deff85983c7269ea19d4

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    a0fb85eafd3cb4e9a7c24d7e814b05de

    SHA1

    feb640b492c8def983b3cc649529752cd187e82e

    SHA256

    2cbdc3f26293c5531f9e54bb10600e9537e0958f3a712b61b401617c957db7e2

    SHA512

    99c4b26a8c00622001f211d1d93be2ac6241192881730329b835ea28bffc4a3a76d7d40511ec7ba415eccf229e9957732e7e008bd2c662f06f6afda302f49cad

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    67b6b327b7408ac658d60c4e1497cc84

    SHA1

    90884579c5c21f09a02afb5083d3e7abc73f6fbd

    SHA256

    66e122f45f0a918033ac5a770e90fa6f639f100dade10276f1d7c0f044150216

    SHA512

    f5d30b49887318b0cdf199ea8ca6cee34ae8f27a98a4f245431696aa97c9d1105f32c6c6c89187fea38b58e087e40c3a1e96135acc555ed6b0c4dc74162fcb54

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_data.db

    Filesize

    44KB

    MD5

    deff6ece4d252f35a1c0dffb71791e72

    SHA1

    12a9119cc72d3f2d58802b44942037cab61f4a08

    SHA256

    c9489272ce08a7c8ca928df81784add37f8cd66c1263443c50e1dd42581ef80e

    SHA512

    682e9b53e2a38ca8bea91b20bfb9a2ec04fd8292bcf7c0d7c74efed776470bd1e9380157b3846a040b45831e0f0f8bbde94b72bc65524801046dd588edcd6cd8

  • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_data.db-journal

    Filesize

    12KB

    MD5

    19fd674f1014a1d6015f88fcbdfeced2

    SHA1

    db895f247764cde6485dc6276bcda2a3ceea2b19

    SHA256

    ab7e4bd55733ef114156a11c7f85facb12b272887d070e201863f505212cb48b

    SHA512

    b6c32616f022eab0ce962bb562a1762e4b5378aff635345b426f013a67606bb39332cf3d1d4f9c5c745e5a29d034373940acc366f51007d5cd9b991d86a4e9c8