Analysis
-
max time kernel
178s -
max time network
153s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
03-06-2024 08:17
Static task
static1
Behavioral task
behavioral1
Sample
91166d014ba911eed2e34efbf2bedfae_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
91166d014ba911eed2e34efbf2bedfae_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
91166d014ba911eed2e34efbf2bedfae_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
91166d014ba911eed2e34efbf2bedfae_JaffaCakes118.apk
-
Size
3.3MB
-
MD5
91166d014ba911eed2e34efbf2bedfae
-
SHA1
4d3683fd4d4fe7748065dab04d7d66f710b5ddc1
-
SHA256
5db8a8ba679ec72512ee4cf8b4baaad9ebe1276811e520278e8f8aed023d890b
-
SHA512
2a15a46c5b227ffc6f1f15c1b5e1b263faf196530812e990a0fc3271865764d6a97fa6df0336a87036c84d6216a89fd81f385dd8eb9d74bc1b9d718a3fa1d5b9
-
SSDEEP
98304:fPrL/jD6ZNvBoknQqBDCirqDMaepvb3LHOtywXj3kYK1pGE:fDDSZNKkBQe5J
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 3 IoCs
Processes:
com.producepro.checkout.marchese:Metricaioc process /system/app/Superuser.apk com.producepro.checkout.marchese:Metrica /sbin/su com.producepro.checkout.marchese:Metrica /system/bin/su com.producepro.checkout.marchese:Metrica -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.producepro.checkout.marchese:Metricacom.producepro.checkout.marchesedescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.producepro.checkout.marchese:Metrica Framework service call android.app.IActivityManager.getRunningAppProcesses com.producepro.checkout.marchese -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.producepro.checkout.marchesedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.producepro.checkout.marchese -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.producepro.checkout.marchesedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.producepro.checkout.marchese -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 2 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes:
com.producepro.checkout.marchesecom.producepro.checkout.marchese:Metricadescription ioc process Framework service call android.app.job.IJobScheduler.schedule com.producepro.checkout.marchese Framework service call android.app.job.IJobScheduler.schedule com.producepro.checkout.marchese:Metrica -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes:
com.producepro.checkout.marchese:Metricacom.producepro.checkout.marchesedescription ioc process Framework API call javax.crypto.Cipher.doFinal com.producepro.checkout.marchese:Metrica Framework API call javax.crypto.Cipher.doFinal com.producepro.checkout.marchese
Processes
-
com.producepro.checkout.marchese1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4631
-
com.producepro.checkout.marchese:Metrica1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4678
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12KB
MD5674dcc8e6d748712ef8a58143d677e71
SHA1aa2db363626ff38cac6df2c0cf68366b6da4f60f
SHA256be9b3120dc62ddd732cf11ac1a35fa3e60820e6813c111eb33553487f8e7e64a
SHA512a175049a6b1b62752eb1553cc98d0c0423da10fbe23d1b50a67a57c353bf2b3256daf41e6120a201f7aad9ac435708edac8c783f72a9e78b27c2c328808505c2
-
Filesize
234B
MD5b6ab93ff3438beeabf1afcc314390ab6
SHA129f0a31d5c5d3afdb063bb95ad847b7821290b11
SHA25629cc7c3a21e038b965ecf3dea291f83a759a22af8b0de8921a4db86b4ba725cd
SHA512cf9f70bd02e8dec92adf3fb7f3a1eae60d48603ba918b8f5864d7c44ae8be72944f4eebf216b32ea81f0e5fa2e7421a9d0a58fc01bfb111ec95cbb3787def1b8
-
Filesize
36KB
MD5121eb8aac48f0b6b6c0683084e748da3
SHA1eea574651bc0d8992a5ace6eb6002dc714327449
SHA2569ea81fee82f1709760bc7a20770a51af1a5617512adf8bab98f39f4e99891143
SHA512a18da0b25343e72f1d30c88cf582f54a7e9d046b68cce223dffd3a1aafd76fadf28ccab4756921a8d14d7aa84a205cef0f697e222a72df2ac073cdda9a2fd203
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese-journal
Filesize20KB
MD53189d35ccfee8b7d37dbc468479809b3
SHA19fbd603edb9da83cca8b741cddbc2df5c069d476
SHA25628c30ff96570ce27e946b4c530960c9734176870aaa0c3644cd5a83ffe04dc5a
SHA512739aafaeb5560e3ff2bbaa45c4c56cbc0c598a1f2d0bae9d985d8ed7a25618a6aeccb641c97a62ba2d1ddaadc891f641ac5875176ea119076af00755838e6161
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese-journal
Filesize8KB
MD5c7713d5f6dfb25101a5804cc06c9c56c
SHA128785226edcfe46fa17b9d5125d0f6d03c6174d7
SHA256fd99a504a0ed3e8e9e13c9b5bfe886d67ac66726b9949e008ce1d21c6c86ca43
SHA5129f1fc9c9b1e70f9bea8e65d38cc6de4e556e94d10e53e36e04a8164329bb622f1de7952632e2cabf052883749734f6612c42c85468298a6c54a55e322e208ea3
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese-journal
Filesize8KB
MD5f2dcc6c1541fbcea7a62312acc3ae986
SHA1c75960f90203844db51392065237e3e94348d9b4
SHA256ae9986ac76c5c4515ad0954c7bbbd8a60605a0857ac7b649d565f8d4604ce916
SHA5120b8dd72253a2659268b8cad7c33d439d76e63d835b8135193a0b94dd0d3322ee9023868ab41832fb0f21d205ef32d1cf67b5869ee0b60f8f47c5f1faf8805fa3
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese-journal
Filesize12KB
MD504f34749e80a868de5ee061a5603d6c7
SHA110b541c088ab583875f5ac93c030551f84988f32
SHA256984f281446fb48b89e1d9b8d3ff0ef15f1653823bb3ffdacab31c3f9a0f24a10
SHA5126bda8dbc9e4926a8e063f9152257392dfa497ec00a4b55c99cf15a268eef56b6ae1c454ce09a72ec03cee0d3dec82450d5c71a8833c2bb3ed9f3b2064ee286b5
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese-journal
Filesize12KB
MD5cd34b8517f0f1a3106fd53b609e7a673
SHA19b6d1f3409d2e2014cd09d0f570b6686452c7838
SHA2564ee5a6483249e23af58c157ccb2138403ef40eba258216d8f3a9eabe36985fc0
SHA512660662e9516852c5477b7be443449c410f416b9c7e1ad48a7d50c1288d1df6e6ef88be126cbfeaaaa1f85f914f1dc32dbef0808bbeb575f11e03fe5d77f0445c
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese-journal
Filesize12KB
MD5b4c5872252e177658682f781a00f1b70
SHA17fab05b24c0052f837d766bd2c4421a15e4b09fc
SHA2561ff1fe1334c67a2f81570073d7e271cdc8e49a873ce4cc7030c11ce9856464af
SHA5129179489e269f5d3858cf8bc02774877707b1dfec7eec8c13da04d1fab8db6e2e8eec24930fe1fe4ae3b293f1f4be2334146f9f45191d82bc2372af61110b8c77
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize36KB
MD515959f736e0252798bbc0c17c74f655d
SHA1752bfa892e26622deec4b647bf723d31d641d548
SHA25612a5b20da260a3095b53c75a981a56c953101da3b2b9eb06fd44e56dc74a87dc
SHA512c231ca8a6cd82a5a39c93c9e8e675f557276656e3cdf4af668dbd578ebb1a4c45893db0ef0d165ee93fdfe54464e86063390341d8cea94eb364f84e6072e17a2
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize512B
MD5d71497e7d3085d02ffb404d3143ecd33
SHA107bd80715719e9e6a9edf14170f606a03be642ed
SHA256dfa0e649004feec97331146e6ade6cda6b991091185dfb7f4038cd5a44145f6c
SHA51260a9e06e15684ddf16d150458d9b8477bb93788ab6aa20bcc2baf8506547f4b6cde540899eef5ac6b0a32146ee9ad5f7a9b52bab28b9464bc32a6c954498cab9
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD57f17f3c1c151035fe4179b8e57071b80
SHA1458f54178c13f3ecb3e3fecb3ce9a8fb8a3fea19
SHA25614aaaec24856ff06a77de432ac2658ed48c2f4db1e7cb6c7ed829d849c929465
SHA512321e53ed9dbf61f6030c1e336d312e203d1651f384b15348c114d446881a6cca18b6b344ef87af601795caefc37a9c60ee197ace7e4a1e2c8c8ad961a4278799
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD5db509929559d4faccf7f2d7b2453966e
SHA146822a630cb5e0217f9de5b4d336ddaf0b8c0f06
SHA256ca6a3e6fbe584b76e4a60ed533078436e06441d4f7a4511d88b5658a55a4d1ec
SHA512bcde1c36aefa0d3fe25722b4e4e05b5c1db2287889d4a95d2bebfe06ebdfaa5de86bf279e1e46668e6fcf9e95cab8e28b0671e7ec09ac574e23eeb76bac81e8b
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD577fecd54fb1cbb9b6f79418921ffbc9c
SHA1074cea67a79b4d539fec080e2b65bba81e9b48d9
SHA25653598116de9dca8d009886df1ca14fd4f1e66c4291461f7672efb40359400e34
SHA512462d1587afba030596093aa0d844e2daae19361b1f36f4544ce75fb1132f8cea2d66e9af3e5aa27c3f2b8c60dd11f8cdea0be6438cad6a607b65669fb2d3c4ad
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD5c302b0666d1d82573f622d6d33545cdd
SHA156294116a8eeb381b57c33e80533612ff81b5386
SHA256efd12458035ca7472f2446405becb7d174a5fcd52399af7248ef50f9a46952cd
SHA5128b60764f49d8b10b7330d744e8de1ee34217339142ef1f7d91f74ff908d71e8c963d3670f6e4c2447694d027dd0c11c53ca08e5b731fc67693c60b5a1447b377
-
/data/user/0/com.producepro.checkout.marchese/no_backup/db_metrica_com.producepro.checkout.marchese_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD59dd3395d51dba6074c041fe397aed94a
SHA1a69d63c1e208c1ad6eb4cbf70e95df20edff4e9a
SHA25678cde44e6f45d301727ec86bf4905f8f1c23c2b24f5961b0aa6e9ae55dd4758d
SHA512f36df10930461334986c07a26c51ca25ed005fa87932d9ebc153fe6be01d344935391b3007ca6e39281ebfea95752f909a25fc59929c4f916c5af7aa970c29af
-
Filesize
20KB
MD5d75309b1d73e2c593f9c74bb96d9b955
SHA1cb5c9a10f15bd5098d669b6f7550d32cd5e95865
SHA256e9b813db35e4520d63ad52833f0ec26b714e9810f3aea21f6225e18bc6a17367
SHA512aca8994061f592f600702d52bce09fdf3c93926c57507adc72ffe56fe993a83b55f3caee6795d95dc35779a8279af51197920127d11a4849a86e3b80bc5756e6
-
Filesize
20KB
MD5e5639b469346d3d19c79ae3bdc2f4a9a
SHA1b4d9041b94176f65417e63e77f0f324b81e8dded
SHA256cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf
SHA512273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4
-
Filesize
20KB
MD5d01115ab3b3ab6cd76adfbc07994cd9a
SHA12e7e72949ae2c3c9fc3faef4ff50f29153ce10de
SHA256477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68
SHA512bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d
-
Filesize
8KB
MD5fd89d719988ce51b5bb5d70a186092b8
SHA15f79f65bb463e0f3abfd738a07d935a30bf7bd40
SHA2563cbee7faf9b7772a9a9bf4adc3072848e53e45408e43b22e1446869c001a3033
SHA5120d04d3f9f6d2703749293329293b04a011f35d809f5bc14e187ef7e610c1c333154a38f15cada6f147fec4cb358c2502a324b3d5d7b530ce17f595a3ca318022
-
Filesize
8KB
MD50edac56517bc7908b3f66a747f3d1f48
SHA12ca7c547ac96ccd52baaa760984b111d3f0b452e
SHA2568a7f516dc102c0f67c0aa5216c72b9c11648c716b62c6e79b6064e114d177710
SHA512f8bb1892d6cf21df156bb47f78f54edc9ba016741d87e97492fd85560001f9264d7a906bd4e59c369d157dcdd00dbfe813f2e15f24f177a71a037197f144fa7b
-
Filesize
12KB
MD505c68ca9ae2f2da3b7d3c57c94d95d1c
SHA12653ffe0cf1ce58e48bcb993b407021cc9055db7
SHA2567ce6827e269c5cd6663bae1460b0d94228b2add182c221fc2da7fc7d29336cc6
SHA51208904ae0223593cbf5047f53fdd9c64af9164bdb8b027ba38ca3c7d820637f4b4d40a54bad8f5e414440538dcb78d384da8b7e790a25646f30cd171866afba62
-
Filesize
12KB
MD5a8c1c7104f63e3d958c34a52678fef1f
SHA1244d1b485cc854804b6776248916c51f14d0704f
SHA25622734e9e834b6e43b4b743f8b3ba06f245d5584f18019df9bb853282206d7a8e
SHA512f2767bc634e9daab8c121be49199d173fc94b844dc3918ce782dbf97ada7210026cf02d1eef53fe96dc2e5df08862b55250b17a564f5787483102efab77d065e
-
Filesize
12KB
MD5d9f443e486d62cd7776291ddbbbb36bc
SHA1191474837f6dfdd75a5e13f81854c58e6b817592
SHA2562b77f03f59babb023b1fbc8140488a0d62f1c4f895c5a87fac39e00a689753a7
SHA5126687b7ff5c2f94dc05bd1b65447f554305e3899fa910258da807acf57d5d84bc6d2dbcbae30f056419d7b2700539e8ccf47f9207f28c903b7ee5f0484375fa1a
-
Filesize
44KB
MD591f1fdceaa5a8e823fc825c50eaffc3e
SHA1cb0914744042ebd2ab1531f96aec6590be9154bc
SHA256256e5e1bd037becbb00a2d7d67ba59d757244caef55a9e340363ec993453ef06
SHA5126401f88b7d5ca998d2680d270c19b94c5799ac4462e7ac77424b2905ed0de8beb30ac02890a2edc68ef859a6737dfe5459bfc862d36aa5287f57f2a5123fb21f
-
Filesize
12KB
MD5b947b32815635c3fcf5d5aae0db8bf29
SHA1ece06ed4f4d9e2e555b4cf4cca4856a9e7381f3e
SHA256cdc3cae0fc98689c262419ca104f2d01557e7cd65d1a279efec30ce965347a8f
SHA512e5344417b8b5085fe34bcec6b05a727452d812cba071b96f89da373b7f372b34fbf0781cf32b6af1eae70b478bc8b6b5939a3e22ea0a7e52c7fac0372cba5a7c