472a9ce28dbc5ca0ec512e8105d7be707885a94d0e7854a16980c72bcc319798

Analysis

max time kernel
178s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240603-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system
submitted
05/06/2024, 14:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

986be13c0603426fc4de30e6e56a9cc4_JaffaCakes118.apk
Size

3.3MB
MD5

986be13c0603426fc4de30e6e56a9cc4
SHA1

1b21b80d36dc103a7393ced5dee41a1d66fd9d5c
SHA256

472a9ce28dbc5ca0ec512e8105d7be707885a94d0e7854a16980c72bcc319798
SHA512

a1df3b856fad39745863b409959fe02501f29c5905205c9a304bd272db338cdd7014e83b2c7d283df1561183e5bc71c438ece08139c14a7a5a4d604e06c41b7f
SSDEEP

98304:SsT2L2LQChWe2XPTnszLBzE1TpYpf9zygnHTfup8OtywXL3yyczIHK:SsTo2LQChz4szLBzEBpYpFzfrv

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.ce.android.brand.streatsfooddrink:Metrica
/sbin/su	com.ce.android.brand.streatsfooddrink:Metrica
/system/bin/su	com.ce.android.brand.streatsfooddrink:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ce.android.brand.streatsfooddrink
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ce.android.brand.streatsfooddrink:Metrica

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ce.android.brand.streatsfooddrink

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ce.android.brand.streatsfooddrink

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.ce.android.brand.streatsfooddrink:Metrica
Framework service call	android.app.job.IJobScheduler.schedule	com.ce.android.brand.streatsfooddrink

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ce.android.brand.streatsfooddrink:Metrica
Framework API call	javax.crypto.Cipher.doFinal	com.ce.android.brand.streatsfooddrink

com.ce.android.brand.streatsfooddrink
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4560

com.ce.android.brand.streatsfooddrink:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4608

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ce.android.brand.streatsfooddrink/files/ZPkFS.log

Filesize
20KB

MD5
d01115ab3b3ab6cd76adfbc07994cd9a

SHA1
2e7e72949ae2c3c9fc3faef4ff50f29153ce10de

SHA256
477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68

SHA512
bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/credentials.dat

Filesize
234B

MD5
fa5588921abb921da189a8eb675489af

SHA1
fc5bf2c13aaf5fb58300af2cd83a096208fb634e

SHA256
4e4b289d6d2245bed15edf0670afec32476237d7ea78134556f2198e21a28a74

SHA512
14584e8c5fa0280e46bcc86da4277a365ff3b85d3576a8a81026e4805ea369f7c2b38b6554bf03a43c7694627e3ffb10ffd401adef849ca031f071b804d7fc6a

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink

Filesize
36KB

MD5
9cfce288ba4ab7535fcca267232e3db1

SHA1
83192904c668011c3cefd88f82ec206b6b0642e8

SHA256
ae4d3acea9c20d15dd9bee4c92f837699af2a40ceb40e54b823816f87f368622

SHA512
199f7d41eaaf83d40132ef86d17e28715a80189bf7daa90fa16308f634316fe8a50130572ffc6d8cca3c837907900871a463f5604150773c71f2b2591b01b94c

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink-journal

Filesize
20KB

MD5
5c1efec63f5e577d76884e7a667ad91e

SHA1
c7ccf6d7fc79119037f5a1d3a72575267e9136d7

SHA256
d86b0e2b700c8b846e429b644adb229ef4db106c91a229d883940cce9d8a8df3

SHA512
213ce9d81e421c81df3ce844cdc488414e45034011e49a66524d2e8b3becc0c2c4a0362ebd1902d063498a3946c686cb104fccf225e89a59acf91cc57505355d

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink-journal

Filesize
8KB

MD5
8e071a3a0babb51978681e618b95d15b

SHA1
bfcfb944bb13ba9175e7597d6d823996917c3c3a

SHA256
ad8ab3d3c4d0742bf76e39e36885f6ea28af1e84b4fab6334432cc4b0cb4ca5d

SHA512
47c355e628aafe36efbdfc7270a7412be8966895a9e6c8cb05da2fedb404fd46e3f868267798aecfd3f0bfbcd3a1233a860a03622c37c6595a05fbbf72fe7535

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink-journal

Filesize
8KB

MD5
8efe0560a008697d8e40f742646a38e7

SHA1
37f690f019804b44693fb72a68ae7d065468b829

SHA256
fcfee31de065311691d47925d7d69b459ab4c142cda48c3bbb55d06dac62356f

SHA512
f243319537da31f5df85cf436791410ed8dafe6cd905a67a1d782456a7f83b2176e38c9e2f1aa5e2d31b0405f04d43d3b0670ffa4009d4a71239443270835041

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink-journal

Filesize
12KB

MD5
d7713e9c2bced389c35db77c3472137c

SHA1
2794fe3da1455e7eff326790a25236cdea9e1e17

SHA256
f71f24dabf68182e46fb399d94173193220a4bffc5a5d4a3540ca8600e5effec

SHA512
295cd58c83bf66934060b436f21f6d949538e5fee3c9a64d6c59cd78ca14dec4c5a344efe66249eb760b884db3f332e73aca5e811d9df803ba33b5da89f670e4

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink-journal

Filesize
12KB

MD5
b9a17c8fc18a29e709784e3e68041d4e

SHA1
86b30218f98e81f49e8779dcd9fd382b52d4e139

SHA256
eecfa36bcbb5ab7466219ff6ae4fe25b8002687bdcc17b4214c1fd8347e683f9

SHA512
12a030d283940715803561741ff86138da04466c5164c9b649582fc2da61e89066f25bf4fe28ee6565fa5884d6f9f8496914afa60b16b1d1b0782194d8141f67

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink-journal

Filesize
12KB

MD5
307ec68a92dada3f5252e1cc6fd610f3

SHA1
8e55bfedaa233a7c8dea18237343ed2b6efc819d

SHA256
ff55fa1f88bd4a81c9d5a0eda3c526613764403af974e38fba73a0d5f6c215dc

SHA512
ac6b18c6784219e599f473579fbf8823ff557d82dee1397d0d3f89e15d79b33a9716e279274884e2b116aa2ddae0b1a18843ebc0b8a4a315638f26915245ffd5

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
e12f5e6c4f4ce46c82ed073379fe165d

SHA1
b78c7ea48aad1727f5a4c35ef49fa498addd7124

SHA256
0b60ae9a50cd8731772425ac4cfd7959b15c40679f49e61153a60d29052c62c0

SHA512
ab5ba2be62af598cf327ae3ae22f488fcee614ed246d2032999b1a85b474590727c6b9231d0239f730d097fb3b431b4b25d553f02672f4dbafd3d6e5822803e7

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
a8867f3cef66461c75ceb819a429ebd5

SHA1
428443dca7083151fbabf801cad3d8cf727de2d3

SHA256
2c893285b5f2d748eac1e87860a3a75560e427b2a5ea17034edfc057cc2f0a76

SHA512
3a4b5c4ad2d3511e6c4fa12ad4c7054de98d5b09c90fb7c60112f29bfe3d09c185271170b4da47f0d22f65501af9737bc60b3049a765ba46eaa7fbb737c37311

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
3e272dd6cc61458aa82a69897b89083d

SHA1
25dac8185eb8f17ef528fb642bc6e0bc538967dd

SHA256
58df15b16dffc1e4bd4a02262222e6507e0ea8651e5925993839d818d870ba54

SHA512
cde7af21a1baecc32ad585d41e4d5c7611ad85b21a6129017757c9e2e47c098f97f64b6f23fd1a3b7aad75b88ca2ceae89c12410af831c2a3ad17ab0f843e4a8

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
3f52973ace574d09f052f1729820a387

SHA1
94090d190cfb5e365ca350bad95a6f83fb41c51f

SHA256
94f318a7e7a0bc4853428c5d11cbc0ac0ce18ada038b586ed7d0814c7f26ee17

SHA512
dd4202728cc9c9d8c46e7e4c693db98e878b92d9b936de4ee845b30f22596f50c208c45a649dbc83d8eb596301711c76e9aa61c61703d7e7e0a5d52a4be56956

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
92cdebea562685269928b34952f7b26a

SHA1
94a49c411b9636f30e442027c9aa3079e6459c45

SHA256
4b1f78a0db4e2d72e83937beff5318fcbf849694c3546cd8e676ac92f7658858

SHA512
1741387492fe0d0324e68577dafc95f13621114c64236e56d98e92adddedefa6b3d541c35ee0dc05ca09e916922c5750c882d86011d9f0f5f21e2edf3c6b1f12

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
cd642dc645832b5783042d7e83607b2b

SHA1
4238bacd6b9f3819a82928fe39dedbae564302f1

SHA256
9536b38f3e5219029b19159d85d5ca17ab1bef7a1f0d6109e6a34d3731af586f

SHA512
15d579b2072ae59466bc92c15ee0abfd4d889dfb477ebd4f083f2c7a516b01ded08d58cac3d4172e6159595e46bcc0a2f3d6ef809766342dd1a363bf4848ce02

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/db_metrica_com.ce.android.brand.streatsfooddrink_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
32a8f82e99111f89a0b740bb80391cdd

SHA1
7f2e6b125ecb1a0ececf757913ba5cba82de597a

SHA256
3fa03a3d81ea86beaf66b35eaf0183cabe98478fff35dff9156aa79caae3d903

SHA512
8c612b5f27cd8818fc814a44d6df6ec35d20bf0bf0fe855f12e37f0e22a689e16f1ed3f31d5457d0ae4f8a6240a81aa70712941660bd1bba96c266de561a5b02

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_client_data.db

Filesize
20KB

MD5
678f7bc2a79db7ba11ac5744bf269e44

SHA1
a75267ba8365388c5718f236355363b2cbbded58

SHA256
fa5f7fa46ad6e69f3408ae13d35b1001470febb603de22e167d2594dc770a002

SHA512
bcfb8ae1c8e4de2bbfff3e6bbeaab328071c8e7b4e09062d0db9e58229061d6967c8532d15d65a54e19ec8a5cd9b0096b97b61d3cc9dc9c4a2926c0c3f275149

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_client_data.db

Filesize
20KB

MD5
e5639b469346d3d19c79ae3bdc2f4a9a

SHA1
b4d9041b94176f65417e63e77f0f324b81e8dded

SHA256
cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf

SHA512
273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_client_data.db

Filesize
20KB

MD5
973dda05aea06025db4cbd57871e9fcd

SHA1
4603cb3dd5013fbbbbbfd98ac1529762903cef9e

SHA256
7a8af2c647eb3d7d4b863af2dc2bab76e2d0633f47873650f1e3dfaa3ce946b6

SHA512
6e5ad3b76dbcbbd901820360e68229d5e958f70ac11ff4645f461457589ac3ab190b6f41065422cb80856ac1b1b59ae7e161641b322ca837040f7dcc2d7a3c99

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
121b03b8aadd079ad49f0820b92895ff

SHA1
ecaa993c018d19eefdeeede86fdaba97f1b787f3

SHA256
720ad8cc6be3e57cadccf14a5db0a1bdc17273b8c706a38debaaf041cd51d836

SHA512
77843ed3febea1ba4b181f72e2869b0ba18c2488b7ff7bd28cba6457f6530733ddbb04f85a41f5c68faeb85dbec6417e70b8a7c7779ca66d9a8ffc8e06b96f67

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
77f3183ed82f309cc5674b0f0a04473f

SHA1
28fa578942330453d876c9de4b39d30ef62fc0e1

SHA256
ddfdeb09a8621bbb6b4b30e3264325ba8c21f2d11549d5248b312464defc8d56

SHA512
c856cf23bc35f89cd67673ce1d72031fb278542d7b3337c36c442cb5efa127a259a2b0b2d8a9759c96bf225cb2e1930a13c42bb1526ad65c264203128f46d700

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
3c0ca6ee7c14de006b69a81114dea85d

SHA1
6d037fef1cfad2c53459ce9b4f5a28fcd5385610

SHA256
705afbc2118b230d23c19e09544445561bb89043e33d6828a774718aa7e7e12d

SHA512
c7a8ee181972b8543e4700b0139e10af4f52d0978ff37441ed1cf61a73060401fdbebb56941bc760d32febebb2f17d4d038d244207782fb28d8cd585f6578ea4

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
2c767fda52a431dff0997e960b65553f

SHA1
a4695e8d49e523f336387b61b55a4c733d88abd6

SHA256
7a39267ab13d1454d534acfda8b1cbcb8365ced5b0b73e21662c5220a26fe16b

SHA512
e081f988d1899fd4e175f5f2c0fbea0d24c8fad118f9ad1272885217d26f224ded283ebdada91ac3dba25cd37b9b26f4c753eda41ca4e39fbc74a6532e2aff0e

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
cc6348e241d81add429c261a214718fd

SHA1
9fd4517cb1694c759f94e0e578224c6a33c106ac

SHA256
deb01059c0afa706fe7afa498399451b18b12b83b606ce83ef5f210c624a0cfc

SHA512
4f91584b6a553f13d9c9d4e032e939d680014609656b5a172013cd25527ba0f9855dfa7cb64d56fa2cfb8f209affb2b38d8ff3b6ad1db44b9793b69965febc9c

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_data.db

Filesize
44KB

MD5
f8d3dd8a54d1b96b1b3facefed3b0455

SHA1
d75cf0fd7bb32301ee45fa93a8dbfbc9e8270e98

SHA256
2f554856ad916cba49cde8f33a3dbc423616fdf489583b6142779bde9b32245f

SHA512
47758aa8496d59e61a291206d882a66497ac998d3a2d5cd9d7ae43a288c814d147f8dc23e07f96aada4a0914cb4d51aae21df3b3b87a5f72eddc1a7df871c4f5

Download Submit
/data/user/0/com.ce.android.brand.streatsfooddrink/no_backup/metrica_data.db-journal

Filesize
12KB

MD5
6eadb56ce4b1a45c944bd6d6aa1f50af

SHA1
1db73c76e72a3bdb17805e5786048fee4ed0c69f

SHA256
c9e7b4e3a0e64f7c199cbc189a33642d53b97b9d006a1d297973f12bd7a6a12e

SHA512
a48bfa740401f548fdcd8f679739981857d771bb7163da7c968e5a180f0315cfe6564d627bf8414470e0df37c6a3a7fb71b5cac924a7bc57637bd459a7e0758d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads