Analysis
-
max time kernel
178s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
05-06-2024 15:03
Static task
static1
Behavioral task
behavioral1
Sample
9875f723ffcc97f2d077bff8a00603bd_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
9875f723ffcc97f2d077bff8a00603bd_JaffaCakes118.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral3
Sample
9875f723ffcc97f2d077bff8a00603bd_JaffaCakes118.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
9875f723ffcc97f2d077bff8a00603bd_JaffaCakes118.apk
-
Size
3.3MB
-
MD5
9875f723ffcc97f2d077bff8a00603bd
-
SHA1
20c3a11851fe878bfcee1b83a8459e1bf9490ab3
-
SHA256
62e9dc9326292c64a9a2abbefcac45bfcae2ecd084a58e232cc94ce0faa07933
-
SHA512
2a0eac901340342c36abf9defe682d3d3d172bfce35961af15d6a5208590f1c10379b39e4bbcbea8959b92d81d761fd0224f174c68266d64000e339f605f2823
-
SSDEEP
98304:RohWAo3eZru6tvBsYrcnfRrxgzKnUTxWohL/BH2OtywXF3oyVAoVgIU:RogneZS6BBrcnfRrxgmnQzRO
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
ioc Process /system/app/Superuser.apk ua.FoodSoul.DonetskSushiTaun:Metrica /sbin/su ua.FoodSoul.DonetskSushiTaun:Metrica -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses ua.FoodSoul.DonetskSushiTaun Framework service call android.app.IActivityManager.getRunningAppProcesses ua.FoodSoul.DonetskSushiTaun:Metrica -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ua.FoodSoul.DonetskSushiTaun -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo ua.FoodSoul.DonetskSushiTaun Framework service call android.net.wifi.IWifiManager.getConnectionInfo ua.FoodSoul.DonetskSushiTaun:Metrica -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver ua.FoodSoul.DonetskSushiTaun -
Schedules tasks to execute at a specified time 1 TTPs 2 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule ua.FoodSoul.DonetskSushiTaun Framework service call android.app.job.IJobScheduler.schedule ua.FoodSoul.DonetskSushiTaun:Metrica -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ua.FoodSoul.DonetskSushiTaun:Metrica Framework API call javax.crypto.Cipher.doFinal ua.FoodSoul.DonetskSushiTaun
Processes
-
ua.FoodSoul.DonetskSushiTaun1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4272
-
ua.FoodSoul.DonetskSushiTaun:Metrica1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4310
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
234B
MD5a24a27fc9e465395a00cd613eee7fc90
SHA1ca9c7023df556bbd1bf28d19c35efab9cb43a878
SHA256e6dde08d33e3bf2d7e99f740afed528450922294f07442b0c8328ff14d52a473
SHA51204c322d72f79e8d51f791c9582e33279f4e12d13a907c2b6d20b7a9766aa7ef88777071daa4a4084e76b93628a53c260f9cb10032a684e01a12a72b7bba88bc5
-
Filesize
36KB
MD5d79be6f1dd22fcf14592ff15b49a242c
SHA1803bccfda0e51d65e0ef8cb4dc7f67b048286338
SHA256f8c9b3ef82d1c2612d44e5dc2a2839830872088507873aaab67138dd300c67a9
SHA512f50839abe46765add6562a9a245d8c97f5a05aa62d51fc7c1a8f39e4641d8c0dab42d0bea98fcb4d0c613f07881b49041447ae5fe318408587cc7f9e759ac7dc
-
Filesize
8KB
MD5fde0d09cdd988493fc834ef804af34af
SHA1f4ad68ad8174c659545a8b18540f3c653b99a5a5
SHA256af32d711a007cb66f2ceec7f4a47a435880c14812c0bef8e5fcedfc15372dbb2
SHA5120c44ee460afb4382ec00346dd44cbc9fbc7359afc9b22c711b1fb8f9ce9136bdda6ae1e46e2822603884eaec5c9c281bf86789ec2471caf2392a9459f75d7403
-
Filesize
32KB
MD5162796fede5944ce4920b8de3e11ce21
SHA15c24ce1df9f63a7b735512157367fd4b30c1818e
SHA256434da657be98b11c029ae9b0d79157ba19e0fb36318aec863e0afbefd399cc65
SHA51216c99f0c24787cdd490ceb3602a5a5d558e12dda1b8b7954e75af99a4731d674e3e4ec3393971ef22c65f32eaa989964264e7dc27e96b8afbec698572b7198ee
-
Filesize
406KB
MD5ac07789d239ce56973988fecc438c91c
SHA1ddcff003c842018a8a74829fb283e6fbc321737f
SHA25673856f4d9940560ded2ad0197bc0e15f631b68c7a0e62edd948e812c74930724
SHA512bec3b2d0f29a61bae3f676e0b6826f226a4536fefb8c3d87d94197bfd59eab4a193503778a26b55e576140950a049c92971c57917a222bbbed77044a38ac2cfd
-
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize4KB
MD5c77c1432be9f5cccc417ae61040dead5
SHA1a1cdd90d0e2fb3617da8bb94e69f293eb2355b13
SHA25606f13926c20ec3f43eeca803eb34bffb7910fb5b491aba4f371553738357a2ff
SHA5121113230e59a89f7ba6e1a6221b4f36d43c8d3055eb7728706620085f9a3b77caecf9d8b6308631c9c7f7b25b09b25cda28c16860a3dad732e4576e5f256b72cc
-
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize512B
MD55d04b33fa75c3e5cfa57bf3bca59faf0
SHA11bf809a7b37292040f56e04bebb99cee4e091e7e
SHA256f815a5a823e0d9be7c3552731a043deeb6ed1c849c96bca432bbb06dddf0f8af
SHA512e0972120c94e2bd8b3d2f0ee2c051e66dd09641d51877b15660bf23b299fb26b3e230c73f2580276d2d52e18d83df44fefa0f4e5b9eb4cc89b2d79430199f9a1
-
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-wal
Filesize156KB
MD5bdc8b50f2c6f7d03dfab631cb11b594f
SHA146ce80c65fe9e97666d9ba8f162ed069bf02317c
SHA256e420df3fbd51bcc47cb68389d40bdd81fec108d236c77350c907345057233d0a
SHA51287a25343d38b1f3772d085c94ff8c6b778b0afa4779b9fee71008f3053c14d89978fbccad8612673ae283d7a78f4cbe4520191e3949bc5120f944fbf0e213f2b
-
Filesize
20KB
MD52cd521f1198ee000801dcb06f40c2793
SHA1e4ce8ce7ee1c2fad800973ecba48b88c7199c1d0
SHA256ec95aa6f251fd33494e15b076a546e18bfc3813b4c29f28d15deeb23c946b883
SHA512ffaea94e1b0b97ae8ab4c82f5bd1168e9694e9fe49bf0946a389da1b91e8671a794613d4a9225e8c4370ef73683ac719f831d82de4b0615597b05a5ddbf3a34b
-
Filesize
20KB
MD587c3822f19d9b52075dca44fb5d64a9b
SHA1fb784878f9ea2b0e8fc801a391c53b779b284c58
SHA25673cd97b90d4af7775a3f2ee0e106d7b866d41e60834fb7b5d7285f1e91f42e00
SHA512d6b603993529ff6048485f29314457ce450945538baf03edca74682ab61dab9e8e693dcb1027fbd9ad5b9dc8492a9a921711cf6b588aadb10e339323cbf6a859
-
Filesize
20KB
MD506956fcd61dde81412cb470eaaf15574
SHA1d2c4ce7f735d5f7d834928e5e1b1e635d1edeed0
SHA2563dbf28ea5983f0dc2d1f012b666219bf75e7e13ed73de897a9b68cf6bae2a20f
SHA5128116faef3c3ddf6433dedc38420fe569e29a884cdbd7dec8bf454a22db41f9f5fd80b14a5c36a2357f9bc448024c77f619ab6f1a0b71fd2a195334b7d4726ba9
-
Filesize
20KB
MD56c5f9c6f5fd1364697504174451870a9
SHA1ad8417a90511cacbc39ee223b5c214dc28bb4efb
SHA256ad3a04ea19ad7df8ef7e95280dc76425a86621196d0d3f3e07524bea039fd01d
SHA51207e5fe9009e5a257eb63f2ed65a003dc9f5735b96e31fbc6cb471b002a6c5a356a073eeb7384941e5a2dbd1f23beb17f21ff5b0b8dc122a69894d4e066e1eac2
-
Filesize
406KB
MD50941ccd278e4a25a11f01b8f73e59bfc
SHA19d46336b175b081722695f8c0257c9bfa76329d6
SHA256d8e36098bc76adb5d6c8d06885a94117a43979ace839f973d7fcfd8e1edc71d8
SHA512e0006a9a8794e315f7f5c2f43dd127fc145ef867615cfe0c48d66cee908e975a5a50274879916aaebbb803161c7c8bf68a4b305785a916d4523b16c5714db7c2
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
32KB
MD5d7cbec647b73bdeab13bd43ce910f28f
SHA14f223622d525312d4dc149efcbe593ab1c035585
SHA256c0c020bf6901ef1db2568c9ccc8dc3fcccc983d00d9e451ebef09345ace47e4b
SHA512479c22bab0ae6c64e776665b7ee12ab6a6a661ae3c90eb23e3f079af064dec4373498ac66a87a01212968dd8295c6678058e82c9b9343ccd29ca3574eb19ad46
-
Filesize
8KB
MD586a21053e8a5d6dfdd2f59cdc5e24f66
SHA1a2595ce2576e44d07f5809fc59efdb0d721f0392
SHA2561375049c10e1d64c4ad0b41e5f4aba5a9d0627a5dceea3764d3a6a89dd08eabf
SHA5129bfbf2c66558137a89e3ac260061dd310fbbdfdcc7c245b7934a1b9d71fc1c293955220b0a8384933fc964358b3522df89a53bec2302f1060cf0894af3a8b882
-
Filesize
32KB
MD5b166ddecad1bf2fe9164ed7140802304
SHA1f97ec65cfdfe3fb1b069f931ff1c0f0ab0bf491b
SHA2561b6488683673fdd417b9a9b2b9fd1b9a834d8d66668f5937373030ab04c801ea
SHA5120a5d7ccf639a54d0be16335ae4bec16b4dd49ee9340b0f5427cf774d3793257921fa16549278b0d809d64d145c29f0cf880e490bc2df8fb980d1d63aacdd2359
-
Filesize
44KB
MD52fa9b1a7ae5450fa4f08e52c459df940
SHA1528f86e095494562c8101bd09f5fbe29e0a640ba
SHA25675497424027b7b4005dd129c22859ce99ef2bb72078e6aac7c7e59b2090821a8
SHA5125e633293dd6cc5f601c685b0ad4a5396e7cb387545b17957648c3710f00dbefce4a135fe864bdd1c1f7d54d987d6e02f71e564143f2ca264b4735d67b7a38c9c