Analysis
-
max time kernel
178s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240603-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system -
submitted
05-06-2024 15:03
Static task
static1
Behavioral task
behavioral1
Sample
9875f723ffcc97f2d077bff8a00603bd_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
9875f723ffcc97f2d077bff8a00603bd_JaffaCakes118.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral3
Sample
9875f723ffcc97f2d077bff8a00603bd_JaffaCakes118.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
9875f723ffcc97f2d077bff8a00603bd_JaffaCakes118.apk
-
Size
3.3MB
-
MD5
9875f723ffcc97f2d077bff8a00603bd
-
SHA1
20c3a11851fe878bfcee1b83a8459e1bf9490ab3
-
SHA256
62e9dc9326292c64a9a2abbefcac45bfcae2ecd084a58e232cc94ce0faa07933
-
SHA512
2a0eac901340342c36abf9defe682d3d3d172bfce35961af15d6a5208590f1c10379b39e4bbcbea8959b92d81d761fd0224f174c68266d64000e339f605f2823
-
SSDEEP
98304:RohWAo3eZru6tvBsYrcnfRrxgzKnUTxWohL/BH2OtywXF3oyVAoVgIU:RogneZS6BBrcnfRrxgmnQzRO
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 3 IoCs
ioc Process /sbin/su ua.FoodSoul.DonetskSushiTaun:Metrica /system/bin/su ua.FoodSoul.DonetskSushiTaun:Metrica /system/app/Superuser.apk ua.FoodSoul.DonetskSushiTaun:Metrica -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses ua.FoodSoul.DonetskSushiTaun Framework service call android.app.IActivityManager.getRunningAppProcesses ua.FoodSoul.DonetskSushiTaun:Metrica -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ua.FoodSoul.DonetskSushiTaun -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo ua.FoodSoul.DonetskSushiTaun -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 2 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule ua.FoodSoul.DonetskSushiTaun Framework service call android.app.job.IJobScheduler.schedule ua.FoodSoul.DonetskSushiTaun:Metrica -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ua.FoodSoul.DonetskSushiTaun Framework API call javax.crypto.Cipher.doFinal ua.FoodSoul.DonetskSushiTaun:Metrica
Processes
-
ua.FoodSoul.DonetskSushiTaun1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4593
-
ua.FoodSoul.DonetskSushiTaun:Metrica1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4638
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD5d01115ab3b3ab6cd76adfbc07994cd9a
SHA12e7e72949ae2c3c9fc3faef4ff50f29153ce10de
SHA256477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68
SHA512bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d
-
Filesize
234B
MD5e49d902b1a117c680eb0a628a28f8785
SHA164e4f767b5c149d71511f5b7749a67129d2cef04
SHA256a6e96e653cee2a4eeb7f163ae6b8091b60d8927dc0cba9322720af61f50fba10
SHA5129d40f7d31c2e118b4abe80885f2f86388efe94394dd0ef0491606d17f318cc135aff7760d65a57f98d89a6db95d7865da4fb9c7ab9be5d74375a611b19c94277
-
Filesize
36KB
MD5221d617c1ffb04f735f7aeae4853d470
SHA18ce14b8f6834814790417f4b82bd29494a7d1a15
SHA256df90b06e58c0cb7d2648b148469870d0098b02043764d2df5ab145b75ca88555
SHA5126b9a0c134fc6a4ca1f36b2ba043481c0fee2a515720e5f202faa9e7e0098df1c5f393a900c52d00782e8c87dfd6326d85ce3a9a7d7bd49d5f03fcddb3ca21bd4
-
Filesize
20KB
MD56ca6902a1695dfb8e02a54c004e31913
SHA1b4adc547e20c80a551293408344a121c737369c0
SHA2561386d69d3e96754744ebcb09b341c69df633cdc241763d8ff2e1e90015ee85a4
SHA5121045b18454a5370c7623219f2998a771832471edc2170f3a8240d421a5060e82ec5629c8f9ae69f08cff3254ce2de21506d2d9d0a5ab8ed5a233a0368695d41f
-
Filesize
20KB
MD57ed474368d7dcfbd203260760e316a24
SHA143d525fda5ae2de6622edef97058be25c03bcd59
SHA2568f079ac2937337615903fb6a143d3316e95159f9fb0a16f9bddcd1d4c1e524ec
SHA512e88565d66afdba97dbe63b9d30a24e6ab4e5e7fe47be4d287c7dbb2efd6fb3ae034033bcdd25fa3227796895b61da8b2b2431ee4de4cb34b1284afbac6455ac2
-
Filesize
8KB
MD5b018ea23e23456a4ce03aa08248b248f
SHA1497fd895f31110e41031a860d05a06535e23e7af
SHA256c7e20b8e2a21441f807f08d1a904ca060bc9299a2ce7be077a2e4ac812659abf
SHA512cbcf7e0367c98eaba6949b4bd6b4c443b72236ec499bbfe655afb36280c08eab15c03f25f328657a680872fe5c09e138bf08c2008dafd8de069987a78000d646
-
Filesize
12KB
MD5ffb7c6f113d650c31c2d80522bd0aad7
SHA1a0277a1f3e4c261b0f96af2b83a77cf018198d3b
SHA25611f293b7390f4a3b1ae23b7c7bf30d8127453689cde030b023b0e22dc1e66566
SHA51203be631fae15ce2b01d672a203b0233bbeb15257db87a037ff4ef26c0525af2bf73770bb72573e19819a5a4f744b108d8f6620bfc3cd12ef2d9859a12b4a3e9a
-
Filesize
12KB
MD578c1c1196b95e0bc75000405f32082cd
SHA1461766effa6a53249152730da0f7170f9ce3e8da
SHA25616bd6bea2ab2f91023559debd4c444bb99518430f4cbfdfafa2af880fab36de8
SHA51285e30039214c278ff8b8962a09ebb2078f58bce5e2ec0b94cea5e3fca4210e86ac15977fcd2208cb1ac710d56c9560e66b04e9fa75c29a05d8f1567b4703e41a
-
Filesize
12KB
MD584605fe77ac9fbc2999dbec5edb78bbb
SHA176d017faacd7e7564fd1f86b90a68db2d82e677e
SHA256863574c8d723670c67aea9568c84cc2477b85fd17fdb293dc184c20ebb43c949
SHA512d24067068522aab39b3b851336fa325cc0583a47f8d749fdb7e4312c8945d25b67d1936dfea0945a17c3e2502a48fb36d38a10e6fd4db2e30fd7095af451f473
-
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize36KB
MD5355602dd26d188c7b56877f3d1fd338e
SHA11a601346727a65901ea84221737931d17a427e86
SHA256903a61b59e8988e2df5ccb257442174558cbdc48c188a7d7762be7d6813b989c
SHA5123a8ba8b8e194f56d6a660cd87ebfa9cfe0a71988121778c15585a7d3f1962029034786087a622f919491b20c6ca21f318ac79317670d7ddf4843e5405b144e7e
-
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize512B
MD57c386e590a5f9e0521815e9153369220
SHA1d4034d9fa5d0875f947c419f40cd23a7cebd0b9a
SHA256d7ed88e064d212063cb6cf2b9a7c42f3342f5bd7ed95443888d44e0269eef2f5
SHA5126b5e2ecb05f1eabf2d4216b95b25b096229c5782954c49f3607c54a1357886961038d760e3a983235dae1144462c6ffc6c503006b2699b633cdc538c8527763a
-
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD522c4931805f2c0e43032638abde62341
SHA1b45ef994fe48c6ce7cd1c1ca8239b1fb5a5a0925
SHA256e2aaa634436b648198d22360192d80093de08be2eb05bf2302f01cd37617f82b
SHA512c463324cbe511aa444ffd8165c92a42d1ad9d24b956fe897bf81f422aae734d45c3f0a6cfa3a31f0b173068c28ad6f614cc3f6676e0fecb5113351517fac9a56
-
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD5c3e164b30f32492772fc848a8242eb88
SHA12bb14e8c31e197f669db8f9c01ef362c7abd5594
SHA2569b9359e153a0b52fb546dd8af7928d5eae846c6f18fcad6306dee3b2a77bca5b
SHA5123f4cd06da19eefc617a92b8fdb67e35740b5505b161bd4f5f2276f602f88f87dff5b4c4b8ae1bb3b9ac1c0a3a37fb7847ebb6a2afaeba0dbb0416f19a4109362
-
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD5ce907db8a57d3145629e14bd3666eb92
SHA167299d21d31ce392bc99f5ca50b73c70a3a5f39c
SHA2564103769aae3362d990ef4a4ec5640163532b28ea4583e819436f1acdcc8ff02d
SHA512debf445adea4a4f76e87b1253e4838469bd4c81ab56649eb651ed47c989d2b0d2f80492a8e23a07078384d50c6a434e6041eac3bf7ba7c6bc0e4f0aec2932e15
-
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD5fd9d66d068be965cae461c33706e1c25
SHA1d06e240cb34300f3dd0638160b6b7f699d8b74d9
SHA256455a792afd9feb3b759dbd0eefde4033c07184bb664245ea79decc926e29adca
SHA5128179454d7cc0c92bef274805a3f08fbba76bee3ba33cf52efa5860cbb795930dfe51e4300653d9dcf81697c55670483bf51daeccad3623e5a848e6d5118d4be5
-
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD5b610d1c4160c6870ed9cf6431c39dc4a
SHA15e848ad87682f0e4d90f97b27adda39bb39bcc5e
SHA2565fe1e90e62066e86762bc0138989d67e5b86197949353f9e4ac9e3b12451aa2d
SHA512512c3fc919f32513bfe02543dd09b365e887c1afa480bf50f2a60f22c3432ed7f4138da83da5d90dbdefa17f4bb2151c4c29f33cf714ab078e8087720f2b8af5
-
Filesize
20KB
MD5571d74328730f0bd149b82aeed174cb0
SHA14e6d622eae44406c3b9162123ea92ac0a49b06e9
SHA256f5969a11a03de32cfc8e5a2b1a930a408cfce600c8197dede01e6c0d949368a1
SHA5125440468f99dacfac516d3c456f3d12faf19f3fdbfc63cdd88f1240095385814eec843c920dc9e0b5464230fc6df17b171e2ebeec1e1ffbed6f7279702504cb1f
-
Filesize
20KB
MD5e5639b469346d3d19c79ae3bdc2f4a9a
SHA1b4d9041b94176f65417e63e77f0f324b81e8dded
SHA256cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf
SHA512273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4
-
Filesize
20KB
MD52b164b1bfb0876d901d61b2e05b09eb6
SHA1e5420b861306300ab876911461d13b751b042415
SHA256fa8baf11c444c2e9acb0c60e76b2bcd3a55e07730071eebd6ba2168b469debb0
SHA512c572fd6f4f6001e9ec3f6b35cb4f0938608a2a6618b88e47bca6c761cc819d53220918f47af6fbec6d47ff369e0b75477a03e5e4e1dca8004f822329b060d82b
-
Filesize
8KB
MD5e5c8439d113cb4bd8edb066f85e94f49
SHA121bfef96a9abb906b36623f14cfdd06ba40d4aaf
SHA256aa05cf79354dfe7f54890e27954f7d9918f043378084ba3ca8a9e0e0be66ea94
SHA512c4e56a9e0ed5154592d7f68f723d5d7c9e1241a1493199bbfc193d51ce8b11e66898851f3406deded07908dd3fd22bb06d72671763a4e9109f4158bcace27c2b
-
Filesize
8KB
MD56067a3048f13b17a6780c83ec7a04ed3
SHA1c99267a940817b971c8f9368888228c9f44a6a5e
SHA2568c374cd71e0f2d28cd4b07c8955820045a3ec1ef06195ab522ee3fc3819f27bb
SHA5121a25e802584fc21fe2515c3c1349fa9ebd79c998396ccadc81175b1ea28d6ad27c628f32d12b93f76554355493966e287ba0e0cc3e28ce6910f3a3cf6d3ac09e
-
Filesize
12KB
MD572b855e61110469dd9ca54d4c3afb198
SHA1223b475fcc82b505cf8b8c81ca66d09330c661c5
SHA2564c32dbd3a1e0edd336b630ff16232f7904ec5d2fb453623fb4024007f78b7d21
SHA512860150c16c749df4aff0ccee272617ed9281dfd76a01906609d7a18c17b0ba2162ad8e8170e22b005a555cd59513c948403a8632a70f73a80c8990d33283d12c
-
Filesize
12KB
MD548e16b54d069c11c6b4ddc2ac9e8021a
SHA1ddb3458687643fec2cc8a016c95d8f36a49c45b0
SHA2563c32bff7a7881123f459ced79ea2f8c78d7e2a24bad45da5e3bf0d32af76e2d5
SHA512a4ec5d26f056c37a3ab5ead31e2ca03f1913bc52429cdef11fddd0fb6cf0ad1eff6e5f652b6432a8136ad3c858fcbb333cd933a7e726572f81fa86d6eb1898de
-
Filesize
12KB
MD5d393c5195962a1459f8c66f44aa23af2
SHA177a8c2bfeb21f0716e6b2337b14edac35d66a463
SHA256fa30cb13352ae67eec7ab23501ba5ed14525c4bb7b5d0502d94158ecc4982f54
SHA512c45a1dd053a20505d207eb7da6d91e986687e30095ce66e768aa421d217b7c7c3d946f0e5d22fe627e0eac0a9b41f4022d075bbebd14c8efbd679b6eb77c9561
-
Filesize
44KB
MD502281f000fd3a9e6ef90dac13d1c2283
SHA174cf8922753e7c0dce6d5148a76ad27504a4f0b3
SHA2560c86830eedc8e42ab89ab0c702445f8cd5ef5694f0b9f7b289901a6778b16bed
SHA51284a5964a6b6319d34ef47510d671c4a3c2bd91fc083640fee4a7414a5bdb649ef012b567267359dff00eb82d754b8cbbac2fc236f3c486dabe8d00a2a531b0c1
-
Filesize
12KB
MD587562a6de45ac894a5c509494f9a3e30
SHA17bd1074573b1a115aa21ac6f77c867f22d50e2e4
SHA2565308a303fd55373b5f9bb20cc1bfe6e7acc94ad310ecb5c1464eee80716c3843
SHA512ab0e532641a1ae2232a5fac45aadfe1aad5bc286c9a62dca25d6980625e0a3ee31dfec136d0b3785bcc516ca1b3f451139673bfe66a11712b450bf0677368f21