21efe4f5adbd4d78fca32388e61dc7614b5dbfce6f2581436b50b96e684f29ab

Analysis

max time kernel
47s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240611-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611-enlocale:en-usos:android-9-x86system
submitted
11-06-2024 16:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9ebd03972444146bcc181f21d74e4b02_JaffaCakes118.apk
Size

7.1MB
MD5

9ebd03972444146bcc181f21d74e4b02
SHA1

7de5c03e93b1e528672500b7be8131001be3d242
SHA256

21efe4f5adbd4d78fca32388e61dc7614b5dbfce6f2581436b50b96e684f29ab
SHA512

f2cb84f7f095d9aaa01d16704f7e2a4e72c34bde99ad09b71d9209b6b8dd0d722fba25a970030e675d3c103e67fc1ddc2f188d550a8937df73906ccc7e5ffbbb
SSDEEP

196608:NCKXTAr7WVH2fK6CJg3kkzSAdBalMpFJ3t:QKXTAGVr6GAkkHdB2e9

Score

7^/10

discovery execution persistence

Malware Config

Signatures

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

T1421

Processes:

com.alienmanfc6.wheresmyandroid

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.alienmanfc6.wheresmyandroid
Acquires the wake lock 1 IoCs

Processes:

com.alienmanfc6.wheresmyandroid

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.alienmanfc6.wheresmyandroid
Looks up external IP address via web service 3 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.

Processes:

flow ioc

33 checkip.amazonaws.com
34 checkip.amazonaws.com
32 checkip.amazonaws.com
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.alienmanfc6.wheresmyandroid

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.alienmanfc6.wheresmyandroid
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.alienmanfc6.wheresmyandroid

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.alienmanfc6.wheresmyandroid
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.alienmanfc6.wheresmyandroid

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.alienmanfc6.wheresmyandroid
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.alienmanfc6.wheresmyandroid

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.alienmanfc6.wheresmyandroid
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

com.alienmanfc6.wheresmyandroid

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.alienmanfc6.wheresmyandroid
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.alienmanfc6.wheresmyandroid

description ioc process

File opened for read /proc/meminfo com.alienmanfc6.wheresmyandroid

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.alienmanfc6.wheresmyandroid

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.alienmanfc6.wheresmyandroid

flow	ioc
33	checkip.amazonaws.com
34	checkip.amazonaws.com
32	checkip.amazonaws.com

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.alienmanfc6.wheresmyandroid

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.alienmanfc6.wheresmyandroid

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.alienmanfc6.wheresmyandroid

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.alienmanfc6.wheresmyandroid

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.alienmanfc6.wheresmyandroid

description	ioc	process
File opened for read	/proc/meminfo	com.alienmanfc6.wheresmyandroid

com.alienmanfc6.wheresmyandroid
1⤵
- Queries information about the current nearby Wi-Fi networks
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks memory information
PID:4276

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-journal
Filesize
512B

MD5
a69f7997cd5f793afbeff526b4699b0d

SHA1
0f390fbcb3a7c85547e369ead9cbb9ea299f1460

SHA256
e8f5c2d48413d51a4158cc57591425fc710d524da5e7b06764657a1f3ad97e2c

SHA512
71621e9a745d7814f6c5a9cb1b423d5774b9cead9df1096d43867ce5867c21cb7024f428fae9444c05ab927c0b4cbb9f82aec26822aaced5d5c86d6f55b4949a

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/GeolocStationDB-wal
Filesize
76KB

MD5
478421c9369c4f3336c0eaf3a4b5dd8a

SHA1
fea90191de76f7c06ed7a711dd18acf22a39173d

SHA256
e12263a5f0802b54408f16f2e03215bdac50adb0e0c59ad2d485f1b17f89476e

SHA512
fbbbfd21c74c0360284e25499738e4d4ae7cd7c101df4cdba1ff428bd01d76c95aecee875de8f8a0aac3f5ce9fb92959aa5ba8d900477ae821c08c003ac1896c

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb
Filesize
76KB

MD5
2151476a95e8a880214310248719a3be

SHA1
7907a94642ae3642e235f3599d85887ed3fec061

SHA256
d1212537b701e2f7019acc7ee4466d99318b435d4791f816a44aeefeb4eabf1b

SHA512
8332c3b25d96c42e8788d4a5a0c232e54fbff8926c64db8fd99daef6607d313878b269b14d574caeae34733ada2a11eac69e0034a86a47b07b48306aea30b11a

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-journal
Filesize
512B

MD5
9a8a5590a9b1271496e03f4e95960c99

SHA1
8b4823ada86494771967896221cbf9b60a9ed865

SHA256
34eb4c87e72e8a4eb5b28bd183acb42859b6eae5c9c1c1a0eec70463ceed314b

SHA512
ca5edcc65c9289e2e140d4ade86e2556d0bcc35bbf55580d695045aae8b49f2a058dfa07f0095580585e452aaec799719f31ef7d34292df04ee765c5c474ec4b

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal
Filesize
88KB

MD5
3825be78ae4184229235444baa006e67

SHA1
5d4f0f4da97978be51eb090800cc770b967e4612

SHA256
5c1d68ed7cdc13d7d4c631caedccf435880e172ff6d8b8e89cf310ce2858b9d4

SHA512
2f6cae385ff5901846c1dc58bfd03d78163c5dddf003aed9161ef9aaf217d3809252d99a0494101a414b5ed008124a862a6c6c04fa29821d4b2f32aad31f09e9

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal
Filesize
406KB

MD5
750100573f1b043d5bdd27933c02d38a

SHA1
f38c869c3386d9d4fd881ad66396a09af81cc271

SHA256
59fda31f985e31f4dcf5b9e031de708dc02399fb815d2fdacd2f62dee6fcd592

SHA512
dd76a94ee31524239cc9a0e1e559507b44675ca7298df37db4c40c9d78321b34dd14afa530b2f505fd54b3ebdb7d68e61dacdc596da214ff32fdfea7c5e9f555

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/androidx.work.workdb-wal
Filesize
16KB

MD5
acdd24d5cb60a7620c7761aefb61dace

SHA1
aa4c84caaf46155afb740fe8df6d8f4ae57a4bef

SHA256
1e24ff79d6af6447ab426ce0d0d889e856067800b6a1a095fac653537a235ea0

SHA512
53bfdffcf6353a43f95124968bb954d41d946ad839ee20acac246e27724689be0116eb6e1e144f3f3b91d712789097abf064844c14b76e631c0eea70e2b0ad17

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-journal
Filesize
512B

MD5
061fe7934c3ad2127696c8e8dd6d81c7

SHA1
ad2fc803182298a28bd38021303a473891c2d0b4

SHA256
f2ab62f6d81ab3f7efe1b647e25430181ce3dfeb6d7de4aa0ad5a3884a8004cb

SHA512
17d6b50c69c00b3ce90565c96543934afb272caece4d803c4b574ebb723e65a84c172ee52a40f6327de482fb5510e4baef7d3d52f6a6473631545109854c892f

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal
Filesize
16KB

MD5
aadd4ea3feb092e433ee0d2e8510fbca

SHA1
cb96263cedf7bc81601825c84bef74bfd42f40f8

SHA256
9bca5304421a1ae23e061f1f954301fa3ed1f26a0271504fb53775f540cd88e6

SHA512
fb913b6eee770faafaa30d68dfa2b656fdfacc943fbe84831a1c6ee309735e184d33fd7193408952d6ed1be57fca8515204fe16b0090db671e7d73e12868b8ed

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal
Filesize
152KB

MD5
6834035421b39eb3a05c104f85bdc0e9

SHA1
53f2de9f1bf0f5a42130d7dfef85bdbbb3fce2e0

SHA256
5108efb0281f7b7293c95f861dfc7ee6f19853ee9c68da8118918864441fb35f

SHA512
550d14f51bc757cab8f479fff8be48dbff3d4d3b7f1e5eb7a4f3fb6d168cbf92dfcd7ab0f18cdd56938c1f4652fa6831c97a0274800539e1961b50ac4775bd8d

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/basic-x-db-wal
Filesize
362KB

MD5
01d6027d44d7dd49a42c774e66861e94

SHA1
2335702abd6bf4756aa090cfa111ae8ad9544a79

SHA256
b06d853c9731e9d90188c75b46bc15255fed18768670f5657f766530b135b85c

SHA512
0d7d29fd462f5cb327b4a81b4137bffc10cd56339ebd71634b36e9767b97274eb3c46f77157b210e39b6344971164e9d58d4417f0a322ade57ff8b432be33953

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-journal
Filesize
512B

MD5
678ab8ee2e33a3bd68d2b8b24f1db5dc

SHA1
2e47c9529e60c322db0d9d300928884a8fd00321

SHA256
37193e587b99cc5d1015848ad4c2e03d8712e0b9e8c7cf9d057bc9d7ba1da2e5

SHA512
8696532fb6d856ff9fdecc9e6c94205760ba1d63b840e16c873dcb8d44337597f265810eb87ad7bb47c966419b8598efc1aacd51ef209b006f7cac7b5ed1ce6c

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_analytics_v4.db-wal
Filesize
68KB

MD5
92adda10b7a19b19126bafc03c05bc1e

SHA1
69646dd279937221a8e6550672278694f73b168b

SHA256
ec043b1383b5732d5c01c74859d1086cff431f54efaf496a15b9b881c46fbc5a

SHA512
31d3ad0d3df1b438cc229ac220398ba25cf8947db137beb9834f8dc3cc059bc2d5bf3368ba07cfc80b5fd25924d6f2d78e169ab45869782e3e38e79e6932fd5f

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db
Filesize
16KB

MD5
2b02014bb5b48943d1461a6a23c9d5fb

SHA1
e1f8f5e7e4925559b1bb924f766d45d1d9579e60

SHA256
224a43315c60441297134bcc463c5bc344fb5354c7e785ea6401a6918a6c1386

SHA512
2b108906b8847fc6d4dfcc3de15de56be9fdf98b021923e2b5e287e88c32a6a8f9451b4a6c175bdd49d82f770578b2ea0a0e1ebe2681f484914aaf45dd29f75c

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db
Filesize
16KB

MD5
0ea367b643f440a4351d69ab82b0b34d

SHA1
24f501bfaf67381621a7db5a3a16d471bda55dda

SHA256
093d67ba0a3415207294687421fdd37cbd47f32882aaf2b08816e3fde114c5d0

SHA512
99de45d6813b81d9c70c81e07ee21bd9acb593bf8047bc4eef2e367fd0ceaf28cf4444a348c5305a07ca2cd61e80b27acb1b6921d8f0ec2e44d28ed8c870e4c9

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db
Filesize
16KB

MD5
2fe47cc30301cb67fb119a11332de534

SHA1
9ae25c152f488ecd3364638218e6f629d555cd10

SHA256
acc687b6b7d974d5850770dda2326a97dc3a6797bd70e0f6f0a90606f1e8a89b

SHA512
66aad38c457b420608ec8b6771c61acf84c136ab28455aa71feeaf897f82c37d2b7bf6db52268788372a2bcc706646259e606124a21ecf5a7ab72c71d7920845

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db
Filesize
16KB

MD5
68c73bb39c0f8817581d5fa40d345689

SHA1
524730234a006c278b6303439794879b111c13d4

SHA256
523f8c15846ab4bda507b971c489a27335a8f6224f8b7f74445cc173d93ea522

SHA512
51e80846e21e55b434251f92f6fb3a1224b4d42741602aa57f64f8c8c2eec736ab6c25a1073c4756b4c76d5298d04f1e1e669b88986d1b4eb6579d9fa2403d31

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db
Filesize
16KB

MD5
0dbb17efeea1367a843161a97f59b004

SHA1
654824bd17a4c1e34f757f1df617642c08bfbd10

SHA256
2299a44c2cd0e2e474fb4e00d5cbf4338ac59a989f3b7c38fbd12a5bb66e5f25

SHA512
62b2b49509d19adf0d1c2c241bcc6c671496ea4b80a0c528c3a7af2d081cf8b34c72617e5a0ad35dd1ba87fee5d2ae442ef0c6d4e9fbb0fbc88b6bf41946744a

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
51c420593860bcef442a2ffb6bac045b

SHA1
2d633b50ecd2092524a7d1cca091b490b5149de8

SHA256
edbca654f8079c0f9faa22482640ac680267f2045258fb13d1d81ca9b9971014

SHA512
5305e4b893823f62d975ba1eaac4f52ecade7584d192628952d98b248bbd2ac1050c3cae57c303c7c6e4f911ea208fccfa865420137f1ca9fc54fa68b89ddbd6

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal
Filesize
36KB

MD5
d92f0855e3773a8b8595df1ffc84bb1f

SHA1
574a6aa818c476dd67d8cb6fc98bf498fd13b12b

SHA256
f0d7aa77c58e6662597e45716735117ec67ae28decb2aa1338d075b87e0ca6a6

SHA512
2752ee5ebf62f60c24768a3de16ff275112745c64afaa228f2adac821eb836c033e9bfca3cfce3055f11a07b0da8cc54310a17a90370a647828c83d72032052e

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
b8992ff13d4d215f1c9fd86a621a793b

SHA1
b234c659eb2b9f168b5a31622ce3011b4b9f1fe9

SHA256
0dee3de3aed25abe7f210462bc4211ebff476532dda0b5e5cbb10ca79b2e2e8e

SHA512
f70721c881c35df18059d3cb144b01818269e4be6567d83604dbe8e6a611ed77fef923b5df408427e42b86f178b8ea5942a500a6c630651df4c378f206c220f3

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
a0c1b6c51e981a11c98febb8a93b90f1

SHA1
4c92dda3c9824749687bacc092249fd98e38202d

SHA256
9abb3fb817fcadbb45f2524250278b64d44f17021f237e455ed88e482bca1089

SHA512
ced259316accb72807f1b9e5313c1f2f335c840a4cc5f2ff7322a631b55c1f7d383c4247f45ffb29b891e666d61232e9c0b87f6c338f735ddf893a89d3694567

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
6baa18cd8be4c0017096cf634af3bdd4

SHA1
7ec1388c86d04c5643f97fb937dc3b78daaf021d

SHA256
f228110b25ba18996623e89e47ff23f007bbc7eba631da8c1b822d10c29d5c80

SHA512
ce32e9473355ac96b70675b49d8c701ffdbdaae842f58a12e4cc1f94f3e8afb2589e7dd02d3e0a306d38f43763e1ab54a9a1e3074db10a7e6d880abb34632ece

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
22442486b9eeda375cdfd08f75a27ea1

SHA1
f76dc0740fd0ccddce1e0624e2cb6b386e4668ef

SHA256
908cb9743a240bc505bfffd93e95a733ca72f35924a0df7085208eb80a9ea45a

SHA512
2947f62d0c974c91e4d9b6c9feef1e58e0e22401ba0997b9b72cce1dd69690b0c0c65c81a179f876dabcfe41558637214e4652ca487b71fa85e10a11db89bee7

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/files/gaClientId
Filesize
36B

MD5
94c4b907df84b5c143c3bdb24003fb78

SHA1
b9a1c5ca7687c02eb7d677162e8cb721ce3dd895

SHA256
314b2e9db51010a5385dd3f16c1f99b3a7a57d9a65ff68d3a64df7607cac13c9

SHA512
a6ede5bab68ee84f34aca2da5be410725fbd68563980278cfdde3b17e60a58dcc6b807c0423de37864573bd64c6fc6890606292f61d058ed3eb2938504121a64

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/files/gaClientIdData
Filesize
32B

MD5
a6ff4ca4d1ee3d05e325ac841ee5c60f

SHA1
ffd8f41c44e195e501b1e925ee0080482fa85afb

SHA256
fb1765f1dff7596c2da4fa94787983af0863e752d5bec556ca4cbd6fac455a36

SHA512
978dc02d02e11fc9294153e9be9bae2722da47a2a95202e8a395deb733445e9484d6947d45c39e2db776db7302d7090fe97dd5706e5970c8953a462703cb89d1

Download Submit
/data/data/com.alienmanfc6.wheresmyandroid/no_backup/com.google.InstanceId.properties
Filesize
2KB

MD5
40cdfb6cb454befb9b484244948db122

SHA1
a575802bb42c5844ac37c23ca3b5cc72a994f5fb

SHA256
74f275876acd8e017f8a2cb137c7d4219cccbc23f9b19e185040e007482bccf0

SHA512
56774613bbdc31ae3dfdb0ad41586da080757a6634e0ec2712fccc67e1645ea035e7bc3876a8bf99222a2a9ab1f2af31d3191f00eb92e9ac3b6fd5999e3f89a9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads