fd3064e387678fd86f045fb33b5d27ada379fc1e16a5f3432fa3379ba5e229eb

Analysis

max time kernel
179s
max time network
150s
platform
android_x64
resource
android-x64-20240611.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
submitted
13-06-2024 07:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a47d0578f905dcc56360019ee6e3efa1_JaffaCakes118.apk
Size

3.3MB
MD5

a47d0578f905dcc56360019ee6e3efa1
SHA1

6da53ef292e3594c4df0ee559c166e7f2b49eb6a
SHA256

fd3064e387678fd86f045fb33b5d27ada379fc1e16a5f3432fa3379ba5e229eb
SHA512

3c73269c09be0a3dc36752b4d7b4bd686b4cb2a326faaaaf8326f5cb28bacee810e507d5a6804c37b8db0378f042baeab7d081e7abfb2e24d4421b39086d9a28
SSDEEP

98304:RohWAo3eZru6tvBsYrcnfRrxgzKnUTxWohL/BH2OtywXF3oyVAoVgIE:RogneZS6BBrcnfRrxgmnQzRC

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

ua.FoodSoul.DonetskSushiTaun:Metrica

ioc process

/system/app/Superuser.apk ua.FoodSoul.DonetskSushiTaun:Metrica
/sbin/su ua.FoodSoul.DonetskSushiTaun:Metrica

ioc	process
/system/app/Superuser.apk	ua.FoodSoul.DonetskSushiTaun:Metrica
/sbin/su	ua.FoodSoul.DonetskSushiTaun:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

ua.FoodSoul.DonetskSushiTaun:Metricaua.FoodSoul.DonetskSushiTaun

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	ua.FoodSoul.DonetskSushiTaun:Metrica
Framework service call	android.app.IActivityManager.getRunningAppProcesses	ua.FoodSoul.DonetskSushiTaun

Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

ua.FoodSoul.DonetskSushiTaun

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ua.FoodSoul.DonetskSushiTaun

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ua.FoodSoul.DonetskSushiTaun

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

T1421

Processes:

ua.FoodSoul.DonetskSushiTaunua.FoodSoul.DonetskSushiTaun:Metrica

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	ua.FoodSoul.DonetskSushiTaun
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	ua.FoodSoul.DonetskSushiTaun:Metrica

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

ua.FoodSoul.DonetskSushiTaun

description ioc process

Framework service call android.app.IActivityManager.registerReceiver ua.FoodSoul.DonetskSushiTaun

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	ua.FoodSoul.DonetskSushiTaun

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

T1603

Processes:

ua.FoodSoul.DonetskSushiTaunua.FoodSoul.DonetskSushiTaun:Metrica

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	ua.FoodSoul.DonetskSushiTaun
Framework service call	android.app.job.IJobScheduler.schedule	ua.FoodSoul.DonetskSushiTaun:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

ua.FoodSoul.DonetskSushiTaun:Metricaua.FoodSoul.DonetskSushiTaun

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	ua.FoodSoul.DonetskSushiTaun:Metrica
Framework API call	javax.crypto.Cipher.doFinal	ua.FoodSoul.DonetskSushiTaun

ua.FoodSoul.DonetskSushiTaun
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5084

ua.FoodSoul.DonetskSushiTaun:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5132

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ua.FoodSoul.DonetskSushiTaun/files/ZPkFS.log
Filesize
12KB

MD5
2bdb93780451bef2ae98c9899f9c0158

SHA1
bf890e231e932c2c45d58d908fec3ca5f9c4c10d

SHA256
b0b729bb5d4527acb991af638e1ade99b016a630d80737c6dd8e99f1c0529296

SHA512
cbfdc39fab2ad44b6387457dae426b8f2192022791d9f0740eede02a954136fd60fa2cd9f820999013c3802855dc8cdcef1f162aae2e0c93060b29d653a4943b

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/credentials.dat
Filesize
234B

MD5
c66b2a2059263c2049e7f2c674de78b9

SHA1
66acacd6598d42fe687d9ad69fd6cf2c9bd7beeb

SHA256
0611c77b9e748f85520cb3c86c108d673794419e7d7bb3c6a6e2270f1e706e5f

SHA512
cb49c148573ba3304c5a2f99ba329dd2e2b2253d1c1ed779dec82cedf4ae2c1638d1c379f8eaf6640aeb35a1c160cc983d8f58d975fe688375cf92bde864ad98

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun
Filesize
36KB

MD5
6043b26a1db4e5fc500a5751426b5206

SHA1
68ed29eb4ae251d27f43807183a4e8ba18d70048

SHA256
f0ccb2120812616a2b6d3c05000faf34429a6e95e294c5d5aed97088a0d49ef7

SHA512
a33bdb0c19262eda7ba90e014673a6f06ddedfbd80b17fb9d16ff3ebb7bccdfcdab62f3cc6ec97cce5eac0dea6f5aac3088cfd047eeb38efb2d3b56ae4323f02

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
512B

MD5
c7f48dfa3e447d367cccbf016576be97

SHA1
606e6e754cf38c2863eb838253a0ced7f7ef8ba2

SHA256
b4aa6f64deefeac46135cbc817c9cdbc64cea9381ddb90f7fc8083f467a941f7

SHA512
124af76df195fa8a8f758884eb4c237edda7630af9e2a06eb0434ac18dc5d9d99ceafbb17b6b8a40b899f2112776d1507cdc57a1c77e57b41133db6ec3fc2ca9

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
8KB

MD5
c820425813cc3ae63e1ab624aa69754d

SHA1
1e54efd43d9fdb0359241faa41ca38e0cd7a5d02

SHA256
b5937d97fd710d4376e4d8fb5763e576968e50ea654f77f21dbc62a31e645bd0

SHA512
be0913583a11a312c3ee633a742ea298fb42a517bcc49665ad028edcc4c26561a9fbc4dbbccf8ddc4f5ee1f11165b9bbcc1da51c28148e60d7ec897845e755f3

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
8KB

MD5
e659fc6624a9289d5feb7d341678b2d7

SHA1
7a8a14744992a1074f08de5bd58ee0dc413b24e4

SHA256
f555b3afc4295eecf57f5d4d78ba1f6d771a2c4ecb02f9d0b1f72205b6c0bf26

SHA512
86962059babaca02666ef1097a3719ffc67fb850e6b25924d82f60cbabf3848fbfd038d9ed0e09de04aa71e942e5754b3e4d6dc6b95b251a2733c4da700932f6

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
12KB

MD5
243f9abd75089154c11c1902d020248e

SHA1
06377f8ce888bb01382f0d897b76d4e9e0bf55f4

SHA256
986a46769dea97ca15fa46484bb1279e0f8a6249ef4d410217bdbd16916b9070

SHA512
e50b8db186fb56106caee06fb37c2f06ffc13ab72c540b5ca2a234511a8272369b460e81d2d8de27230d0b21eb9176adbc260f95d92a5c24af6354cf07dde5a6

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
8KB

MD5
3e406a59cf3e647a13eae58efe98287c

SHA1
13c0a55ec70aa4c30d22b2b3f47c321d477c9ac1

SHA256
20318d90d91d4127b0e44d8e096dd13368bb9cfa274979ca7b478a53da792b07

SHA512
18103454ae7ff31ebb5ce729742ded63b5daf192e0111a4b7036f53844c9ffc7c3f27b3f61c3895bbbdeee64cfda4959004caaed8dfb85a62000830fb8b831fc

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
12KB

MD5
a87f17271d8928e181bc06c46aac51a4

SHA1
eb2a27739495cac30b17db31fdb5d70c119be15e

SHA256
09596395601beb449f97b066a97647834a438cd20e0006ebdbee1c10ba8b2278

SHA512
5f3e6caef287c087f3e66419d6f4b3f0cbaf3c261e8de2fb84a572e20ef27da12f1fafdd9119885bc40e582ba1a49f939c1da5d3b365df4cd930215f40963ef6

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize
36KB

MD5
24b006b2da8b92b0a7303718d9aa3808

SHA1
7777dcab7cc62335fc62714c9a76f27226972965

SHA256
9bd8b007358b56ded29f2beb169b61a79a3a5aa499f90b8f101372404d80de0d

SHA512
8b099452ad8f992f3d34f14158929de5b9cedc05e7d93d0bd4bdc4410405f6c1dfa9a71e01e34ce8126861c27b1076a591946db3bb542620fb91743e201a654f

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
20KB

MD5
6b95659deb498a28e0e8dd55e6d5a9d0

SHA1
63aad338729ac392d958f5a9f0b5b1d24af5e313

SHA256
d59ec70645393ff97245b933dc1ea685d7829e061bb9be29c4d07b61de043b52

SHA512
dcd84b0ca1508f0a303bdfedbdb11b0c9e2df580711eed513625021169de8ed83dd582a772d369cd3c7264f565a6aba34a404fcd3e019312c77e41712c1156cd

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
20KB

MD5
205c1db6725cfba6f0a142df19d16330

SHA1
8dd32660a6719b86d0d2514c83c287b8207a5224

SHA256
49901f9386759035e354a9e8d79efc93b49bc1235f23b3dc7a498baa89ec8797

SHA512
075a34f80f9cb0d289a2781afcda0690158a1989397da3d3f27045df89cd3ab4c1d45f4cf27631a0419753cca8f0d799474fb78ea2623925ec112895aebd196d

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
8KB

MD5
a600655ab9104833169cc7856b1f2d97

SHA1
8424b494e7bc354dcfd324fcfa25ec7eabf59108

SHA256
a684843dd397246cd96da33abe932d84076b64202302259b1fdc74315bed1571

SHA512
4f2c3ea43fbdd08f9dac3c3f55404c6085e434039633e01f6e1121248cb3bc9efc9c6d091dcf2f2dd6ff02f9c6f23b65320416b7de6f0626e71ee799442b4d9d

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
36528572e5fbad53942aa4c14eb01a16

SHA1
97744be70279144167a50b4bb32647f1eea0171a

SHA256
8ff1a30a6be1241b432c93b82241c80195ed982ac6c40ac62840c2948851ab24

SHA512
141fbfbd3af181965cf069052409841b2e30c6e352b6e6b7896d85ec270f8288321923b5d1a41b324b28e70204d2130c4d13b769f511df585ed3a8b163733f92

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
b722f9bccb05873c9d4d06e03fd43c57

SHA1
6a5ed79dc3d37965502d5e23da4f47759979b92d

SHA256
d0d0421f8f119fc5e10a3e244b6e01e77a13c778a671edbc5a02852fcb7dd84a

SHA512
47f8b412d975b6ebc119d9ebc97e3c2fcbc911102242d1e98e96881c26782478091458a174b1e60f5fcdb9066cc29378133b385081cb40c383f841762554dc3d

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
df2043673f4e9476c90fd329867dc02a

SHA1
d15808003f9d38748b12b7e7d23ee0d450c28c90

SHA256
f3250afaf0759984b438d0ee276a5debe3626a6d5bacc961e2bc42142350544e

SHA512
4c22ae4601f672a75c103b8b05f136d59e433e2129f04c9aa9dd4cfa52921180e68786e389ce28bbfcc5c73692ad1a08f15eeec9f7ed929e63167fc2a5b6b8cd

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db
Filesize
20KB

MD5
3f4359fbab1cfe9267a45cafb547ca7a

SHA1
54146cfa8ab7a34b75531b828131adc9d0980422

SHA256
67174dcac6a167e159bb2bce2fea3de6cffc4437261dde582eaba6e16810857e

SHA512
9314ec76a39640a3b90217efa225b28578f5291afc397c97a43df400adc9bc6b0b0f603deea2f3cc23e47dd231b831ab2e516f8dcdee5b9d43f722f58cd912a9

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db
Filesize
20KB

MD5
484df068dc370197c0e37af4f433f772

SHA1
5d071329bf5182e60b2d268adca542901d492001

SHA256
3ebaaa9fc7a9245b413f62f91d9e689d468456dd4b6ce2408bcd2003cbdbfbd0

SHA512
587e7b68f2c167d39dd50744f2892a461a67cb073e8cf9f6eb2ab752e07841440dbe212af32958248d15af5d4001e7fa12f86cad62578ef31999355a86c3b0b5

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db
Filesize
20KB

MD5
ea9c2dc01d788f2ed7ad6a455e32335a

SHA1
3da6ee06226734e9a402c3ef2b542af3b509b6af

SHA256
ddcb0e1970efc2dcb42a4dd328ef8c10f3512b39a47277d5b075fd3b92dfc3a7

SHA512
5b834f25f6f8afea98eec78cf8e148671ceca48aee8019e09308389c1f336e47e55666fedf66e09c97e827c375ade0fad635b98686ebd2f72240108670d25e76

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
292bf8ada52a85bfba4274546537866f

SHA1
0d45d26b80c71d12b43fc3508543c69aadb9f815

SHA256
6ddc17f5ee4f74471cbe0aca486f7ef7d25e4e864f285b4f8786c9f43a11b309

SHA512
bf89e6c45d8323d3a8bc177e7616d0b0b6d8308c74d762d6ab3cba0f448500b30bb4b717e70ed294820e1c2764698f87692609acb7488daaf019386e7a12d40e

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
69d20d6140cac90cddd6cc5ed81c1f1e

SHA1
684f8fd6a0ad55030b6a536a09acc48abb98b123

SHA256
b0f2ebc667f9647bb60c73eeb11a62657a380992d91d0fd966e05e30d5e9d0a2

SHA512
e156ea260f191dffb3b5015156be0777086342002acb280318fdbb085951addf66763077d19e61254112f51b2c1162b5fe5f6f930551963ea8f7cd2c55c3787e

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
9c6e0210042e15d1572ff48a059cd094

SHA1
44a5b22ebf7b8940a616020761cc3870e7d2687f

SHA256
077ff5d37c629c5af871cb0880998818d2b55faf9f428bbead2ff2614fd51440

SHA512
0f455c907b4af7bde5a3af3ccd56f331cef5e88a23aab146ba6d3651a7140dbca38f410744f3811e323e962cfbc3a65fd3f35444ae994994bd621f269999a4f9

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
3c038b825704a55cbe2800bb44c6940a

SHA1
1865e9158f3ee004045587afb0fde3891ebba218

SHA256
3978cb473d25d19fcfab6ed73e6a5a730c7cc4dd88b98035baee46507c0bab3e

SHA512
47a0aab2ae6238d387ba502f23413d2276211a629039a8ea7d11e4da4bd4f4d411d9477e1b0d661ff8a4c1222ddc5cfcc19ce83dedc8172db0f9d5cb892317ee

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
dd78238905eba1eb417e4af742879be5

SHA1
ba880ea9f10678a7a2b831ee8774f3c161b38c5d

SHA256
6659a0747ab19dafd8961a17b45f994a91b68158f0df36b5ad040c1cc7c26225

SHA512
7a352b7ab05c2f806ef2f441bdb48820563cc1ae007ed9a88ea851e06d5aeb50c2766e89d0cd5c420d2a68eac5d8ae071bb5b6b923c88aa4e518f0a1fd79ca24

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db
Filesize
44KB

MD5
276a4a2aec81a115cc55d4855c1fc183

SHA1
42b9dc1992e1bdb16759be4bf503530f749ff2f6

SHA256
ffbbe1d0218716d48b312d5e1d10d82c4be5024aca54dd7867c2545a58592bb9

SHA512
11533f0ee8f0695066d74dcc6754c6b31358b66a30a9f4db24d6dcecbc6504124980def863ad3f08b2a3136433a90d858e4eb2cb31ff9298b822b9753b91a892

Download Submit
/data/data/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db-journal
Filesize
12KB

MD5
6cf8e76de7254c2a5abb713f42721d4b

SHA1
fc97a0e525eac8381a3fb57f74cb6c052ab936ba

SHA256
2b1c6c651c0c7a95160a17f173eda5d7539d2b43d093d767617fe572c0de1c4a

SHA512
74daeeb4e0a76f1d0f78c3e6876bb6e6ddc2b2b0d3fd5e3ea2c85de71c371aa2d33473ce3d79137bfef53c1a9b8519f6e0cc512555027a7cf4af8dd42558eba3

Download Submit