fd3064e387678fd86f045fb33b5d27ada379fc1e16a5f3432fa3379ba5e229eb

Analysis

max time kernel
178s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
13-06-2024 07:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a47d0578f905dcc56360019ee6e3efa1_JaffaCakes118.apk
Size

3.3MB
MD5

a47d0578f905dcc56360019ee6e3efa1
SHA1

6da53ef292e3594c4df0ee559c166e7f2b49eb6a
SHA256

fd3064e387678fd86f045fb33b5d27ada379fc1e16a5f3432fa3379ba5e229eb
SHA512

3c73269c09be0a3dc36752b4d7b4bd686b4cb2a326faaaaf8326f5cb28bacee810e507d5a6804c37b8db0378f042baeab7d081e7abfb2e24d4421b39086d9a28
SSDEEP

98304:RohWAo3eZru6tvBsYrcnfRrxgzKnUTxWohL/BH2OtywXF3oyVAoVgIE:RogneZS6BBrcnfRrxgmnQzRC

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

evasion

T1426

Processes:

ua.FoodSoul.DonetskSushiTaun:Metrica

ioc	process
/system/app/Superuser.apk	ua.FoodSoul.DonetskSushiTaun:Metrica
/sbin/su	ua.FoodSoul.DonetskSushiTaun:Metrica
/system/bin/su	ua.FoodSoul.DonetskSushiTaun:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

T1424

Processes:

ua.FoodSoul.DonetskSushiTaunua.FoodSoul.DonetskSushiTaun:Metrica

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	ua.FoodSoul.DonetskSushiTaun
Framework service call	android.app.IActivityManager.getRunningAppProcesses	ua.FoodSoul.DonetskSushiTaun:Metrica

Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

ua.FoodSoul.DonetskSushiTaun

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ua.FoodSoul.DonetskSushiTaun
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

ua.FoodSoul.DonetskSushiTaun

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo ua.FoodSoul.DonetskSushiTaun
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Reads information about phone network operator. 1 TTPs
discovery

T1422

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ua.FoodSoul.DonetskSushiTaun

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	ua.FoodSoul.DonetskSushiTaun

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

T1603

Processes:

ua.FoodSoul.DonetskSushiTaunua.FoodSoul.DonetskSushiTaun:Metrica

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	ua.FoodSoul.DonetskSushiTaun
Framework service call	android.app.job.IJobScheduler.schedule	ua.FoodSoul.DonetskSushiTaun:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

ua.FoodSoul.DonetskSushiTaun:Metricaua.FoodSoul.DonetskSushiTaun

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	ua.FoodSoul.DonetskSushiTaun:Metrica
Framework API call	javax.crypto.Cipher.doFinal	ua.FoodSoul.DonetskSushiTaun

ua.FoodSoul.DonetskSushiTaun
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4630

ua.FoodSoul.DonetskSushiTaun:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/ua.FoodSoul.DonetskSushiTaun/files/ZPkFS.log
Filesize
20KB

MD5
d01115ab3b3ab6cd76adfbc07994cd9a

SHA1
2e7e72949ae2c3c9fc3faef4ff50f29153ce10de

SHA256
477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68

SHA512
bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/credentials.dat
Filesize
233B

MD5
71d653038defbb5c9da22c46044483a8

SHA1
908084c0cd9c04919e3adcebbe287dec467973a9

SHA256
b491da63d6d37ace20ce0aad314307bcd3a5fe094aab92b592860799493993b2

SHA512
7ae1a7ed9565c4feb7be6582834c8252ae6c202feed0dbeb0ca158d26a5f7f0c6b749b058a3bf8dd52effd4c12f0aa540be4683f8bcc54cd8cf490b06cb1a5b1

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun
Filesize
36KB

MD5
6a67fa7f7c54c47669190283a988dd52

SHA1
9ed56962d5a54f93697d6f424129454fa93273ff

SHA256
1db6e19f4000fb86904e91bcb9d1fbb81f9bae9706f6b07d7f6e63eaa9a976e9

SHA512
26ec2ebba5a1269ff36c9a4f984c62b45a1043384aa181af9e4ca8c86d942a01af45b876ddbe3b8baee61be66cbc4410ae4518f9c2fad3a9f04f5dad19d5ea56

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
512B

MD5
c91b011ca17f310b430b3206129ca119

SHA1
b056d70f931ff0e24808ce5d4f06b846cc81c30d

SHA256
125645cf20feef3768fe4070700720891a442cd675fd425270bf795d919f7261

SHA512
187a6334a690640eb0236e61956a4ea96c432ffc9d70d3b6a6ef5b789fb9631e61cb19e2c30589a500d2d3d26b39eafe764dcc9a803f0b765fe05de906ea4f7c

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
8KB

MD5
48caa2954627c7fcbeebb9b3f107e76d

SHA1
9bd173f180d89787732abb60360a4a89c907d83a

SHA256
dc93f2e67c68249509862068b2444a687e98cb83762b312e3466618329795db7

SHA512
c29e9215abaaec78f95ea21f2548466cab297348a13d6b073c61aa90b56d51f006d58311e50b9e108696121b043fd7357067b7079e0f9b843e9cb0173e7765b0

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
8KB

MD5
da4fdb90f59b9c98924a5d9d40e9eb31

SHA1
4ad365e200069812a6167877eaf70c8cd5873c97

SHA256
cb795259164cdb1e28e4a4406d868805940b54520172c25363536a9c7ff2c676

SHA512
360575da49dcddb586caad813bd9bffc86c78b6a51d685d4dc5f9651ce0d2df9b065e7e222a5764a50f6a80648661358e8ee8e9446b802ad34d1c630f736239c

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
12KB

MD5
ee4bf1ebb2e77efa1221742641e468ce

SHA1
d8ec0fbc65d59348817cbed7925227331c26682d

SHA256
87f2a277397d130314514b33ab040a71a8f2a60d5fc68331585cd9e691c58f4e

SHA512
5eea13c73510f3254d1042863990e8f112e2a6d06de7aa7a36cbfaf5edf132411ff705f96de5d8c0e44f827c701f913a681f2f3b123074d0d7650a2fdb663afd

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
12KB

MD5
df37a3b5d2608c885a6d67c1d4bffe96

SHA1
5fc4579964f6ac72869925fed84811870c3c22e8

SHA256
4d5fe46e79662ffe094c2ef1e1c3589015b83d1787a286b0ab6ce5d301f6b454

SHA512
01a8766e98967dd5693866c8b0416bc02e32054f4161603b4f596744f989ddcdfa8fd1c0075dae05d1cff2cb3fb7d42c5978ba314ce35b6dac8cc5c9122c3b13

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun-journal
Filesize
12KB

MD5
46826a30a4dbb42da4cb246d87f89461

SHA1
bd326c780da89a729de0197bb5f2ab6ead448ad3

SHA256
5d4122e53ee04673cd64ed9c86874f776effef07723ef9c208e7079539f46348

SHA512
e7b4bcd76bd7246e80fab912944c1426980f093bb7dee8f1c39b95743981c50f695669b34b8c286df567a5369acefd57fbc17f63049fbc5c81acddf661f31259

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize
36KB

MD5
f821927de2924461693bb1ef2bceca22

SHA1
231b1003a10025e7d085f579a8d45aeb4829fa4f

SHA256
5cf4cac7abf0f0148b47a2f19af6f4d0e1148e416e2bd55324340e107cdf037a

SHA512
d3f2c8322b18b7ae553cf4e85b856bc5e58ad6a2e2ba584ef3793937bccbd847c11e463e93153c7137badd06a3f80f249389e1d98a9952b30071438b0c8661d4

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
20KB

MD5
e9d1ccd5f2a3018e7d0a9ae550bb5f4e

SHA1
061b8b4a9c1ebbed949ad8ae1afd89a0daaf7adc

SHA256
1acbde424453466efe246ec7a785761c1c6c436df61fca1652d596d4e75246be

SHA512
26f1e089394ee8ade593f71ec1ec654db412c141c87e729462e664e1e9c64353d96e48f38018167a7cd4dfa81f948c1203ea50253219dfc01d8125a8722ca2fb

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
20KB

MD5
b40707ae075ef119412696bf17a2cb82

SHA1
ae5e2c29f9e22633fb0d38fc985ff2484a8cd4ec

SHA256
bb1208e240c94acd0a02c72c2fc957e40b68bc40181a2e9d9278c7eb41bd4aec

SHA512
90040434478b299184a6f9f200f606b596460f0d5e7078f1dbe4bf5d226eca8fe142ac275f13208c999c059bb72de67fc7f5db4adc5ec3a083bca6742e8a2a91

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
20KB

MD5
860f0d172a9b199daddf35121a93e81f

SHA1
1853bd76eec3d79601fab277a69a8ed88ac9cef6

SHA256
72f43c9aaea93cd67f278718f8fa3d8bc55afcfe94db110cad105de8d8ffbb36

SHA512
5337878f0cab54586d2b3c2a14bb6a26d5110671795ef26dda0bbdbf48c9f1818451de359fb60a3023cdc41ca9440e1e86414511adc9da5b5ae1729c6957775f

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
5f3a0355af837f8e837afe157514b99f

SHA1
530b6b14836bdd99f9cf2dff03c215ffd044f79f

SHA256
fa767845bb17d5e6dc3f30eda17cd5203916912a30dbccdae557b5ab3562d07d

SHA512
e24f910a29b17c1e0673417b7bf783c01cefe8e0613f664b3ac51e9260c906ef19c382f1d6eaf974db5ef917754d0d0586237482d1fa96556e0361a3e29bf288

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
7e544c88bc23b4ac654534df6bd7fb23

SHA1
b470a2e765868e4b8a8bd235200865da34b84876

SHA256
277c352cc3d613f75563d6172a8fc0d6afe634af6d1a4cf6100184ed02435b6d

SHA512
b4ad7c6445a54b77041a62fdafba00db92f7f4f2bff326b61c118ddf96e1073b675dc0d8862e46a07119e238f93fccdd93cd583b84e06e7b0acb20ebbddbc997

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/db_metrica_ua.FoodSoul.DonetskSushiTaun_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize
12KB

MD5
c9ffe73b622dfcd34244c6191c99d586

SHA1
adeeff1f4f46f7674cba5bd17fa3d7d6a7327d0c

SHA256
6bb1b123a3a5ab1ed2ee71498ef06efddd9d96e2b2d89b1c579694f0a1ceead3

SHA512
22627f44b6ecdb69bfa75ccc22693fd6fb995dea8f735bebdd7041de96b767384399d016db4b6ecc651464a063e6d996473352a84ac2c22435b88adb1d37d3fe

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db
Filesize
20KB

MD5
37d3eb61f1b01ed5b7e8ecc08f483083

SHA1
f0ce08b433223196c755ddede98484158d0fbd10

SHA256
3913a175a1eef54cb0bd67f0d2061f74634f6cb36b6c8264082d42482a5c1cbf

SHA512
989f2e66b220b4063e06dd71c85618ddd8e7b49293ce7a7e6604dc344ed4ab610b0e2951b2a5b4433f9cf2842d785560b2cc7a045e290a44335d1c801104707d

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db
Filesize
20KB

MD5
e5639b469346d3d19c79ae3bdc2f4a9a

SHA1
b4d9041b94176f65417e63e77f0f324b81e8dded

SHA256
cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf

SHA512
273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db
Filesize
20KB

MD5
5d83bbf7bc0f3166da882fffca981a2c

SHA1
e0da4e3f23b14ccb96582babf819f3b31bfb52c9

SHA256
9cdf7e9abb852b6829b6104044dd43157e8182da20abd9ffd75fdb3a762220bf

SHA512
4e53deac78d9ac813aacca18931d17083c87fee5cca3becc1d0449b265e329f3e37fe23c218ba4b622ee4b47df506ee43b9023a2bf8f13676d8325e1a0fd75c5

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
c1b4214216c283d2cd3e5b522f118ca2

SHA1
d6e54f0bbc245f4d885b100b001771c6c56add2d

SHA256
d47ae406f3cd1168144f22ec29e790cd919b5ae5391f9d768d1f73e853c3b479

SHA512
a422221ecbe586cbab65d518aa5850a4f7b62b889d069c9930dca5457d626a4633590076756319e6075f852398efc251313656da9e827543a516ce1a3ff6298f

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
8KB

MD5
d46d55f8d9dbb354ba418f60b87a9e9b

SHA1
5809e858436a889964f3e265a62c07bd40ca20c1

SHA256
36c0e52a3003e2cc6a209ad2223dfd761c438ff13471b7334345065f8887449c

SHA512
584d6715b4206f000ab9440df1a9269c423ec88d2dbf18516b331865a3611eb31e455e1dc90a0ddaa73e34b0d4af72ab86725222f120e3f048640187420b211c

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
d3254f3ebd3cd39f6770c6cf4724c682

SHA1
bf27c402a15c7501e209252624bf6e21ea81ebcb

SHA256
90fd7cce86e0003c0753575026ca8afff855b8ab5bff4d8a4d7bdaf5c7934062

SHA512
ccbc9b2b33ad5f8e4f94e39096822a58bf48367e6cd1571d107b5f9a7e8d51c01dfbc650603841fa6c6e10d472c581579dbc0e6849ed4cbbf29ea7cc786f5511

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
fe7387d31ea7cd784accaeb5bef04826

SHA1
c3ca6cb2e4eedcf8088e02463c54975039a87cf1

SHA256
7a73143eef0335532588628186925d56e0018c91c22c2e1ddbf433903526fc1e

SHA512
947fb97efb586f80b16c66be972ee66e61550c4e982d28bad316f76957d7b13da99373cdba63ebb36e627ee9c266e2d0f6ec3f4718a11a776a61367ae6e437f6

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_client_data.db-journal
Filesize
12KB

MD5
7927ca6abd512ca309ce35c969249123

SHA1
5c7815c5848eaebaaf67678f742b7a3db7d51e9a

SHA256
5529dc902da10e2e077a7516f169ae59c2094378a7382081a1ed63f8dc3f4299

SHA512
74e82f793a41dc63e09fdecad95810544b25c7c2efc472c5f767f557b7ed3ba772e76f44f6dc64feba4f66d337b940938eb82c362c2779d575503014fd6307c3

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db
Filesize
44KB

MD5
7ac2459ca160a9cb8b397313a08380ef

SHA1
c84fe4aa908d139f0e777321b4bf22ac4a31240d

SHA256
fa72bf5f244e44d9dc52df1d59657c7e393ce122a0b75369b21715fbd89a7969

SHA512
3b551fa503bbe3ade3a7fb612257ba830bc842e5dbc66647d1c59047ff796dcf43f2097db47a49c38abaa64fa65d99c98f36203ea7b43ff0f14a49d068b7034b

Download Submit
/data/user/0/ua.FoodSoul.DonetskSushiTaun/no_backup/metrica_data.db-journal
Filesize
12KB

MD5
3d0789b093a85299705a8bfbb3cc2b59

SHA1
feac86453c22ac5fdf975e3b5b85ebc2f116ed65

SHA256
63ebcecad478a9c20e105e01f1bf301db55cc0b470a8402038f6fe9d3323a07b

SHA512
ffc6c32eef483fe4a385e322abdc009a6c257f9c0862a471320845fd1e57ddd83f57fce93d25ac1a732185a9dea3d2034d4bbc804efd5cd224f124f791045e5d

Download Submit