Analysis
-
max time kernel
178s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
14-06-2024 08:03
Static task
static1
Behavioral task
behavioral1
Sample
a8a64528b1fa44ec82e2f9bfee249729_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
a8a64528b1fa44ec82e2f9bfee249729_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
a8a64528b1fa44ec82e2f9bfee249729_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
a8a64528b1fa44ec82e2f9bfee249729_JaffaCakes118.apk
-
Size
3.3MB
-
MD5
a8a64528b1fa44ec82e2f9bfee249729
-
SHA1
58f7b00c07f9655338a937f0779fc777218273e7
-
SHA256
6fb05ee43a3fd51223722d847854ed9219593cf9c1490e90a733ce48ad0d29ee
-
SHA512
32498ba7e8dd21e3059a201f28556fa7269177486254c4e06db3941b059ab628f93c62740fa926ba830107743a11e07ecb3a9f170e9bd07897ef78ce4d9465db
-
SSDEEP
98304:CJy7KPSx9r0FNL5D+g64j7BVMHDgXHT/epxOtywXN3P0ZKPSW:CRI9r9QdaArh
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 3 IoCs
Processes:
sistemavitto.viplanches:Metricaioc process /system/app/Superuser.apk sistemavitto.viplanches:Metrica /sbin/su sistemavitto.viplanches:Metrica /system/bin/su sistemavitto.viplanches:Metrica -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
sistemavitto.viplanchessistemavitto.viplanches:Metricadescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses sistemavitto.viplanches Framework service call android.app.IActivityManager.getRunningAppProcesses sistemavitto.viplanches:Metrica -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
sistemavitto.viplanchesdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo sistemavitto.viplanches -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
sistemavitto.viplanchesdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo sistemavitto.viplanches -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 2 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes:
sistemavitto.viplanchessistemavitto.viplanches:Metricadescription ioc process Framework service call android.app.job.IJobScheduler.schedule sistemavitto.viplanches Framework service call android.app.job.IJobScheduler.schedule sistemavitto.viplanches:Metrica -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes:
sistemavitto.viplanches:Metricasistemavitto.viplanchesdescription ioc process Framework API call javax.crypto.Cipher.doFinal sistemavitto.viplanches:Metrica Framework API call javax.crypto.Cipher.doFinal sistemavitto.viplanches
Processes
-
sistemavitto.viplanches1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
-
sistemavitto.viplanches:Metrica1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/sistemavitto.viplanches/files/ZPkFS.logFilesize
20KB
MD5d01115ab3b3ab6cd76adfbc07994cd9a
SHA12e7e72949ae2c3c9fc3faef4ff50f29153ce10de
SHA256477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68
SHA512bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d
-
/data/user/0/sistemavitto.viplanches/no_backup/credentials.datFilesize
233B
MD541d4045b97e5ece2c50618ed49f14ccf
SHA17ea3145c76eb53c6fd97debdf9825f526bbc98e1
SHA25629fab544a47d44c8f9899ae46a298bcd9b096ef50dc1bc50cafa5e6bb106d876
SHA512edcbd2fc1d0aa64d9807d517b7ab8a1482ab0823b3a4e168269c2d0b93dd195d7c17961b192c27e993ca3ffff19e957a21b790072ef196080687343cb77985a8
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanchesFilesize
36KB
MD51083e021f6e25f1a3f56ab4240fc4c75
SHA120866d53dd3841aae2515bc67c4fe83b1159212d
SHA256d1f2db52902dbad128d8cded866ca6b38b9f16a659bb697628be50a563e0f2dd
SHA512dcaf3fd5c678ebc24912d40edb847e0249f346329c838e678c2e7281094b5dd6e8c62b4ccecac1bbeecc1d51b51ee12d3c229c22608252bea465da28d5f34a8b
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journalFilesize
20KB
MD507b2410b5217f01d537c5bbeb4708b67
SHA156860c9ab5b5994f1b77ee107d6b40769f8cbac9
SHA256f26c997de5a03097391478486b1414232192bb83570559931795c9e39be8ec94
SHA512f4fdefff16af3388981f4618cc11522b9fba3cc1961893d912947af74b38901627c7186c71a32af4c99be12d359c318dad479b085a1c08b485057a039399969a
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journalFilesize
20KB
MD5405041672fadbfe8b70e77637de54f5f
SHA15b70569ec2db2fa474ac05f1b83b60a9a6a0701a
SHA256a9f0889491fe7b9ed7bf55c2ee2e334c04b43f24240610b977d6baa4bf8bf43c
SHA5128a825def0b9fcb60128b203fd2a6c60bf33aae5113240aed742c496463e43482ce5332bed45b6355000b52abf360fa66f1e2b7a3d871e8f31b470495793c1742
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journalFilesize
8KB
MD5d832731849c8414867b237d778c8e2c6
SHA148bacc697842214696a0108bc8e1958e4cbcab1e
SHA2566426aa66c980ad4229d37b8ba992d37733812bf7b8180ada966763bf6809967f
SHA512af2fb52c4b53d2e235f6d9ab79dade70277e581f75ef75736f5825ae509d00b8c75b6797bc5e5adbe620b4bf59e9a98f1a6d8f81e57f570de23a075cc8e7fab4
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journalFilesize
12KB
MD561efd66ceec60064fda01f780193c101
SHA13e7afe0ccc5d46a02c9e1d2878ba30c577d8706a
SHA256de2077d4417f8b81644011882013f8fa3a30d26f948146d385e633bdf8c07ffc
SHA51275b60e1a41d9046594c54d7331cd09360687ee7ceb8ae315b2298a0b706c1944067ee8b4fb3657da5bbbbfd3e919f8c5fc011d20e06b1f071222d91e2c18762d
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journalFilesize
12KB
MD50dfa88868a2c5b6b939cae924767ad3c
SHA189eb7b7887dd2e1c644b509e9970e455b7e2192a
SHA256bcb9f91c460c0c24ca341f011f88aad4e2c0f3712da5d1edb73646bde44803ea
SHA512cd9de412101da02ef55afc0e0ded270775a8e0cc35fd76285b103d116580ffa92cab69a4f4d928407e94afd9def13fcdc755f922fe59f13b9bf4ef3eaaed70de
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches-journalFilesize
12KB
MD5b77383fc7b893dd62e3a341ba56ca018
SHA1cccb0c33c68e98b4afb566ad64bc7b3455f07db4
SHA2568be63bf2097a224156bfff7dd871cdd8a78b96cec26f762c5bc0d9faa00a43e7
SHA5122456928f5882dcbf3cb1381dc90a71f02ae75b0c9284975bc94a71e2c498216845636d90b5e804085161d2bbb8c1fd55841d9e581e88b5a84ad24d7e460d5dca
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180Filesize
36KB
MD50a6d13eebd1d2e97e483a0cf79ae82c3
SHA1b6091a9b40314d9b7ee4e129b6c59affa335d58c
SHA256dfe5bf428d0b948a7eff101909e2800d998cfb884cbeea823e2ea4a77753dfe6
SHA512589e9866faa645d8fe810d7c621649aa1115b72286f471e6b470c3d4686be4861adf8909af2dd67c0dd01d646f75473999da5c4fbc7a9b14ea002360a732680d
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journalFilesize
512B
MD5f25a55d334b53b60c74abbe2358ad616
SHA11b4fddc4c0727f93c89bafa2817082b5df975ecf
SHA2560ec12f73a6cd8756408d2abf033652c6e4b87511c5ee97471153810b3eb394a5
SHA512aa8c8c4d100934d4011e04d94e5aba9abb2ad930deb58ff1c5a48ae506aa12150e8a9002218b95f317f6a92720c710bd531014bbdb628c9fec6b623d732449bd
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journalFilesize
8KB
MD532f9eab580d2ab7b6234db880514bc31
SHA1bf70010563db51451ee7aff76232a5c31fe80e06
SHA256738ea2b73230029fde85bb8e2d8a6cf024be8be5b8ac87ff1f97ccf6f8e052e7
SHA512cb9fe7bfc8aa391a09429728bb6ec3907667cd98d1fab961feb68d3049bc713c5f2203f6c722abbc40457b65a15b6c75d02204b662797326bbbf815d881e54bb
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journalFilesize
8KB
MD5c07d96e76a64b67376a3b01df692e9fd
SHA124652f4f32d0456ca3583190a650e1bddf319b20
SHA2562eedc02e33db768751fd886861255640da7ed314302cafc9780937416c37cbe6
SHA5120bfcc591f0a91ad338b6ec51d0d15c1c86b2081684569a5482375bdde3643b67f7f0bd808210f8eb8b566592fc709a91606abd1af5e64534dc97c3a16dab82db
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journalFilesize
12KB
MD5f126a81ed1687320f38c9f0bd81d8b57
SHA1ddaf5cc3a85ef7c4b91f8ed40311015a2a19cdc3
SHA2564bcf257644ff605382459d514a86d86747d98187e788e3a32a6015e132696ec6
SHA51259788cc9f4364152d60bb517bb45c0e679c973405e87995e1f0932b55786206c36fc7621796dd4cf356a05268fab05ba13e7932e8ad9f7d1dd6fe2ca751d37fe
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journalFilesize
12KB
MD5534edda538e4e6d3337ea08e8615363f
SHA1dbf4e12cc680b44b832c45072fc2984733f6eb7d
SHA25662ee13f82c1b02b875bbbe176155798cab2f5c68334f41372c29853df5b65c43
SHA5127196f38257b26a9d68565d23589c896c1297454e4f0372932a7b7d951297c3216b2651f3106b7b9b9bc081d8855ec0bcc61ed04507e898a687f3ccce6a93c3da
-
/data/user/0/sistemavitto.viplanches/no_backup/db_metrica_sistemavitto.viplanches_20799a27-fa80-4b36-b2db-0f8141f24180-journalFilesize
12KB
MD54553b02201a91373ba2cfebb3fb289de
SHA11489db324b0a067f558d3b7d19d46a65a51a4593
SHA2561c3f02a3cc4b93f84b78034f56fb31d1ff0c05e586b5264d15b8ec67ad6074b6
SHA51277d80b30f7209ed94ff8653c6ae87f398cb5181a8ea4a3116cf4061da341ccf99d11fe560b2404b86c52077d5454f153c5bd64058cc98a05296c9c81b085cf0c
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.dbFilesize
20KB
MD5042a8e94dd75df6defeee5abc02a6d21
SHA11b323538aec88049fb712c4f4211d9a3237413d1
SHA25666d251a0500925c7f105da4d2c7c416a8d568f8a82fd047087b56f02ea529bc4
SHA5124a5585ceb6407b9aa4e04a14625965fe5474e0ff454665d6c7d519cc3da851891e065d8c3d384b4734b4979e4841c9f7be6cab8bbbedde8d2153c651f615ad97
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.dbFilesize
20KB
MD509932e97a92832a7fc9714deefa59214
SHA15518505e61a100ecf22a6e545d5ee1095a74fe52
SHA25613385f97680fe65eb4f3393c7b4ede8be07e0bdf51e5f0b3ce0cfb7bb55ce4b7
SHA512756ce2aa8f0d60d36ac85cd6dd1651d812490d3a3c103c7afba33ef760207c45e7b479c3ed50c7b13e90623aa4e5aea221e299ab9e3b68aaf2fe1facb91281fd
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.dbFilesize
20KB
MD5e5639b469346d3d19c79ae3bdc2f4a9a
SHA1b4d9041b94176f65417e63e77f0f324b81e8dded
SHA256cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf
SHA512273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journalFilesize
8KB
MD56fc1b3e2b4c802aa51efe698b198c429
SHA19f400beaaea535ddda2edd9d6a938455f26fb4b0
SHA256585e60131f4ed853c6e75ef832bef150961b12c32525a5822f5813607dcf90ed
SHA512ded87f23ef838ad98c6af1676bbe3b68e9a0a53018b041671b31f19c166bcaba569680a8e0fe712a4ffe6f7d4eb8d7a17fd9abe26b4deec57589c19a02c061bc
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journalFilesize
8KB
MD53ac603af63f49f430570371bfb0f6a32
SHA1e38076c8858a55fd6dfbdf526d5427aa78e7fbc9
SHA25638588b9fcc1858ea0dfd37723c235370b3d886d1ded071c1cd16b8e9181dedab
SHA5121508fa2cfedeaf53410e7bf0ae15319cbe8e3053a848834929f9b4d412f73129783dfe097cc72aded28d61ad772907277ac2f92878dc25895819bed078886277
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journalFilesize
12KB
MD572e39a7e43956b232109036682fe7f81
SHA10fb92a285b65a3a2c23b3501346fc4bfa4436f7c
SHA256c3a89628f7a1c41f65c2027897c930a9f9bfbbee7016cb3da13741cf39a232c7
SHA5122b47f21d995e993192c933b5249af2363a2bd3ad18b1dd69650efc077874ab22804eabc831771c77ae051da7f59944122d325258939b97c14cf0b4341f9f8782
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journalFilesize
12KB
MD5b908e461636f394492fc141013219a0e
SHA11f349fb66838190a716397a45f1c7bd5940ceca5
SHA2567127a0dee97b2ba1d1897097b6fc6dc9b2d7157406ba05c97b660c1d59e38fa6
SHA512762b5167395e76bc7cee3b714f1cc8e3cf2c1e3ca87c1dde19e8a5b080706c492b717a89c777cae6e6655c016c9e93e1ecaaadad69fe396522e9eb25101fdf66
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_client_data.db-journalFilesize
12KB
MD5be2949790846c35e179ec0fd26377f3a
SHA1ef0a6aee559f1a650e8ac3eaf6e26a5f367d8bb5
SHA256980cdf610490196c96cc47ff2cb7d50209b8a2c4060b13d46fb78fafba444120
SHA51205251aa90f5c59f3b645fe317d3db1ed2ddf6a27ecddb8eadae447eefa74695876f813256c1accaec0c6d8f57887a70af44216baea446eac82cc5db37e76171d
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_data.dbFilesize
44KB
MD5a8dd01f66f16769ccb88e8aa25811ebb
SHA15ae8f51d6c1e500c0226faf7e5830770acee5a9d
SHA256cae7b7b6462b1c90abe4f064d4ed7125df737801ef17c60fc1bbb0d72b075d21
SHA512704f812ff264f287ec2b26975b616cd86f02bf8b9a8412cc99d9178b86f4a24c85ba1469f1335629a68528bb998ba7b4568b1211c3d5047a4a5ee87691958577
-
/data/user/0/sistemavitto.viplanches/no_backup/metrica_data.db-journalFilesize
12KB
MD5ddab54d4d715177cc7c874d2b4b75a61
SHA1c266ac9ce8a66d60c821fb04663999076bf272ff
SHA256f47a8f8361c1cddd055d4167f3e94a1a7b045589f0018e6fb3110495c6b77759
SHA51232637caa47a24236980fe9578ce471da28ed221825aa08b1d757ffd89653a45f6308455a0cddcfc71af3de80587b49c91457b02c6a2683ca6057434739f928fc