Analysis
-
max time kernel
178s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
16-06-2024 20:11
Static task
static1
Behavioral task
behavioral1
Sample
b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk
-
Size
3.4MB
-
MD5
b4fb9223210ae001b3545e26f3e4bd1c
-
SHA1
33744e86f0b8cb840e2aeb951da8ee405f59fa73
-
SHA256
dea9c0605a541e8fa3a941e1d1f1073abe2c59eb41a7495ac151c388d356d347
-
SHA512
fcd53e223db0e5969431bd70a09494afa2453b71264ab8423db8b0480a4e0999a2893143d9f7914c567ad9738518878de47072b2e90df20115001270b057f992
-
SSDEEP
98304:cxKjn3SfcfeQ2RuXnF5yL3fLbA8+kZHHX0:cxVx0zyfLbjZX0
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
ioc Process /system/app/Superuser.apk com.foodtinda.deliveryapp:Metrica /sbin/su com.foodtinda.deliveryapp:Metrica -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.foodtinda.deliveryapp Framework service call android.app.IActivityManager.getRunningAppProcesses com.foodtinda.deliveryapp:Metrica -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.foodtinda.deliveryapp -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.foodtinda.deliveryapp Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.foodtinda.deliveryapp:Metrica -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.foodtinda.deliveryapp -
Schedules tasks to execute at a specified time 1 TTPs 2 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule com.foodtinda.deliveryapp Framework service call android.app.job.IJobScheduler.schedule com.foodtinda.deliveryapp:Metrica -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.foodtinda.deliveryapp:Metrica Framework API call javax.crypto.Cipher.doFinal com.foodtinda.deliveryapp
Processes
-
com.foodtinda.deliveryapp1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4305
-
com.foodtinda.deliveryapp:Metrica1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4348
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
234B
MD51ad560330eb34e829028a300ceacb282
SHA1e40acaf4609e89a338dd6b8024cab3ce120bc2f0
SHA2565da7891ebbc2c5021e3b144b77c74b05b2db8cd22f0fbedbc6496c3738f26a3b
SHA512d3367f07c557cd094dd94d227153db4e9ae1b4012df829c9c6c9f8dfae08a0c8f2d336ae7b686af69b73bd886134a216d9a2a4be39b8d9319f39bb4295952f50
-
Filesize
36KB
MD567a5515410d5f2e1936749d9f078fdf2
SHA1f3f30878775904db74549e0f396385ec1d6e6f66
SHA2563a96962f1e6517e6236dfb92fd4c6f90f99f64022214a4028c959b27d02ab0a2
SHA512be3c347b5f0cdb8bec98d937648a66f96a8f4132c84cf5a6a7995f1f44c59e4b7d783c42ad7fe7db7106f071cac857f0c03517af877479094b0898f6e1b8b516
-
Filesize
8KB
MD5ac0ad7f6646b043312b11f8c339fdd3b
SHA1650a7d3e99679790de26a7af0f565129889361b6
SHA25668a540da3119fff29b1930b119d157a4a443a77087cfada21ddcd8cc4499aabf
SHA51224690e03184fabb34b878e3dbce76c5b849526392d889fa1b2a99d979b4298beeddc124dd2cec33d9492e945771cabd1cf9368d45b61633023020abd67ca5342
-
Filesize
32KB
MD5bfeb3b86e7fe7d9ad07eaefc8706cc19
SHA11bf12f35e42d012146c79db4d1366abbf385b1d6
SHA256e22f083b212167dd22e6116d58316d66579127c80e405b15a7e5cde3b3227f86
SHA512da1f96c84e48b89044a13006437a4b961559efc165d3bb10046c648e8d04fd9a29665453df9a2ca945d74f801f2d3c44a313721f6268115eff3b77103c15d767
-
Filesize
406KB
MD5bcbac58531d06d1de2799f165d39185c
SHA1a9e594cd45a6e8313097f3735684fc88f64246e4
SHA2569c17702279867de32d5fb8f226aad6d3453cc8e2b927b7ee4b7f0375af29a634
SHA51275a1ad557d320adc6c6791e7edb967d474ab3638ddcfc739f276e28c99bdbb4ae41b47b2b5cf485cbbc9ee9eec66580f0e2ae90cdd7fec87b4cbb769a654ef28
-
/data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize4KB
MD54d4f25215a10216eb44952ae4d42dd6a
SHA1ed9dd96e1ce900fce442bcd668f18a7f638b75cc
SHA256cba07a01460c3ff7b9e5e8bdc454d529dea416d3ff638cc06716bbec4d317dec
SHA512905d0dc25f208d811ad9851225b3ece6e55a34ddd64e916d556d5f89c786ce6584195b2ef016fb499e5cc2351404f81b5bbcf99068a5635401f76cae1753c27e
-
/data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize512B
MD59eda193c778432f9cf42ba16ee2aaa89
SHA15b6b36c82134078a074d60c1c7f759c9a3109faa
SHA2569aeb84f4c6d8cca88ea41453de1de6a46505f8bf5a2e2af4f3cae831c2454201
SHA512a85d69768b1d3e11c8e8ab0c05243a1209a945133634a4d967cbee955c36326c2ce2e9dfef1d74583032cdd313240553be0adab19e2ec135ac89d001d5209596
-
/data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-wal
Filesize148KB
MD5dcc365c4ece873dbd1bc2d30ffd8cd79
SHA1257124081ab2c6bcb8048079298a5ec3d2dbed1f
SHA256126ef0c36458febf1739afe88ef103d6527ca26d3421eadd49809c1b343555b1
SHA512072cd68429e4b1862e9cfc0d4e3027f41c9d717bc2a2ce0e7180436a12f59d2d19fa9d6bb42a815359d4b2ada13a5ced6c8ee8c85e76dbe5ac36a757f64034f5
-
Filesize
20KB
MD5bfc36f3c0e30726091712b82544f5ca9
SHA16c1b31513703e25d4f91368326130bcb9075232d
SHA2562515fef38ae51536b144a3b407c1789064495baa93bce393b49084ae7a712bb7
SHA5124003ce07b89f2a1724908fee65ce9306e89ef5adfe6197781bc636bcd79a8981e7926a5235b29bcb96311137a93b93bad9e5fd7577646ca78f58ae9038d6d387
-
Filesize
20KB
MD51c32a7aab0f08fff8eeb0a9fa2ebc4f5
SHA1056376a68381917f04633fdb63befaca706bd545
SHA2567894aaaddbde772c1e4aae285475f5eef5fba4a593fde7c877a761ed56810422
SHA5128a5170be1831b9e02a4e407d1b653eb29c5a1c6a9192153d6723553d5a2ed68adad943be48300094ad24d2c05e0398236762f8b38aed2bdb05a7173ff2b7d48d
-
Filesize
20KB
MD544def4f6e42c3ec63f229d23af8c804a
SHA1f5956d9295778b539bced03215343fd3cf7a9dd8
SHA256882faff2a0f007164d5dbda7bd7f803306423b5eb48a88b1bb72bde65b77e50a
SHA512a14770398044635a8a8fc0d59dc95af3a97ae78146a9ace3795d600a44098a5ff7099aa3d0ac40442f8ff8c5d3b5ceecb4b360bf47f3e8c7c902879e2e76228d
-
Filesize
20KB
MD5da23eacab5f45778e83cb28f428a869b
SHA1d0f0f64904c5173470bc46e0ca0dac5fd14ea3ac
SHA256c1942d22afddb3eb722c2a8b085adb37b8a2e7892a928914873cf1f44ce0a139
SHA5123fdf780579b5ef026dd813fab4576fe0765d8907eb1123b91a61cc1ecbe1e91f77c2b1e5ae0bad3e0a0a0e67a6fbfbc497fc009c07df0c079bbe6421ef23013f
-
Filesize
406KB
MD5f5d4199d40547c5650b7f9afebca52b4
SHA17e75f577a9d1e4e88e04cfcea916fa126c427d23
SHA256e74d375f400dd0de00ec18f14c0c7bfdb3f5b087260cc8339156c0413de1e737
SHA51212fd0a436ec2d6ad9c33d3f96f989e1c04d1efc7726e202b55cee2c2b7d985a02c975f003b0a09b01b9232229856fa04a0b54b39c86c238ee5eb3e4f8aba999d
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
32KB
MD52b1c562667ac9ec24cd720cf11c823b1
SHA117cb25c7b13ec3baa86a11e054c2a1075eec9a81
SHA256b2944077294f5a950782e87e0b68d82d44c38488bafa829eed3ba960b9b68280
SHA5125c79bb769215997e1e23f8cd37bde977f40678c65f4fb605c21b98f5c26758fa6a155a381629e13b4b2b8aa0507aab133c1034da797b5310abec1177f4152cfb
-
Filesize
8KB
MD54006f7bd31b90d184c505f6cc3c72849
SHA1be37da197a46744bf5bc6e4e3334edb323b01ef5
SHA2561d2a7f3c733042ab2dce38d2616334974344736ecfe1a28e64768cc280ea8145
SHA51256379f4324f6585b5ffa10b8f5670df251b4c609a47621b90be7d765580da587c1115571cb7f7a2898f484f2a2ddb31c4b68ccbe3c961cfa1740440ab4a05424
-
Filesize
32KB
MD52bbf900cf01aa44cbaa83827288837bb
SHA18cd7a9d2ec458ffc17b591c3def9641d1eb972a3
SHA256e5cea3d0d15053d37f5163f60c3303302680473dcee8939803653da8a83ccf94
SHA512ab7eb5fad73ff12ad69c8d2ef361ccd4b3079f0091ee28643edffc588e968905155cd2276bdd21c02d1db0fc6b38e9ac66e47f4bdb2638ec2860dbe27d833bf2
-
Filesize
44KB
MD5a8de28c32695b7c94ac0a470a26186d3
SHA154156b5f278360a73545b916f23366a6f6e5e9ca
SHA2566dfa3e6667901f28057423bd0e79e78d39c750fe744c5bb09fb63d740734704d
SHA512389abe3c0b29db52e6b5f38c12349ce8ab07ce0d85f6dfa311cb59362f01909871f4420f744c739dc79e44661a59d4b89b76ffa8cc988db1e5308d8efe8c71a8