Analysis

  • max time kernel
    178s
  • max time network
    169s
  • platform
    android_x64
  • resource
    android-x64-20240611.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
  • submitted
    16-06-2024 20:11

General

  • Target

    b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk

  • Size

    3.4MB

  • MD5

    b4fb9223210ae001b3545e26f3e4bd1c

  • SHA1

    33744e86f0b8cb840e2aeb951da8ee405f59fa73

  • SHA256

    dea9c0605a541e8fa3a941e1d1f1073abe2c59eb41a7495ac151c388d356d347

  • SHA512

    fcd53e223db0e5969431bd70a09494afa2453b71264ab8423db8b0480a4e0999a2893143d9f7914c567ad9738518878de47072b2e90df20115001270b057f992

  • SSDEEP

    98304:cxKjn3SfcfeQ2RuXnF5yL3fLbA8+kZHHX0:cxVx0zyfLbjZX0

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

Processes

  • com.foodtinda.deliveryapp
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5040
  • com.foodtinda.deliveryapp:Metrica
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5091

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.foodtinda.deliveryapp/files/ZPkFS.log

    Filesize

    12KB

    MD5

    6f76c224a477823e3db39d2be6d6adec

    SHA1

    637aaff4764e569eba38afe645d8da4e626b8382

    SHA256

    3fe2f4504652217f4e426032b8771d507888b91df7c09d63ac46c6825255b8a4

    SHA512

    5851c023d58f9c676ab504ce324e3864b35c0c591f1c93a73ae8873e1cbf45c44ea2812b3f34f8cf24d189ceaeaa1f08fcb028063d1656997d1ae790b91e9482

  • /data/data/com.foodtinda.deliveryapp/no_backup/credentials.dat

    Filesize

    234B

    MD5

    c62a6c56e9dbb8a3434a5aa9bed4fbd5

    SHA1

    15d15cf75a9cb7a109b617dbdb05e0d11ec07cdc

    SHA256

    159c55d42a3d008e35192cf0d0d921982b9e4ffce5028912ef92f3b73f6ae8f9

    SHA512

    e492e0c233d5e5f6edfb1451bac6bb756f780f5e840d0bc3de331582d7318cb529a36b160b7eb5cdce86d86381434ba36d8e2e18e588ab6a9d424fb6610fb59f

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp

    Filesize

    36KB

    MD5

    f6240ed3d4226b9e3fca93b234e7b5e5

    SHA1

    420c58c9aa28fa2db8decd3a68b7d13bedc74499

    SHA256

    cdf32c0abcd561380e12dbdbbeec9eb10ad0ba15fd87d223f918cfc36b078f5d

    SHA512

    29ddfe0d50aabb12c47a0f958ee44b968c1799d8e1118db8cdffcbce2e2b24a5c59fa1bd1ad7e5fac734ae9a1268681de39ebdf9e1e9dacb29d13c2a6f9299ba

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    20KB

    MD5

    c9039df736dbc0192d603019b9a60566

    SHA1

    0fb59926f5ba72113a0d644a14aa80c51137a973

    SHA256

    7ed6eccabea84eae4d8aa02ff08d276fa445275f90c537a8128fa97feea68bba

    SHA512

    baf867132a8bb6078f874d924086b04a437bda97baa392165a730bde0c1e6253fee71ce603f56bbabc8c3bb155c31cc1e6fffb55a12e46d788cc35210b9d4c04

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    20KB

    MD5

    ecbce9a1c73045d3b5d47b4cf3d40557

    SHA1

    294d5d656bbd37fa70856aec31d0d0d8a675373b

    SHA256

    54a963e42b77595f7ba6ee3c43f80f1b7b1b645df786f749842c7642989f2549

    SHA512

    d8580d35988d3d6b10a7bbec5c823445b566bf06555d0d108c61f860fa00a136cc0c85df79f6f3a3c6a7244827b423b72825bd729719804e38f3015593957ba5

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    8KB

    MD5

    0ebd68b6578ff799940836cf27035190

    SHA1

    e19229f88149fe11590d41f49410440face4ef8f

    SHA256

    3010d736d200490e098922a138d26d361a6862bd716553ce17b432aea5afad2a

    SHA512

    b7cb0c80a1a1b23afe611364a84da238dc4a3a3e200f178af4245ac45d61ed1636454e074764aafd7a4a12aee2988dbdb2eecf27dde2e6a8f04be0796c3e727c

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    12KB

    MD5

    267f237ffd0f2839d665630c076a1e94

    SHA1

    14850027cb43a9664ea7a00937c1db45772a04e9

    SHA256

    413dc69c74d037702bb7a57a110897b423f9e00f823490b42ebfc69eb4f6ea4d

    SHA512

    adc3dfd2b456d592715e4556f1aa07943fabe12ddd7cb5a4c6e9d0446ae04928e4a3fd629d95014666b8f00e7d890a368c102b239bfabc7b33fed57f5f459660

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    12KB

    MD5

    e47782f87b14d0a7b3cb2f726fa2bf4a

    SHA1

    4d9cd5c10d135eff75e9e56c3392de9a8e356b1b

    SHA256

    6b0986f18dd9fd018723367f3a216030821269a3554cdbca5ba1d977edbf29fd

    SHA512

    7668ff102c418d40cfd7c2492b1a4cd59f79a4649e445f657990f9a3ea83a0f3c351cce28fae0e55cfc5264ec4d093f8f4712ef993d64598d2955b87433e4da7

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    12KB

    MD5

    68c765d9447fb5b31632a0c0c0e9bffd

    SHA1

    a605b252ef26a366e1aa631bf0fd9ae444733775

    SHA256

    32188b433ea29e5820894c7a2c4f064afa9d50f180bac6fd2816ec50850cb612

    SHA512

    86332a50f524788744200ad6ec8da1e7e6ea60aef518470eeb9e2e943e7217762241d5abbc986b1158dc9fd856d41d3b6b453b3faaa0c96bf968ffa055d20dcd

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180

    Filesize

    36KB

    MD5

    3d7f53f5479b1938ecf31c98064f1628

    SHA1

    e642f104cd322185917b9c1e38dd6ab44b450866

    SHA256

    e63663af10c7eb3f913a211bfb36d68277e117b363c5a2a7b7c5fae52d327f81

    SHA512

    2174463f4cf077d7150d9d00cb069fa93e17a6944807426c0d3144d4edf46102986bdc64576c6bc9a068e65c4a1ece4e4ae884c192345e7e150f5bde3eb0f5bb

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    512B

    MD5

    ed7d52a8a82e0974e34caca5c74ac3d6

    SHA1

    ab5f0f61aabbd788c9cbd883c581028c8d1acb3f

    SHA256

    220d9c84de8ee9a5a5612000d85f9e24cc715d0b9f39fb08c663fe646d3d27d6

    SHA512

    39d774227d2962b0f82f47ced4e7c78a37d54791e7648781d92bd666f47e37e109d3972414d0cbc097d4f4f7afee727d7e6119f7b98746f72478128a70e8e6ed

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    8KB

    MD5

    2fec47f7e0343ab979cce96f6c176f6c

    SHA1

    a0fa8cf91a8c67ea6b851832eff426433c7f5ccd

    SHA256

    3083cc2507d0147f7edd0c864eeedd77d0532edbbb5b6964c26d31aaea7717be

    SHA512

    b30adfa64368db56ca5bccff4e68fc6d336d182a7aa2ac8af8d8e3bed842632ad9a92636c07ce3cebc4142aa5b07347185eb965e0a091a63bb743462a061ac6d

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    8KB

    MD5

    62c194e60cfdec1867afcdbbac881fe4

    SHA1

    d038b82619c3f2306a06d31bf4624b318bd0f73c

    SHA256

    3548d8e89e1928e39b16c011acc08e65e67deea9f9829a7191dbd33b4f82f41d

    SHA512

    495291827773e451717ab8b1dfae3e6452dfe8a3e77aba817461d40fc0b7b75e59bd68307d4a4f049b8eae12236d97d65f05fc0db608ff2d60f3552bcfc9ebc4

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    e213e86e7506b61c7cfbef2a3148c5b3

    SHA1

    cb3c0022ae4f5578392f995fcac60be79e680e9f

    SHA256

    99695dff918dfdcba08e20ccf668cdd13c6e2c48878264e2a89d3b3258ee2ad9

    SHA512

    3dbe43eb22849505cff2fe545706bcd5f73db9d9d2223abe3fdfc6166d1481b19d14bfd31e36a129dfc12b2f411a619207d3471fc803e64a8ef63df8b698b60b

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    13b1e133c4d36ad5d3c8bae3a79b0a02

    SHA1

    5f887185b4812a70af96494d2e9491f425cebd40

    SHA256

    3998615380e3c991ee686ddbd40af993e3764f9e47a6a3c11a09c2338fec0e68

    SHA512

    bbe9f45c3bf6dbaee0f1d923daf68b53c5b28f64fb197bb6f354829f1615869250f9668cf8913af7f58aca2cf6b5c015dbaee1d8f9290be94f4dafb4f2aef4a6

  • /data/data/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    93e6cfe1af54de7a23a92c77bbb61f15

    SHA1

    9a964f8039b17823f52ce7194bad00fab8d5e58f

    SHA256

    f4de32094dc350c820f316e61e6e8955be38abb94400970904fc8a1e18140aa7

    SHA512

    d7c37fc92521a58dfe7ed0cc1a67f12f69776f571c3d653750f081766ab6b1252e415e5244f71595c6f22f61c29733272b1a0aa55a4538c120e059fd5ce24c34

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    46108114f07ea2f7bdb6f73a767f9fdb

    SHA1

    1b83f1fcc782efb7591a64570b654f7575fac094

    SHA256

    72b516236e38b87e87f8be14eeb258fa12e236a715cd2aa53a31fc819f8d5e4a

    SHA512

    af7b8da6624d0ecaaae7ffa4027c1e759b517e0b48c5358bfe6acb8a6775d5034221d7f75ed482892b2ec55f69bfb715387e859130507b65098cc4d20948c351

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    7cd38efa59dfa0522a5085c7383be43b

    SHA1

    df2088f17a89d2de5b3dbeca347b873e9d68be7e

    SHA256

    ddc47f02de2be1464fecf659e5fe409b5aab91e17839484c1bc384c99cc90c0a

    SHA512

    bcf2bb72e72494e8b9e92046606c2310ed0c02f29a45fb3d6ec0ccae6d8270d108abc747907460ad71c055d4ca1981b2f6096eaeb1b59cfa7f8e0776e8d4094c

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    89037a00eb158e168cbce9b871b007d1

    SHA1

    a441d16044acbf98d96d6c89c179fe25ba4606e5

    SHA256

    31788d10182d77e1b72cac1498426b52678e82d47c700362e7f346b8361f2dd2

    SHA512

    8ea0d0f8af19a56a7bcc18972f87b4c0c612f1a9252a5499079efd2047ff0994b6b2baa4b4cc2fa4f244e894e605af897afae3d76b5e6d6630e98fb52112d02f

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    8KB

    MD5

    e04e6ee74105626b24b8b54831df0992

    SHA1

    e7c342e9cdacfed73f55b515b1fb1e14fcfffdfa

    SHA256

    8b8575e225fbeda1d9016c9646834f4a718c71e1a6ef41ca2ca0f7a8f941befe

    SHA512

    81c08732199c967d534e3b8cc645b451ffaad7758ad41152651ee0615785115f0a1fa564b1b2b545620af3304ac6b55eb32f80b42d1aca3392e227563d716ee5

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    8KB

    MD5

    3a8751b5f74b390fcc617252fe3339e7

    SHA1

    195e1763b5cde1fd0d741eb75dadce40f76bb0dd

    SHA256

    6c28c5c74b3b10401fea89d28f91f07ab9a99d585d2144ffdbdef059b65b2120

    SHA512

    6abd99c673bee0aadd27d5f9a228bf5249e86d15c833f290720ebc4a41df6b4d8065a1f81c73187d53f23ff35d560df4e6741967bd5f11ae5824c3553f08195a

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    7622c8721fb55e4a65bcfc188c50829d

    SHA1

    a0abe09b808a48e21d17ec4aad926add8ef0a498

    SHA256

    9183eb7e933e15affa99b9a0b20453fecca00100d082fee1af1d6246b668e7cc

    SHA512

    3098735643ab57b6c890130193914252b41a23c64405e8b98ac3c327ff3c2b4d5f09b4a97c8b602da83584376dc68e63ca9d177c1e1b1b00628b32e3473a7b96

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    a0c0b378c36921e14f6d65fd1bef277b

    SHA1

    e64dda96bea3f4003a6fb0428446192c2756aa6f

    SHA256

    95aa267f5e81ce7d5f45b48d51c32933e3a5e7bc1837ed6b183a643fdc1ed4fb

    SHA512

    bbd512f8f10a3ec86e9b75890aeac318510f3ebc43e90d24878f9f694641159bbb97d93c6b15ab12ee27d27f4b5107647050d0361f72a12cf464a42d8d149a68

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    20KB

    MD5

    a36ba234399a4321e9b920ecbb107422

    SHA1

    3c168bf71963cd1aec759a0a8377af7107d097ca

    SHA256

    fe0aeb37db9f9aa3042c339258e1433cd11e49ee76dd92d0e36fabaaad91ae9c

    SHA512

    fe25b3441c64e3c0ad206b4ae7f5714b6b5918633f3f05d1c40827c30c9af36d8a8ed3c02d90190dc5daa544eb9647f7e2772b8a4de3af39d749b79528824b36

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_data.db

    Filesize

    44KB

    MD5

    cec9e661b4186cbfcc40f522badf6453

    SHA1

    c65bcc00566c144c5fc5f6d6f80a5783a67ab497

    SHA256

    fabfb0a0437faee7d7d0e01dd80b5024f4b1390ab6ce6511e56857735caccdd9

    SHA512

    ddc009e08e7fcdc74c54399c28e735c6225476324c584ceee927d51293de74681e9164d1c61bcd4d4e3b33296a69f5695c4c9ec465418e77260e7115e86b0432

  • /data/data/com.foodtinda.deliveryapp/no_backup/metrica_data.db-journal

    Filesize

    20KB

    MD5

    f153ca2dfd0d12b23c34d62090447739

    SHA1

    ecb55ca71e011b4e8aa9f83b6047f27ffeb35f96

    SHA256

    46344c68b88821c26946fda715a8343b445ad180419f5131be42c332cb8424ec

    SHA512

    9d991fb85ecc1fe1a6ab9a4786de4ccd1a82accd43a2062b4ae09d79bad560274dfcb36d5c6ebbec4c6968b1fc0a9cf31a1f974d59ebdcee8d657bf7618e11a8