Analysis
-
max time kernel
178s -
max time network
137s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
16-06-2024 20:11
Static task
static1
Behavioral task
behavioral1
Sample
b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk
-
Size
3.4MB
-
MD5
b4fb9223210ae001b3545e26f3e4bd1c
-
SHA1
33744e86f0b8cb840e2aeb951da8ee405f59fa73
-
SHA256
dea9c0605a541e8fa3a941e1d1f1073abe2c59eb41a7495ac151c388d356d347
-
SHA512
fcd53e223db0e5969431bd70a09494afa2453b71264ab8423db8b0480a4e0999a2893143d9f7914c567ad9738518878de47072b2e90df20115001270b057f992
-
SSDEEP
98304:cxKjn3SfcfeQ2RuXnF5yL3fLbA8+kZHHX0:cxVx0zyfLbjZX0
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 3 IoCs
ioc Process /system/app/Superuser.apk com.foodtinda.deliveryapp:Metrica /sbin/su com.foodtinda.deliveryapp:Metrica /system/bin/su com.foodtinda.deliveryapp:Metrica -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.foodtinda.deliveryapp Framework service call android.app.IActivityManager.getRunningAppProcesses com.foodtinda.deliveryapp:Metrica -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.foodtinda.deliveryapp -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.foodtinda.deliveryapp -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 2 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule com.foodtinda.deliveryapp Framework service call android.app.job.IJobScheduler.schedule com.foodtinda.deliveryapp:Metrica -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.foodtinda.deliveryapp:Metrica Framework API call javax.crypto.Cipher.doFinal com.foodtinda.deliveryapp
Processes
-
com.foodtinda.deliveryapp1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4686
-
com.foodtinda.deliveryapp:Metrica1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4737
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12KB
MD5f4bce5ec0340a47bb8bc919e57182e52
SHA18cd24df5d9d505cef77df6e3d454530ce95e6760
SHA256d4b6233bb27a1a51039273da740c88cb21892882bdd8698784c83f9556af6e41
SHA5125e84e680c81102bbea425c05d2d696a55a82749e515ab12c80a964e4e4065411a343c42191bfe262bf119cb7736046852d66577dc7bf9756ee0712bcac0a946a
-
Filesize
233B
MD57668694773224bd8b382a11d43b80afb
SHA1bfaeececb4463dcc2ace3c995b9acfe2e186d14a
SHA256ca05b97cb3a3defb7d041659bbae426e5594ac97a8fe6acb5687a89f949a3311
SHA5124b1047a6d9a00bbed5ba6516dc6792a0c2d07d730c29b19c1c080f38424e26ff34bce263278424ff9f4e3d36f6705da2eb03433c860471db0a8eca82af7c3f20
-
Filesize
36KB
MD5f23a53e41ff732a76e039b14ed6fbad4
SHA15e9446a852938d4a6a9f736249767ad6771f38c3
SHA256c677af4fbdafe4c032531a6f0ac18cc9e7d6f2e8ba9f2248ac921c570d74c83e
SHA512b845ed72903deb17f8b5dd1926eb918ae25e1956c687c76fb5b7f9a65da9c571e94582fc7a42fbcdeaa5f2f0f272ce4b62615bed8e203a3b00e7c846cd7ad1a7
-
Filesize
20KB
MD526796c7ecaf38910b921bf3a613a6740
SHA1503ba596cb0ccdcabe07bf1a268f1d7325961c87
SHA25602ef656b7298782c4f19668f2784435cce86524062a3c4115c7fbd2a51ef1a09
SHA5122b10c6cab871da533e3eb5c71ed4e71b5b6eaedb20dd7ab5ad378ab2e302aa6b2a7d97c7434c2e4cfe5e5fbe84a684291dc06ed3164f694684a3796b6b1d6ede
-
Filesize
20KB
MD53b86ca1636a9cfc641afd1a945b3e4dd
SHA1be38158b04ea32b41ef4bf89c4dbd6097a2503dd
SHA256bb5d295b79a68d1c0de6f4c69f8f99deb48fa26508f713db2acc8f983d470ce0
SHA51268cc0e68472ca5ab13224ef1a81c8b971c6e9e563d1bbba6136bba29a27a88f7b84b05ac2d2cf7ef24f288554de7424882f7dc2f4141446f61cf1c3e47c951ed
-
Filesize
8KB
MD5bf57f0fd0b6bf2f5b3267fc4761043fe
SHA14be17a8463e95cb47367183af2e42468eba7fe67
SHA256ff631ae530844dfddf9673f0ddc916afbbc6c24bb43407190d2f2c77c2f0e60e
SHA5122b3177a5c8354c7c31ace287a032886dc2f5b0652c9753eb208c2ab680bf43066c0ccb368bec29157a7f46b66acadf744a5fad04d00e75e89d831a7db411998c
-
Filesize
12KB
MD54c8926d44eb6f975025cfeb5b20e1821
SHA1ca1a1c88b2fbc5efe3beba83ed3500d071448e85
SHA256725af1d79ea275b54f6740d0bd96a6a879f96cc2d7292b940b6934158c09c053
SHA512dacc508da2a3b5326ec36c2b9439fb25e82fb43798a2bf06e5d65e6f61cc6e472b27002e5a593f15b76f3ab0d3fec1a92ebcc4ade4903d6a247a9a81d5e50920
-
Filesize
12KB
MD5231be30c88a59a22164b5f089b9d3b3c
SHA10966bc82e0f899b3657666656d7b547777689987
SHA256645c610103aecc811bc23604285121ede3d03bff89ddc044cd8348db543f68e7
SHA512a963f62ba281422aaef774f9e649fdbd3dfd810f3e6d31d8eed025c60985400dbb4204b36db649a46647635661a3be1d18e5f89c322b14b03bb481994632e24f
-
Filesize
12KB
MD5069d3f9965acd39f26a86c57097947ae
SHA12d3b73a8adcce139b56f027c67fbcb083ce4060d
SHA256066738e3e103c40f48ea0fb817c3f0c69c5fd800829c6514f69ee8a31463948f
SHA5127ff256a62b2e154edbd271b62d2c4f797a2e86cf42ea15bb57327fe9ae26aba109d8c33717c57fe3fb78e4e58d41c6b2ce608871b4a6c1bb2860c2c205df16bd
-
/data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180
Filesize36KB
MD5f971d902dd4cb322981d1f3e1d3e5e1c
SHA119d51a93474478f55b999e12607e9c5000d728c6
SHA256828095e45e12df52de2e5c622a2ab0dca08d4f39dcff095a768aec123a66f2a7
SHA512e5aba2ca1b62d5d57dd265ff3b0441610400824fc91cc53996a73da86dc0b95852e66bd8086dae4e8649cdea2319aa1234bab73d81328ad94759cdeac582dc2c
-
/data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize512B
MD5c792f848ff8e3ddd22195d71963aa828
SHA15c517fc3452bac538e0e9b62ca671a4c492cdc77
SHA256c50f2cc194a344cf6fa662c2625793a8d8591126abc86bc3993314006d87e57a
SHA512c0566fcaba19ae2c9ab9d133f25301cf3e99265c49c7b55e9d05e23e9186ffabecf5d7a46b68619c37b2980c4d12f8149965993526f3896717235d85d07d4605
-
/data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD5e13bc6c9ebd87ee2edabd1f11f7df8a0
SHA18f602a8d637fddf32895d7e5a292c76229289730
SHA256e49ef4d31a0a599db1b84c3bf896c028ee13484edd6045233f1833822e6ed361
SHA5126e1d940a3a1c60060f8c7444ed6875b783f6d5afd97c8b566130ca00c98273efcac0f7bdfbac434cca0575fabff9275abf1f2003b07450a16f73d42f3099f7cd
-
/data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD5aed7836db22c05a9633288ae828a2793
SHA1bde8f0b06ce61721350fbe491d303824c58611d0
SHA2569972e2b5650596479ee6c7f55fcf321162a7f36cc6dcb3b5ad69e4d5298fb0fe
SHA512a0b7da11baf622f9966269580cd0756cefdb80e8ac68950774475df84be5d44e02bb7b7bbfb20d747653ba7389503a8a249fa4cdfc5ec03e6b0e3fe24a7a4cf1
-
/data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD51f11021df1980f9f8ed05f211b93b027
SHA1fbc8256178b389921ac062f9b8abaf11ee10e836
SHA25686071b5b5fb23b791ea2450f0b3aac980e0c284f7fda0b9e24c6a2c48ed1c0f8
SHA512acfbd9f0f859ee2d06f307a38fd58cbdabf4cb5bf87b2004d042a61dfce2aa72bc9d4a406d0c3a7d00e6465c91fd0942c031b706dda4aeac19320f49d787fef1
-
/data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize8KB
MD5aa5994edef00ced97c6eca59baeb3f01
SHA1cacacc76bb65c00b40f48b332e6d50440afe448b
SHA25648a6f5b1131c1d2f87183a4cea09eea501b83ae52f1734ecd5640e2374243b6a
SHA512d4361d4d3b15836d9c7167370eac7f4021065b6a496265387804dc6d31204410de3902a6826c8ff8aae3f2bd4e91850499b741ad6ca7ac83c863eff2b7f27664
-
/data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal
Filesize12KB
MD5aec6deb95703dbfad7a1980f44ce2052
SHA1f44279491cca17ef931e24a53fef6d068fdeaab6
SHA2565e92ecf062bd50bd79f65f0e507a436ce343dc8eb9f6d8efa8d8314d841a425e
SHA5129adc147bae42cdeb356b8c92c67fdf1b24141b3ff424ee502c80710b976f11fe2a31ad5262b9638f02ee3af6470b5019978861dc3767713e95a293dae8c81542
-
Filesize
20KB
MD5d0c6216468a004011fddf11d7cfd8777
SHA1f59d660f0c7848925c77ca041725d00d3c43dd6d
SHA256168982d1fc28361b0a4438fdb040fda0af95c6517189034b29827a6d26088f62
SHA512c4836a64404e1eeb9544aeedce3d8a2b70b5375d2885d0ea86c86c60f89edf098962e2e4aa2e5f2627b74a1e65d3d34869408ab5def402883db130467d75e94f
-
Filesize
20KB
MD5df3f00abc8de3dd63e36bc4a8727e8cf
SHA101464eaafb3f590c2501c189541e8016ea66563f
SHA256a42ae0cd7bff56fa2fd6973d10b4f8c52e9f4efd786d027ed9da97e0dbc25b2d
SHA5129fea967fc051c5ce5ec5662b3384194885e11cb1300b73e98b0952136006619246930715dd16dee1759979360b7b5f0b5e14c414c5a6d7858672b1d9cf99ef94
-
Filesize
20KB
MD5d7ba57e1897a9339853d5804f2fa742d
SHA1ae8f9bc9f8be70604a46acafccdb8419b1f2dc0b
SHA2565d078bea267fc22258ec0cfcee3af81d729f2773a5a20f7bbb809585ae81d362
SHA512e1e715e2365433f58cdc274cbff06abdea134c30ce682d916203a1165b0f963f556a77c1c921de87abc2880d1c7bc29a6626a0167ed3ec206101cc59ec1f6f70
-
Filesize
8KB
MD5ced722b3b4881407eff93b5d9a3cd13c
SHA1842d859810e608d26128059f18fc99a83d19c32f
SHA2565b167ec61f448951416317bec7a7c3e0789cb32f8d1d79076239563bc2de2607
SHA51246c585fab3d22d45bd0d7ba81cee5020344bb43a17535255ab78f8d803e4c78c00e0eccfdbcc548137ac31387b747ff6424af26e2cf9b20ed1555105abe3b017
-
Filesize
8KB
MD5a2ba42351a3a7d98bf89927c5aa38ed3
SHA12b53307b05db7d7bf6aaf6fd324fe21c11a6e491
SHA2568eadf63422a37cb3b6d300907855ef8f8ef6c4c698599f363fb19d6716bc61cd
SHA512f83f7977eb43b0265b7ba2c1924a10a0ddb5d065c70d779c3b0f85786a6bb3bc9962fa5cdcf7e01e8377d34544e7e32efc9b6637cca2984afed00f8ffe96c269
-
Filesize
12KB
MD5843d8ea310c2628171559b30b8acc457
SHA1176fe6ab9ab49dbe847c0d3458435a7da6740c39
SHA256ef1990b5377beaab827c2a9ba68aa133857285d17ad3e02819322617dbc37a15
SHA512055f727cbe7cacf41bcebbd7fb1ac9a5178367bdc8795872cabfdbdc461db6b98a1ec4a56cb1603be751cfa42a3581f2690e86c774961f54279ef37850deee47
-
Filesize
12KB
MD580f633655661341d3258e8679e047e30
SHA14cea141267158ed11370fb202469d138e4beab47
SHA2568b46942919d30e73e76698abb026795f6919744763aa999bd55bb1da68b6974e
SHA51244ff6c82f7b1df2ea65c247b8f4b2cb7c4c466f4ddeb49bd0643501ac32bc61527fdc788be0131e329daa4ae176ece6f70546b673506cc34feb97c78cafbda72
-
Filesize
12KB
MD5459c1fb17e27882da3303c5ea8fd6c34
SHA1da6cd493be267e5a5028080ec857c7a8a087fac7
SHA256352937461d2059f67d7546ab41f5cc04d67520d040e82211dd8a9ba0e8f6357d
SHA512d6038da7b0b95aa88b0371941e244b627c71f87ea66428e81f83262dbf431e49222fb4d570d63b8dad73e31d797ebd33577683f17f8e1c481be24283d6d97267
-
Filesize
44KB
MD5dabf3a4ab66ff01b8abeb09625edc5af
SHA1ccaad1f05a755f334b4ea3e06780776051452ee9
SHA2561368b0a81fa7216c83a0b1156da32d127c7e4c96038a2f7578d5bb0cf271f460
SHA5124781e95190596304531c64ef1ab13116ddf51e43d3f000a06e7126128c4caf72d1a13cd3f602186b15c89971f056fdd7207adc1f5213cc741710bbdc890191e1
-
Filesize
12KB
MD567e52aaaca30794417a578229b874aa9
SHA1d1848cc7f20a064cc99de238e6f9874d283b034f
SHA256fa5010205eabe617a6e3bac2d2a67ec9b062d4c1e5a52938df1f3326dac9b558
SHA512efa759626429e6d399023f43f426b8f794ee42c66be12659359a606438d9ba23a329148d0a90071f03e7990c0d077f7407bc6ca6e7bbfc113267035965b1b7e7