Analysis

  • max time kernel
    178s
  • max time network
    137s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    16-06-2024 20:11

General

  • Target

    b4fb9223210ae001b3545e26f3e4bd1c_JaffaCakes118.apk

  • Size

    3.4MB

  • MD5

    b4fb9223210ae001b3545e26f3e4bd1c

  • SHA1

    33744e86f0b8cb840e2aeb951da8ee405f59fa73

  • SHA256

    dea9c0605a541e8fa3a941e1d1f1073abe2c59eb41a7495ac151c388d356d347

  • SHA512

    fcd53e223db0e5969431bd70a09494afa2453b71264ab8423db8b0480a4e0999a2893143d9f7914c567ad9738518878de47072b2e90df20115001270b057f992

  • SSDEEP

    98304:cxKjn3SfcfeQ2RuXnF5yL3fLbA8+kZHHX0:cxVx0zyfLbjZX0

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 3 IoCs
  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

Processes

  • com.foodtinda.deliveryapp
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4686
  • com.foodtinda.deliveryapp:Metrica
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4737

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.foodtinda.deliveryapp/files/ZPkFS.log

    Filesize

    12KB

    MD5

    f4bce5ec0340a47bb8bc919e57182e52

    SHA1

    8cd24df5d9d505cef77df6e3d454530ce95e6760

    SHA256

    d4b6233bb27a1a51039273da740c88cb21892882bdd8698784c83f9556af6e41

    SHA512

    5e84e680c81102bbea425c05d2d696a55a82749e515ab12c80a964e4e4065411a343c42191bfe262bf119cb7736046852d66577dc7bf9756ee0712bcac0a946a

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/credentials.dat

    Filesize

    233B

    MD5

    7668694773224bd8b382a11d43b80afb

    SHA1

    bfaeececb4463dcc2ace3c995b9acfe2e186d14a

    SHA256

    ca05b97cb3a3defb7d041659bbae426e5594ac97a8fe6acb5687a89f949a3311

    SHA512

    4b1047a6d9a00bbed5ba6516dc6792a0c2d07d730c29b19c1c080f38424e26ff34bce263278424ff9f4e3d36f6705da2eb03433c860471db0a8eca82af7c3f20

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp

    Filesize

    36KB

    MD5

    f23a53e41ff732a76e039b14ed6fbad4

    SHA1

    5e9446a852938d4a6a9f736249767ad6771f38c3

    SHA256

    c677af4fbdafe4c032531a6f0ac18cc9e7d6f2e8ba9f2248ac921c570d74c83e

    SHA512

    b845ed72903deb17f8b5dd1926eb918ae25e1956c687c76fb5b7f9a65da9c571e94582fc7a42fbcdeaa5f2f0f272ce4b62615bed8e203a3b00e7c846cd7ad1a7

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    20KB

    MD5

    26796c7ecaf38910b921bf3a613a6740

    SHA1

    503ba596cb0ccdcabe07bf1a268f1d7325961c87

    SHA256

    02ef656b7298782c4f19668f2784435cce86524062a3c4115c7fbd2a51ef1a09

    SHA512

    2b10c6cab871da533e3eb5c71ed4e71b5b6eaedb20dd7ab5ad378ab2e302aa6b2a7d97c7434c2e4cfe5e5fbe84a684291dc06ed3164f694684a3796b6b1d6ede

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    20KB

    MD5

    3b86ca1636a9cfc641afd1a945b3e4dd

    SHA1

    be38158b04ea32b41ef4bf89c4dbd6097a2503dd

    SHA256

    bb5d295b79a68d1c0de6f4c69f8f99deb48fa26508f713db2acc8f983d470ce0

    SHA512

    68cc0e68472ca5ab13224ef1a81c8b971c6e9e563d1bbba6136bba29a27a88f7b84b05ac2d2cf7ef24f288554de7424882f7dc2f4141446f61cf1c3e47c951ed

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    8KB

    MD5

    bf57f0fd0b6bf2f5b3267fc4761043fe

    SHA1

    4be17a8463e95cb47367183af2e42468eba7fe67

    SHA256

    ff631ae530844dfddf9673f0ddc916afbbc6c24bb43407190d2f2c77c2f0e60e

    SHA512

    2b3177a5c8354c7c31ace287a032886dc2f5b0652c9753eb208c2ab680bf43066c0ccb368bec29157a7f46b66acadf744a5fad04d00e75e89d831a7db411998c

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    12KB

    MD5

    4c8926d44eb6f975025cfeb5b20e1821

    SHA1

    ca1a1c88b2fbc5efe3beba83ed3500d071448e85

    SHA256

    725af1d79ea275b54f6740d0bd96a6a879f96cc2d7292b940b6934158c09c053

    SHA512

    dacc508da2a3b5326ec36c2b9439fb25e82fb43798a2bf06e5d65e6f61cc6e472b27002e5a593f15b76f3ab0d3fec1a92ebcc4ade4903d6a247a9a81d5e50920

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    12KB

    MD5

    231be30c88a59a22164b5f089b9d3b3c

    SHA1

    0966bc82e0f899b3657666656d7b547777689987

    SHA256

    645c610103aecc811bc23604285121ede3d03bff89ddc044cd8348db543f68e7

    SHA512

    a963f62ba281422aaef774f9e649fdbd3dfd810f3e6d31d8eed025c60985400dbb4204b36db649a46647635661a3be1d18e5f89c322b14b03bb481994632e24f

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp-journal

    Filesize

    12KB

    MD5

    069d3f9965acd39f26a86c57097947ae

    SHA1

    2d3b73a8adcce139b56f027c67fbcb083ce4060d

    SHA256

    066738e3e103c40f48ea0fb817c3f0c69c5fd800829c6514f69ee8a31463948f

    SHA512

    7ff256a62b2e154edbd271b62d2c4f797a2e86cf42ea15bb57327fe9ae26aba109d8c33717c57fe3fb78e4e58d41c6b2ce608871b4a6c1bb2860c2c205df16bd

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180

    Filesize

    36KB

    MD5

    f971d902dd4cb322981d1f3e1d3e5e1c

    SHA1

    19d51a93474478f55b999e12607e9c5000d728c6

    SHA256

    828095e45e12df52de2e5c622a2ab0dca08d4f39dcff095a768aec123a66f2a7

    SHA512

    e5aba2ca1b62d5d57dd265ff3b0441610400824fc91cc53996a73da86dc0b95852e66bd8086dae4e8649cdea2319aa1234bab73d81328ad94759cdeac582dc2c

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    512B

    MD5

    c792f848ff8e3ddd22195d71963aa828

    SHA1

    5c517fc3452bac538e0e9b62ca671a4c492cdc77

    SHA256

    c50f2cc194a344cf6fa662c2625793a8d8591126abc86bc3993314006d87e57a

    SHA512

    c0566fcaba19ae2c9ab9d133f25301cf3e99265c49c7b55e9d05e23e9186ffabecf5d7a46b68619c37b2980c4d12f8149965993526f3896717235d85d07d4605

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    8KB

    MD5

    e13bc6c9ebd87ee2edabd1f11f7df8a0

    SHA1

    8f602a8d637fddf32895d7e5a292c76229289730

    SHA256

    e49ef4d31a0a599db1b84c3bf896c028ee13484edd6045233f1833822e6ed361

    SHA512

    6e1d940a3a1c60060f8c7444ed6875b783f6d5afd97c8b566130ca00c98273efcac0f7bdfbac434cca0575fabff9275abf1f2003b07450a16f73d42f3099f7cd

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    8KB

    MD5

    aed7836db22c05a9633288ae828a2793

    SHA1

    bde8f0b06ce61721350fbe491d303824c58611d0

    SHA256

    9972e2b5650596479ee6c7f55fcf321162a7f36cc6dcb3b5ad69e4d5298fb0fe

    SHA512

    a0b7da11baf622f9966269580cd0756cefdb80e8ac68950774475df84be5d44e02bb7b7bbfb20d747653ba7389503a8a249fa4cdfc5ec03e6b0e3fe24a7a4cf1

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    1f11021df1980f9f8ed05f211b93b027

    SHA1

    fbc8256178b389921ac062f9b8abaf11ee10e836

    SHA256

    86071b5b5fb23b791ea2450f0b3aac980e0c284f7fda0b9e24c6a2c48ed1c0f8

    SHA512

    acfbd9f0f859ee2d06f307a38fd58cbdabf4cb5bf87b2004d042a61dfce2aa72bc9d4a406d0c3a7d00e6465c91fd0942c031b706dda4aeac19320f49d787fef1

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    8KB

    MD5

    aa5994edef00ced97c6eca59baeb3f01

    SHA1

    cacacc76bb65c00b40f48b332e6d50440afe448b

    SHA256

    48a6f5b1131c1d2f87183a4cea09eea501b83ae52f1734ecd5640e2374243b6a

    SHA512

    d4361d4d3b15836d9c7167370eac7f4021065b6a496265387804dc6d31204410de3902a6826c8ff8aae3f2bd4e91850499b741ad6ca7ac83c863eff2b7f27664

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/db_metrica_com.foodtinda.deliveryapp_20799a27-fa80-4b36-b2db-0f8141f24180-journal

    Filesize

    12KB

    MD5

    aec6deb95703dbfad7a1980f44ce2052

    SHA1

    f44279491cca17ef931e24a53fef6d068fdeaab6

    SHA256

    5e92ecf062bd50bd79f65f0e507a436ce343dc8eb9f6d8efa8d8314d841a425e

    SHA512

    9adc147bae42cdeb356b8c92c67fdf1b24141b3ff424ee502c80710b976f11fe2a31ad5262b9638f02ee3af6470b5019978861dc3767713e95a293dae8c81542

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    d0c6216468a004011fddf11d7cfd8777

    SHA1

    f59d660f0c7848925c77ca041725d00d3c43dd6d

    SHA256

    168982d1fc28361b0a4438fdb040fda0af95c6517189034b29827a6d26088f62

    SHA512

    c4836a64404e1eeb9544aeedce3d8a2b70b5375d2885d0ea86c86c60f89edf098962e2e4aa2e5f2627b74a1e65d3d34869408ab5def402883db130467d75e94f

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    df3f00abc8de3dd63e36bc4a8727e8cf

    SHA1

    01464eaafb3f590c2501c189541e8016ea66563f

    SHA256

    a42ae0cd7bff56fa2fd6973d10b4f8c52e9f4efd786d027ed9da97e0dbc25b2d

    SHA512

    9fea967fc051c5ce5ec5662b3384194885e11cb1300b73e98b0952136006619246930715dd16dee1759979360b7b5f0b5e14c414c5a6d7858672b1d9cf99ef94

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db

    Filesize

    20KB

    MD5

    d7ba57e1897a9339853d5804f2fa742d

    SHA1

    ae8f9bc9f8be70604a46acafccdb8419b1f2dc0b

    SHA256

    5d078bea267fc22258ec0cfcee3af81d729f2773a5a20f7bbb809585ae81d362

    SHA512

    e1e715e2365433f58cdc274cbff06abdea134c30ce682d916203a1165b0f963f556a77c1c921de87abc2880d1c7bc29a6626a0167ed3ec206101cc59ec1f6f70

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    8KB

    MD5

    ced722b3b4881407eff93b5d9a3cd13c

    SHA1

    842d859810e608d26128059f18fc99a83d19c32f

    SHA256

    5b167ec61f448951416317bec7a7c3e0789cb32f8d1d79076239563bc2de2607

    SHA512

    46c585fab3d22d45bd0d7ba81cee5020344bb43a17535255ab78f8d803e4c78c00e0eccfdbcc548137ac31387b747ff6424af26e2cf9b20ed1555105abe3b017

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    8KB

    MD5

    a2ba42351a3a7d98bf89927c5aa38ed3

    SHA1

    2b53307b05db7d7bf6aaf6fd324fe21c11a6e491

    SHA256

    8eadf63422a37cb3b6d300907855ef8f8ef6c4c698599f363fb19d6716bc61cd

    SHA512

    f83f7977eb43b0265b7ba2c1924a10a0ddb5d065c70d779c3b0f85786a6bb3bc9962fa5cdcf7e01e8377d34544e7e32efc9b6637cca2984afed00f8ffe96c269

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    843d8ea310c2628171559b30b8acc457

    SHA1

    176fe6ab9ab49dbe847c0d3458435a7da6740c39

    SHA256

    ef1990b5377beaab827c2a9ba68aa133857285d17ad3e02819322617dbc37a15

    SHA512

    055f727cbe7cacf41bcebbd7fb1ac9a5178367bdc8795872cabfdbdc461db6b98a1ec4a56cb1603be751cfa42a3581f2690e86c774961f54279ef37850deee47

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    80f633655661341d3258e8679e047e30

    SHA1

    4cea141267158ed11370fb202469d138e4beab47

    SHA256

    8b46942919d30e73e76698abb026795f6919744763aa999bd55bb1da68b6974e

    SHA512

    44ff6c82f7b1df2ea65c247b8f4b2cb7c4c466f4ddeb49bd0643501ac32bc61527fdc788be0131e329daa4ae176ece6f70546b673506cc34feb97c78cafbda72

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_client_data.db-journal

    Filesize

    12KB

    MD5

    459c1fb17e27882da3303c5ea8fd6c34

    SHA1

    da6cd493be267e5a5028080ec857c7a8a087fac7

    SHA256

    352937461d2059f67d7546ab41f5cc04d67520d040e82211dd8a9ba0e8f6357d

    SHA512

    d6038da7b0b95aa88b0371941e244b627c71f87ea66428e81f83262dbf431e49222fb4d570d63b8dad73e31d797ebd33577683f17f8e1c481be24283d6d97267

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_data.db

    Filesize

    44KB

    MD5

    dabf3a4ab66ff01b8abeb09625edc5af

    SHA1

    ccaad1f05a755f334b4ea3e06780776051452ee9

    SHA256

    1368b0a81fa7216c83a0b1156da32d127c7e4c96038a2f7578d5bb0cf271f460

    SHA512

    4781e95190596304531c64ef1ab13116ddf51e43d3f000a06e7126128c4caf72d1a13cd3f602186b15c89971f056fdd7207adc1f5213cc741710bbdc890191e1

  • /data/user/0/com.foodtinda.deliveryapp/no_backup/metrica_data.db-journal

    Filesize

    12KB

    MD5

    67e52aaaca30794417a578229b874aa9

    SHA1

    d1848cc7f20a064cc99de238e6f9874d283b034f

    SHA256

    fa5010205eabe617a6e3bac2d2a67ec9b062d4c1e5a52938df1f3326dac9b558

    SHA512

    efa759626429e6d399023f43f426b8f794ee42c66be12659359a606438d9ba23a329148d0a90071f03e7990c0d077f7407bc6ca6e7bbfc113267035965b1b7e7