c36d774bb54e7609950172d1c65057d583c06c3b154787d845aabc3cf2c05fe6

Analysis

max time kernel
178s
max time network
151s
platform
android_x64
resource
android-x64-20240611.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
submitted
19-06-2024 17:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bd7e4a6d25fe18c105b2ca4ac5ee75e1_JaffaCakes118.apk
Size

3.4MB
MD5

bd7e4a6d25fe18c105b2ca4ac5ee75e1
SHA1

e5198ff65207ac35da4076a082775fe0e018bf50
SHA256

c36d774bb54e7609950172d1c65057d583c06c3b154787d845aabc3cf2c05fe6
SHA512

eecbf50301bf4a3df98d76127a6bdc03d5d3218d6f67d3f9379f6a91268b3d804e8a365a3b4ce809fbdf9a8d80f0a16c31090c4c3055b6baf5f5b57dd7ec9d8c
SSDEEP

98304:QzNqDapg2PXl6nAiZGrb2RT5s/i4A23Tq6:zGlYGf256/i47q6

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	br.com.starwaysistemas.acaijapajuusu:Metrica
/sbin/su	br.com.starwaysistemas.acaijapajuusu:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	br.com.starwaysistemas.acaijapajuusu
Framework service call	android.app.IActivityManager.getRunningAppProcesses	br.com.starwaysistemas.acaijapajuusu:Metrica

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	br.com.starwaysistemas.acaijapajuusu

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	br.com.starwaysistemas.acaijapajuusu
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	br.com.starwaysistemas.acaijapajuusu:Metrica

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	br.com.starwaysistemas.acaijapajuusu

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	br.com.starwaysistemas.acaijapajuusu
Framework service call	android.app.job.IJobScheduler.schedule	br.com.starwaysistemas.acaijapajuusu:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	br.com.starwaysistemas.acaijapajuusu:Metrica
Framework API call	javax.crypto.Cipher.doFinal	br.com.starwaysistemas.acaijapajuusu

br.com.starwaysistemas.acaijapajuusu
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5141

br.com.starwaysistemas.acaijapajuusu:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5200

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/br.com.starwaysistemas.acaijapajuusu/files/ZPkFS.log

Filesize
90B

MD5
d9016c6627b72f8b23955b3e3fc46494

SHA1
87ed457aef456837ac9aaf891d3c73d55cc81ec1

SHA256
d0e7d6a2848be29a4a040507ba25dde63659df7ca5950143b1059dba8073cd03

SHA512
368d27ffe271cb7733d586527b315e7b1745450ee6ce6926c270b544ac04494392aea9bb0f2d95691003de04aea1a11c98830bf2f50e7857278a6b52d73f2b5b

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/credentials.dat

Filesize
234B

MD5
6a1fa5dcf73b0bd5a7a1b68fe8152673

SHA1
030877e568064e83e7694f9f992b0ee3338b62fc

SHA256
acef72fd91bd57609b86b5ab7ad2342caa8d1bc820e7ebd2fd77aced5a1c516e

SHA512
80040fae3e0518599d59331aaab7edc1990ac003507b319ea4d61dc4cfb34c86497df34979dbee84bb4ffde8ad1a27f9121b9f593b47371525639f41aec14f37

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu

Filesize
36KB

MD5
913ff3141b28058f09ad9300b115c1ce

SHA1
ca1b42aa12998814c076248d1eab662e00d5892f

SHA256
0956e742b1ee0e557a981176320aae73b25064810840addfde6235648d6841a3

SHA512
7bfa2abe31f07c4dd46f0045e90b78fbd0d195323c1b18b63549560caf62f7700d7aeca93c87714ac19905edd61323f5224851b51279d312b007b145d4e7488f

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
20KB

MD5
bf8f9c843ed00d53f437ac49f9028a9a

SHA1
60cd8888b7e309efdd88e26d9cbb5f4fbfb65682

SHA256
76e2c052f9f3649f119c7e2d9d370011007e1f27aadf7c2ea790b0d03bad53cb

SHA512
747758904cc93beffac712c7c9ad09737d6563dcae93a39c06f7fea693417d3f1a3164370a712984ef7b7b1f5667e17f13bcc8d543feda60a9b334314fe3fb4b

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
8KB

MD5
2317ca7dcc799ed4204a63e0d5de40d3

SHA1
f4f8005eeb47a2a4d771dd5c7a6013fb642accd5

SHA256
0894f50493a5b1f8e343e5c37203f7255ab67b7a934a3d3132a682c44bb79367

SHA512
3c18fb1b3bbb7af1672ccea1abae17847173bbff78a6b966d9e3b401bc36ed7984a2abd5bd99e03b367bb442f53acf8a3b589fd8ac40f6a57f4ef19bc72100a7

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
8KB

MD5
1018aad590918a7c634ea84573319e46

SHA1
06099a959a70fcf710ef8cdf40c71b5bfa935f33

SHA256
3a5d7e693a81efb9bdaf4bad446c914f5ec0b87af59957aa10b711324de6ce0e

SHA512
bf89d0b6339cb86a7d9e16d220aecd2758d56c9e1a9794239bc4bf8f463f9f8d348ea6183ffe5d5ea4985b1a6c6de435736b9780e33d1b44ac9d8a65928c6c3e

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
12KB

MD5
0b8f8410ca8a08c043580f7877aebd7d

SHA1
43fe511678454d4bf90f776913ff9edc9218c380

SHA256
e5e3a474aa9c40b54e240d4079a64d0783f60a54eb59228528c1a7717a9a76df

SHA512
27a5f00e6b4b34aaee91db4b2e67ffa88555d68f522f472362b40645310b1e67a97797485918c3eb320f41f3d9b3de0727eeaf11e1857f7a35f4e855cd1a9bde

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
8KB

MD5
5eed6edd92955f55ac87f5fff420f131

SHA1
b79cd42f624b14c75a7473607c5ffe203058e804

SHA256
be373b50c4c9a247b5cc62c30c8b972a3ca6669a22155acfc2a69c3ff2522c80

SHA512
709fd7ea5e14e0d903b6619a864f2afddba82e2df5441357a33d013ec4015b071205d69648635af0f61b9e23caf88210c80448a8d3f4912774c5809156bda4a3

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
12KB

MD5
f8cad088791d3034a73d396d03428249

SHA1
cd0e5e8db9ee8d7f7fc45907c90dce3947161d09

SHA256
ca3fd65a6058fe853ca12d738d2e8e1cd1354615c81ac67e93d136721075435a

SHA512
73b1fb0dd8c20ee3c5dc7662195cafe34475cd40d1767de51bed01fcbdfac672218ff62f6cf11ebce517e3e11b9c3dcd3537385b7eadc61ecc2b0e48fbf84afc

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
78a4fb5f185aac354012d74a0e5ca2fb

SHA1
cb3c1fb086e7835c7e9a6954dac22f1cc2533217

SHA256
a507d63d005477810da82a9278e83bf202e4c816a04ac0b18d8bb206ca06b8dc

SHA512
5620252b9ccefc576bc35b1339837eed0786cf8591d07a1d2a37b49ad97c8ec3ea252044b1831f908cbf9fc81d839c5fe176567844b1c7babb861b1613d4a111

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
fcf9ce1fb3190099f34edaedd82422cf

SHA1
3042b199132b3b13a7a36c8b9e3e2255122011ba

SHA256
5a1319a1383c59654a340d54bf9eb5a0758d9fb9274b0548378642fe527b8ebc

SHA512
1d5fb8a4227741793bd9d6ed9b825cec68cf3fe3b178e2b1e0e8d49747af89fa47efeb8f73e0f13903fe5133f0825a1dd4dc60bc383ee535994c62514afda1af

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
ef5ea1c8c02a2d1a2ad3c548eecd7296

SHA1
f2356e269dd98cb3243654f09dfa51c1a1cc0f70

SHA256
959a2230ce27c81cb19729f06a8e30a04264c4f62a4789c6b3368f46482aead8

SHA512
e74b7266f858bfca1a51a24c9fa9b4066636c98b1a1cdf1383e0a71b072941fe8145b6356f22e4f9275b401418120047dd6430f2fcfa9d91a8d4977b25db3d5d

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
b41358e8d91e95ca3c735aafb087902d

SHA1
73af09f18d9619b5e2bd766d229dd3d255c597c9

SHA256
13888ad55642d7256579c0bd33b279ee976d769f4d3733b8584fbf9000fd7c15

SHA512
943f42405f485318f87f3941fb012e7d901f73f70c75bda74cb6c35539a21812e00afa57ac3da677d2f86fbbd3de24dbeda405426c27d9bf45ae89916710c002

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
b8c3a8ebf0c76d020265bef913ed686c

SHA1
a70323d7dca6ab14c79bd3ce205e0416e4468ded

SHA256
3dbc09a8fbe607cd56e271853b13a43dc8de19162d4a3b4ce5e4b975615a5287

SHA512
6aecc6d61b42f5ba11e98d4b3e10e583319206305a32fd9eab0216010060668108fefb5b4a486697545ffe321ec4c1a1991071cd4f49ab54f4bb92064120fd7e

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
ca55e6a411df308c9c87751854ab09ed

SHA1
8ea38000c1ae1c4665b4303652defe602d9e8803

SHA256
8684c766c152ac95a6c0c2a4643ecd551f1b6da9b85ad762edd02aaa11e418c3

SHA512
291aa943c8aa3ce4e15e1bd4ea71e26ec0660ebf563cb7d57414d04e5470110d12c8d7ee39754eaf406db4e83f70339f89e887bdb706b662f7dd5fdf1c10af88

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
f7743ed9af56c20f0fe2fbce8f876d18

SHA1
b2ea81faf339da483ef92104054bd57fbaee97d2

SHA256
e112c803ff14088d121953e066810a59542e15239bcb71e33480c00fa79b2f2c

SHA512
845815cc1ea79e77d72394de06d53f3f4fb52170f3e17f4befe1226aac54535e13a8f351e400f9e1a52db7ec860bc84dbad7019a030eeae821c4bd97fe86a47a

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db

Filesize
20KB

MD5
988a7f51962d4c9ed8adcc0ad0734392

SHA1
d734886749166aba011dec653e8645726b1abde8

SHA256
79d1ea650aed955404114278d71282970c1ac4cda6dfdc883abbd1f5295a1718

SHA512
39f9257570b56855abc0fbe5b9847e66aad8eb745cbd417c3adfd03a62deab0dbf2b858603a51449d0dc013b705ddff2d7ebd3383156619edf056ac736854c27

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db

Filesize
20KB

MD5
c6e98d59f56402bdf2d59068dddbac1a

SHA1
2719e42e942a60a3f742f149bdcad05964f90774

SHA256
35e89cd24ec519bf1efdaed4484c85415acfd859c6e951398e0e1ce7c5d33d6f

SHA512
22419f255b8ad81c32fc968acbd8ecef7e5a9af14fd986211ebd59fa6f0cbfa2a860332c18c014f45eb38d721cd66b1997b8413b47fb4a6832f2e5fc81f1f7b4

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db

Filesize
20KB

MD5
a3a26c3b24cdaf4744b4bb6b4290a1db

SHA1
7a46de69b91e108e64fe8c374e405e96c97487fe

SHA256
f11804e3334e46a71300c7a2e632080ac04a7a7220f50b2e9bc1681d28ba0ea9

SHA512
bf56c8616231782368692439c4efc2804bd91446f59d46b81e2c6314a117f86a4d9970bfa4fcc06e310757e66ebc217be90c6c5d53e9e1e852f16b61f43a6770

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
ae14db766799fcef4a3a5f3b7c81112e

SHA1
50bed1d45c0b4e0297a137eb3b546db1813b8cb7

SHA256
0eeb8c81bc172a07029c4382fcfc520f711e43354889e27b39cf810c926180ad

SHA512
0b191cdd1af248552ca69a6ff7ef040cc0b69fd505a1ded19f9096231395732a4ea7a2ff30190177c1a985048d58f45ea104097e340d3b956d3ea7877caf91f4

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
2cffd1688c70a6dc6a388bdd7c5885cd

SHA1
8a233aadc928a4d4e24d85f9bc32038f1f123e36

SHA256
785d79f31c7e41ef665a9bc1458919d19b421f227a43fbab2cd6c906a8b848ed

SHA512
4f8c8355ee3b13a32f748cb57e17936c787a27ad22fd530730dcf0fab34bf3f1082acc9feb2d1ddcae7741d183ac63c8522943ebc482628a065d1b59ba815ca9

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
0273c4936ef1eabe4d26edb741feb906

SHA1
556884b11aba8805bf9219779e389f4e827c871e

SHA256
00d6e5f8f1ef37b38812a8ec5ab4ed8c546d96ec0248b4adf30ba6abefb0b829

SHA512
548ae04c3d3b0b5fdbeef1d40c27757a114bb6981b1733646a463101ecf45bd610fbbb2e785c8a971e63488875e4c1ade37fa75fc5cf6e4f2c4321c24fd69ecd

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
7d053f023afa7d71529364b4b1451db2

SHA1
3e2e6f2d9893d084f8043f51b7895044e26324f8

SHA256
a44d353e54f8becd8cca266b511c056a38f9975e2271c5e8233c1ebbf17d96d1

SHA512
649fb3434b8f2a2b60d1a6727ec420af11500a1282473cd42a182af55d493a7f78a0a83ae96d7b639eaf9a51d243a9fd91627eddbe19bd2bd6200efd078a2b58

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
20KB

MD5
2283ef1131e5623160e620bbc4710938

SHA1
f03e95ae0856eb0b411e6cfc63ae30d36872ab3b

SHA256
d191b6e4f3e282b5ee139c17e58579232ee142ac40ac55598563e66e8bdda19a

SHA512
f285ddbe0035e6f5776f6cb3fed8c7cfe9014208e414ec78b46559e99c65d9224072ebbb356c6e37d8260d26529a3586ee50c41509090b1a817d2b419435d040

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_data.db

Filesize
44KB

MD5
f17fd98a4c6bb42c83ce5251980c5fe3

SHA1
651743a601af1de511d50496c6e14546aafd50fb

SHA256
f66c0a73b7988e4381de81e9c5c3b68887f02dd4c0ace3671f5a42bf507868b5

SHA512
4fdb76eb7a9fa7c5c7dd68331acac26a722695c9cc801d58aa16b2113b5725ca01febe4a8a7c01c61bb24d6483c74515a1328a51f4bfb17a36dbd74e3b5c092c

Download Submit
/data/data/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_data.db-journal

Filesize
12KB

MD5
920a1d2650fdb1e7c1a6faf2d9aeb687

SHA1
1feb97353d00583738943b6a95ca28aa2768d288

SHA256
ea24ab5e6bf37f619db3cf3984ea6454908d90860be6334e91aa4055ecc985c8

SHA512
d90aafdd4be37484a0859e09b26f461fb0454a07a08bbacf7d7240cd8a603645061923129f0367f76d24b54fadb39f1993a02947fcfd13ba6e03a61722f1d28c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads