c36d774bb54e7609950172d1c65057d583c06c3b154787d845aabc3cf2c05fe6

Analysis

max time kernel
178s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
19/06/2024, 17:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bd7e4a6d25fe18c105b2ca4ac5ee75e1_JaffaCakes118.apk
Size

3.4MB
MD5

bd7e4a6d25fe18c105b2ca4ac5ee75e1
SHA1

e5198ff65207ac35da4076a082775fe0e018bf50
SHA256

c36d774bb54e7609950172d1c65057d583c06c3b154787d845aabc3cf2c05fe6
SHA512

eecbf50301bf4a3df98d76127a6bdc03d5d3218d6f67d3f9379f6a91268b3d804e8a365a3b4ce809fbdf9a8d80f0a16c31090c4c3055b6baf5f5b57dd7ec9d8c
SSDEEP

98304:QzNqDapg2PXl6nAiZGrb2RT5s/i4A23Tq6:zGlYGf256/i47q6

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	br.com.starwaysistemas.acaijapajuusu:Metrica
/sbin/su	br.com.starwaysistemas.acaijapajuusu:Metrica
/system/bin/su	br.com.starwaysistemas.acaijapajuusu:Metrica

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	br.com.starwaysistemas.acaijapajuusu
Framework service call	android.app.IActivityManager.getRunningAppProcesses	br.com.starwaysistemas.acaijapajuusu:Metrica

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	br.com.starwaysistemas.acaijapajuusu

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	br.com.starwaysistemas.acaijapajuusu

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	br.com.starwaysistemas.acaijapajuusu
Framework service call	android.app.job.IJobScheduler.schedule	br.com.starwaysistemas.acaijapajuusu:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	br.com.starwaysistemas.acaijapajuusu:Metrica
Framework API call	javax.crypto.Cipher.doFinal	br.com.starwaysistemas.acaijapajuusu

br.com.starwaysistemas.acaijapajuusu
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4426

br.com.starwaysistemas.acaijapajuusu:Metrica
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4481

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/br.com.starwaysistemas.acaijapajuusu/files/ZPkFS.log

Filesize
12KB

MD5
113441d27751e83afb0cdda055b0ba87

SHA1
74124e15246422fff7de2c6b9074b2278172c12c

SHA256
3accc89cdf663fe9747bb05f0d82b4cd55ecf5fccc49c08974612a58581a7ee0

SHA512
ea195e5f8906ea5edffddd23a4882d57d3be10c5392fa5daa8f15492f0ce0880be2e6b2014d71579e7134db23e3f740fca1392693487e1113979dba47ddabd4b

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/credentials.dat

Filesize
233B

MD5
ab2244a05ce57639950b010acc5d4e4f

SHA1
03ba27ef68288f7cd79c216882ddd8ffb5719b35

SHA256
fe61dd72c3b35ba8644317e96b9b2a775ba1bc1088fe77c0fd39f7b10091e87a

SHA512
e8b7a1313ae3df3d0682e428b2246d30ab09ac1aec649429272e7bebd06569845b427f4a21e71da4806621383230b30b429be0c325156fbf929a254ce3573250

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu

Filesize
36KB

MD5
d8b9a3288b392dfabda67a9c3cc020b4

SHA1
cf6b6ab25e05f56ca1be4d08196ad4e157e3f9a3

SHA256
a680a8f040b841347e517c71b8d923dd3c60b9e1d30846ae2fe40f7ece3d9573

SHA512
fd018c0414ba570a5d5446b71d404d9cbae1061a302bbe4c5ce7f87a954da4fbfe7d5d75ca2956c4df609d80d8e47e4b1c764de615e92fdf4dd214e471e6675d

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
20KB

MD5
b2169440a2c916d97962938c38819868

SHA1
d3b2f10ca07bae1ca477752b30e542ac77dc995e

SHA256
1533a9e12b289b7acbd92e311dc3d6682c9f8bebd99c2cf5deb92ff3eb21c0cd

SHA512
e7c8d7daf2aa330630fb173e11ef1e14471ef7977daf80022ee65504876996f421aa650816f52c53d2873d5ef74771605527d4610477e984a1cd73788e1fc78f

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
8KB

MD5
4f061de4ba670c47709e9782f765ea9c

SHA1
50febca65f8470467c3037c82efc45509668e2fc

SHA256
1e168de54ebab3f7dc23b92644f7c5077eed5a692579be11f2645cc425f763b9

SHA512
c41b9a37e67555cd575d3af24ace041fcf212ce319c04c01741a7075c402a67346e3183dcf4d51ef511d3bbaea2f07cde9e32761ef9ced0125bc6bfaadd53f5d

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
8KB

MD5
44ccd11adf4c70f54063b37ae7317115

SHA1
cc198db2ae60191c4907f0422f0d5b13b848ddbc

SHA256
77b502c00460a05a11383ff77751b2389a420b7415b20818495a6b552f129e37

SHA512
74129a0a2c106e6350ccea9f782ecaf654cb20dbc330a4e6a70ccf1bf33f44ecfbc01e6a027e8bf6da5a90635e8972b3fb50342f32da7749060e3c8c755a37a7

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
12KB

MD5
ae5843c11f831c165ac928991f15ba33

SHA1
45394f34e358994cc93818218e736554af8d9e1b

SHA256
2e15a3690698261f4abf46b2e6e479e471ec15cc0283e6105c7f23b9ed37de0e

SHA512
0504230b75e78eff156f569f0bd848efc5e77e06784361edad5c01ece5905216f90cc4fdd7ee1278d2cf0f5dec4104533839d9ee5972f35825233201b60c2c60

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
12KB

MD5
93730b0093709ae55b56f8d95808c472

SHA1
2713c20a12a89e062c0ef347f13996449e66ef4b

SHA256
27f4046e2cda711784996341f6ee0fee1d7aff43ef2e9fb27fabb0d7f22e59e4

SHA512
ed87a1b7bbfeb453b1706779de0a2e7776c5f1ffde627b5ef67e3463f7a1f59c306b5a7c081934e5c19c53fbd12d5e887de575c38442d0ee88f6350ebee108d0

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu-journal

Filesize
12KB

MD5
af088792532cf9c55be49e5d7ab37cd5

SHA1
e06f23ff882ed96bab0255d024c9dd1f12c7e89d

SHA256
5bdba7f8154ae80a1a89b0c39442a69f3a72711e1d2dbcb6c4fd1cbcb055c92e

SHA512
230b0de3d5bdf3689ad6bc7b891b835abb1369dff34d9bd8f8225fbafaf41b9823662a992b77c7153ecf7949b5c987b91597e04f51c5e6ddca0f46f2243528f0

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
8228be800b9f684aac19b81d632deee3

SHA1
28809d844c99c2a8f3bce8efa5d7696eb30fe17b

SHA256
4a98c18d46bfa85e815fd161b76cf798964b3cc2ab2d117187f9a185a5c2aa3c

SHA512
920f246158564e6d3570d5a3468c3895d436235b4cf6f8b37b1ef690af8ef3e850f4be055d3014806e6772c5278ad032a3bef898f696ed88bfb1e258ddb419bc

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
d291adb5aab5d7ebecaef1c33ea158f1

SHA1
b4188937ed97bae6f643b670f23358da92078c7c

SHA256
44f30830876a5255fbfd40c1bb1b88660bff296658a4ff607205fe78b03b6975

SHA512
5b5b90e44869d189dff17442a5785a9854421ee8b1a1cc3f23a476755e4e4aab4357d6b551c52ceb34071a3ad1e2c9fea79ba017f8fde009ecabaf571b8e0a63

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
75b15372f850382756c32017e67eebfa

SHA1
b21d499e73a24ad67d56dd3d7c38fe02ab081118

SHA256
d5ffca281d98a155cd94b8fe8b0193e49561b2bc06b0a0d77486067a2dc19a78

SHA512
f6236bd851a738087b49769263d65581d2c2affcb91c3b9fb5cd24ef92e2f68992fdbfadbd173e891fa16b6a27b4c036783a8223b710234dc64b91175feeb238

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
2ef1d2a71c7f0fc9c086c8371d033170

SHA1
f9b0a80a7eda9fccc740971bcbb10ec065eec51e

SHA256
241b15696b91c4e3e5bc94894f58767f51b3ea60600a957959151fa8a79d91b2

SHA512
ac5bae3d1b270ac6b98351cbb087da5ee4de995f49df7d6c262467fb9b74f1ab57a43685ab4c6f37898b7c70b139a43169a72fe4abab423ca86c959acadbb74a

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
c7fbeb2cfe2801a83264e431c4316b4f

SHA1
866969332a11c140fa8f89775ca76eae10e6edda

SHA256
e232d0d75c7e3a4d6775e0ac1a425bd79182e0be0927ee09007358f841e1cb9e

SHA512
16ebfd07844171696d877d39d81e7f2a0e78c47c46e2e591efc75ead1acee1e15c4bdec7203d502e524a8ac6a3c35df5934b46ea5bae9501c0d3a101f07f2cf6

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
fba1a5222f35ceae311da199c16dea2c

SHA1
16915d1a0dd742400459f601dd5299bcdee2f214

SHA256
efcb2919498bbd09ba4f7ba3f3e32324257af5acd51319f2a288bfc1bb1c2f15

SHA512
892d1b819c09a5d272c825223b3f5a3d11b4def6666d313abb7ba61e76f000ab4ff97e29e1b4192308188a2c8ae392175115d7c9c850efa89ef04f0c2c8f0228

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/db_metrica_br.com.starwaysistemas.acaijapajuusu_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
8af53b315191b807cbfcfac1b4f22432

SHA1
20fe136cfee550914f596a658319a6a8932d2dd4

SHA256
eff709664c3a31c98d26141efb2d0a14c117f7805ebbf1bb8c1c680b1d612974

SHA512
c694a4d46718429ee4ab9a55f28500822b0a8cd6d9cba5187c431fcad38e03e9252bc0df61a187013cfd126618e5838dc3fda6ebe7834b00ba946303e16f8fad

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db

Filesize
20KB

MD5
d01115ab3b3ab6cd76adfbc07994cd9a

SHA1
2e7e72949ae2c3c9fc3faef4ff50f29153ce10de

SHA256
477bd41c92d45d060b57856b501048725ba8cd344d54d65459d2f6a0d5c38e68

SHA512
bdf67bda728f6ba75d0f993d24b0feb954d5cbc369d522ea553400482ccb65ed6c9fb042608d7ecb2940bfae1df0e47a7cdb37409561581c8aa31a774334092d

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db

Filesize
20KB

MD5
5787b1173489f050f0a6ea89b9d64683

SHA1
b16be94ba851d338cf45e73d12d9758049bc4732

SHA256
5fa62f693075a0c1c4ef998fe23a47d0d0d6650912293172807d24ec73ed627f

SHA512
e3753daa86bc952f28a1faaae25e7873eb6c3fa0901ccd1e52c24b331a03422351cee443b68224bdffca9bbd0de5e0e690818624b15eb71aa49d3616e42a45b6

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db

Filesize
20KB

MD5
e5639b469346d3d19c79ae3bdc2f4a9a

SHA1
b4d9041b94176f65417e63e77f0f324b81e8dded

SHA256
cf283c9f2c282ef339f1ac0c4eae7d6f44f86bc1744cbf8a9b5703edc7368aaf

SHA512
273aa09cf7f4de26661bbedf2ecd180b5adb537022cd824d2185beaf7eb1784bd1ea1f1f22c01e4762729bdefeb81964f1a47f13e90b883beb27ce7c8d1f03b4

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
915a03e5426d7f037de60c7409c9a7f5

SHA1
5373d1da066bfab5bd51e5a57591bdb36b8fbee7

SHA256
d917685ed55bf1e841a6b8afb5e05a4e6336c4aeb4ce2e57872b756d89d107f7

SHA512
ed5846c61df05dabed019f4e2682b1d66703e57c4112e818ca214e34f00a56c0eb22d7fea51b129a2d9d6c632248044662221640a3a1a40015854093ae2cd0d7

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
37e83e1173ec5350b7638326ac42f74e

SHA1
4b5864b4efc0cbc091ad9e248674a2e52d62eb16

SHA256
07c24c326e36083ec53133ecba9d6d754384f1683a3cc904a139893704e6db8c

SHA512
da178c27abca4309e663998ef2286c2cc59ff96d9b18855a3d55ba7197dc69e54ea65fbf5ef94936db1edf04184c774ed1bdd6dcf9eece23a297abc2b174c415

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
506df634831cf0691500eb6bd8b8dc98

SHA1
87cd19bec7c43d8a097aa90057bfa22a2734e13b

SHA256
dac4cbda6a29f8611e83031f23060a4f6b8fd73c369df583137a3d53b617f76b

SHA512
a23c4fc182d240fe2a66555b9f5fcadbaa89d870e99db2b4bf18f8b707ddc13de683eff2b2f201808165cc9f8483d5ef8ff761aa8ba1adbceda2a13b4694191d

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
c704167210baf81ac912b09bf995bf5c

SHA1
526cb0447cf10989d871ce71f9fbac5e02527258

SHA256
d78c126f0f999b14227168f6f5fea5d8577ead6dc04be1100be29bf95e740d08

SHA512
a999492238f8699ce83917447ce8d867e5d443d94b662d6930f4db429bca0a1aefe24014d010b25e2293e47d9aae477b29aa6244e59784c15eeb3572e8681650

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
06a5b3439b585de4f64706e07634cd69

SHA1
4f641de7cfeb331de92bc39f5c2352a59f4de3d5

SHA256
1a02296949be4f3ec9fc510279ee79e1dad5e69046149b7a272e437e9427ba37

SHA512
b0b1e4a47e8ce56a074dcea1f61676cce22bb6cf9ffb7125ebdd5bf50894bcffcfb64f902e76d133c46f5edb6dfd9cde8b7bcac2041e8fb637e5590f90da4810

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_data.db

Filesize
44KB

MD5
9c9f74f279d71dce73dcdab2e928dbe7

SHA1
961b8a14d99f9ec07c593f30be953cbc157b4f23

SHA256
8accd7eae55209f9e12645867b9dc02c90de222cb0870e70961ada87d081c5e0

SHA512
cfad51ade09c71570af2f21946b80d642c309f7de4cbfcd390841be898e9f6724033b4d1ce2842d06d751155f3d3fcf779ee6bbd660daa8d30f6b1393be86f52

Download Submit
/data/user/0/br.com.starwaysistemas.acaijapajuusu/no_backup/metrica_data.db-journal

Filesize
20KB

MD5
7e9daeea974a08711b84292f490ebe63

SHA1
f59a06aca0ba451be003f20abe1fbfdbbe3cf105

SHA256
0d7185de0a6fe1874648648a7ed2098763cfeb96226f1ed25aec4df4f7235ffd

SHA512
ad68af7a974e96ad52ff95c3af60ac24a8727c2c71fc55ffb149c96321cdac3f6deef2ef97f5c5c938b70043fa085da7f436547d4a51f2446ae4e678fcb94921

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads