f257eb91a0df7cb1248173afbf11fb4aa1fa9656fa82c4fb71fdd8a45d93b6f9

Analysis

max time kernel
177s
max time network
184s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
12/07/2024, 12:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3d70a4294b8692ce14601c93dc7044c4_JaffaCakes118.apk
Size

3.0MB
MD5

3d70a4294b8692ce14601c93dc7044c4
SHA1

50012fc1856e0da0d35676bb1219a6225c9ac376
SHA256

f257eb91a0df7cb1248173afbf11fb4aa1fa9656fa82c4fb71fdd8a45d93b6f9
SHA512

47d4df70c5174ace3c56820409ed674aff0b5243ab44c7cf5773256d3be9c68937168248e92919dd7d412c5cd2aa2a3191decb990e4e4b33a114ff57d69bbaf1
SSDEEP

49152:JOZ0X1JF0JQUS4yVFpvXFKvzHLjyx83yJN0U4X4r+IpQ9FWzZUGl6LikL4+QHTXP:P1JF0Jk4UFBF6lLUTlr9UGRXtLG6

Score

7^/10

banker collection discovery evasion execution persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.mahladev6.singers

Requests cell location 2 TTPs 1 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.mahladev6.singers

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mahladev6.singers

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mahladev6.singers

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.mahladev6.singers

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.mahladev6.singers

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.mahladev6.singers

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mahladev6.singers

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.mahladev6.singers

com.mahladev6.singers
1⤵
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4245

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mahladev6.singers/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
c9c468a7c1f92e0599bf45494aeaed8d

SHA1
b0b2f9fbe9f0cb5b5cf57cdc59a814b0cabd1e55

SHA256
2066954b1b056d056b16a1d8ff9ae044a77bde2308c5f4932416333d4ea31dfb

SHA512
5f56e73f718239e7f52d324be907b5b53530a312ce491a0dbb8d0ae7528be1ea0416645e0859605c2fd954d252b6bb61e08dccf4817e06f56aa92da7eef01d27

Download Submit
/data/data/com.mahladev6.singers/databases/__pushe_base_lib_db-wal

Filesize
100KB

MD5
33eaff6bf86ad32d9a1677a417984bca

SHA1
624c5d4311c4e8e33b9967204f6d4f4e56f0da2a

SHA256
5b6f24043a24f1ca49ca7734a87e8c5703f3e467f7d1134bc91c242abcfa6ad1

SHA512
58c39ecd24bab2a2c1c97bd96c316fc4e86a1c8a761ac185d26c343517323d3d2263089cebcdef78c4db169de23a9c2754e249a607e1cee310690e68681553ac

Download Submit
/data/data/com.mahladev6.singers/databases/evernote_jobs.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.mahladev6.singers/databases/evernote_jobs.db-journal

Filesize
512B

MD5
773e24e04041415082ee8f31d6c4d092

SHA1
1a5a399a10bae64dbe2d5072172e075ed2557615

SHA256
ae8318fe83b8ad6cf87360141edb52541b4a805d66c8cd6d346da23204766420

SHA512
d41f01ac0aee5cd2a9e6a01096530a60c164d46f83c3bfcdb6e25026efba5024e9ece8132a893c306c9b78ed004a964f9688812ed393a6d769d5e18bf9cf5792

Download Submit
/data/data/com.mahladev6.singers/databases/evernote_jobs.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.mahladev6.singers/databases/evernote_jobs.db-wal

Filesize
100KB

MD5
8c20102b680b4bdba125ac4a7747751e

SHA1
0f147b885a2d784a3ddbbebdc517aa29438e4d28

SHA256
c692bf1f143960c88e862fd46165b982de5abfe801724699a431a7a4ceadb943

SHA512
963c0839653530cafa40f0d68ea7b87821463013fc731319f10a352d3c46b4f2f3a64dbbd6eac7c9534c904c3967d7d0ae104eeafc3ce6d648d4f19cfae75b0d

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/067015a0-9024-46d5-a4e1-dbd38831b70e.jpg

Filesize
20KB

MD5
b29415865ccdd92eb85bbdd76dd0c0e7

SHA1
d4caba97ecbee893ba769f51f2221931db4fa564

SHA256
f50f55db2436b248f7ecd62824b3985ef5c466ee11dc077dbabeeb404e1880b0

SHA512
eb98e07345a6f68fcb9b8fd7ff1a28b6d79bcd14384df2c8af53b6fbd56725d6e89a63b2fbbed5ff6020a30692f67e82f94142515a30641c9f2b70bf52519246

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/08ceea4f-2505-4b14-91ca-103090b84964.jpg

Filesize
24KB

MD5
9c82d02f86ee3ffbf408c38afd9239a3

SHA1
5e47e7b56192d09e2cf316ddb0bf426d54c84c74

SHA256
c78f21f149ed2d06d65646945f05a977d9a382873bd9379be01e90abda4a46c9

SHA512
be01915d0717a9a3b0a76717d296d7da30e397e232f7edf5b1bbccff957968a28dea9fe4cf01e6c2a5ad60e03fef1b2002a49b3545c8407bbfe634c8f676d2eb

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/0fbf63d8-cd1f-4e54-a7c4-aaeebb46dfa3.jpg

Filesize
37KB

MD5
999d3c689819427cb25feca51852f01c

SHA1
0305296e2014c74f69ff677c44ed40c0d1ac4c3e

SHA256
aa4dc3eef49cac1fa6f5afc779b3dc9e33220db5c0d3164b6094f54267205ccd

SHA512
8377f2c087cb3f484648af6db655da6b0438ef2914c167018122143fa9fe4825ebcbfec56ae606557ae795f87f68dadadf7ac293f54654306bd877aba4c0e5c9

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/547da313-f6c7-42bc-90da-54e0f479be4d.jpg

Filesize
27KB

MD5
0c738ed7140d4cd61a29b2181996953e

SHA1
2be098e69fdd8bc6cabdd92d04f3938c35291289

SHA256
6af3e27621b9bd226c8ca48b4f4e7f765cbdfe4e0f08e798426fd981d74abc0a

SHA512
083e3cf4d0f74c787cdae8fb7869b8433fa0207b9ccae4054aa3f1855435ae0b7584e274af73e766f4bcb687e23c3395c5498f42cb5df9c046899b429d94e6ee

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/7076b153-d994-4bf3-8189-0d77e4daaab2.jpg

Filesize
28KB

MD5
c435c56cab801d1ee8ec69eea2afc598

SHA1
e0c107c3000e2bc9a9176f64a9fbb492acdeffb5

SHA256
f93fb35a6d35e96869b42641717f110d18ceb1a931eca0e738ea92ba241f6cbc

SHA512
696089acae40878d362ff09a02cedf1f9c9c9db8e5ba7a13611d556ebd7b028aa7eca79853cada7cea84c5e3ebb0649d94716bf5a3f44155dad67e0787f3eef4

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/8d64302d-df13-4175-bbe0-7abc13376c10.jpg

Filesize
37KB

MD5
d7bbbb3b69407ce672b156d425258b60

SHA1
909ff314d55256b8cdd0f1449975f386a5f56f01

SHA256
31220e15e967f78ff94acf07a962245c7fa5a4791a4b67f1fe630af13498fcd5

SHA512
2a30ccb4b1365fc51b5f4e9f10849acf1d390e4c1a5e655cc1938bdfa38728e29c4a7f873097474cb0afa1ddd057c171ea8c06193c915a50df12ce3ecccd35b3

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/9db63d98-0cbd-46aa-b1d9-02b6b9115508.jpg

Filesize
16KB

MD5
afd3f3b2237c9a7fb5428688514acb58

SHA1
d9b1fab456791c714f69faf22f75eb6ea6f1d299

SHA256
bbef98b225f867525691333245f7c0efda226dccc854eb19f2a79212713c6971

SHA512
c486f8d25f3656a53ef18f010f49d1efb51b3622c7016b1ed7d2d3d5c89c48bb6d89c71fc96bda845912ba6abd5ae526b48603483718235ce5d1695c1818eda8

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/af650ad1-9899-4ff5-a967-e62bd8720126.jpg

Filesize
40KB

MD5
a504d828946682c6498f2f4f3b346cd1

SHA1
b71a0edb36e4ba0b2f608f48c97f13bb3d96bc01

SHA256
27412a55a347b18524b053cf6a0f745202cd48748b4b4754b9c2467ac5072a9b

SHA512
befa616fcc94b22fd70f4c6af365eab942fb699f1812fb43db23dddcf9cd90bdbd9ecbce8851993259ed1d770ab1719acfe96a7e1aa5073adc5a5e0c52dcf954

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/arrow.png

Filesize
3KB

MD5
a7c6806a509b27f7a0bc3227d0bf6353

SHA1
02f34862e163176d39001b18c9195a456addb4ea

SHA256
7af49b2bc680b7d3412a5eb9d983032e5725571bea17fb98f16a806013210f62

SHA512
e45f135761a32f8df8941cc5277f78d639fb2fa73f66f81c8a8dbf37683a424ddbe0c8fa7a274225e64246000006e2abe02c8abcedddb969268d56a0198eed22

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/c283ef5e-6222-4599-821d-ef717a2b2471.jpg

Filesize
22KB

MD5
766d17383884a84ef54ae1878696d363

SHA1
c7a053c843d16c9e60d7c44dfa3abbbe57e180d4

SHA256
480d89e3d3a46c0a34997f0157d825065fe2c36a8c08d531500968f30b3baa0a

SHA512
ab243490b6cb03049b357a1ac355f0d813ae546bfa0ec6c609b8e79b0783b5992fc5a4ab3cf1fdbe419aa569fe4fa3ebaba95ed2e4e4a0f16b26a2252c3ff7c3

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/dcae0805-a8dc-42e6-a75c-84d497f50cfa.jpg

Filesize
13KB

MD5
f186a49f499651a52ab8578bed407b01

SHA1
570aafcfd0e8ac06ccc6498679ebd26d56f934fb

SHA256
9a9e9ca35b2b8c1c445ec28c7d163c4e3e9917cab117b2f42b36b2a8cbd3bf0a

SHA512
6c3b0b08c74f4ed6a9130a6e6ffb4480041b65bb081d147ac3a6b59e1af2671f114fe6e7591a2e943249c4458cd4cc9d635faaefb4a217029177bd78b33ee253

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/e4254d43-b0cd-4fc3-bfb3-c226fdc1a9e4.jpg

Filesize
18KB

MD5
f71bdf046cd3a5fd0903e9fb8fafd945

SHA1
10e1e971b4370cdb83b55aba794be0573515e3d5

SHA256
26fbe958115b04f58144fd62a1ec99fab8a49837ef9be87e9d6fce7165462713

SHA512
cf9c5301c8ba0d7df27365e59b149a33d33a7457fb5e68793e374047663264090a0358a74ff32e969da107deb467db1769ddde781df06519856969204699ab01

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/fdfc4497-d6b4-499d-929c-96584726dd6b.jpg

Filesize
58KB

MD5
bb79ae1eea917adff43a388047f22aa3

SHA1
b599d51a0684cdc60d54b03031979d6ef2a18da5

SHA256
b4d2a755248de5a7575a03db651c561a309aa1c78bc203d56045845fb7099648

SHA512
f1f3e263638005edf1b745d9b1e4b70eba8087b0ccfd9bdcf3768c47ad504d6dbdfabdea5a717028e09a7b6e20e6aa053d825297ce90322b7598d0069f39e62d

Download Submit
/data/data/com.mahladev6.singers/files/list_ad/xml0.xml

Filesize
8KB

MD5
a1571ea78384746527a15ce9dff5b8af

SHA1
687fa20d3c08cfb564eddfb16abb52192201838e

SHA256
f7ef615cf3b8df684711aa820064961e6f15ba8e362a6a4ba9c78ce8b913d1cf

SHA512
d85ae633da40b687f25b27719a4dce8445ca51f0594f31a204737b4f09feb2eec8bf0fdb307cd350e5e58c51bc44fd4473c6a17eaa3bc54d9aea1facfa4cf530

Download Submit
/data/data/com.mahladev6.singers/files/offline_ad_xml/xml.xml

Filesize
7B

MD5
e2872effe721cc38b08d4df31adbaa48

SHA1
f854b4acc9d3fff03d742eeedd7be2617894336e

SHA256
6f14c9ed4f18e527828f5c92a55e6da7fb559eca2ee098524de9699720ca6a13

SHA512
c0bcfcc1c799d55017712ef2fbb0a64866d08321236f10635ab908ba2426bc16d36d182415e11331394b8b1668cef66d193d0e69b706d4cff5b0cffc8064e037

Download Submit
/data/data/com.mahladev6.singers/files/splash_ad/img0.jpg

Filesize
77KB

MD5
35272442b9b0b41c6341e0a326f39675

SHA1
259b8e3dd149522f52b1485de714a375e9adccdf

SHA256
575cb468bfa7f7d9713804ec49993da14c55b741c6caf9c0b89a8eaa59f5b69f

SHA512
7a6a09ce5c81ca56da82cac25ceaeb0e3c25c09e6475dd73ceef334ec515f818803c047e37f5896a3327208a856c0651dca60f4be1e21196c3d4627de26aefcc

Download Submit
/data/data/com.mahladev6.singers/files/splash_ad/xml0.xml

Filesize
2KB

MD5
b118ecab49028b125c6ade3392499813

SHA1
e542ef5b70df4b2948160e32cf77ca16cbcdda09

SHA256
c08478760be61dd2d53b2d3f0b2bce322dab63d5b078696cbcf1db97495097df

SHA512
9f06a818699228383284ba6b9ba2db686742a04ff51c415daa41549b1dbd4f323ec15991bc8ad481a9d8660d3f455c615b72951b9fbd2afd777454742664fb57

Download Submit
/data/data/com.mahladev6.singers/files/thewords.dat

Filesize
4B

MD5
0e0a4eb280283d343698dcbf9213bdb2

SHA1
226a180eff9ea1bc088706418c181c344c275dcf

SHA256
ac2264c2b181687108b48c7bfb689f5d490f461f9e40ab8a3d5c6b65cf586cd8

SHA512
47de0dc967948608ea4ab42feb51d6f0fd7d553419d8ed82056384cf7c2f12d17e8a2fc1c63f9f37b9c9e8af3d5b15b03dae8e85a16d70b57eccdd06d2a85ac7

Download Submit
/data/data/com.mahladev6.singers/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.mahladev6.singers/files/unsent_requests

Filesize
3KB

MD5
57cb9658326acd4d1f00557171e6a540

SHA1
0d55ffb031bba73ed7103d58c7812fda45da95b9

SHA256
71432694d68f916b1bcc9c16051f457f27ea8a74ef92f4266e9d435743b0dcfd

SHA512
99712f38a422d072b85f1c7c5a07adf8ab971c26a0a6d1e7093b59d49440ad0748b5c1096d15a6a1c7ea8ae5fed0e8b1e09fbf9c1af5ab95a0720d196e549b85

Download Submit
/data/data/com.mahladev6.singers/files/unsent_requests

Filesize
7KB

MD5
efcab9275a668e35e885916c6008569a

SHA1
adbad4f506906c15a513700c6fc5e5c98281ee4f

SHA256
4ca4825084349262a16aea4d78a3c811fe7ba4325490c539c96fe3eddd0895c9

SHA512
b72f5a0a57e889c0bb466d8c4a8db6f70dfb7af62ae516e6be427a2fcb41d223669ededffffc44902fcf540e0fc78425120c104f446eb6be828860716a0c01ad

Download Submit
/storage/emulated/0/AndroidID.txt

Filesize
36B

MD5
960c5ff9291c72f79b03ee10c95d66bd

SHA1
247a2fde9cb73fbf9d0da777c1e8cab09e92a561

SHA256
fa97ba1c4a9a1cdeedc67b47e363ec0c7c7f90dbd6ab02a6a0b5fb9ca05fdc98

SHA512
068f2182e9a12f0f022a6380596d0755aea45abd753eb3ca4d9a97d092ec286848f4663d3a1df9272323141a5f4ce15e9d306da596bdf98da2b123931f11e048

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads