48f6e4fc55dd54db1d543519734d81995d8d6150330c2c0c0bf84270fd8e6a68

Analysis

max time kernel
104s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
25/07/2024, 15:20

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

702382cc308df79357839ec1abdd9614_JaffaCakes118.apk
Size

4.6MB
MD5

702382cc308df79357839ec1abdd9614
SHA1

9a79879c29e4c2fa33905fa83244768f764af278
SHA256

48f6e4fc55dd54db1d543519734d81995d8d6150330c2c0c0bf84270fd8e6a68
SHA512

e5a691b01fcd9ebb17024f6ab22b1877d5ba262f14b571ba882d383e9c984385234e575fee228b9b26e0c8b8ced20f11bdf465fc6bc29b2b4ffbbd201f8fcad2
SSDEEP

98304:gb5B6zBxIoOVd2qbXydVI0JdngLY6WTsE+g48qV6rm64z:ePoOdbXmVIwd0WwEG4Tk

Score

7^/10

banker collection discovery execution persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.smartapp.makhfi

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.smartapp.makhfi

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.smartapp.makhfi

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.smartapp.makhfi

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests cell location 1 TTPs 1 IoCs

Uses Android APIs to to get current cell information.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.smartapp.makhfi

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.smartapp.makhfi

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.smartapp.makhfi

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.smartapp.makhfi

com.smartapp.makhfi
1⤵
- Queries information about the current nearby Wi-Fi networks
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Requests cell location
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks memory information
PID:4246

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.smartapp.makhfi/databases/__pushe_base_lib_db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.smartapp.makhfi/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
ee8e017d4f5478a2cb4e9bbeebf23405

SHA1
e11d7fb9bbb9b3bdb10956dc9a315d1d7ba89f18

SHA256
ccbb169c91183cc6c14a55a6f7c0781b1865affb9447ac382a6becdd028f244f

SHA512
6b0bc07da1906f44fa92c0c07db0f32599a0f552c6bd561fb7a9b74328546580aa66e673e30fc950d7b17fd7ade2fe240cc5376aa5b154e4e15fb5e3e7219c61

Download Submit
/data/data/com.smartapp.makhfi/databases/__pushe_base_lib_db-wal

Filesize
156KB

MD5
d5ba8a15e9fba2808f59895f164356e7

SHA1
42f3a7894794ea9c7e6c0df951dc21a372c80ec1

SHA256
434b40fabeeacd601d1b5b282bfbf032183ebd69eec5116299f910fcf51a12c1

SHA512
64eb4ad6db96a0e8cd490a2356f0aa27a2efc72b194b59939061b9ab9a9df6da40efdb086be49dc41812fe9fe1c95a6722f994cfd99922fb9b21ad9de664a36d

Download Submit
/data/data/com.smartapp.makhfi/databases/cheshdb

Filesize
24KB

MD5
1f347cea6a53594be878e35079bdabc4

SHA1
ae24631f83d3c875dd678040baafb5e64fc6ba6e

SHA256
46cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5

SHA512
6f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9

Download Submit
/data/data/com.smartapp.makhfi/databases/cheshdb

Filesize
20KB

MD5
ff76226c684df2bdd31903ccd68846a3

SHA1
899392a01dba9600d12301506d1eb479ae6837c5

SHA256
985521b31f26e73b2381dcef25ea71552e7e8f7ac0c8e67ca8a516084a3ec447

SHA512
2d5256a5fd0042647b6a4d713295e2bf2d384853c24f4a871bd3f0ddb6cd2822aaee0b552aee9165ef55337d9ba4d1dcf43dfc7742f5122b728550ef3f9f2862

Download Submit
/data/data/com.smartapp.makhfi/databases/cheshdb

Filesize
20KB

MD5
e31e03f74b105d9b2d51d32dc3134d0c

SHA1
60f94c58e19ec74385924f753cc7483df7818918

SHA256
99f5218b98ef02eaa27ac05819b6d8748ca923be767083574b3224cbfb9a050e

SHA512
ea847ce27efb69fc47947bdd5bec5243e0c916f1f670f00155303cb7d1826a117110466ccaed0b0704a514cc80a32e6e8197295bd2cd4983d16bdf076dad3dd0

Download Submit
/data/data/com.smartapp.makhfi/databases/cheshdb-journal

Filesize
512B

MD5
524c7a5d0c5378c396aed70e346d8ceb

SHA1
5dbcd647e75e11cb47ad7f9056c14221a77c568e

SHA256
f361a7dc4081522b1b0ec0049f653cfc18069c611da5ad12b3921c1f1e324a52

SHA512
21c3c9a2af7ee45f5afbab320b6fda0150fb4db840c811672e380006b3b17750be3a0b5266f40aa470fca8e1c11b79a96ea8ea5801f5ce9a0bd81f1b60d3ad4c

Download Submit
/data/data/com.smartapp.makhfi/databases/cheshdb-wal

Filesize
40KB

MD5
b926f11cfeb60a7da2b48dc11cddfb6e

SHA1
a090616fe36e15058c7de3cd27f0c3c0bb8b4faf

SHA256
30a7d7b24e4c14bce4abe6db53cdcbd6326e7d15dd20599168a1b883908d67cd

SHA512
1241fbc11d56c076f1468c64e757aa241d54451a0bad640176cbe0a479764267f3b58c11a7a2a940c06148600146f42fc6b0a6bf45564c2b993f3e207152ac54

Download Submit
/data/data/com.smartapp.makhfi/databases/cheshdb-wal

Filesize
8KB

MD5
b8073755b41481a0aa8f19624c137d0d

SHA1
cf23bdc130238da89af03c6fee1ac6fe4abb79a9

SHA256
7e6b1ce4004d8c868c31359852de9c6b7090b8913fad968d9bdf6f5e5a2e7be9

SHA512
903cb0c2151f2724e0974c6cb23dc7e6d2280063873fba09468e781a17a045d479ddc2a7ff5d91fff02111f13108447507df2a0724638791fa15c1915c2e4f42

Download Submit
/data/data/com.smartapp.makhfi/databases/cheshdb-wal

Filesize
8KB

MD5
ab9587fac9dc3bcb6018367f8d4fe44c

SHA1
c06122a0675c1111004b265089623ad37c0be104

SHA256
4337015757e074cd4fd4a5bedaec3a515a7329d38423b412ef7e8c66fc11f5bb

SHA512
e353145539a1fe95d60881eb6a02ac7b15a6a414f45cb1db2e044d65cddedbf63577294fa93b5e06596e7a9f76f2ace204dfa925593534b8f5d547aa7275f687

Download Submit
/data/data/com.smartapp.makhfi/databases/db_default_job_manager-journal

Filesize
512B

MD5
bd553b33b830dddbfaac32a911a43904

SHA1
7238db1a656b6b25f294b852b0c70a4ad0c2c5fb

SHA256
85043eeaa1cca39c6706d7cacc81ecb82dd38f06cd60e1362a7cdfb316b67388

SHA512
34eec78adc4762252f9856832b5af5057cb4ffcf857bb0830e8e1f28f3aa3e8df458305226f7f06703857abfa91f825ad699bbfbe2adb0f8d00344d40a2425b6

Download Submit
/data/data/com.smartapp.makhfi/databases/db_default_job_manager-wal

Filesize
40KB

MD5
d5412c1c9aad0b89b3a182b89ea69729

SHA1
1a91b34ebdf4d6ecd35faf5a99b7a2cfb2a59776

SHA256
26734e34e17bba5b9c0601d838ff9e811e53462ae19f0628b579cdb18f367c55

SHA512
fe4ea32d255dec12ff758e509ce1e00184f634200c12994d1da5a089be4ab5afcfedf23066854910589b41b1eb750816bfe8164f6cfdf589d8dea5ca25c53fce

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db

Filesize
16KB

MD5
978fdf85b8448e3a7c9015e51477eb49

SHA1
793bb88398dc9457935a4416638d5ed3974baf19

SHA256
8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92

SHA512
852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db

Filesize
16KB

MD5
c5635a848c1796334360512001f617f0

SHA1
d1b9b9c4e7757567beee1a4d17d656d15f4e7601

SHA256
86c904706f58c5bf1acef123127540b3dcf2dbb579c44e04897c2f112a852687

SHA512
1ffa65f027589444c4642aba8a999c2002c69e2746167fb1d815ff9f2937cad331ae3c4dda27625e46937095d41d12e53fcd8d54c59d1d004e88fc49a9b89b1d

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db

Filesize
16KB

MD5
199452827a1d2dcfdcab60937fe1d718

SHA1
e2383293988f7c56d5e946600c97d408741a7604

SHA256
12fb2c3f2c8c568d22b0906846884d3bafbeaf662ec1b0d94b80452939d2d65f

SHA512
eb61c4129d34531ca5cc87c7d91c3aa4c6a8ea32765c76723a892cd53b8f868af62fa926238bf4019024fec39c1ff6f9299fdaf750481315758d0801fe464f80

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db

Filesize
16KB

MD5
6cc608b37e8e9f29934918771cc2de98

SHA1
5ea81b5049a42b0522c5dbfb0659344868ef77c2

SHA256
6d2509f2fea5655d287536c3e909a75fae07b8830892f868a8c256e09d83442d

SHA512
d0a6f524f930e3e921eb45647ad5f7c3d1059ebac4f4ef04c165aee10c08d69f551d567ba404eb3a503e9b91d8e6ee78ff8908efedaf1e015c1de89f453966c4

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db

Filesize
16KB

MD5
3f7002dab24c596f5fb5a68bbdac53c0

SHA1
3abe4f1de53baabc1a736057461126609904d867

SHA256
5cc729c8e4aa8989066c642b49000e755aff2ac51e6570e6efb4461e2099746e

SHA512
eb56d6a774435a33fd77c3c32726f9639dc1d871d9ba653097d1fe5c7fd90332fd079a6a8893db8882fe2d8acb5fa03a4d4eeb04e6f9cdeb802c35978e88da6a

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db

Filesize
16KB

MD5
8e3c5c3661eec356230017e984c70db7

SHA1
1547eb3e5b700f151c61a9190b2f69abf81c0811

SHA256
aba747351a5a3d6500d3a22d156c462f9913532b9bbc03736fa1ff9746f429d8

SHA512
a0b1e005d2bf7109a3e53d86411305f05c6ad62fb47a195183245f23b7d8b99a2e04f9ab80d32e224830d42188dbe15f2fd764e9050e790daf503e9b3bc403e3

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db-journal

Filesize
512B

MD5
82680ec515180986a53f041b05c4c247

SHA1
9034c46d641397a906a93347dbe5527cd82af5bd

SHA256
fde9d819d43be029e49bfae0d87d9379eded82d07955af7f5547df6abb4ace51

SHA512
917d24f1ad015a6003f856dae7aae9dd748f648542ce96fed11ff216a125ea646162177706640f4068a3fa80872777478800bd924fa49749da251f3de0624b5d

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
c86dbb498cd98d6983c302c364f9e475

SHA1
049af334b983c324d9d64b9f335431fc26965973

SHA256
7ea2291965ac361310a080f8afe6ed85e7967a9c88870061d8f77b04236f7d67

SHA512
d357880f5647d39bd51507b5de4dfce8befe3f6d3fe8ab8da1c46a7b746bee6eee01f15d6643061bbf93d5c46c5e5725cfdb5dd568f21619adfac982952db23f

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
01a398291f580cd9d6bf4dadb8c69b49

SHA1
f4ed38614a5c687dc8048fc2dcff4f3e380867c5

SHA256
b9bde586fdc3ff08fa55d908c8a87d416516bdf0658d8657c6dded99e625b0e7

SHA512
30ef449390306ba7b11792120c2cb4602e05994aa241eff5b1a2717d4cc3c1d8ff5d5f7e37d2c41bbeebad76b64e88fc48acec7b753209e6895ff3a72147919e

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
96fe2c14133e7987296aad296eea455e

SHA1
77e759f7449b56d5c7b192f9b9d651b2b73e5b73

SHA256
d3cee96a25124fac7aa0cfb2ac2c5f27a1aa47395da5c5d4717cf65bfd031fab

SHA512
268b512a22ab45536a72913bda522789b47e97d9fd730b0e3221fd768dbf50daf3391a5866534b26f0acb89ea9e4fc8c077b38c5d24c91c8123a95457fad3439

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
c39f50ccb74eefc72db6aaf76cb0802e

SHA1
a7cce59d7e0e2a4df104323b0a336c0b6861e816

SHA256
73102378f14fa9a57407c2e05b1443097f314c1169d6f01812c0999e3047a738

SHA512
bd6730ff11a72cc0c79a6cc63be3a28080b62ef026a7a5b0668129aea0d65b68b19c4d6bbd604594dc9558a9566a1661e0d77d74c43fde324335e7b6317ec703

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db-wal

Filesize
28KB

MD5
352ae5ec112931e297e5dc159c0fee8d

SHA1
9a57c3ef972a5f63a0aeee4a05ec342518bbf51b

SHA256
9bd201d2f21383573985789280437f6add226d0148bda4b6144fda072d89a443

SHA512
5b9eaf598288f8bd4870e5fa977977d2e366c3595b1fe09c23f9ae71f25865fc4a173d1d55b9f63ad6c0863449ce29c976511682534804e396641afefce655b4

Download Submit
/data/data/com.smartapp.makhfi/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
bd41f8c18499b89d16f565ceabb6734f

SHA1
ce4e87096136dcf213b53afb8e43c3c0043c79dd

SHA256
fe6a8e4b2701e29f6de33ddfa91acf05eae848a12982559a6dfa7fd8bdca2df0

SHA512
5c6611fef9b1e5df9e79262ade1d873a7bb380c606b67016bfb32215276ca07dfc4b608806a24a0e00b0ce7359adfdeeef1ecb1903a003247e3d7c8948f289f3

Download Submit
/data/data/com.smartapp.makhfi/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
484B

MD5
f22818e06dad96b201e337001c775f00

SHA1
ffc7336e8ecf0c73ee9056e30780bd889d038adb

SHA256
c23a7e6067a8771f9e33137bdeaf05f59e2a74cbe584b876c2e972da9a452376

SHA512
fedbf882d6641fafc30813bc260c5221e3bdbde355a69e5da70a1f72b8ca7d634932ee3bb7ba5af513c240a336e26c4fd48fc37ff2b2b2eb8081eae4d10be71f

Download Submit
/data/data/com.smartapp.makhfi/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
1005B

MD5
256cee7c13eecbba1230fa171782e0f2

SHA1
9df025e952959d595489f2a46b092d4fc3db77c7

SHA256
07b5733e0fe6a55ea28ba9203cdd78a7b6c7002c811084739bce198ac6397003

SHA512
47636a60266359b1270976b2172c7ee34f8628b61979f8e4bd3106fd2d05d4fe92b4a96b67817e59d6919989985588851357a7bea9f213557bdc1b107be73393

Download Submit
/data/data/com.smartapp.makhfi/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.smartapp.makhfi/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_c87b7a06-dbb7-4fc8-953a-87b3f4ea4aae_1721920836553.tap

Filesize
377B

MD5
fbb4ec3cd12bb76879e194f9ad10f97d

SHA1
abf1443f0ee04e64f1b92b01fbe8930d60f47c56

SHA256
c6aacf6304efb7f5cc69a9cd9f552413ff1ed11449ac64b6fa0271cfc6117868

SHA512
2b65959a2bd9723017399d344c2c53a7b4f4d81cf30d0f76aeb7dbb87116ece880aa5ae8d6cb46c43ad225a651b8c9a166fc7fe429b6487a9218a9a8f37788e1

Download Submit
/data/data/com.smartapp.makhfi/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads