4a86d0a409e958a6488225e78bdad1498d9462eb1d70931c4ef9ea4c793061fb

Analysis

max time kernel
6s
max time network
133s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
29/07/2024, 02:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

342262670723e7cb8bf6bd363b72cbae_JaffaCakes118.apk
Size

10.2MB
MD5

342262670723e7cb8bf6bd363b72cbae
SHA1

154aeb20957552b9f1519786cbdde48e36784aeb
SHA256

4a86d0a409e958a6488225e78bdad1498d9462eb1d70931c4ef9ea4c793061fb
SHA512

c75c4053c547ffa5b177e073308f882645cc200fdef843a7562989f529cf563f4f4bf7b130fada6ba087bdb07edf32484c29f68b5a1837340e3ae1f246f90be3
SSDEEP

196608:4n2aFSyef22gaDKLQneNBJUMstJdXyn7vPGzb29UUWLJWeuNTg:42aFLef2fFMeNBJURc7vPGzpL8eD

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.iut.kaik

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ir.iut.kaik

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ir.iut.kaik

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.iut.kaik

ir.iut.kaik
1⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:4311

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.iut.kaik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/4585639c-254a-4a55-a336-d5d7c7eee39b.jobs

Filesize
278B

MD5
5cb5caa6963894d59b5a542ba8219c1b

SHA1
9bb9b9b0079eed3a0c06ed16bf8e8c10fc319b4b

SHA256
25d43dfa2c88b6b0dea4168287d48a93957083688d77b101c06de566f9e6d751

SHA512
6e78b7de459ad2ad9d3cc28948e6af669853856ff97cdf61149bdcf241e31491c1eda7d4d8fb26dd02be15ee9926ac32fd229a65acc682da8ac7425581eefefd

Download Submit
/data/data/ir.iut.kaik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/47f836eb-2587-4bf1-b67d-e9735da83c1d.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/data/ir.iut.kaik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/cb2d3cdd-f6a3-4c5b-840d-4db213921201.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/data/ir.iut.kaik/databases/__pushe_base_lib_db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/ir.iut.kaik/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
b1a4d965c9adf1407f0bc6d93b67b829

SHA1
df5b6573abe16697e671c66a4be50f33c6a2c7e5

SHA256
c267acdb107bdec6e393771757618e093a0d07ffaf84fd32c2b1877cd5b917f5

SHA512
c1c4a57ba829106564752ea62ea62172fc3120ae33db29e2462e2d0f9caf064dda4b752309ccf99da82a16ca3fc9eeea9df661f13f2a4bda7661cd6743cfa326

Download Submit
/data/data/ir.iut.kaik/databases/__pushe_base_lib_db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/ir.iut.kaik/databases/__pushe_base_lib_db-wal

Filesize
40KB

MD5
f52c13bcb2b44ac62f8ad20f662f11bc

SHA1
60d5f4071800d2d39d03cea96791298c64712ab8

SHA256
ede23accfd68e45395527b8c3ad1277ac6d99dc027ece32839ef5193243d0e25

SHA512
cc4ee22e16b0567296caf9cefa5f706a50a2b0b60281300d456e126fe22f301b446e21809c59a27c2238cb386814f922b7bee0647c50f35fee99bdbd35ac916f

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb

Filesize
24KB

MD5
1f347cea6a53594be878e35079bdabc4

SHA1
ae24631f83d3c875dd678040baafb5e64fc6ba6e

SHA256
46cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5

SHA512
6f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb

Filesize
20KB

MD5
1df26becc7abe3ef921e3e7a6768b0d5

SHA1
a4f9e87b70c34400b7553414a273a5134f726464

SHA256
14a8f0b7f8c9a0636ffc2dcff664a58b6cc5a80cec579e9c9e3484f4543ef857

SHA512
2fe6a33c8492f8c16d3d0f01dd0e4c00a009616e8a5a7d9b621cc4d51dbdcf5a79a3d2a66e103d0da4bd4cc5e66ea0cb9b25ff7f3069e2ded7d678d418388177

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb

Filesize
20KB

MD5
9746e9efb165ec5d1b85ee0f8e5d1f68

SHA1
42d1b06c7f694b6c3aba742794e2d95d2a8cbc5e

SHA256
44db8c68f351fe7a536b43338a6241f649b27506e560ea0babbe3a52452d2bbd

SHA512
2c33d7a0555a58839bc6467e498742d3d72a9113756eb250c770d97334336d2c1576d76a3b71ec8860728a48b00170eea62268323fe127cc8f4f54fca90b0430

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-journal

Filesize
512B

MD5
e018e082749e5c76114e4e8791cdd9cb

SHA1
7933caace3eaa6c4a1f43f93266ccf8d5275315a

SHA256
e76d4f063a0e6aa4260851518c8d2d5c902bc45503e36f70a78a31b9f4d6260b

SHA512
734e0697083b720f4fe9c6800e394e081ec25ea89299f3db20b8b1ebf70d909eb155b064c4f2ffcb724bc745ac1b2dda6ce1946ce07b59643c5542052ccba597

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-wal

Filesize
40KB

MD5
8c50162ea3e84355cece5781d3df45d4

SHA1
fdb0d4bad517e27a069cf2cc22c61f534b5e8356

SHA256
4efd1237dd886f12570aea8b57533b799756f2484762ece02ae6b06c3274baf7

SHA512
91fca625cca59d688f39e08f2bddf08a3472136f880cefe8161b377795df34dd9e5e6f167e0c05f66c5f848c66fa81d8f3669f69a1b95596a70b794658df81b1

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-wal

Filesize
8KB

MD5
97dd5b98e8a3a38a4d2c3c30e95aedab

SHA1
6d09aab281443256763d9d21415bda3963e5001d

SHA256
293e6c90eefab8dc1d9c36d1b7ebc087a9c878b1747c9c78be8bb306794c4c95

SHA512
44c924bc5a870b60891f96e98b3521528845d49ec3dc09e50fd43dacd06d6c0c739487d75aa5468b5e441b46cc5834ea7de7c7637cd9ea49c2c380454e31a041

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-wal

Filesize
8KB

MD5
fe3ad90ba062c80742095bfa7db54040

SHA1
5ebca2ea01a8daba33b4702cef6c5c2988427646

SHA256
cd0cd0e32a75d584dbbaa1075c6b39bcac5bfcfd97f56f555b84b9bc03ff75f4

SHA512
9f868ac3f5209733be0e0d01e33dc19a1be76a4486b436941ad5ff3a6f97e38e4c42847eecc63b2c1f3bb4403c4384152486ab06d4ce18da7f5d6cbf29bebc63

Download Submit
/data/data/ir.iut.kaik/databases/db_default_job_manager-journal

Filesize
512B

MD5
2ffa2f458c89b6f187252a3a26095546

SHA1
016bc05070f04a59f0d196a9902c38e0d18bf4b6

SHA256
f18a618bb8c50157829b3db7b50aff0a6bcb84710f7a7bce9571d4f6ff123d26

SHA512
1698c7b6805d8e9f71178d8c45cb0dd578b6c14bef230126973f229572227147125c60f1b91fb4d48dad9777312bf80e4d7b5e40f7ced6a89fabdc641a3dbe0f

Download Submit
/data/data/ir.iut.kaik/databases/db_default_job_manager-wal

Filesize
136KB

MD5
7949ed2742201fad9377d7e6d38ba3cc

SHA1
f015b2307a28fe50455f2354688ced1ea4717e3c

SHA256
0006ec62dfcfc176d91821ac88fd72cd154622a20f83842f5a0a9b1f38eeb86d

SHA512
5564426f1882a32ed16374edbc10912e5eeb11f8693e5751ed3ecf28561c714bc2baa9a22e1cd2235729b4681f67744c82f367b5d1b8716a5d4f23b72cad219a

Download Submit
/data/data/ir.iut.kaik/databases/evernote_jobs.db-journal

Filesize
512B

MD5
f45795b3fb67b8f8c3b988ef5b4caf4a

SHA1
6dba67f1e361552666421362a480aa87001b25c8

SHA256
14ed714270820d221611deac7091e82c504486e8c5eb0e240551e0e2bd72afb5

SHA512
27ba7c19f849f55ef2f12ddeb9d068eb0db390f762de3384a85d86c33b15d40dd1c43f01cbd79d9b0eb7386fd1d3390a0ef6aa20f815e8f46a3be98eac9c4df2

Download Submit
/data/data/ir.iut.kaik/databases/evernote_jobs.db-wal

Filesize
28KB

MD5
dd356a5e241e1ec70fb4e2533fa18640

SHA1
7f62f6378f323b3f08ee408991b040cab33cd788

SHA256
63e9c5a79f1d65ae0a1afa51f99b3f11999161bc0647490adb2a8bd357237f87

SHA512
dade94a171c191ebfb4cafc144d28107b13f388e5a393b32546ea3ed8e3147be163232b3ef02f5a343207c2eac8650bad2cc7cecd22c6018be961b3523d1fd51

Download Submit
/data/data/ir.iut.kaik/files/db.db

Filesize
439KB

MD5
803bb50b3cb1639e507742472f63079a

SHA1
ac6bcfa0a275933cb5b18ecacf5f2f165f4a0897

SHA256
af687c7d214de6594c9741900d196817a7c4303dd124d4b8c0b65bd4f20c2b28

SHA512
45599bd45d2777902c0137616ea56fd7cfc6d438a953bcbc0261cf55cec660ee12393a6aecfa0b6f6120ec9236eab738119c25b86bab4b1f572859647bdbbd2b

Download Submit
/data/data/ir.iut.kaik/files/db.db

Filesize
1024B

MD5
a0b3ff80c278cb600ed942988b0750ef

SHA1
10fc294c2e6c51e2fd809179e4649d7e402dd6ae

SHA256
cf177ffd5113f07854c7ebe014816f12f75235a1e8d68fbf71ef8b56b7b97e0d

SHA512
cf7bac1ebce396e2a141031ffefbff5df768f6afae98f3164289755b0f41b2f9f39f156a6bea560298d42df7b0b1d6ee106671d78a1e354dceadb425544c49c1

Download Submit
/data/data/ir.iut.kaik/files/db.db-journal

Filesize
1KB

MD5
4005c42afd3ef83badbef83624eb3fe5

SHA1
07987aa6682f4b28194da9e9a10243b650e4a57a

SHA256
16808933c74c5f331f6c21958bc7fa5b6e2a2dadb72a4c0463f410624a4cf6f7

SHA512
c67dc1551855de0b265322023fc0c7cf31c2feedeaab2368f4f02c09abe2b6a084edc13b51075d109c99e20412051c4381a484fae54acb5ae04735463a52de66

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads