4a86d0a409e958a6488225e78bdad1498d9462eb1d70931c4ef9ea4c793061fb

Analysis

max time kernel
5s
max time network
185s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
29-07-2024 02:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

342262670723e7cb8bf6bd363b72cbae_JaffaCakes118.apk
Size

10.2MB
MD5

342262670723e7cb8bf6bd363b72cbae
SHA1

154aeb20957552b9f1519786cbdde48e36784aeb
SHA256

4a86d0a409e958a6488225e78bdad1498d9462eb1d70931c4ef9ea4c793061fb
SHA512

c75c4053c547ffa5b177e073308f882645cc200fdef843a7562989f529cf563f4f4bf7b130fada6ba087bdb07edf32484c29f68b5a1837340e3ae1f246f90be3
SSDEEP

196608:4n2aFSyef22gaDKLQneNBJUMstJdXyn7vPGzb29UUWLJWeuNTg:42aFLef2fFMeNBJURc7vPGzpL8eD

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

ir.iut.kaik

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.iut.kaik

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

ir.iut.kaik

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ir.iut.kaik

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

ir.iut.kaik

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ir.iut.kaik

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

Processes:

ir.iut.kaik

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.iut.kaik

ir.iut.kaik
1⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:4994

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.iut.kaik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/053231ef-204d-45e6-b981-440b62d72b9c.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/data/ir.iut.kaik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/5d239189-9a96-4b72-8aed-896bc9e5e9e9.jobs

Filesize
278B

MD5
c7bdcd7650eda48e269234810c90e4d7

SHA1
07e4a132c7d36205a0970931d51fc0fb7443e743

SHA256
084b6f8ef4ec445931f9dd9fb408ca4e710851198546edac956f3d5beee872da

SHA512
abb95beedd9789a1bbfb57f9a757ef47c4c5190d033cb8b241855448f105834b71ecdc4fde0f6a2ab6e459cfaf4d5993a0c4b6c7379032d39a86684e09b0d435

Download Submit
/data/data/ir.iut.kaik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/7037c376-42ff-43cd-a52f-79054ccaf5ff.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/data/ir.iut.kaik/databases/__pushe_base_lib_db

Filesize
24KB

MD5
d10aadcf64ec5f8bd0abf19bd1b936cc

SHA1
a44e1831f208792137acedc245a0cc00142d6e73

SHA256
7f799892a0eedc8c304f0db8fbb7d3d38fc14eb8866ac2e4b9c2e4cb45b48f53

SHA512
79786a818f7fc00ee342b456328f0717da19eeb6dc85940745c033ceb2633b3bec91bec97f25a45d1c65800e7f5f5e31a9fd8e0f97a6adf70e3524957c5d4f55

Download Submit
/data/data/ir.iut.kaik/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
971291e7d49d2fa3f7aebbdb80a34840

SHA1
2272ef090aaa15c652009cca18d3b0c7a6cf8409

SHA256
30ce076656776933b48e4b1a1208944641163debaba16a1eefa234447ef90d4f

SHA512
23406070d1c7abb265d7c638c0621e1323c90c01d177599a6f092b8b62e3c0fd734b38701e459faa1fa179a9b96be4777f7e6aebf098b6418a90fb3adbebbc67

Download Submit
/data/data/ir.iut.kaik/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
614cdef910ccb3ea75d55918fb433e86

SHA1
3ce98860bed825300ac383dc58b86135442d8e82

SHA256
29ca61e4b78b273f74939a6a90843cb294175c44e4b1d9eee2ab8696e1ef450b

SHA512
4d1c99b40d0dbc926724d591e03dbdde33dd84324e787860e49b815a5d910a1c537163c11ba769df7b799c4ec36d5fe3aa86c95126b805db67f66e51362f239a

Download Submit
/data/data/ir.iut.kaik/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
f09fcf998fd331e206ae2db3fafac974

SHA1
9f4383cbe80754b187849067a7aa57acd1acde53

SHA256
786c23494fec12ba5105515292986f9cd91be92ffc1578677a850082b611defe

SHA512
bca2200661034bebe2869b3a84afbcebfdf3970de699da6e6233da0b05cf3017e3445ad731e3698f434fd94244acaeb234970a943a9d7b0fae0a5a1a0245e94b

Download Submit
/data/data/ir.iut.kaik/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
513af21659f58bd867a32f71a736955a

SHA1
9f2be6c681b7e545504867d3e87f13aa23756682

SHA256
4c320244031c00c117a03d80c29db13f4ae33bc53902980dde8386c14249aba2

SHA512
00d0fffc1400e09f372e3bc9a90046725d864881e10c0f6d7ce9f30712d0e0da0174fe78ebe9b4c338d4199b693044a642860ce66fa21732183e4bc3a7149eae

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb

Filesize
24KB

MD5
259a1e4e7ebc4b0d0341ffcf0c3bc2ea

SHA1
9b8da5a0b24833a3e84567d9d8ee0d2f54d7b48c

SHA256
4f4987ac3d84abad3490459fa7a32b7bfadaae5f329e15dcff36e07d34faaeb1

SHA512
dc1296e2b0b18dd83a3782acb700e155ea9a60ef193bfa8c98999e7cc3c5b73a97c20a974cc956ab438aeeba812ec2d2f401fb2e714bb9bb5fb421fa4b7a2313

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb

Filesize
20KB

MD5
548a9ba00d3a2ce6a03ab8d8ffe71386

SHA1
29ad22ce8b0e9328384063d696cc31c7b1fb9b59

SHA256
b6c31807327b2f6481607c8fb2bc241aa9081c9f010ee3457ca33556552233ee

SHA512
fc24fb3db6405966340496f0e42eadc31457602d2f21759455c053ba0fb7af1f588e277bf926956facd314143173429ac5acdbe507b83d6431426f1d9e4493dd

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb

Filesize
20KB

MD5
81709980009e7258356320d91d9fba41

SHA1
9891ce310b8e99ad7479ba74a7032c7415ced293

SHA256
c820a0fe458281a0927b3325b91864edf1121a6a58d466db4838b862bf72f754

SHA512
b22e484a697a4d7a5ae6ee6474ef7b02b3fc02434a556b978201cdadbca6ceb71dda78980fd1e7870b61767864c191a945bd6b52a565065a4be5c5709e9f58d1

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-journal

Filesize
512B

MD5
81a01922e470d2f501f4b74d245c2d51

SHA1
fe47fc0cf57f1aafc05b557c5b0d6d87433cd564

SHA256
2ece2e5ca3d0956b47a0f5c64e7da85732f6eefa442e9ee60c55b6734e3a2452

SHA512
3f1ebd3bbf5ffcdaa044e3c1677429fb62851d985f9e2ff0663f0a10d007641b060ba12ba60615b68a95f285067982436686435ed3525a1f98725da81021b6c7

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-journal

Filesize
8KB

MD5
8cf58865b178458731bd7228fc23919a

SHA1
924874cd295979d77a5f2ce492391ddb1f50f9f4

SHA256
735682fb6655595e21bf460731eb38a0b36ec1f3e7db78fe936b7e98119121bd

SHA512
207f378ae1fc8bdc8ff2a331970b9774ac2d9d9bc8e0727b9b1d0e9e274b3ab9f48dd51f08c5222196aaa164fcada29eabd7b37d90ac2b7591998750233c55e0

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-journal

Filesize
8KB

MD5
51156a83620c1f3f019dd224a4edf367

SHA1
eec467c78a86702550008da3b611622a0d857ab1

SHA256
0bf974184d3aa7ad08c6c7b2286a6484997318c3b9c7397349cbd2a71c356d6e

SHA512
f61c84db522c2b5ec24b51ab1ef9d811d1c382e0fefcbc2ab7fd47e98661283e44c87a7598d1c4d63d293f0fe495622756b5caf37bc5c481d0fcc18ec6b19d0a

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-journal

Filesize
8KB

MD5
f6692465366676b36781190b2b1eadd2

SHA1
cd49cf5eb730e680b9c0712f0d8b8bbeb73140a8

SHA256
0db0d998c2621fb737677909f22e8a26aa89cd8e663b51ed152e64476918d12e

SHA512
90b5a5881fbf89d729ca3ca1f349c4cb637c3d1c2539170506e4dd65897cc53c3a902cc4c05cc32669b73f1c9e3f738f8ba4955d33f6e0998b0426283f76a189

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-journal

Filesize
12KB

MD5
6469b1719bb095e89ec1d02291a89d63

SHA1
5abfb90ea3d2f7cae5f6248f05a1385015d3c726

SHA256
f89d8ce9b4c0b1d9f1dfe261ef5af0454e71d0cee4347b9238241aad6614d47c

SHA512
79d25f004f40d819c0dad41526c94a4642ec14b64e9c7c3eb09617676152bc2289bb0f942292fbcb772acd358a536ca882dd3c76907800cad6da45c9b3b8a80b

Download Submit
/data/data/ir.iut.kaik/databases/cheshdb-journal

Filesize
12KB

MD5
fc2818a9aeff53b0e525e299cc8b73c4

SHA1
098c400e8c09744ee1bd8bcdc986ff54dfd097cf

SHA256
071a2d4c6cc425ffbffb7eadc29cea97e237de9c37defb0d1de6da41311fc0b3

SHA512
5a6b2dcaab20591ff579fe63ad5e4bbc5b1ec0dc1e7b1d0904af77d1945f8150553bbc1f9924b9900c154cae6dd6a998cc47d4a018dc2064d2b95123a754e4e3

Download Submit
/data/data/ir.iut.kaik/databases/db_default_job_manager

Filesize
28KB

MD5
4adb7a83903a01e4bc957df50590782b

SHA1
4e35b4e34baf2a9c7a7509acbf46802ce1c052b5

SHA256
52109b2a4b4395f5c201a57f25f043d95e4fab7ec7708f0e197a7a97ddbe2039

SHA512
3c5849e5471821de9940154a045cde13b0373b93fd0f0d682d64c7e538552cadf48e5d15da5ae2ff1a8fe87f7e55d758a4a4bcbcb4d06bd34e8862be619bca32

Download Submit
/data/data/ir.iut.kaik/databases/db_default_job_manager-journal

Filesize
12KB

MD5
e87c5fa2cdc05a0714e4a7ff1deb0db4

SHA1
b382a33b9f3ba31e3bd986fcd78307c4fcd318eb

SHA256
13744ac5c3c101547b54dd1bd50cd438d15494e901cc7969a537e5a765c5069e

SHA512
3958d419cf5fa984990559a434c9128d5b29405bfc34ad8399ac3d20de269648e38b0205f8c4c228591aea1ff1a43c10347d410b190ba556241449ddddd1fd58

Download Submit
/data/data/ir.iut.kaik/databases/db_default_job_manager-journal

Filesize
20KB

MD5
7a27486e73691b3c031e5a19793e4f52

SHA1
e38138a048c6e5eb9fefe935c357f01b7be4cb52

SHA256
9b7b491830048fb70970f2786bc759b39386a0f83220f77ef6278bd7a3cfc83b

SHA512
d4206b3716038ec8a6dacd09a68fa8c6bb68e673c6fc894d2c28ceaf1b3de6937ffded08b9cdb272507dbb9a55e2b8814def24cf1f87a0f643a874cddf3d55e5

Download Submit
/data/data/ir.iut.kaik/databases/db_default_job_manager-journal

Filesize
20KB

MD5
0aa1e5f9ad939df16bf2e5ac7a1d5a49

SHA1
fe21893de24c7bff5026d89011f1acc82552c345

SHA256
3d60622d37ab6b8577ee1612777c9dbb5233d440c1e8f6a0629ee50389bb509c

SHA512
6f094ad85e421a040332a631742bdf5f378608d5b6981cc44b749745c5cca87bad89286380cb804def2b100348267db385e1a440c8cadc3a9da645551911946a

Download Submit
/data/data/ir.iut.kaik/databases/db_default_job_manager-journal

Filesize
512B

MD5
196ef64c9ab4aacdade60699158ffea8

SHA1
b15206e6c6a3f6ce091eee1e8c5678c7052f7041

SHA256
1d75f1917b5204ed18c89b1764833bab22386d44934d065598d0e5d8c7ab2707

SHA512
3c062d71cdf16a52ca794d63fdb32ad27d6e9eec90a27d0d959db399f92c5ca05f837b7ba5bf3c4d030c1a6abf1cf79fdee0a341b9bd74165bc284e7842b1ac3

Download Submit
/data/data/ir.iut.kaik/databases/db_default_job_manager-journal

Filesize
8KB

MD5
7f9459af3a337ab86d4c9eb4c5e79275

SHA1
31d56cbf24c086772222e1c215ab55442cf28722

SHA256
2f7ebd65fa6a2f3b66e2040cf529198e6f61355e0de086e38d29dab9f5678921

SHA512
6948d0703d10ed541ff496a3723a5b8c65eb6068ad861cbb018edd9b13b74b2a3d11d01719a37bd6a96afe381ab6794e8485c0d3f89eaeda3570b846e1e5dbdf

Download Submit
/data/data/ir.iut.kaik/databases/db_default_job_manager-journal

Filesize
8KB

MD5
906632e77a9a2c7300ea0f67e2120f5f

SHA1
e56d2ab656820ddf59ce63c77712ba1077e030bf

SHA256
a836d582b46b66ff49661ca130c58ae255c381bd243a898b741ac43d4e49e9d9

SHA512
b69767446cfe9cf27ad6cc8a2db7a9d6690e6133745478a49901fcd99842abc9c21dddf83b318c37bcb48876e36bbabaf4874c792ca6dbfdd4006458a697a52f

Download Submit
/data/data/ir.iut.kaik/files/db.db

Filesize
439KB

MD5
803bb50b3cb1639e507742472f63079a

SHA1
ac6bcfa0a275933cb5b18ecacf5f2f165f4a0897

SHA256
af687c7d214de6594c9741900d196817a7c4303dd124d4b8c0b65bd4f20c2b28

SHA512
45599bd45d2777902c0137616ea56fd7cfc6d438a953bcbc0261cf55cec660ee12393a6aecfa0b6f6120ec9236eab738119c25b86bab4b1f572859647bdbbd2b

Download Submit