309370f667cb0002e270b38340a7e84d4be7505a203eb33b2d9c63ec0d5372e5

Analysis

max time kernel
179s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
11-08-2024 10:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8a05c8562481ba26865456c25a30284d_JaffaCakes118.apk
Size

5.5MB
MD5

8a05c8562481ba26865456c25a30284d
SHA1

1b47cd62e133f2dce28be562b6b7fa82106c0eae
SHA256

309370f667cb0002e270b38340a7e84d4be7505a203eb33b2d9c63ec0d5372e5
SHA512

b6e838aa93c5cf31219989523d8fe2f55b38cb2c75022ab19ba069c8ebb3ac7ac50d427f2e6b057a36318c97ebb72709d49e32db065bc7220fb388c5a58ffb5f
SSDEEP

98304:IcGmRlmBADSXZmpii8D9bmchpUj+UH5MvE2aDiRGHc2pXcpqZQZqaQzTb:IcGVaD+m4i8ZicayUHaUDKKpXcph0H

Score

7^/10

banker collection discovery evasion execution persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

System Network Connections Discovery
T1421

Processes:

com.topdevelopers.ashpazi2

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.topdevelopers.ashpazi2

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.topdevelopers.ashpazi2

Requests cell location 2 TTPs 2 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

Processes:

com.topdevelopers.ashpazi2

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.topdevelopers.ashpazi2
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.topdevelopers.ashpazi2

Acquires the wake lock 1 IoCs

Processes:

com.topdevelopers.ashpazi2

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.topdevelopers.ashpazi2
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.topdevelopers.ashpazi2

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.topdevelopers.ashpazi2
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.topdevelopers.ashpazi2

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.topdevelopers.ashpazi2
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

Scheduled Task/Job
T1603

Processes:

com.topdevelopers.ashpazi2

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.topdevelopers.ashpazi2
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.topdevelopers.ashpazi2

description ioc process

File opened for read /proc/cpuinfo com.topdevelopers.ashpazi2
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.topdevelopers.ashpazi2

description ioc process

File opened for read /proc/meminfo com.topdevelopers.ashpazi2

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.topdevelopers.ashpazi2

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.topdevelopers.ashpazi2

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.topdevelopers.ashpazi2

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.topdevelopers.ashpazi2

description	ioc	process
File opened for read	/proc/cpuinfo	com.topdevelopers.ashpazi2

description	ioc	process
File opened for read	/proc/meminfo	com.topdevelopers.ashpazi2

com.topdevelopers.ashpazi2
1⤵
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Acquires the wake lock
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
77a6488eba5cb7c94f0adc894847e547

SHA1
2855e6df2d5bba878295801b87431f23b01b7914

SHA256
2e39ea7611281099c92dccfab70b832a6f09de15a6ee7f262c73fb236ae618a5

SHA512
bae60272cb4d6ee31acb47d83a84c7fe5813666f4f787d1a3a95491dc519406a7536299df8900cb3b2a402a8a4222f8bb2ffe3eef85bb16d4b51304102f4d175

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db-wal

Filesize
164KB

MD5
7e645e036ec67febb9176edc9ef32c05

SHA1
30fc36cf7512f47b92cffaab11f9483b88c96c73

SHA256
846138a17dc525dbedd218b89335b0f3942ef5b780c70a16e9f76567c11cdff6

SHA512
a7545edec99722a30040137a55d70a67755d98aad2fdcb7af4e9342964480d7f88e81bde5b6c805f55aa3576dfe5f3eb1a4e1f492aa160a1acaae3415af24f02

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
4821eebbe122158cbc9c64edb7fd769a

SHA1
e7a22300eb0b60fbe5a8e274ccd84fb6a08edf11

SHA256
e0193e0ed5e91b2cd9a9cca7a54e80eb6f9b2a6856463a3a53cbb52cfb54fd69

SHA512
bd20d530bbe65c92a3a712241a9b11be6241b501f3fc5c9e2d99e436034b590626aad4826a5651ad527def6b4b478d74df0fb5223c855c03cb9ef173e814423b

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
8b4a043fe881f1e991e5fd9680067ce4

SHA1
216738a33dcc3a67f4ce5632a82037fe68265f0e

SHA256
c5ccae90a1c5427455f29f8e8c29efb0daaf0357222c8578df341ae5aade271f

SHA512
c0a925572b54ba9988cfab7b977dab900c1f32ee3c5ef05fe676d8a79543939701b3add6283e29d0d1519ba1b1776843b7ddf2ea3db5f9628cabb29fabce476e

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
19b78ffc07dcbb55f3e9cf89750328e4

SHA1
f159743aa08951a9359a77dfa5a8073c0d9adc36

SHA256
1efeb5c7a64338d56709a976c5409ce95f7c5fee50bb2f50a3ff4dd4b929b188

SHA512
9db330bacbf8e036e6534c12f13b2c08ac84921eb22a04264ef9c87bbb4d76fe1d3754dadd1a44c7a1f5d4d534630eeb3393580366ea736b17ad001e4c67d3d0

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
a8d4fbc1cccfad63812303bb0f3be954

SHA1
ab99f6a7ae4495e7e1dfc03e2cded4b7d2afe284

SHA256
1ad9a91b446c207f6b5705c771166b3d9f165d3a2f8a7fb8e03cc3ec29cca266

SHA512
cf5854fc3c7c1dffd754d434147abe27c9868c942071e75e78bb17657bc37534965409f4c58a3ee5a043b2a0dcd1c6e7d9dc0681342bdc0d5ba60295a6579e85

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
5a86b8d1f11ae1902084f754f1ac4813

SHA1
0645ceea79ed8b2c1b10688363dea9de8b94467b

SHA256
bc05f66031a180c8a67715961d64d43e066c26e141762b0ab3642a3f453575cd

SHA512
59d0107c654f0f2680739f649d5d9c121c8f3c853b5249bdb3e89f8290fdfee24a94a06463690ddfb59ac060feb29270f07b935e16b82710ff69bf02604d53a6

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
978fdf85b8448e3a7c9015e51477eb49

SHA1
793bb88398dc9457935a4416638d5ed3974baf19

SHA256
8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92

SHA512
852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-journal

Filesize
512B

MD5
b761d6d0c3940d9479363db2ac40e427

SHA1
8498ed611b40b0217431d44f25d32af9deda04f4

SHA256
888099dac4cf827753245a8c84140d71efc64080e90f7400d03109692c5e8529

SHA512
f9739b0d7c9af1f342aac94a5f7ecb8139fff80b5375ecaef9b07ed0ee159520532cd5288662b1d63448172f22309349521bf34ea794a5077b4c4ebd85a15a0a

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-wal

Filesize
28KB

MD5
3db95f45598a2968777a625354c11ac3

SHA1
82e6c0fef38daa58a19655dbafda54ea04e4f8a6

SHA256
2bd4eba8ef27da59c3cfd44a0357c1937503841069dde4250e633e9d7235fdf3

SHA512
3115214c2fbae360e76946e378d27a55ad0f3a1180f7261181f853709fb1592a911504c69c70c3a95ac6dc0c6db1054edbbdf82015d6d4f95523620ccd67a603

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
f9040024b2990fb42c3f23fe22225470

SHA1
6e008f9d4ad0fa961927bf479696ebff8e846d64

SHA256
95b785989635159aa3ecfe253de5ab70e5e1f0e2f0361556dead1a629af6d354

SHA512
a217ff2681520535678c24e32357aa5d48612a02fc5e020461751c107f1870d5040cd7739a38360e30fa6167854c34f170e7d2fd043e9acf79b26370649ac042

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
9c9dbbc6fc14d43bd19f775d70e5c92e

SHA1
034bf3d141945f61eecfb08614b62079f9173a0e

SHA256
6216e7d4fcfeb1242c9aac390eb3e4d5e5aa5897a9d89fc0e6eee0fef3a30b43

SHA512
8ee3f580b712d590c007cb4aaadb93986a50f7eb2c769267ff60fcebc27e7bf5512d796eaeda55053c35e07678b148ba520d9f7cb3624318ff98963aa4ab1c98

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
1b1ae1565434d71810f4d0e1769bda50

SHA1
6de2d6552ecb097ec3113173d3062e8601c46167

SHA256
cd49ee3deb93cab1f08865470a9de961e74b6314ce0db90ecf29298afd0a15d0

SHA512
80a630a103d910f3d0dc5bc3bb78e5c7c81fa739a080b2369069d326dc09a80c95fd006d6b8ee93aef723d176aa6bd7583e7a1a167c16a5f38f164865e345dcf

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
ca4f683727e853385ec2069c3894f6f8

SHA1
1a6d5b8d8b6cdf266469691319d44ce004429d45

SHA256
291c6021709c8322dd9cc54c822779618fc83d45fe6966c4bb4b7b6940e6a57d

SHA512
0043c104501fcd8780d731b5c39909d515f40d20bb2f2583ab02abe2e9e0f2cadc9d1a1c7c5358884a2534c9d244fc3100bea3208284b8e3b57f794f37e4e6d7

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-wal

Filesize
4KB

MD5
35cea7311fec55883103653239f3c3cd

SHA1
a82e2b33a2feb8a6a2d015db83585cf9c674cd6a

SHA256
fb521b41b50b4dd2a2526d0ebb8141c16b23215fedaf55ed4845dae25c9a0f18

SHA512
a71c990b03dbe84a8b7e990cc471bb12ac5994be4e57538bb8e09acf585e3e8150b39df2bcf4c1927b4f7e3ac9131fa8848d815102df05d5c09d5573702eaaa4

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/Data.db

Filesize
11.8MB

MD5
785921f5410d43fe1a1f942ee4993df5

SHA1
458ebcbfc053edb65a7a09c00e4ba1eb15098623

SHA256
f6f31b1a71b9df105d2719b2fea258ab17d08a799c8cef9af397569e9762f08a

SHA512
858e96cad28824f383b0e3e4be304018104e54fd9a0e336b07830548bb0e4be04fc8d1a90abbfd06197ceeeeb184bb160b17c4b2bed6302c1358d4f7168bb645

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/Data.db

Filesize
4KB

MD5
29899c6de913487ba8a69e3a2db21d19

SHA1
f1639029f3bdb255a85ca4615a2011f78ac991fb

SHA256
0f5d5ba6d9b0a4597716accc5722b9712631a5fc81c9e6d02edba91f4f9062be

SHA512
103279bde3c803fcbe9ac114dfa171ddcea9acf8c6dced7bb6db93b112cc5634e7431d0c7681edfd75ea1361e6f28c6f6695e3ab7d1c5a4231efa3786c4f69dd

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/Data.db-journal

Filesize
4KB

MD5
22709127f0eb55b3046f5ae70faa231f

SHA1
ad496c0a132fa1e466eefed97f099592554f9b40

SHA256
c2427a02c989c2af44c5bf82f9eb098815056882a6d07531c804347c647e4454

SHA512
79b1425887f933c0952f61e08e8b53a289d68736b43ef6916fb0b63f660e12560d647d5d5bade619bff962a68dee81d4d105a5d5df95ae949ba236cc0cc84f45

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/FontSize.txt

Filesize
2B

MD5
c20ad4d76fe97759aa27a0c99bff6710

SHA1
7b52009b64fd0a2a49e6d8a939753077792b0554

SHA256
6b51d431df5d7f141cbececcf79edf3dd861c3b4069f0b11661a3eefacbba918

SHA512
5aadb45520dcd8726b2822a7a78bb53d794f557199d5d4abdedd2c55a4bd6ca73607605c558de3db80c8e86c3196484566163ed1327e82e8b6757d1932113cb8

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/FontType.txt

Filesize
8B

MD5
40361b6fe8d8fd9253ca2ce545dd3e37

SHA1
5056c826788ce582873a175083e2c0ac2a6e6a7a

SHA256
123824ca0b275a2484c11103665c49e018cdcee68b5afac36a4473678db8a50f

SHA512
d0b51da058e0550b651df0cd0ed30ea44962a75edb175515c63c6681f8f392799048f2220e739d958441e5fcca612713112456dfbec8cd1f25be834391dcd477

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/lineheight.txt

Filesize
1B

MD5
c81e728d9d4c2f636f067f89cc14862c

SHA1
da4b9237bacccdf19c0760cab7aec4a8359010b0

SHA256
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

SHA512
40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/setting.db

Filesize
604KB

MD5
9d04b2b6c984b9649acbb2e6086a13d3

SHA1
08f7e4c6d04292d7f194901ee94c02ddbf4160bb

SHA256
bacc1aaf60373cb44ae4bbf55bb09d448ab6e9a8aaea26621105febf48fda015

SHA512
feaf3cfc673d54527b8464fa23b5bc0b78175c9964813d56e07d03a4dae6a7aa297c99cc61e4fc7193d01d22c81a966a5d0073197b238158bb26e85361bd0f64

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/setting.db

Filesize
1024B

MD5
215913145c29963494322e24454450ee

SHA1
3bc090d9e875b0d50a3c94a9e969858ce1eec6a4

SHA256
ee98b57db17a1a514a56554a07a6705819370ed24dbbd1b6fef7edbbd08284f8

SHA512
12b641fccef6bd2c69700da55703e72d3f4d9cffd1d7d4aaae8e2fa9a27a03451f8c5bf1c217600cb57a3fb26019c71574c67a92ba049bdb193731b0437a416d

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/setting.db-journal

Filesize
1KB

MD5
2a2378e1565f5d61314c9dc06833f460

SHA1
162d101ba830f73fab2f790e1cf054d60cebef4c

SHA256
1475d3e5e6fb6b7ab2d0f38c893235ae0a33b0bc04a15dfbf1ffb0cc12f220de

SHA512
3652aaefeee80c20598b7c2fcbbafe6122eabde5d5733bd0f129de6f36db505550f84c708a3d54972b2776e5e001027b1a2b0aef5ddbe200c579be8ef82db6a4

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/setting.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/setting.db-wal

Filesize
1KB

MD5
6355e789d3b1e7086af63ed8d000b78e

SHA1
da9d8505f9b4509db78bc742c78fc0dd5a94173b

SHA256
4e31ae352e22a28244641b519a94440bdd43883d940d1900b40450c762fe822c

SHA512
a0859ee3fd2ffcb3064a569c783a95d71ede90b150837567fd8207c4bde78517d908a40960d5f8f61aab7d4bba2958560bc37c43c9277b4ca0b8adc3da86a8b0

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit