309370f667cb0002e270b38340a7e84d4be7505a203eb33b2d9c63ec0d5372e5

Analysis

max time kernel
34s
max time network
170s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
11-08-2024 10:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8a05c8562481ba26865456c25a30284d_JaffaCakes118.apk
Size

5.5MB
MD5

8a05c8562481ba26865456c25a30284d
SHA1

1b47cd62e133f2dce28be562b6b7fa82106c0eae
SHA256

309370f667cb0002e270b38340a7e84d4be7505a203eb33b2d9c63ec0d5372e5
SHA512

b6e838aa93c5cf31219989523d8fe2f55b38cb2c75022ab19ba069c8ebb3ac7ac50d427f2e6b057a36318c97ebb72709d49e32db065bc7220fb388c5a58ffb5f
SSDEEP

98304:IcGmRlmBADSXZmpii8D9bmchpUj+UH5MvE2aDiRGHc2pXcpqZQZqaQzTb:IcGVaD+m4i8ZicayUHaUDKKpXcph0H

Score

7^/10

banker collection credential_access discovery evasion execution impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

com.topdevelopers.ashpazi2

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.topdevelopers.ashpazi2

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

Processes:

com.topdevelopers.ashpazi2

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.topdevelopers.ashpazi2

Requests cell location 2 TTPs 2 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

Processes:

com.topdevelopers.ashpazi2

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.topdevelopers.ashpazi2
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.topdevelopers.ashpazi2

Acquires the wake lock 1 IoCs

Processes:

com.topdevelopers.ashpazi2

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.topdevelopers.ashpazi2

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

com.topdevelopers.ashpazi2

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.topdevelopers.ashpazi2

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

com.topdevelopers.ashpazi2

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.topdevelopers.ashpazi2

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

Processes:

com.topdevelopers.ashpazi2

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.topdevelopers.ashpazi2

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.topdevelopers.ashpazi2

description	ioc	Process
File opened for read	/proc/cpuinfo	com.topdevelopers.ashpazi2

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.topdevelopers.ashpazi2

description	ioc	Process
File opened for read	/proc/meminfo	com.topdevelopers.ashpazi2

com.topdevelopers.ashpazi2
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Acquires the wake lock
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4941

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Location Tracking

T1430

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db

Filesize
24KB

MD5
39c854e069579c3a6be4b2f9216cf83e

SHA1
eb01b3de4e4950914e1c719e007218689f5b6557

SHA256
aa4e40bfd9304f58d017c9ebe278948bcf61a358fac7d20f7e50d86c36dc5d2c

SHA512
bdef26a0db064cc5b957f97674411f2521abaed5c28ce69def0a063472311bbeb514e19d2d53a204a2b6b8636af8bb24625df1c96888c8acc5e5a173661dca2b

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
a64be4ebd638181291bd1749f370d643

SHA1
79e5e21913f01673ecd72d1977725cef1dd636de

SHA256
75e8635726098915f47f5d08749c5234c74be25aadb63e6364dcaea147bfd2bd

SHA512
1170d2fe97b67dc0ff8f5d13b0214e0adc55d5eb6205bda228b1504cf3a82c8d28d219128c7a432dffcad3f70904af9bb2d1ef9be139db1bd9f660f5bbca6d5f

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
92b014d809434d14433b084d44287554

SHA1
d8b66dcbbba03c2a63e95d84e70cd07e4888a02c

SHA256
4fc2e4b2c5458203b5f417c940fe5171ede763497d7467421ddbda4983c49a5a

SHA512
c6ace80649de0bf4ad77701db1e98792e0a9aa8bac083a4d14901f200b32443040af1e63ecf4e214cf2d56cd025476286aaf0099b2b1e2f74fdbda1961ebc5ad

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
17f91392d0d89b0a5e83f83dd87a3773

SHA1
afb9d41f260721fa81ae664a9ec4c7f6a8212942

SHA256
dafad060447561bb183db699370e8950ece5f965f03ed3bbf4d677efa3f44433

SHA512
ad560f90e9e61d575a32ae943f3fc58672ec0f3a3e4925dde1e891030a27de5847d013201991be55d93ee142c966438fb58e417cc684e7f1a8888ffdd04ea62b

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
cf801ec561c06ecfc88d6acccb5ce5a1

SHA1
f28af54f338d9a25d2d888e45397036192bc9b47

SHA256
49baf53e9fa9bb0245ae0bb50f98800f298bd2ce60d4f5b3f2dfd74b020a196f

SHA512
12353c917d356595c7fd423fc454d694afd193a864af2d9b3d75cb9624ba1182c569b49610cbc1b9218acfdcae2c66b577c20e990c61b52cb238dc1d2323b1bd

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
e21c28d19e27b9052217b19af3141f32

SHA1
094a44f4131b6fa338b0d7071341ad48296fdbaa

SHA256
f88d78fa501bba218f9f3850b577540658be91c0b209191a4b25bec2a63ce90c

SHA512
a2af75386737be9a7474bd804268c92f00441a02100a2224cb3d017a6568501858ad3805160e23fd2e6ccc354fa0d57171b2c87ec7c570d98b3a425cc52bb09e

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/__pushe_base_lib_db-journal

Filesize
24KB

MD5
b8222be8491475abd7aa1aa0772fcd63

SHA1
c8913c6fba07121b1ac5e24dff2a93872b0e733c

SHA256
140b259adec8cf0afe4db62715f3448a428dbdfa8a215b33daada7db0f5a11e1

SHA512
ba0b373dc1e7c43e183123e713bdc555f0b782d45f43b5fa2cb9fc1ccdbb45434913df56b123cb492b1ad114e1c07c516bc74fa1755fd7b40393f91f79293432

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
9aae3c81d914f6efd1953626e28a4e04

SHA1
eb86f113f3a609c496e1bb6fe2ace04ba949f57f

SHA256
3ea45b71199a0fa5152173f6157ed1e2146f17a54c4e5b19e678aa35335e62cf

SHA512
24f91d86cf516782f94502a4a4bee3f4c9e4371e21982a9406a97f728c60a92a9bfa246168b71fbc3796d90784fbdd0bbbbb9512f3deab35de783128aa2a6b0c

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
e743141cb006d2127191427d4b63d2a3

SHA1
6ef74ffaa07faa903baaca1efabc956f6d36dc55

SHA256
36c11b88683318cb74fea69704bba7d9fa594d3e3d726e6094d39b531b8a1e4f

SHA512
f9034ad76abaaed8eb53c40796d869eedceca3f7038dbd4bb82436c40867654b999a010e764b74bc3f61dd8652ff75f956a41eddc2b80ac767fd47f98c22c305

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
082f726ecc9b1bb021b4466f1ff5e0d1

SHA1
630e1273f4109cb22ec1c1d64e6618c592f4d42c

SHA256
4eaa5ca084238df5910cc9f2d4cb01ac21e8b43b5b549235235cacd1dde3e331

SHA512
7c3563ad370d7754ced7d42b2b786f68509ebe7f37f5c5f097b2632511f073d8adfa45df32348c73334f79cfd92055fefdefb83447ca1b5c1b1acade443be65b

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
bcee34e6949c4f2d83e7d5c309b67c37

SHA1
fd16278581ad1a39bdcf9c80f3d534a2175391c4

SHA256
6cf6bcc36c15b4b9b5331ca1007d4dfc0e8303b2842a25b4b916b8248d2ca786

SHA512
4d0ef4ac74146f3e98a3a523e153e3c6c4a1f302b693b829858159a72dbfb1bd68e0d79c582a4df6d146bfcd077cf4253abd1461650629b4a87309d3bbbbe884

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
00e829076f54c72b50b63fd6de296a03

SHA1
fbeb1b8be863931f98a7c29224a03b89f9616ab2

SHA256
c479f839c0bc15e9a9749cb5a5a3eef4e09c0163160073477f72fa78b2e300df

SHA512
1c6b0bfe980050072927f8d407ca86353098d03502f7194f141d43c045a3f35103261811281f023262f4823a4fd70659d6802b76e126e991120dc14cdf74bbcc

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db

Filesize
16KB

MD5
5f225c11f96cd3a84bf549a627648eb7

SHA1
b8f54dac5c28a0bafdf61daff84e09198240e09d

SHA256
0e38992dbcc6b7cdb12ac7cf1ffed45fb06bcc14575359a43d03e1f8a57edfb6

SHA512
d15a9db98f0e6448fc8a072b0d6d7f54ce81ee8b001858a203fc86f13303a1ce87e0a687bbfd9885739accddcca7c5043dfb330c00d8be0630a7c7aa76634f20

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
8f10a85c90258cccd219226d788b56d9

SHA1
5ed0bb68410f45570ae42313f68297747e19f572

SHA256
00407792b22f6f547fd13555dd687dc7166c6dd515069e9ae779215c10909174

SHA512
dc7819ab94e952265d8f4205547053411318a67b045a0e37b51336349381fb13f356c3daad972a529880de05cf4ef18acb22369c95852a8256f75d8420a76a4c

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
1ec3dbb7e74a854c6c8a29a8727cb284

SHA1
07503efbaa6a6c13630f3fb2035674f1eff93563

SHA256
7a1dea7ff0ce74c4f11794a4dc3f28f754b67c1f298ef253dabb36356206e2cd

SHA512
11f3c4da9f86feb1da4cbd358c4ee0aeea9cfa50afe9b5cdc40c9509a038d75eba05dd31f2d6296c560a0888f592100ae46031798da509fca8bdf7eda5d76ad3

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-journal

Filesize
512B

MD5
07232d35d794762f6e1ae8c15fdc0f9b

SHA1
3ff14567095039c38d2c54d195384ccdee24b79b

SHA256
f5455cf2b71eeda413c6db2bb6f18fbb4a1f6b0ec55fb4bab1e8c7d8d1758037

SHA512
b2a6804dc56eeca6f669cf47fef9658e19964e95ac27795de1135c46b06dba08a5286521c7aa2eacce210784c4d7ac9cd03c8666b8a9a85a840818b5533d9bb2

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
6555757d8f9ba73c41cea8a0829e57a4

SHA1
6b62e6301a48e51faa47e4abf5e07ae5e1dbcb81

SHA256
88c8e9f4561ce25cc3c3ce42a8c8d3f03a695ba1e5282f146c95d382751de012

SHA512
3c5cb12f2063f324c198586443ff108420fdebed5eebe95c39a2df60a2507cfb4e8e98515af41f370dfe2989ceda8a2b82c53458e51bed536719f419670bccaf

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
a2780e3d58fa3a71e42589da382d533c

SHA1
60f76f39caf9a7b1a994077d835aee499fed67d6

SHA256
322f47f736c317bb84582fcb11ab696298c0c3fb9bd0fa4c1cbe8e039d5a75a6

SHA512
773face8ae5170a018250b8703b2ca1e3516584c58091193f2b4ca357910a08ac8e112f223529bf15d4ffffb2a876174d555c803b133eff4b6b4389e75defbcb

Download Submit
/data/data/com.topdevelopers.ashpazi2/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
73029b3ab06950469c2964b2a98d64f9

SHA1
7cfb5495b2f31f5beb9dd18f2e2174961052bfac

SHA256
e69c2cdbfa419d2e79281fd4c05185ad6388a5035f2601f94eaaa47265d918c1

SHA512
a17847a307e555d9492114b3a15ecaf88ac497fbb893976e89147f9b30dfcf53ef364dff977e3c9f4be7bcd26608f978511beff446c83dd6f3636d971360338d

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/Data.db

Filesize
11.8MB

MD5
785921f5410d43fe1a1f942ee4993df5

SHA1
458ebcbfc053edb65a7a09c00e4ba1eb15098623

SHA256
f6f31b1a71b9df105d2719b2fea258ab17d08a799c8cef9af397569e9762f08a

SHA512
858e96cad28824f383b0e3e4be304018104e54fd9a0e336b07830548bb0e4be04fc8d1a90abbfd06197ceeeeb184bb160b17c4b2bed6302c1358d4f7168bb645

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/FontSize.txt

Filesize
2B

MD5
c20ad4d76fe97759aa27a0c99bff6710

SHA1
7b52009b64fd0a2a49e6d8a939753077792b0554

SHA256
6b51d431df5d7f141cbececcf79edf3dd861c3b4069f0b11661a3eefacbba918

SHA512
5aadb45520dcd8726b2822a7a78bb53d794f557199d5d4abdedd2c55a4bd6ca73607605c558de3db80c8e86c3196484566163ed1327e82e8b6757d1932113cb8

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/FontType.txt

Filesize
8B

MD5
40361b6fe8d8fd9253ca2ce545dd3e37

SHA1
5056c826788ce582873a175083e2c0ac2a6e6a7a

SHA256
123824ca0b275a2484c11103665c49e018cdcee68b5afac36a4473678db8a50f

SHA512
d0b51da058e0550b651df0cd0ed30ea44962a75edb175515c63c6681f8f392799048f2220e739d958441e5fcca612713112456dfbec8cd1f25be834391dcd477

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/lineheight.txt

Filesize
1B

MD5
c81e728d9d4c2f636f067f89cc14862c

SHA1
da4b9237bacccdf19c0760cab7aec4a8359010b0

SHA256
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

SHA512
40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/setting.db

Filesize
294KB

MD5
493ea8516701417bc1f4de45d7716ac5

SHA1
1a494e8cb218f847d95d070f3b281f41a9f60113

SHA256
ecf55489ac5ed6e9f9a5045579c93d4c1e070504903ee706f8ff64528d628779

SHA512
0581fe766d041e9d68fdae14a838257c9413b3776e23167baf3bd5d02abe6cdda13fea8e3c7eaa3c02f14ee96bda81e59f4fc272ad267e55858c91d639f65ebf

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/setting.db

Filesize
604KB

MD5
9d04b2b6c984b9649acbb2e6086a13d3

SHA1
08f7e4c6d04292d7f194901ee94c02ddbf4160bb

SHA256
bacc1aaf60373cb44ae4bbf55bb09d448ab6e9a8aaea26621105febf48fda015

SHA512
feaf3cfc673d54527b8464fa23b5bc0b78175c9964813d56e07d03a4dae6a7aa297c99cc61e4fc7193d01d22c81a966a5d0073197b238158bb26e85361bd0f64

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/setting.db-journal

Filesize
2KB

MD5
742bf65a3802fc3d5e41573131ad68c3

SHA1
cfaea0c700ac8b21c503c74f13a2bfa8864ab539

SHA256
762bb178aee7c1554a6d319b2a25701f4304aca0a51e565722cd3cf289482502

SHA512
c09766e08eb73a67c525c9cbfd5f2175c3a70efaf42b6daf69f70e657dae6c5c4a0f7eaf375339c54e9bf3f09e1911b1e5019489b2310569db8249e6ff5cdc4c

Download Submit
/data/data/com.topdevelopers.ashpazi2/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit